A short history of how we got here, because the chronology is the whole story. January: the Pentagon demands unrestricted use of Claude for autonomous weapons and domestic surveillance. Anthropic says no. February: the President orders every federal agency to drop Anthropic. The Defense Secretary bans Pentagon contractors from doing business with them. A rival announces its classified-network deal within hours. March: the Pentagon designates an American company a "supply chain risk" under a statute written for foreign adversaries. A federal judge blocks it. May: the Pentagon signs AI deals with seven companies. Anthropic is not one of them. June 9: Anthropic releases Fable 5. June 12: Commerce issues an export control directive over a jailbreak that, by the government's own account, was demonstrated verbally, came with no written explanation, and involves a capability you can get from other publicly available models today. Two things are true at once. First: Anthropic spent months marketing Mythos as too dangerous to release. Sam Altman said it was "incredible marketing to say we have built a bomb." The Commerce Department has now formally agreed it is a bomb. If you describe your product as a munition in every press release, eventually a government takes you at your word. They wrote the legal predicate themselves and called it a brand. Second: we have run this experiment before. In the 90s the government classified encryption as a munition under ITAR. Activists defeated it by printing PGP's source code as a book, because books are protected speech and floppy disks were arms exports. A t-shirt with three lines of RSA Perl was legally a munition. The controls collapsed because math does not stop at customs. The new wrinkle is the "deemed export" rule: showing controlled technology to a foreign national inside the US counts as exporting it abroad. Which is why Anthropic's own foreign-national employees are now locked out of the model they built. The munition is in the building and the people who made it are not allowed to look at it. The jailbreak is the paperwork. The refusal was in January.

The US government, citing national security authorities, has issued an export control directive to suspend all access to Fable 5 and Mythos 5 by any foreign national, whether inside or outside the United States, including foreign national Anthropic employees. The net effect of this order is that we must abruptly disable Fable 5 and Mythos 5 for all our customers to ensure compliance. Access to all other Claude models is not affected. We apologize for this disruption to our customers. We believe this is a misunderstanding and are working to restore access as soon as possible. Read our full statement: anthropic.com/news/fable-myt…

A French engineer who lives quietly in Paris has spent 30 years writing software that the entire internet now runs on without knowing his name. He wrote the code that streams every YouTube video, every Netflix show, every TikTok clip. He wrote the code that runs the virtual servers underneath AWS, Google Cloud, and Microsoft Azure. He calculated more digits of pi than anyone in history. He has no Twitter. He has no marketing. He just keeps shipping. His name is Fabrice Bellard. Here is the story, because almost nobody outside the systems programming world knows what one man has built. Fabrice was born in 1972 in Grenoble, France. He studied at École Polytechnique, the top French engineering school. He never went to Silicon Valley. He never built a startup empire. He just wrote code. In 2000 he started a project called FFmpeg, an open-source multimedia framework for encoding, decoding, and streaming video. He was 28. The project did one thing nobody else had done well. It handled every video and audio format that existed, in one library, on every operating system. He led it himself for years. Today FFmpeg is the invisible engine of the internet. YouTube uses it. Netflix uses it. VLC uses it. Chrome and Firefox use parts of it. Every Android phone, every iPhone, every smart TV, every video editing tool you have ever touched runs FFmpeg somewhere underneath. If you have watched a video on a screen in the last 20 years, Fabrice's code processed it. He was not done. In 2003 he started QEMU, a machine emulator and virtualizer. He wrote it solo until version 0.7.1 in 2005. QEMU lets you run any operating system on any other operating system. It became the foundation of modern virtualization. KVM, the Linux kernel hypervisor, runs on top of QEMU. Every major cloud provider, AWS, Google Cloud, Microsoft Azure, IBM Cloud, runs virtual machines on infrastructure built around it. The Quick Emulator is the most cited piece of cloud infrastructure code on Earth. He kept going. In 2001 he won the International Obfuscated C Code Contest with a small C compiler that grew into TCC, the Tiny C Compiler. TCC can compile and boot a Linux kernel from source in under 15 seconds. In 2004 he calculated the most digits of pi ever computed at the time, using a personal desktop computer and an algorithm he derived himself called Bellard's formula. In 2011 he wrote a complete PC emulator in pure JavaScript that runs Linux in your browser, a project called JSLinux that engineers still cannot believe is real. In 2019 he released QuickJS, a small but complete JavaScript engine that fits where V8 cannot. In 2021 he released NNCP, a neural network based lossless data compressor that immediately took the lead on the Large Text Compression Benchmark. Then he turned his attention to large language models. He built TextSynth Server, a web server with a REST API for running LLMs locally. He released ts_zip and ts_sms, compression utilities that use language models to compress text and short messages at ratios traditional algorithms cannot reach. He released TSAC, a very low bitrate audio compression system. In December 2025 he released Micro QuickJS, a new JavaScript engine for microcontrollers, separate from QuickJS, designed for environments with almost no memory. Fabrice co-founded a telecom company called Amarisoft in 2012, where he serves as CTO. Amarisoft builds 4G and 5G base station software used by carriers and labs around the world. He has been running it for over a decade while continuing to ship personal projects from his own home page at bellard dot org He has no Twitter. He has no Instagram. He gives almost no interviews. His personal website is a flat list of projects with no styling, no fonts, no marketing copy. Just titles and links. A quiet French engineer who never moved to Silicon Valley wrote the code that quietly runs the internet. He is still shipping.

At some point Anthropic talked to me informally about potentially joining their Board. I wasn’t interested and wouldn’t have been a good fit. But I did send Dario and Daniela a copy of Aristotle’s “Politics.” Unfortunately, I worry they’ve been too busy to read it.

Dario Amodei: Ideology Won't Survive the Reality of AI⁣ ⁣ "We're going to find that ideology will not survive the nature of this technology. The things I'm talking about are gonna become bipartisan and universal because everyone will recognize the necessity of it." — @DarioAmodei

I strongly believe there are entire companies right now under heavy AI psychosis and its impossible to have rational conversations about it with them. I can't name any specific people because they include personal friends I deeply respect, but I worry about how this plays out. I lived through the great MTBF vs MTTR (mean-time-between-failure vs. mean-time-to-recovery) reckoning of infrastructure during the transition to cloud and cloud automation. All those arguments are rearing their ugly heads again but now its... the whole software development industry (maybe the whole world, really). It's frightening, because the psychosis folks operate under an almost absolute "MTTR is all you need" mentality: "its fine to ship bugs because the agents will fix them so quickly and at a scale humans can't do!" We learned in infrastructure that MTTR is great but you can't yeet resilient systems entirely. The main issue is I don't even know how to bring this up to people I know personally, because bringing this topic up leads to immediately dismissals like "no no, it has full test coverage" or "bug reports are going down" or something, which just don't paint the whole picture. We already learned this lesson once in infrastructure: you can automate yourself into a very resilient catastrophe machine. Systems can appear healthy by local metrics while globally becoming incomprehensible. Bug reports can go down while latent risk explodes. Test coverage can rise while semantic understanding falls. Changes happens so fast that nobody notices the underlying architecture decaying. I worry.

This is the most OUTRAGEOUS deal I've seen in my 45 years on Wall Street. SpaceX just disclosed Musk's new compensation package: He gets up to 200 million super-voting shares if SpaceX hits a $7.5 trillion valuation, establishes a permanent human settlement of at least ONE MILLION people on Mars, and deploys roughly 100 terawatts of space-based computing power. Let me put the 100 terawatts in perspective: The entire electricity generation capacity of the United States is around 1.2 terawatts. The comp plan asks Musk to build more than 80x America's entire power grid... in orbit. This is a science fiction screenplay that somehow landed in front of the SEC. But here's why it actually matters for your portfolio... The S-1 reportedly claims a $28.5 trillion total addressable market, with over 90 percent attributed to AI. CapeFearAdvisors flagged this one cleanly: when Palantir went public, it disclosed a $119 billion TAM and the SEC reviewed and accepted it. SpaceX is claiming a market roughly 240x BIGGER. Now let's talk about what is actually being sold here: Reported 2025 revenue is approximately $15.5 billion. Starlink delivers around $11 billion of that with healthy margins, and the launch business is genuinely dominant. The problem is xAI - the AI piece doing all the heavy lifting in the trillion-dollar valuation pitch. xAI generated just $210 million of revenue in the first 3 quarters of 2025 while burning through $9.5 billion in cash. Ben Brey and Rupert Mitchell - a former Fidelity portfolio manager and a former head of equity capital markets at Goldman and Citi between them - ran a serious discounted cash flow on the actual operating businesses and arrived at roughly $400 billion. Lawrence Fossi covered their work recently and the math holds up. The IPO is being marketed at $1.75 TRILLION. The gap between what these businesses support and what Musk is asking the public to pay is roughly $1.35 trillion of pure narrative. Then layer on what we just learned last week... The New York Times investigation revealed Musk personally borrowed $500 million from SpaceX between 2018 and 2020 at rates as low as 1%, while bank prime rates sat around 5%. The same SpaceX has been used to bail out SolarCity, prop up Tesla during cash crunches, and absorb xAI when the AI losses became unmanageable. This is the same playbook he's run for two decades. Use a privately controlled entity as a personal piggy bank, and when the bills come due, find new investors to absorb the losses. The IPO is structured to keep that game going FOREVER. The Texas reincorporation strips away Delaware's fiduciary protections. Controlled-company status on the Nasdaq eliminates independent board requirements. And retail is being offered up to 30% of the offering (3x the normal allocation) because the institutions who actually do the math are quietly stepping away. Here is the part that finishes the case for me: Roughly $40 billion of the IPO proceeds are already spoken for before a single dollar reaches operations. About $23 billion retires SpaceX debt. Another $17 billion retires the high-interest debt sitting on xAI and X. This raise is not funding the future. It's just plugging existing holes that retail investors will now own. In my 45 years I've never seen a deal where the comp hurdle is colonizing another planet. I've never seen a disclosed TAM that exceeds verified comparables by two orders of magnitude. I've never seen a company asking the public to fund the retirement of debt incurred by separate private entities controlled by the same individual. Every red flag I've watched precede a major bust over four decades is sitting in this prospectus, in plain sight. The Tesla mispricing is being repeated on a far larger scale. And this time the bag is being handed directly to retail. Don't be the one holding it.

‼️🚨 BREAKING: An AI found a Linux kernel zero-day that roots every distribution since 2017. The exploit fits in 732 bytes of Python. Patch your kernel ASAP. The vulnerability is CVE-2026-31431, nicknamed "Copy Fail," disclosed today by Theori. It has been sitting quietly in the Linux kernel for nine years. Most Linux privilege-escalation bugs are picky. They need a precise timing window (a "race"), or specific kernel addresses leaked from somewhere, or careful tuning per distribution. Copy Fail needs none of that. It is a straight-line logic mistake that works on the first try, every time, on every mainstream Linux box. The attacker just needs a normal user account on the machine. From there, the script asks the kernel to do some encryption work, abuses how that work is wired up, and ends up writing 4 bytes into a memory area called the "page cache" (Linux's high-speed copy of files in RAM). Those 4 bytes can be aimed at any program the system trusts, like /usr/bin/su, the shortcut to becoming root. Result: the next time anyone runs that program, it lets the attacker in as root. What should worry most: the corruption never touches the file on disk. It only exists in Linux's in-memory copy of that file. If you imaged the hard drive afterwards, the on-disk file would match the official package hash exactly. Reboot the machine, or just put it under memory pressure (any normal system load that needs the RAM), and the cached copy reloads fresh from disk. Containers do not help either. The page cache is shared across the whole host, so a process inside a container can use this bug to compromise the underlying server and reach into other tenants. The original sin was a 2017 "in-place optimization" in a kernel crypto module called algif_aead. It was meant to make encryption slightly faster. The change broke a critical safety assumption, and nobody noticed for nine years. That bug then rode every kernel update from 2017 to today. This vulnerability affects the following: 🔴 Shared servers (dev boxes, jump hosts, build servers): any user becomes root 🔴 Kubernetes and container clusters: one compromised pod escapes to the host 🔴 CI runners (GitHub Actions, GitLab, Jenkins): a malicious pull request becomes root on the runner 🔴 Cloud platforms running user code (notebooks, agent sandboxes, serverless functions): a tenant becomes host root Timeline: 🔴 March 23, 2026: reported to the Linux kernel security team 🔴 April 1: patch committed to mainline (commit a664bf3d603d) 🔴 April 22: CVE assigned 🔴 April 29: public disclosure Mitigation: update your kernel to a build that includes mainline commit a664bf3d603d. If you cannot patch immediately, turn off the vulnerable module: echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf rmmod algif_aead 2>/dev/null || true For environments that run untrusted code (containers, sandboxes, CI runners), block access to the kernel's AF_ALG crypto interface entirely, even after patching. Almost nothing legitimate needs it, and blocking it shuts the door on this whole class of bug...

The Zig project's rationale for their blanket ban on AI-assisted contributions makes a lot of sense to me - for them, time spent reviewing PRs isn't about the code, it's about growing new contributors for the future of the project simonwillison.net/2026/Apr/3…

OpenAI's CFO just told her own executives the company might not be able to pay its $1.4 trillion in compute bills. OpenAI makes $20 billion a year. That's a 70-to-1 ratio between committed spend and current revenue. To clear those obligations, OpenAI has to grow an order of magnitude in five years and hold it for a decade. Sam said last week the target is "hundreds of billions" by 2030. Friar has said three versions of this admission in three weeks. At WSJ Tech Live, she pitched a federal "backstop" for the financing, then walked it back when the backlash hit. With Cathie Wood, she reframed it as a compute shortage, saying OpenAI is "making tough trades" and turning down projects. Now WSJ has the internal version: she's worried they can't pay the bill. Same statement, three audiences, urgency turned up each time. The internal version is always the real one. The math underneath. Oracle: $300 billion over five years, $60 billion annually starting 2027. Microsoft: $250 billion. Nvidia: $100 billion in chip purchases, with Nvidia simultaneously investing $100 billion back into OpenAI to fund those purchases. AMD: 6 gigawatts of capacity, up to $300 billion. Broadcom: $350 billion. AWS: $38 billion. CoreWeave: $22 billion. Annual compute spend ramps from $6 billion this year to $173 billion in 2029 to $295 billion in 2030. Tom Tunguz modeled it straight from the public contracts. Microsoft took a $360 billion stock wipeout last week when investors learned 45% of its $625 billion commercial backlog, roughly $250 billion, is tied to OpenAI. Oracle has already borrowed against its deal, already started building, already committed years ahead of cash flow. HSBC estimates OpenAI has a $207 billion funding gap to meet what's already signed. The "Nvidia invests in OpenAI to buy Nvidia chips" loop is the same trade five different ways. Capital flows from one balance sheet to another and books revenue at every stop. If OpenAI's revenue ramp stalls, the loop stops, and every company holding the contract marks it down at the same time. Friar is the only person in the building with every contract on her desk at once. When she tells the room she's worried, the other three statements were warm-ups.

Ghostty is leaving GitHub. I'm GitHub user 1299, joined Feb 2008. I've visited GitHub almost every single day for over 18 years. It's never been a question for me where I'd put my projects: always GitHub. I'm super sad to say this, but its time to go. mitchellh.com/writing/ghostt…

Introducing Euphony, an open-source tool for visualizing chat data and Codex session logs. Paste in a public URL or upload a local file, and Euphony turns the raw data into an easy-to-browse view. It supports translation, filtering, editing, and more.