Boulder Future Salon

"87% of digital workers now use AI at work. 75% say it makes them more productive, saving them roughly 11 hours each per week through automation alone. Yet only 13% say their organization is performing significantly better as a result." "So where are the gains going? They're being swallowed by a new, largely invisible form of labor. We call it botsitting: the work required to make AI usable, including feeding it missing context, checking its outputs, debugging its mistakes, rerunning prompts, and cleaning up the confident-but-wrong answers AI leaves behind. Workers now burn an average of 6.4 hours a week botsitting -- most of a full working day, every week." "When that labor is untracked, unbudgeted, and unrewarded, workers start cutting corners. They stop checking outputs and deliver work they can't fully explain or defend. That's when botsitting turns into something more dangerous: botshitting -- shipping AI-generated work that workers haven't reviewed, don't fully understand, or couldn't defend if asked. Today, 69% of AI users admit to botshitting at work." The report goes on to say: "The Work AI Index draws on a survey of 6,000 full-time (30+ hours per week) digital workers across the United States (n=3,000), the United Kingdom (n=1,500), and Australia (n=1,500), conducted between December 2025 and January 2026." Commentary: December 2025 and January 2026 means this report is already out of date. The models are much more powerful now. The most recent Claude model was used to vibe-code an Age Of Empires-type game from scratch, although the process used to do that was complex (see separate video). Where I work, my boss, who has no background in software engineering, is the company's most productive "engineer". He commits massive amounts of code every day, and there's no way he could be proofreading it all because, he has no background in software engineering (see previous sentence) (his background is in sales & marketing, though he knows some CSS and is good at visual design). Six months ago, this kind of thing required me to periodically rewrite some feature, because the AI did it in such a batty, over-complicated way, but that seems to be a thing of the past these days. Whatever technical debt is being created now will probably be easily cleaned up by future, smarter AI models. Overall, the amount of bugs customers experience hasn't increased despite the tremendous increase in development speed. Once it becomes possible to fit the entire codebase plus all the company documentation and the entire knowledge base for customer support in the AI's context window, the AI will never be missing context and doing the wrong thing as a consequence again. If this outfit (Glean Technologies) does this same report a year from now, I expect they will get a dramatically different result.

Opus 4.8 and Fable 5 build the same app. Actually 3 apps: an E-commerce store, a 3D art museum, and an Age Of Empires-style game. Fable did a lot better on all of them and it made what looks like a really amazing Age Of Empires-style game. He (Pat Simmons) didn't use regular Claude Code. It didn't just take one prompt and pop out the code. He used some new Claude dynamic workflow system, that splits a big job across a swarm of parallel agents. It spawns like 30 plus agents, and they keep running and iterating until they get everything in your prompt working, or they think it's working.

DiffusionGemma is a new "experimental open model that explores text diffusion, an exceptionally fast approach to text generation" from Google. I was wondering how long it would take until we could run diffusion text models! "Released under an Apache 2.0 license, this 26B Mixture of Experts (MoE) model moves beyond the sequential token-by-token processing of typical autoregressive Large Language Models (LLMs). Instead, it generates entire blocks of text simultaneously, delivering up to 4x faster text generation on GPUs." "DiffusionGemma is designed for researchers and developers exploring speed-critical, interactive local workflows such as in-line editing, rapid iteration, and generating non-linear text structures." "By shifting the decode bottleneck from memory-bandwidth to compute, DiffusionGemma generates up to 4x faster token output on dedicated GPUs. (1000+ tokens per second on a single NVIDIA H100, 700+ tokens per second on NVIDIA GeForce RTX 5090)." "Operating as a 26B total Mixture of Experts (MoE) model that activates only 3.8B parameters during inference, DiffusionGemma fits comfortably within 18GB VRAM limits of high-end dedicated consumer GPUs when quantized." "Generating 256 tokens in parallel with each forward pass allows every token to attend to all others. This provides significant advantages for non-linear domains such as in-line editing, code infilling, amino acid sequences or mathematical graphs." "The model iteratively refines its own output, allowing it to evaluate the entire text block at once to fix mistakes in real-time." "Because it prioritizes speed and parallel layout generation, DiffusionGemma's overall output quality is lower than standard Gemma 4. For applications that demand maximum quality, we recommend deploying standard Gemma 4." "You can improve DiffusionGemma's performance on specific tasks through fine-tuning. In the example below, Unsloth fine-tuned DiffusionGemma to play Sudoku -- a task autoregressive models struggle with because each token depends on future tokens. DiffusionGemma's bi-directional attention makes this much easier." "Most language models act like a typewriter, generating one token at a time from left to right. In the cloud, this is efficient because servers can batch thousands of user requests together to share the hardware load. But when run locally for a single user, this word-by-word process leaves your dedicated GPU or TPU underutilized -- it spends most of its time simply waiting for the next 'keystroke.'" "DiffusionGemma reverses this inefficiency. Instead of predicting words sequentially, it drafts an entire 256-token paragraph simultaneously. By giving the computer's processor a larger chunk of work at once, DiffusionGemma utilizes your hardware to its full potential. It upgrades your model inference from a single, sequential typewriter to a massive printing press that stamps the entire block of text simultaneously." "In high-QPS cloud serving, autoregressive models can be deployed to saturate compute efficiently, so DiffusionGemma's parallel decoding offers diminishing returns and can result in higher serving costs. The throughput advantage is strongest at low-to-medium batch sizes on a single accelerator." They go on to explain "how text diffusion works". "Similar to AI image generators that start with visual static and iteratively refine it into a clear picture, DiffusionGemma applies this to text" Do you have a GPU with enough memory? If so, you can go ahead and download the model weights from Hugging Face.

"guestlist tells you, for any URL, whether AI agents are likely to get through. We continuously probe the web from real browsers and grade every domain green to red based on how often crawls succeed. One API call before you spend a request -- skip the dead ends, save the budget." Hmm. Interesting premise. You can even test from your own code via an API.

Clipto claims to be "Fully local, natural language search over terabytes of media. Like Google Photos, but fully local." "Search for any moment, in plain English." Examples they give: "Wide shot, whale coming up and spouting water" "Reaction shot of a woman holding back tears" "Wide drone shot, cars entering desert sandstorm" Might be useful for those of you with immense photo collections. Commercial product, $10/month. It looks like it's just Mac and iOS, though?

"The next 15 years of Moore's Law, according to Imec." "The next evolution in CMOS transistors, the kind in almost all chips on the planet, will be the complementary field-effect transistor (CFET), and Imec predicts its commercial introduction will begin around 2033." "Further out, Imec expects another transition in transistor technology, this one driven more by power reduction than squeezing more devices onto a chip. In 2041, chipmakers may replace the main silicon part of the transistor, the channel region, with two-dimensional semiconductors. These are materials, such as molybdenum disulfide, that act as semiconductors even though they are only a single atomic layer thick." There's an image, which when you blow it up, shows lithography transitioning from 0.33NA to 0.55NA in 2028. "NA" refers to numerical aperture, and higher NA enables tinier circuits. It uses a measure called "contacted poly pitch", which is "shorthand for the distance in nanometers from one transistor to another", and shows it going from 132 nanometers in 2026, to 155 nm in 2028, to 98 in 2031, to 80 in 2033, to 64 in 2036, to 50 in 2038. The idea behind complementary field-effect transistors (CFETs) is that the n-type and p-type regions (the doped regions of silicon from which transistors are built) are stacked vertically, rather than being horizontal on the surface of the chip.

"AI slop sucks, but the idealized alternative is not honest," says Dennis Forbes in Canada. "I can unequivocally say that Claude Code / Opus 4.8 generates solutions better than 99%+ of the code I've come across over my career, including important, lauded projects. Dramatically better code." "The real world conditions most developers generate code in does not promote top quality code." I'm all too familiar with the pressures of the real world. "The vast bulk of code on this planet is terrible, and it's important that people are honest about this. It is sub-slop." He tries to extend this observation to "everything". "The zero-creativity, copy-paste advertisement world, for instance, where the same ads are regurgitated countless times." "A large percentage of television and movies now are just remixed updates of stuff that was successful in decades past." "Wedding speeches are just a cliché." "The whole idea of 'genres' in art and music is an admission of follow-the-leader remix and repeat behaviour, sometimes taken to such hilarious extremes it seems like parody." "If people really think most kids wrote creative, thoughtful essays before LLMs came and corrupted the youth, were these same people born yesterday?" "Is someone individual if they put on the 'goth uniform', looking precisely like the genre of 'goth' is supposed to look?" "Is it rebellious and tough to jack up your Dodge Ram and hang truck nuts from it and roll coal, just like the countless other 'rebellious' guys pursuing exactly the same image and following an identical template? Or to buy a Harley, grow a beard and apply the 'tough biker' template?" He goes on to say he's not defending AI and people still need expertise. Um, so are we becoming obsolete or not?

"Agents sometimes catastrophize." "On October 15, I asked an Opus 4.6 forecasting agent 'Will the United States conduct at least one confirmed drone strike or airstrike inside Venezuelan territory between October 15 and December 31, 2025?'. It gave 15%. It cataloged Russian-supplied air defenses, Congressional war powers, regional opposition, and the analyst consensus that troop levels were 'insufficient for a full-scale invasion.' This was all correct, but mostly relevant to a really serious attack. On December 24, the CIA hit an empty Venezuelan dock with a drone (no casualties), which caused the forecast question to resolve 'Yes' and gave this agent a bad score for its 15% forecast." "Expert human forecasters identified a tendency in Opus 4.6 agents to model the most extreme version of an outcome, correctly explain why that extreme is unlikely, and then assign that low probability to the whole scenario, even when the question resolves on any version of the event." "In this the Venezuela case, Opus 4.6 modeled only the upper half of that spectrum. It treated any land strike as a Rubicon crossing 'tantamount to an act of war,' then weighted every reason why that wouldn't happen: S-300 air defenses, insufficient invasion force, Congressional pushback, Colombian opposition. But a CIA drone strike on an empty dock doesn't have most of these problems." "Yes, this was still a surprising outcome, and hindsight bias is a problem when triaging forecasting failures. In this case, the Opus 4.6 agent did explicitly consider that 'a covert CIA op', but thought that wouldn't involve a drone strike or airstrike." Hmm. Interesting. The models have a decent ability to think logically, as we see on coding and math challenges, but have apparently inherented some human cognitive biases from the human language they are trained on? "Another forecasting question asked, in Oct 2025, whether the IAEA would conduct any safeguards inspection at any non-Bushehr Iranian facility in Q4 2025." "One more example: asked again in mid Oct 2025, the question was whether Israel and Lebanon would publicly announce the start of direct bilateral negotiations by December 31."

"Colossal Biosciences artificial egg hatches 26 chickens." Really? Wow. "The Colossal artificial egg is a two-component system: a semi-permeable silicone-based membrane housed inside a rigid hexagonal support cup. The membrane is engineered to replicate the gas-exchange function of a natural eggshell -- allowing oxygen to pass through while retaining moisture and blocking contaminants. According to Colossal Chief Biology Officer Andrew Pask, the membrane enables gas exchange at a rate comparable to a biological shell." "The system also incorporates a clear window at the top of the artificial egg, allowing scientists to observe embryo development directly without disrupting the environment inside. The design is variable in size -- in theory scalable from hummingbird-egg dimensions down to the soccer-ball-sized eggs of the South Island giant moa, which once stood nearly 12 feet tall." "Prior shell-free hatching systems have faced a consistent barrier: most require large volumes of supplemental concentrated oxygen during later development stages, which risks damaging DNA in the developing embryo. Success rates using plastic cups, saran wrap, and other artificial containers have historically been low." "The Colossal artificial egg does not replace the biological processes that precede egg-laying -- it intervenes after them. In the current workflow, scientists examine eggs laid by real hens within 24 to 48 hours of laying, select viable candidates, and transfer the contents -- minus the shell -- into the artificial egg structure. All upstream biology, from fertilization through laying, still occurs in a living bird." The apparent end goal of all this is "de-extinction": "For de-extinction applications, the artificial egg is intended as a later-stage incubation vessel, not the point of genetic intervention. To produce a bird resembling the dodo or giant moa, Colossal's scientists would need to introduce species-specific genetic edits at a far earlier cellular stage." "Colossal's approach to this challenge involves primordial germ cells -- stem cell precursors to sperm and egg cells."

"The internet runs on standards nobody owns. HTTP, SMTP, SQL, RSS -- protocols that any implementor can read, build against, and extend without asking permission. When you send an email, you don't think about which server is on the other end. When you query a database, your application doesn't break because the vendor released a new version. These things work because the contract between components is public, stable, and enforced by convention rather than by a single company's product roadmap." "AI infrastructure in 2026 looks nothing like this." "Every orchestration platform -- every system for defining AI agent teams and running them at scale -- speaks its own language. One platform expects a YAML file with a steps array. Another uses a Python SDK with decorators. A third has a visual editor that exports to a proprietary JSON format. None of them interoperate. A team you build on platform A cannot run on platform B without a full rewrite." Um. Ok, what would this standardization look like? A common API spec between proprietary and open source models? There's no specific proposal here for a standard, only lists of "pros" and "cons". What do you all think standardization in AI would look like?

The Leiden Declaration on Artificial Intelligence and Mathematics. "Calls for action to address the challenges posed by the use of artificial intelligence within mathematics research." So named, I think, because it originated at Leiden University, which is in Leiden in the Netherlands, about midway between The Hague and Amsterdam. "Current automated techniques can produce plausible but unreliable (or even incorrect) arguments which are difficult to distinguish from correct mathematical proofs. This applies not only to informal arguments, but also to formalizations, where the difficulty lies in the translation between computer-encoded and human presentations of concepts. These fast-moving developments put our present system of review under increasing pressure, jeopardizing our ability to implement traditional standards for the correctness, transparency, and independent verifiability of proof." "Technologies that draw extensively on the published mathematical commons undermine the traditional system of attribution. Models trained on published works frequently return outputs that do not properly cite the human works they synthesize." "Technologies which affect the way in which mathematics is practiced may disturb the current system of incentives. The use of artificial intelligence -- and thus also the sort of problems which it can address -- may become incentivized for its own sake, disrupting our mechanisms for hiring, funding, and recognition. This disadvantages researchers who do not have access to the technologies or decision-making related to them, or who are unwilling to use technologies controlled by organizations whose values they do not share." When I read "organizations whose values they do not share", I immediately thought, wait, aren't the AI companies "aligning" AI with "human values"? Shouldn't it be impossible for anyone to not share values with these companies? The problem with different humans having different "values" is something I thought of decades ago before "alignment" was a catchword. Also, this document has a "values" section that lists values including mathematics being done by specific authors who take credit for mathematical discovery and assume responsibility for correctness, and making mathematical arguments transparent and subject to independent verification. "Proper evaluation is endangered if results are communicated through informal channels such as press releases or blog posts, often without any research paper or other disclosure of information necessary for scientific evaluation. This practice seeks publicity for new results on market timelines before the accepted processes of community evaluation in mathematics can take place. In many cases this leads to simplifications in reporting, such as overemphasizing the significance of automated tools and undervaluing the prior human contributions which have made those tools possible." "These developments put the autonomy of mathematics under threat. The increasing involvement of technology companies in mathematical research raises the risk that research questions may come to be prioritized because of their amenability to automated mathematics, rather than expert judgment of their deeper significance." What followes is sections on "Recommendations for individual mathematicians", "Recommendations for mathematical organizations and not-for-profit research funders", and "Recommendations for policymakers in government and elsewhere". The "Recommendations for individual mathematicians" are: Disclose tool use, support the needs of reviewing, adhere to principles of open science, retain the responsibility for correctness, affirm the humanity of authorship, put effort into proper attribution, participate in public discourse, stay informed about the emerging technologies, welcome new contributors, consider carefully which tools to use, and evaluate the ethical consequences of your work, and take action accordingly. The "Recommendations for mathematical organizations and not-for-profit research funders" are: Build expertise and plan strategically, take the lead on policies for publishing and reviewing, maintain standards of rigor, protect the rights of authors, insist on appropriate publication outlets, support public research laboratories, provide frameworks for collaboration, and align funding with values. The "Recommendations for policymakers in government and elsewhere" are: Protect the rights of authors, don't believe the hype, regulate the artificial intelligence industry, and invest in public computational infrastructure.

"Putin's options after the war has stalled." Since we seem to be at a turning point in the war in Ukraine, any "futurist" worth their salt has to report/comment on it. So I'm bringing you all this video. Since I know some of you might not want to watch an 18-minute video, I'll summarize, or you can use this to decide if the whole video is worth watching. Anders Puck Nielsen, a military analyst in Denmark, makes a matrix with 4 options on the Y axis and 3 "parameters" on the X axis. The 4 options are: 1. Accept defeat, 2. Freeze the conflict, 3. Mass mobilization, and 4. Dramatic escalation -- attack the European countries that are supporting Ukraine's war economy. The 3 "parameters" are: 1. Chance of Russia winning the war, 2. Chance of saving the Russian economy, and 3. Regime security risk for Putin -- how it affects or undermines Putin's legitimacy as the leader of Russia. He fills out the matrix with his estimations as follows: For "Accept defeat", the chance of Russia winning the war is "None", the chance of saving the Russian economy is "Medium", and the regime security risk for Putin is "Medium". For "Freeze conflict", the chance of Russia winning the war is "Medium", the chance of saving the Russian economy is "Low", and the regime security risk for Putin is "Low". For "Mass mobilization", the chance of Russia winning the war is "Low", the chance of saving the Russian economy is "None", and the regime security risk for Putin is "High". For "Escalation", the chance of Russia winning the war is "Medium", the chance of saving the Russian economy is "Medium", and the regime security risk for Putin is "High". As for which option he thinks Putin will take, (spoiler!) it's mass mobilization. He thinks Putin won't accept defeat because it goes against what he perceives as Putin's political goals for the war. Escalation is the most dangerous option. It is the only option with a significant chance of winning the war -- and quickly. It directly addresses "the root causes of Russia's predicament," in his estimation, namely that Western Europe is willing to keep funding Ukraine's war. He also says, because this option aims to end the war quickly, it also offers the prospect of saving the economy. It's a high-risk/high-reward gamble. In his opinion, Putin's smartest move is to try to freeze the conflict. It puts Ukraine in a perpetual frozen war. Putin freezes the war simply by ordering soldiers on the front line to stop trying to advance, and instead defend the existing front line, freezing it in place. Advancing Russian soldiers are currently the primary targets of Ukrainian drones. However, he does not think Putin will do this. He thinks Putin will go for the mass mobilization option. He thinks Putin's generals will convince him that if he (Putin) just gives them another 300,000 or 400,000 or 500,000 troops, they can solve the problem. He (Anders Puck Nielsen) considers this option "the stupidest one of them all" according to his matrix but still thinks it's the one Putin is most likely to choose. He thinks soon Putin will have no choice but to choose one of these 4 options and adds that Western European countries need to be prepared for the possibility that he might choose the most dangerous option and they might be heading into a military confrontation with Russia in the final phases of the war in Ukraine.

The papal encyclical from Pope Leo XIV, called Magnifica Humanitas, was released by the Holy See on May 25. It was rumored beforehand that it would be about safeguarding the human person in the time of artificial intelligence. I never heard of an "encyclical". Apparently popes in the past wrote what we today would call a "flyer" but they would do it periodically like a newsletter so it was called an encyclios, which got translated into English as "encyclical". Does it matter what the Pope says about AI? I wish I could say I read the papal encyclical, but, I didn't have the patience to read 80 pages, especially as a lot of it has very flowery language. Maybe, besides being always pressed for time, I'm having some of the short attention span that affects so many of us in this digital age? What I'm trying to get at is I just skimmed this document, so I'm not really responding to the document in full. Having said that, my overall take is, the Pope is primarily concerned with dehumanization and injustice. He is concerned the use of AI will lead to dehumanizing effects, and that it will make the world less just. Justice seems to be a theme running through the whole document, not just the parts about AI. Dehumanization was more in the parts about AI. He calls upon his followers, and the makers of AI, to choose to use AI in their daily lives, or to create AI, in ways that center humanity, rather than being dehumanizing, and in ways that increase justice in the world, rather than decrease justice. Some quotes to follow. (This may seem like a lot, but remember, it's coming from an 80-page document so is actually a small fraction.) "It is not possible to provide a single, comprehensive definition of AI. What can be stated, however, is that we must avoid the misconception of equating this type of 'intelligence' with that of human beings. These systems merely imitate certain functions of human intelligence. In doing so, they often surpass human intelligence in speed and computational capacity, offering tangible benefits across many fields. Yet this power remains entirely tied to data processing. So-called artificial intelligences do not undergo experiences, do not possess a body, do not feel joy or pain, do not mature through relationships and do not know from within what love, work, friendship or responsibility mean. Nor do they have a moral conscience, since they do not judge good and evil, grasp the ultimate meaning of situations, or bear responsibility for consequences. They may imitate language, behavior and analytical skills, or even simulate empathy and understanding, but they do not understand what they produce, for they lack the affective, relational and spiritual perspective through which human beings grow in wisdom. Even when these tools are described as capable of 'learning,' their way of doing so is different from that of a human person. It is not the experience of those who allow themselves to be shaped by life and grow over time through choices, mistakes, forgiveness and fidelity. Rather, it is a form of statistical adaptation based on data and feedback, which can be very effective, but does not imply inner growth." [page 37 paragraph 99] "The speed and simplicity with which information, complex analyses, media content and practical assistance can be accessed undoubtedly makes life easier. Yet they can also encourage excessive reliance and the search for ready-made answers, and weaken personal creativity and judgment. The apparent objectivity of the responses and suggestions these systems provide can lead us to overlook the fact that they reflect the cultural assumptions of those who designed and trained them, with all their strengths and limitations. The artificial imitation of positive human communication -- words of advice, empathy, friendship and even love -- can be engaging and at times genuinely helpful. However, for less discerning users, it can also be misleading, creating the illusion of a relationship with a real personal subject. When words are simulated, they do not build genuine relationships, but only their appearance. The artificial imitation of care or support can become particularly risky when it enters contexts where real relationships and emotional bonds are lacking. Here, the danger is not so much that a person may believe they are communicating with another person, but rather that they may gradually lose the very desire to form genuine human connections." [page 37 paragraph 100] "Important and sensitive decisions -- concerning employment, credit, access to public services or even a person's reputation -- risk being fully delegated to automated systems that do not know 'compassion, mercy, forgiveness, and above all, the hope that people are able to change,' and can therefore give rise to new forms of exclusion. There are clearly harmful uses, such as the manipulation of information or violations of privacy. Yet there is also a subtler danger, for when AI systems present themselves as neutral and objective, they end up reflecting and reinforcing the stereotypes or ideological bias of their designers and developers." [page 38 paragraph 102] "Indeed, entrusting an algorithm in practice with the power to select who is worthy or not, without anyone bearing responsibility for that judgment, is to hand over the task of redefining the boundaries of human possibilities. In this process, political responsibility is also lost, not just empathy toward those excluded, which can, after all, be simulated. The exclusion of the vulnerable becomes cloaked in a veneer of neutrality and objectivity, against which it becomes difficult to raise objections. In this way, injustice goes unnoticed, and compassion, mercy and forgiveness -- understood not as mere appearances but as real political actions -- gradually disappear from view." [page 38 paragraph 103] "If a system is designed or used in a way that treats some lives as less worthy, or excludes them without the possibility of appeal, then it is not merely a tool 'to be used well,' since it has already introduced criteria that contradict the inalienable dignity of the human person. For this reason, ethical discernment cannot be limited to asking whether we are using a system for good or bad purposes; it must also examine how that system is designed and what vision of the human person and society is embedded in the data and models that guide it." [page 39 paragraph 104] "Calling for prudence, rigorous evaluation and even, at times, a slower pace in adopting AI does not mean opposing progress; instead, it is an exercise of responsible care for the human family. This need is all the more urgent given the frequent imbalance between the speed of technological growth and the slower development of awareness, norms, safeguards and institutions capable of governing its effects. It is not enough to invoke ethics in the abstract; robust legal frameworks, independent oversight, informed users and a political system that does not abdicate its responsibility are required. Otherwise, change will be governed only by technocratic thinking and presented as necessary and inevitable, ultimately imposing rules shaped by those who control data, infrastructure and computing power." [page 39 paragraph 106] "We cannot be satisfied with merely calling for the moralization of machines -- the so-called 'alignment' of AI with human values -- without also having the courage to insist on a further condition: the possibility of openly discussing the ethical frameworks involved and subjecting them to shared standards of social justice. Otherwise, those who control AI will impose their own moral vision, which will become the invisible infrastructure of these systems." [page 39 paragraph 107] "I would like to employ the expression 'to disarm,' which is close to my heart. Disarming AI means freeing it from the mentality of 'armed' competition, which today is not limited simply to the military context, but is also an economic and cognitive phenomenon. This entails a race for ever more powerful algorithms and larger datasets, driven by the desire to secure geopolitical or commercial dominance. To disarm means discrediting the assumption that technical power automatically confers the right to govern." [page 40 paragraph 110] "I wish to address a special appeal to those who develop artificial intelligence. In one sense, technological innovation can represent human participation in the divine act of creation. Developers, therefore, bear a particular ethical and spiritual responsibility, for every design choice reflects a vision of humanity. Just as the creator of an artistic or literary work must consider the values it conveys, so developers are called to embed values in their projects with due seriousness: with transparency, responsibility toward affected communities and careful attention to ensuring that what is being cultivated is a genuine good." [page 40 paragraph 111] "Sometimes there is talk of 'artificial moral agents,' as if machines were able to distinguish between right and wrong with greater consistency than a human being. Yet moral judgment cannot be reduced to calculation, for it involves conscience, personal responsibility and the recognition of the other as a person. Therefore, it is not permissible to entrust lethal or otherwise irreversible decisions to artificial systems." [page 67 paragraph 198]

"On May 18, 2026, a large-scale supply chain attack campaign tracked as Megalodon injected malicious GitHub Actions workflows into over 5,500 open-source repositories within a single six-hour window. The campaign targeted repositories with weak branch protection, pushing backdoored CI workflow files designed to steal secrets from every subsequent pipeline run including cloud credentials, SSH keys, API tokens, and GitHub Actions OIDC tokens." "GitHub Actions workflows run arbitrary shell commands with access to every secret injected into the CI environment. When a repository grants id-token: write permission, workflows can also mint short-lived OIDC tokens that authenticate directly to cloud providers without static credentials. This makes the CI runner a high-value target: a single workflow execution can yield AWS access keys, GCP service account tokens, Azure IMDS credentials, Kubernetes configs, and all repository secrets simultaneously." This is the first time I've heard of this type of attack, an attack on a continuous integration/continuous delivery (CI/CD) pipeline. But according to this text, it's actually not novel. Have you all heard about this type of attack before? The article goes on to say: "Megalodon is a textbook direct Poisoned Pipeline Execution (d-PPE) attack, a class of CI/CD attack where an adversary with write access to a repository injects malicious code directly into workflow definition files, causing the CI system to execute attacker-controlled commands on the next pipeline run. Unlike indirect PPE (i-PPE), which requires a pull request from a fork, d-PPE exploits direct push access to the default branch, bypassing any pull request review gate entirely."

"Tesla self-certifies level 4 autonomous vehicles in Texas." "A new Texas law allows companies with SAE Level 4 or higher autonomous vehicles to offer commercial driverless transportation." "Tesla wasted no time in self-certifying their vehicles. On the same day the law went into effect, Tesla officially self-certified their FSD software on their robotaxi vehicles as Level 4 compliant." "By certifying its software as Level 4 for commercial operations, Tesla is willfully absorbing a substantial portion of the operational liability. It's legally stating that its vehicles can operate themselves without any human supervision or intervention under certain conditions. These conditions are typically based on weather, region (geofense), or speed." The article goes on to explain what distinguishes the Society of Automotive Engineers (SAE) level 2 and level 4 certifications.

"I audited 200 Claude Code skills. 26 were trying to steal your tokens." Claims the home page of SkillVault, a commercial service ($129) for Claude skills. A "skill" is just a set of instructions in natural language to Claude on how to do things (format a weekly report, adhere to a company's brand guidelines, analyze data using a specific methodology, etc). Like a prompt, but reusable. Generally they are in a folder with the skill name in a file called SKILL.md. After reading this, I suspect you should just hang on to prompts you want to reuse as skills rather than downloading skills from other people. There's a good chance there's an attack buried in them somewhere.