Articles I read in 2026

Week 9, 2026

• Taste for Makers

  • Systematically organizing the principles of "good design" that transcend fields like mathematics, painting, architecture, and software, it argues that taste is not merely a subjective preference but a practical, trainable skill.
  • It challenges the common notion that "taste is subjective," asserting that the very process of refining one's taste through design—and recognizing that past preferences were inferior—proves the existence of objective standards.
  • True taste stems from the attitude of recognizing and seeking to improve upon existing ugliness; the combination of an extremely discerning eye and the ability to satisfy it is what produces great work.

  Saying that taste is just personal preference is a good way to prevent disputes. The trouble is, it's not true. ... A novice imitates without knowing it; next he tries consciously to be original; finally, he decides it's more important to be right than original.

• Vibe Password Generation: Predictable by Design - Why LLM-Generated Passwords Are Dangerously Insecure

  • Analysis of 50 passwords generated by Claude Opus 4.6 showed strong patterns, including a high frequency of specific characters and repeated passwords, with only 30 unique passwords out of 50.
  • Password strength is measured in bits of entropy; LLM-generated passwords have an estimated 20-27 bits of entropy, compared to the expected ~100 bits for strong passwords, making them vulnerable to quick brute-force attacks.
  • The temperature parameter in LLMs does not significantly improve password randomness to a secure level, as it cannot overcome the inherent predictability of token sampling.

• Why is Claude an Electron App? - If code is free, why aren’t all apps native?

• uBlockOrigin-HUGE-AI-Blocklist - A huge blocklist of manually curated sites that contain AI generated imagery for uBlock Origin & uBlacklist.

• I verified my LinkedIn identity. Here's what I handed over

Week 8, 2026

• Don't Trust the Salt: AI Summarization, Multilingual Safety, and Evaluating LLM Guardrails
  • AI summarization tools, while beneficial, should not be solely relied upon by researchers who need to apply critical thinking and subjective understanding.
  • The author developed a method called Bilingual Shadow Reasoning to demonstrate how AI model outputs, particularly in multilingual summarization, can be subtly steered by customized policies (system prompts), potentially bypassing safety guardrails.
  • Customized policies can align LLM outputs with specific political or cultural framings, as shown in an example where Farsi-language policies mirrored the Iranian government's framing of human rights to conceal violations.
• Use Protocols, Not Services

  • The Internet is almost anonymous and privacy-preserving by design. I mean, unless some administrator actively tries to track you, there is no built-in identity layer.

  • The debate centers on the trade-offs between open protocols and centralized services, with services often winning due to convenience and rapid feature development, despite potential long-term downsides like enshittification and vendor lock-in. - https://news.ycombinator.com/item?id=47038588
• Q: I want to wash my car. The car wash is 50 meters away. Should I walk or drive? - What do you think the LLM output was?
• Introducing Markdown for Agents
  • Converting HTML to markdown reduces token usage by approximately 80%, improving cost and processing efficiency.
  • Supports real-time HTML→Markdown conversion at the network level based on the Accept: text/markdown header.
• 15+ years later, Microsoft morged my diagram

Week 7, 2026

• Chrome extensions spying on users' browsing data
• Why is the sky blue? - And the sunset red? But the Martian sky red and sunset blue?
  • The sky appears blue because blue photons from sunlight are scattered more by Earth's atmosphere than other colors, dispersing them throughout the sky.
  • The preferential scattering of blue light is due to the resonant frequencies of nitrogen and oxygen molecules in the atmosphere, which are closer to the frequency of blue light.
  • Violet light scatters even more than blue light, but the sky appears blue rather than violet because human eyes are less sensitive to violet light.
  • Sunsets appear red because the sunlight travels through more atmosphere, scattering away most of the blue and green light, leaving primarily red light to reach our eyes.

Week 6, 2026

• Safe-Now.live - Ultra-light emergency info for USA and Canada
• Leaked chats expose the daily life of a scam compound's enslaved workforce
• Ian's Shoelace Site
• Claude Code is suddenly everywhere inside Microsoft - Microsoft sells GitHub Copilot to its customers, but it increasingly favors Claude Code internally.

Week 5, 2026

• No more boring drawings! - HowWhy to draw something

  Carefully composed drawings can show our relation to the world. It is interesting because we have made a conscious choice of what is important to us. And chances are that this is also interesting for others.

• Thief of $90M in seized U.S.-controlled crypto alleged to be government crypto contractor's son
• The future of software engineering is SRE

  • Everybody wants to write a greenfield demo. Nobody wants to run a service.
    • The first 90% to get a working demo is easy. It's the other 190% that matters.
  • People don't buy software, they hire a service. - result

• The '3.5% rule': How a small minority can change the world
  • Nonviolent protests are twice as likely to succeed as armed conflicts.
  • Civil resistance involving a threshold of 3.5% of the population actively participating has never failed to bring about change.
  • Erica Chenoweth's research analyzed hundreds of campaigns over the last century to compare the success rates of nonviolent versus violent protests.

    • Chenoweth has backed off her previous conclusions in recent years, observing that nonviolent protest strategies have dramatically declined in effectiveness as governments have adjusted their tactics of repression and messaging. See eg The Harvard Professor Who Quantified Democracy - https://news.ycombinator.com/item?id=46759139

• Bugs Apple Loves
  • https://news.ycombinator.com/item?id=46727587

Week 4, 2026

• AI slop security reports submitted to curl
• The Influentists - The trend of 'hype first and context later' is characterized by individuals called 'The Influentists' who leverage large audiences to propagate unproven or misleading claims.

  • Doesn't the existence of consumer products like ChatGPT indicate that LLMs aren't able to do human-level work? If OpenAI really had a digital workforce with the capabilities of ~100k programmers/scientists/writers/lawyers/doctors etc, wouldn't the most profitable move be to utilize those "workers" directly, rather that renting out their skills piecemeal? - https://news.ycombinator.com/item?id=46624115

• [Our approach to advertising and expanding access to ChatGPT](https://openai.com/index/our-approach-to-advertising-and-e

  • This sounds exactly like what Google used to say about search results. Just a few ads, clearly separated from organic results, never detracting from the core mission of providing the most effective access to all the world’s information. (And certainly not driven by a secret profile of you based on pervasive surveillance of your internet activity.) - https://news.ycombinator.com/item?id=46650756
  • People are reacting negatively to the ads, but there's a bigger point. This is bearish as heck for AGI. If OpenAI were recursively improving their general-computer-using agent, who was going to be superhuman at every job, they wouldn't need to be messing around with things like this. - https://news.ycombinator.com/item?id=46653567

Week 3, 2026

• The struggle of resizing windows on macOS Tahoe

Week 2, 2026

• Cross-Site Request Forgery is dead! - Same-Site Cookies. SameSite=Strict, SameSite=Lax
• CSRF Protection without Tokens or Hidden Form Fields - The so called "modern" method to protect against CSRF attacks is based on the Sec-Fetch-Site header, which all modern desktop and mobile browsers include in the requests they send to servers.
• Meta made scam ads harder to find instead of removing them

Week 1, 2026

• Meta's AI tools are going rogue and churning out some very strange ads
• Maybe the default settings are too high
  • Slowing down the pace of consumption, whether reading or eating, significantly enhances enjoyment and comprehension.
  • Default consumption speeds, possibly influenced by modern living's abundance, often reduce the rewards of activities.
  • Clichés like 'less is more' and 'stop and smell the roses' are profound insights that lose their meaning when consumed too rapidly.
• Tiled.art

---

Backlinks

• Luke