Vercel, a cloud platform for app development and deployment, disclosed a breach of its internal systems discovered on Sunday, April 19, 2026. The company confirmed unauthorized access to certain internal systems and says a "limited subset of customers" was impacted, with those customers being contacted directly. Vercel has engaged an incident response provider, notified law enforcement, and is actively investigating. The company has not specified which systems were compromised or the total number of affected customers. Online posts have linked the breach to ShinyHunters, a threat group known for combining social engineering and vulnerability exploitation to target organizations, then monetizing access by selling stolen data or making financial demands of victims. Vercel offers a broad range of developer and enterprise services, including offerings focused on agentic AI workloads.

BYTE Magazine, launched in 1975, was a foundational publication for the early personal computing community, running until the 1990s. Issue #1 is preserved on the Internet Archive, where it has accumulated nearly 18,500 views. The magazine was notable for its book-like heft — often 300–500 pages — and an overwhelming ad-to-editorial ratio of roughly 3:1. Its editorial range spanned technical deep-dives like assembler programming and IC recycling to hardware kit guides, reflecting an era when computing was transitioning from hobbyist curiosity to mainstream inevitability. Regular columns included Steve Ciarcia's hands-on hardware work and Jerry Pournelle's polarizing "Chaos Manor," which drew both devoted fans and sharp critics. The magazine was founded by Wayne Green, whose ownership was later lost to his wife in a divorce. BYTE's August 1981 Smalltalk issue became iconic, and its cover art by Robert Tinney, who died in February 2026, is widely remembered. Full archives are available at both archive.org and vintageapple.org, with a refined reader interface at byte.tsundoku.io.

The Nanopass Framework is an embedded domain-specific language (DSL) designed to simplify compiler construction by encouraging many small, focused passes and numerous intermediate representations (IRs). Its central promise is reduced boilerplate, making compilers easier to understand and maintain. Users debate whether this many-pass philosophy is universally sound: real-world experience from compilers like Vale and Mojo suggests that misplaced logic across passes can compound tech debt, sometimes making a smaller number of larger passes the more pragmatic choice. The optimal pass count is seen as language-dependent — Scheme, for example, naturally decomposes into stages like lexing, parsing, macro expansion, alpha renaming, CPS transformation, closure conversion, and codegen. Some question whether more passes inherently slow compilation regardless of output quality, arguing that fewer, heavier passes are more performant in theory.

A feature built into HD Audio codecs — called jack retasking — lets software silently reconfigure a headphone or speaker port as a microphone input without any hardware changes. Researchers exploited this on Realtek ALC-series chips, embedded in the vast majority of consumer PCs, to capture intelligible audio through standard output-only speaker hardware. The underlying physics makes this possible: a speaker driver is electromagnetically identical to a microphone capsule, and the same coil-in-magnetic-field mechanism that produces sound when driven with current will generate current when driven by sound. The attack, presented at USENIX WOOT 2017 under the name SPEAKE(a)R, is most threatening against air-gapped machines assumed safe precisely because they lack a dedicated microphone. Because jack retasking operates at the codec level and audio drivers offer minimal visibility into port configuration state, the conversion is difficult to detect through normal OS-level monitoring.

Seven foundational "ur-languages" underlie all modern programming: ALGOL (imperative sequences, loops — parent of C, Python, Java); Lisp (parenthetical prefix syntax with macro systems enabling language redefinition — parent of Clojure, Scheme); ML (first-class functions, Hindley-Milner typing, recursion-based iteration — parent of Haskell, OCaml); Self (pure message-passing without classes — inspiration for JavaScript, Smalltalk); Forth (stack-based reverse-Polish notation with replaceable parsers — parent of PostScript, Factor); APL (n-dimensional array operators so terse symbol sequences become labels — parent of J, K, NumPy); and Prolog (fact-and-rule logic executed as search — parent of SQL, Mercury). Crossing ur-language boundaries requires building new neural pathways, unlike switching within a family. All programmers should master an ALGOL language first, then SQL as practical Prolog, then one new ur-family per year — Haskell, PLT Racket, gForth, K, and OCaml suggested in rough priority order. ALGOL has historically absorbed features from other families, including Self-derived classes in the 1980s and ML-derived type inference since 2010.

Pausing a video game is deceptively complex, with developers using a wide range of techniques. Many engines support pausing by setting timescale to zero, but some developers avoid engine edge cases by using an extremely small number like 0.000000001 instead. A common trick is taking a screenshot at pause-time, hiding all game objects, and displaying that image behind the pause menu — freeing memory while maintaining visuals, though sometimes causing a one-frame delay. Games also have multiple distinct pause types: standard menus, inventory, controller disconnect, and OS overlays each require different handling, and conflicts between them produce bugs. Developer war stories include Mario Sunshine's pause misaligning collision logic modulo 4, a Dota 2 bug where clicking skill-up buttons advanced the game one frame per click during pause, and Microsoft Flight Simulator's "active pause" shipping broken for years — freezing the plane but leaving physics, fuel, and instruments running. A common beginner mistake is having every object poll a paused flag each frame, tanking performance; the better pattern gates an entire object hierarchy from a single top-level node.

A web-based CRT shader studio offers a layered properties panel with extensive real-time controls including scanline intensity, mask scale, barrel distortion, convergence, vignette, phosphor beam focus, chroma retention, shadow lift, persistence, noise, flicker, glitch speed, and bloom parameters for radius, softness, intensity, and threshold. The tool targets creative users wanting to apply retro CRT visual effects, with a floating-window UI and video export capability. Performance is a noted limitation, and the tool has been compared to the established shaders.com platform.

The pairwise order of a sequence applies the sign function to successive differences, producing a sequence of -1, 0, and 1 values that captures local ordering relationships. Formally defined as Order(X) = ⟨sgn(ΔX)_i | 1 ≤ i < |X|⟩, it is analogous to a discrete derivative and works over any strict weak ordering, not just numbers. Key properties include: sorted sequences have no -1 values; reverse-sorted sequences have no 1 values; sequences of distinct elements have no 0 values. Several disorder measures — Runs (count of descending neighbor pairs), Mono (count of monotonic runs minus 1), and Amp — can all be redefined purely in terms of the pairwise order, reducing their analysis to studying changes among -1, 0, and 1 values. Equal elements, often ignored in literature following Mannila's axioms, are handled naturally: the 0 values they contribute to the pairwise order are irrelevant to Mono and Amp, meaning Mono(Unique(X)) = Mono(X) and similarly for Amp. This equivalence simplifies comparisons between measures, and the author plans to use the framework to fully analyze the relationship between Mono and Amp in a future article.

Skiplists are randomized structures offering O(log n) operations via layered "express lane" linked lists. Antithesis hit a practical problem: tree traversal in Google BigQuery, which is optimized for parallel scans but slow at point lookups. Walking parent-pointer trees requires serial point lookups BigQuery handles poorly, but splitting data across two databases would require two-phase commit. Their solution — "skiptrees" — stores a tree as a hierarchy of SQL tables at different node densities, each row tracking its nearest higher-level ancestor and all intermediate nodes. This enables ancestor queries with ~40 fixed JOINs instead of recursive queries, scanning roughly twice a single table's data total due to geometric table sizing. The key insight: skiplists' naive implementations still perform adequately, making the approach viable in SQL where a naive B+ tree would fail. The SQL queries were kilobytes long and generated by a JavaScript compiler. They later found skiptrees resemble the established "skip graphs" distributed structure, and eventually built their own analytic database with native tree query support.

Turtle WoW, a popular WoW private server running eight years, announced a complete shutdown after Blizzard won a copyright injunction from a September lawsuit. Servers close May 14; forums and social media follow October 16. All servers were fast-forwarded to the final patch so players can experience new raids before closure. Developer Torta called the project "the highlight of our lives." Turtle WoW offered a "Classic Plus" experience — new raids, zones, playable races, and dungeons in vanilla WoW's pre-expansion era without raising the level cap or incorporating modern lore. Court documents show defendant AFKCraft Ltd. allegedly generated millions between 2018–2026, strengthening Blizzard's case. The shutdown echoes Nostalrius, shuttered in 2015 just before Blizzard announced WoW Classic. The team's plea for a fan-server licensing framework, akin to EverQuest's Project 1999 or City of Heroes's Homecoming, went unanswered.

FSB Colonel Dmitry Kovalev defended Russia's doping program before Swiss arbitrators while working within the FSB directorate responsible for Novichok poisonings of Navalny, Skripal, and others. After whistleblower Dr. Rodchenkov exposed the Sochi 2014 scheme — where FSB officers swapped urine samples through a "mouse hole" — Russia relocated its doping operation to Signal Scientific Research Centre, which shares personnel, address, and director (Maj. Gen. Bogdanov) with the assassination program. Victor Tarachenko, linked to the Skripal poisoning, runs Signal's lab covering both nerve agents and performance drugs. Kovalev's FSB 8th Department has operatives embedded across Russian sports federations, with contacts saved in phones as "Andrey Doping." Phone records show Kovalev calling Bogdanov during both 2020 Navalny poisoning attempts while preparing arbitration testimony. His partner Veronika Loginova now leads RUSADA, publicly positioning it as a model organization despite whistleblower allegations of her 2014 cover-up role. The Court of Arbitration found Russia guilty of "deliberate, sophisticated and brazen" manipulation, imposing a two-year ban.

NIST scientists developed a 3D-stacked photonics chip integrating lithium niobate and tantalum pentoxide (tantala) on silicon wafers to generate a full color spectrum from a single laser. Lithium niobate handles electro-optic color conversion and high-speed switching; tantala—deposited at room temperature to avoid thermal damage—outputs visible and infrared wavelengths simultaneously. The result is ~50 fingernail-sized chips with 10,000 photonic circuits each on a beer-coaster wafer, every circuit outputting a unique color. Key applications include quantum computers and optical atomic clocks, which require precise wavelengths matched to atomic transitions (780nm for rubidium, 461nm for strontium)—currently requiring bulky, expensive lasers confined to specialized labs. Portable optical clocks could enable GPS alternatives, earthquake prediction, and dark matter research. NIST also sees potential in AI chip interconnects and VR displays. The team collaborated with Octave Photonics, a Louisville startup, to scale production. Research appeared in Nature on April 15, 2026.

Cornell German instructor Grit Matthias Phelps introduced a manual typewriter assignment in spring 2023 after students used generative AI and translation tools to produce perfect but personally unwritten work. She sourced old typewriters from thrift shops, banning screens, dictionaries, spellcheckers, and delete keys, with her young children serving as "tech support" to keep phones away. The exercise forced deliberate thinking, acceptance of imperfection, and peer interaction—freshman Catherine Mong embraced odd spacing to write in E.E. Cummings' style despite a broken wrist, while CS sophomore Ratchaphon Lertdamrongwong found it transformed his classroom interactions, prompting him to ask classmates for help rather than delegating to AI or Google. Most students' pinkies proved too weak for touch-typing, and errors were marked with X's rather than deleted. The typewriter revival reflects a broader national trend toward in-class pen-and-paper exams and oral tests to prevent AI-assisted cheating.

Making speed the top organizational priority systematically destroys cross-team communication, shared infrastructure, and code quality. When deadlines are tight, teams skip expert input, bypass consensus, and eject from shared systems like design systems or codebases—creating duplicative, incompatible components that accumulate technical debt. Resolving system gaps requires the very conversations that speed culture eliminates, so teams duplicate and diverge, hiding time bombs for future engineers. AI tools worsen this dynamic because LLMs always say yes while colleagues might say no, letting engineers avoid difficult human conversations entirely. Documentation, security, performance, and developer satisfaction all erode under sustained speed pressure. Engineering Management's real job is aligning teams toward users and shared goals—not maximizing ticket throughput—and the counterintuitive antidote is slowing down to talk, which enables faster and more durable delivery.

A community tool comparing anonymous token usage between Claude Opus 4.6 and 4.7 finds 4.7 consumes 35–45% more tokens for identical prompts due to a new tokenizer mapping the same text to more tokens at the same per-token price. Anthropic's benchmark data shows 4.7 costs ~11% less overall due to fewer output tokens, but real-world users report dramatically faster limit consumption — some exhausting weekly quotas in hours. The tokenizer change compounds with more verbose output and invisible thinking tokens, pushing effective cost deltas closer to 1.5–2x. On reasoning-heavy tasks 4.7 may be cheaper (reasoning costs dropped ~50%), but lighter tasks cost more. Many users find quality improvements marginal for fine-grained coding, while others note genuine intelligence gains in conversational and design contexts. The situation sparked debate about whether pricing reflects real capability improvements or a de facto price hike through model versioning.

Adobe's dominance faces pressure as competitors go free or slash prices. Autograph (After Effects rival) relaunched free for individuals after Maxon's acquisition. Canva made Cavalry free and merged Affinity Designer 2, Photo 2, and Publisher 2 into a single free app (previously $69.99 each). DaVinci Resolve 21 added Lightroom-rivaling photo editing and Affinity file support. Apple's $12.99/month Creator Studio bundles Final Cut Pro, Logic Pro, Pixelmator Pro, and more — a fifth of Adobe's $69.99 Creative Cloud Pro — while still offering one-time purchases. Blender, Figma's free tier, and Procreate (one-time, anti-AI, coming to Mac) further erode Adobe's ecosystem lock-in. Adobe continues charging $69.99/month for Creative Cloud Pro and $34.49/month for standalone After Effects, with subscription exit penalties. Aggressive cloud integration, ToS changes, and subscription-only pricing have alienated casual and power users, though Lightroom's masking tools remain technically competitive.

Joe Armstrong, creator of Erlang, describes a minimal ticketing system invented by his colleague Peter Högfeldt in 1986. The system stores numbered text files with structured headers (ticket number, owner, status, title) checked into CVS version control, and generates reports simply by running grep against the files and piping to wc. Its longevity stems from its radical simplicity: users learn it quickly, bugs were ironed out decades ago, and it never tries to be everything to everyone. Armstrong contrasts this with bloated modern software that constantly changes and grows complex, arguing that a small, stable, well-understood tool outperforms feature-rich alternatives over time. The shell script shown — a one-liner grepping for 'status:open' across all ticket files — exemplifies this philosophy of composing small Unix tools rather than building monolithic systems.

A browser-based demo converts natural language diagram descriptions into Excalidraw drawings using Gemma 4 E2B, running entirely client-side in Desktop Chrome 134+. The key optimization is the TurboQuant algorithm — combining polar quantization and QJL — which compresses the KV cache ~2.4×, enabling longer conversations within GPU memory limits. Rather than outputting raw Excalidraw JSON (~5,000 tokens), the LLM generates compact intermediate code (~50 tokens), dramatically reducing output length. The algorithm is implemented in WGSL compute shaders for GPU execution at 30+ tokens/second, while a companion npm package (turboquant-wasm) delivers the same algorithm via WASM+SIMD for CPU-side vector search. The demo requires WebGPU subgroup support and ~3GB RAM, which excludes Safari, iOS, and Firefox; mobile browsers cap well below the memory threshold.

Before GPS, the B-52 used an electromechanical Astro Compass for celestial navigation, with the Angle Computer performing spherical trigonometry mechanically. It physically modeled the celestial sphere on a 2 5/8-inch half-sphere, positioning a star pointer via declination, local hour angle, and latitude inputs, then reading azimuth and altitude through synchro transmitters. The 19-component system tracked stars with a photomultiplier-tube telescope stabilized by gyroscopes, with navigators sourcing star data from the Air Almanac. Coordinate conversion used the "navigational triangle," linking fixed celestial coordinates to local horizontal ones via Greenwich and Local Hour Angles. The system also supported lines of position: comparing measured vs. expected star altitude let navigators draw positional lines, and three-star intersections yielded a location fix. Digital computers were rejected in 1963 as too expensive and unreliable; resolvers were rejected for size. The final design merged mechanical gearing, vacuum tubes, transistors, synchros, and servo amplifiers — soon obsoleted by digital technology.

The binary GCD algorithm, rooted in ancient China and rediscovered by Josef Stein in 1967, avoids slow integer division by using only bitwise shifts, comparisons, and subtractions. While Euclid's algorithm spends ~90% of its time on the idiv instruction, the binary approach replaces divisions with __builtin_ctz (count trailing zeros) to strip all trailing even bits at once, nearly halving iterations via the geometric series argument. The naive branchy recursive implementation is actually slower than std::gcd, so three key optimizations are applied: stripping all powers of 2 up front with ctz, handling the even-even case only once at entry, and recognizing that after entering the odd-odd subtraction branch the result is always even, allowing the loop to stay exclusively in that branch. The resulting implementation runs in 116ns vs std::gcd's 198ns. A further critical-path optimization moves the __builtin_ctz call to operate on diff = b - a directly — since trailing zeros are sign-independent — decoupling it from the abs computation and shortening the dependency chain, bringing runtime to 91ns. The optimizations were originally developed by Daniel Lemire and Ralph Corderoy in 2013.

An airline employee was arrested in Dubai after sharing images of March 2026 Middle East bomb damage in a private WhatsApp group with colleagues. Police accessed the closed chat via "electronic monitoring operations," saved the evidence, then lured him to a meeting before arresting him. He faces charges of publishing information harmful to state interests—maximum two years—and remains in detention with the case escalated to State Security Prosecution. Advocacy group Detained in Dubai's CEO stated police explicitly confirmed conducting surveillance capable of detecting private WhatsApp messages. The UAE holds majority stakes in telecoms Etisalat and Du, giving security services broad network monitoring power. The UAE has also deployed Pegasus spyware, which can infiltrate devices via unanswered WhatsApp calls without user interaction, accessing all messages and contacts. Other tourists and airline crew have reportedly been detained merely for receiving content they never publicly shared.

A developer found a cheap USB RFID card reader and needed to capture its input exclusively, preventing it from spamming keypresses to other applications. USB RFID readers present themselves as HID keyboards, so without intervention their scanned output goes to whatever app has focus. The Linux kernel's EVIOCGRAB ioctl provides exclusive device access, and while Python libraries wrap it, the author preferred a dependency-free Go implementation. The device is located via /dev/input/by-id/, opened as a file, and grabbed with a raw syscall.Syscall to SYS_IOCTL. The program then reads binary inputEvent structs (matching the kernel's input_event layout: timestamps, type, code, value), filters for EV_KEY press events (value==1), maps Linux key codes to characters via a hardcoded keyMap, and buffers runes until KEY_ENTER (code 28) signals end-of-card, at which point the full RFID string is printed. On exit, EVIOCGRAB is released by passing a nil pointer as the third argument.

A New York-based blogger visiting SF for two weeks finds injectable GLP-1 drugs — retatrutide and tirzepatide from gray-market Chinese suppliers — have replaced AI as the dominant social currency at Bay Area parties. At a "spring gay peptide party," founders were building peptide companies, guests injected each other, and jello shots were served in syringes. Saying you "work in AI" now carries the same unimpressive weight as saying you work in tech. Extreme right-wing politics, once fashionable, have become widely embarrassing over six months, with figures like Curtis Yarvin ostracized. Tesla FSD reportedly improved dramatically and now beats human drivers, though still trails Waymo. SF's social dynamics are compared to high school cliques and a feudal system of tech "Great Houses." A SoMa warehouse doubles as a co-working space for young founders chanting to AI chatbots to escape the "permanent underclass." The city's culture of excess is attributed to high sincerity, where ideas escalate to radical extremes. The author prefers building an AI startup in NYC, arguing it enables focus on results over trend-chasing hype.

Japan leads the world in rail at 28% of passenger kilometers—France manages 10%, Germany 6.4%, the US just 0.25%—driven by policy, not culture. The core model is "railway-as-city-builder": companies like Tokyu own housing, retail, and entertainment along corridors, capturing spillover value pure rail operators miss, a model pioneered by Hankyu founder Kobayashi Ichizo. Japan banned roadside parking in the 1950s and requires proof of off-street space before buying a car, starving city centers of parking. Liberal zoning and land readjustment—two-thirds of landowners can authorize replanning—enabled dense urban cores and easy station-area development. JNR's 1988 privatization into vertically integrated regional companies cut workforce by half, eliminated 83 loss-making lines, and freed JR companies to emulate the city-builder model. Fare maximums are set generously to preserve profit incentives; capital subsidies target specific public goods like level crossing removal. The article argues these policies are replicable: 19th-century American railroads used the same model before cars, restrictive zoning, and excessive price controls dismantled it.

A software engineer with roughly a decade of experience has launched a solo consultancy targeting SMEs struggling with back-office operations—spreadsheet automation, brittle workflows, poor reporting, awkward integrations, and AI that works in production rather than just demos. Rather than building a generic agency, the founder wants to work with businesses that already feel operational pain. To attract initial clients, they're offering 10 free hours to the first five clients, and asking the community how they landed early consulting projects—whether through personal networks, content marketing, cold outreach, partnerships, or subcontracting.

IPv6 was never merely "IPv4 with more addresses" — it was a radical redesign intended to eliminate Layer 2 bridging, MAC addresses, ARP, DHCP, and broadcast domains entirely. The mess began when IP was grafted onto bus-topology LANs, requiring MAC addresses, ARP to map IP destinations to hardware, and DHCP for address assignment. Bridging emerged as a hardware-fast workaround for interconnecting LANs, creating a largely undebuggable parallel infrastructure alongside IP routing. IPv6 designers in the early 1990s recognized all of this and aimed to obsolete it, but fatally neglected mobile IP — keeping sessions alive across address changes. The root flaw is TCP/UDP's 4-tuple (src IP, src port, dst IP, dst port) crossing Layers 3 and 4, tying sessions to addresses. The fix would be Layer-4-only session UUIDs so sessions survive address changes; QUIC's connection IDs already approximate this. Meanwhile, LTE keeps mobile IP working only by tunneling all traffic to a central bridged megaLAN — costly and high-latency. Until TCP/UDP are replaced and IPv4 retired, bridging, ARP, NAT, and SDN remain necessary crutches, preventing the elegant internet IPv6 originally promised.

A writer reflects on traveling to New York with friends she met through repeated viewings of Operation Mincemeat, a Broadway musical about British WWII spies who fooled Hitler with a fake corpse and forged documents. What began as solo theatergoing evolved into a Twitter community, Discord, and WhatsApp group, culminating in a transatlantic trip with dozens of like-minded fans. She draws a parallel between the show's theme — misfits pursuing an unlikely plan — and her own experience of unlikely friendship through shared obsession. She pushes back against cultural pressure to appear detached and ironic, arguing enthusiasm is mistaken for immaturity when deep caring is how meaningful connection happens. Quoting a reworked Tennyson, she argues it's better to care about something you can't control than to care about nothing, especially in a cynical era. Her core message: find something you love, find others who love it too, and refuse to apologize for it.

A critical RCE vulnerability (GHSA-xq3m-2v4x-88gg) was disclosed in protobuf.js, a JavaScript Protocol Buffers library with ~50M weekly npm downloads. The flaw stems from the library building JavaScript functions by concatenating unvalidated schema-derived identifiers and executing them via the Function() constructor. An attacker supplying a malicious schema can inject arbitrary code executed when the app processes messages, enabling access to credentials, databases, internal systems, and lateral movement. Developer machines loading untrusted schemas locally are also at risk. Discovered by Endor Labs researcher Cristian Staicu on March 2, a patch landed on GitHub March 11 and npm April 4 (8.x) / April 15 (7.x). Users should upgrade to 8.0.1 or 7.5.5. The patch strips non-alphanumeric characters from type names; Endor recommends eliminating Function() for attacker-reachable identifiers entirely as a longer-term fix. No active exploitation has been observed, though a public PoC exists and exploitation is described as straightforward. Additional mitigations include auditing transitive dependencies, treating schema-loading as untrusted input, and using precompiled static schemas.