ai

Jason Snell, writing for Six Colors ahead of WWDC:

The act of trying to describe an app to an AI coding engine is a clarifying one. The more you describe the app, the harder your brain has to work, because it’s always more complicated than you think it’s going to be. The decisions you make determine what the app comes to be.

I’ve lived this. Not building a Mac app — building product features, internal tools, prototypes that used to require a sprint cycle and three rounds of eng back-and-forth to get wrong before getting right. With AI coding tools, I describe what I want, iterate in real time, and have something working the same afternoon. The feedback loop collapsed.

That is genuinely transformative in a way that most PM takes on AI are not. It’s not “AI helps you write better PRDs.” It’s that the PRD and the product are now the same step. You write it precisely enough, and it exists. The spec became the code.

What Snell nails — and what took me a while to internalize — is that this doesn’t make the PM role smaller. It makes it higher stakes. Engineers used to absorb the ambiguity in your requirements. They’d make judgment calls, ask clarifying questions, fill in the gaps with experience. AI doesn’t do that. It builds exactly what you described, including the parts you didn’t think through. Soft specs produce broken software immediately and visibly. There’s nowhere to hide.

The PMs who thrive in this are the ones who were already rigorous — who could hold the full system in their head, anticipate edge cases, write requirements that meant something. The rest are about to find out which category they’re in.

None of this means PMs are replacing engineers at companies building real software. Complex systems, scale, architecture decisions, code quality that actually holds under load — that still requires engineers, and good ones are still the constraint. What’s changed is the surface area of what a PM can do independently: prototypes, internal tools, proofs of concept, things that used to require eng time just to validate whether an idea was worth pursuing. That whole category is now self-serve.

Snell wraps with a call for Apple to fix Xcode. Fine. But the bigger question isn’t the tools — it’s whether product people will take the wheel now that they can. Some will build things that matter. Most will ask for a Jira ticket anyway.

Ryan Whitwam, writing for Ars Technica on Microsoft’s Project Solara — an Android-based OS for “agent-first” enterprise gadgets, unveiled at Build 2026:

“What if the work badge at the end of your lanyard had a touchscreen, 5G connectivity, a camera, microphones, and a fingerprint scanner?”

That’s not a new computing paradigm. That’s a lanyard with rent.

Microsoft’s headline is agents instead of apps. The deliverables are a desk Echo clone and an employee badge that records meetings, transcribes on tap, and uses its camera to “take action on the environment.” Solara runs on MDEP — Microsoft’s enterprise fork of Android — with “just-in-time UI” so the agent draws whatever interface it feels like today. Full Android on your chest, because the future of work apparently needed more attack surface.

Whitwam is blunt about the maturity level: Microsoft admits it’s still a concept and none of it works yet. Nadella reportedly pushed the team to show it at Build sooner than they’d normally go public. GeekWire’s behind-the-scenes reporting fills in the rest: the healthcare demo isn’t a clinical tool, the business model beyond Azure is still taking shape, and one badge demo scanned a brainstorm board and suggested adding plants.

Best Buy, CVS, Target, and Levi’s are lined up for pilots. I don’t doubt enterprises will try anything with “agent” in the deck. I doubt the badge is the revolution. It’s the endpoint — camera, mic, 5G, Intune-managed — where the inference bill lands.

The agent wave may be real. Solara is Microsoft stapling it to the one form factor HR already makes you wear. Apps were never the problem. Distribution was.

Adafruit’s post about a demand letter from Fenwick, sent on behalf of Defy Gravity, Inc. Flux.AI, is the kind of thing that makes “responsible disclosure” sound like a joke the lawyers are in on.

Adafruit:

Adafruit accessed only information that Flux’s own systems made publicly available through a server misconfiguration. Adafruit’s reporting concerns a matter of public security interest and was conducted in the ordinary course of responsible disclosure.

That is the whole fight in two sentences. A company exposes something, a reporter notices, and suddenly the story is not the exposure. The story is whether the reporter can afford the blast radius of saying so.

The Computer Fraud and Abuse Act has always been a handy fog machine for this move. You do not need to win the argument on security if you can make the other side spend money proving they were allowed to look at what your server handed them.

The AI angle makes it uglier, not more novel. A startup selling the future should not need the oldest trick in the crisis-PR drawer: threaten the people who found the mess. If your public systems leak public facts, the problem is not the public.

NVIDIA is selling the agent future as a laptop spec.

Sean Hollister, reporting for The Verge on NVIDIA’s RTX Spark, the GB10 superchip from last year’s DGX Spark, now headed for Surface laptops and a pile of OEM flagships this fall:

“This is the most efficient PC chip ever built,” says Nvidia senior director of product management Mark Aevermann, without sharing so much as a single statistic or chart to back that up.

The agent wave is real. This chip is the upsell.

NVIDIA and Microsoft want you to believe personal AI changes what a PC is. You’ll talk instead of click. Local agents will mute your mic and fix your GitHub while you grab dinner. Maybe. But the hardware story is simpler. Take the same Arm superchip already sold as a desk toy. Bolt it into premium Windows laptops with up to 128GB of unified memory. Call it a new computing paradigm.

128GB local matters if you’re running big models or building agents for a living. It does not dethrone the cloud for everyone else. Training still lives in datacenters. Frontier models still live in datacenters. Your browser tab is not moving to a petaflop in your backpack. Hollister is right to stay skeptical until NVIDIA shows charts instead of keynote renders.

The tell is the form factor. NVIDIA pitches always-on personal agents and “all-day” thin laptops in the same breath. An agent that only runs when the machine is awake, plugged in, and not thermally throttling is not a teammate. It’s a screensaver with ambitions.

CUDA on your desk is the business model. The next wave in AI is software: agents, runtimes, who owns the loop. RTX Spark is NVIDIA’s bet that enough of that loop can be taxed at the silicon layer if the keynote is loud enough. That’s not a revolution. It’s a product category.

Sid, writing about the Instagram account takeover fiasco:

The very fact that a $1.5 trillion company lacks robust guard rails and their support AI will just change anyone’s linked email if you ask it nicely enough is so terrifying, if it weren’t so funny.

This is the inevitable endpoint of replacing support with a permissioned chatbot: the bot does not merely answer questions. It holds keys.

Meta can call this patched and move on. Fine. The bug is patched. The architecture is still hilarious in the bleak way: a recovery flow trusted an AI support agent to distinguish a locked-out owner from an attacker with a VPN and a target username.

Two-factor authentication did not save people because the system treated the attacker as the recovered owner. That is the whole indictment. Security controls downstream of a bad identity decision become decorative trim.

The industry loves “AI support” because it sounds like cost reduction without consequence. Here is the consequence: the cheapest employee in the company got promoted to locksmith.

Ivan Mehta, reporting for TechCrunch:

“AI companies are ruthlessly scraping public websites, given their endless need for training data, which is degrading site performance across the board,” Martin said. We’ve had multiple instances in the last several months where performance has been diminished and, in some cases, impaired. Beyond scraping the public sites, they’re also trying to use our API to get access to our data, ignoring API terms.”

Strava adding an $11.99 monthly fee for API access looks small because the number is small. That is the trick. The real product here is not the fee; it is a locked door with a price tag on it.

For years, fitness platforms got to posture as community infrastructure. Routes, clubs, segments, public profiles — the webby stuff that makes the app feel bigger than a training log. Then the crawlers arrived, and suddenly “public” started looking less like openness and more like an unpaid data export.

The IPO timing makes this even cleaner. Investors do not want a charming commons. They want controlled assets, enforceable terms, and a story about discipline. “We stopped the scrapers” is a better roadshow slide than “we trust the ecosystem.”

Developers will get the memo. AI companies already got theirs and ignored it.

Owen McGrann, writing in The Palimpsest:

In competitive markets, an automating firm captures the full cost savings from replacing workers but bears only a fraction of the resulting demand destruction. In a market with twenty competitors, each firm feels one-twentieth of the demand it destroys. The rest falls on rivals. This creates a prisoners’ dilemma: every firm rationally automates beyond the socially optimal level, because the individual incentive to cut labor costs always outweighs the diffuse, shared consequence of eliminating consumer spending.

This is the argument the AI industry doesn’t want to have. Not “can the models do the work” — they can, increasingly. But “what happens when every firm fires its customers?”

The AI Layoff Trap, as Wharton economists Hemenway Falk and Tsoukalas call it, is a prisoners’ dilemma dressed in quarterly earnings calls. Block cuts half its workforce citing AI coding agents, the stock jumps 25% after hours. Rivals see that and follow. Every rational move toward automation is collectively irrational.

The optimist’s rebuttal is that the economy has always absorbed automation. Agriculture went from 90% of the workforce to 2%. Sixty percent of today’s jobs didn’t exist in 1940. True. But the agricultural transition took 140 years. The Industrial Revolution took 70 before wages recovered. The AI industry is compressing this into a decade.

The difference this time is speed and scale. When the product is the removal of the customer base, the feedback loop closes fast enough to matter.

Daniel Stenberg, creator of curl, finally got his hands on Anthropic’s Mythos — the AI model Anthropic deemed too dangerous to release publicly. The results are embarrassing. For Anthropic.

My personal conclusion can however not end up with anything else than that the big hype around this model so far was primarily marketing. I see no evidence that this setup finds issues to any particular higher or more advanced degree than the other tools have done before Mythos.

Here’s the setup, in case you missed the April media blitz. Anthropic announced Claude Mythos Preview — a model “dangerously good” at finding security flaws. Zero-days in every major OS. Four-vulnerability exploit chains. Bugs that had sat in OpenBSD for 27 years. The company said it was so dangerous they couldn’t release it to the public. Instead they’d trickle access to “selected partners” through something called Project Glasswing.

The world panicked. “Is this the end of software security as we know it?” The press ate it up. The framing was perfect: “Our AI is so powerful we’re scared of it ourselves.”

Stenberg’s data point punctures all of it.

Curl is 178,000 lines of C. It runs on 20 billion devices. It’s been scanned by AISLE, Zeropath, and OpenAI’s Codex Security — tools that have collectively found 200 to 300 bugs in the last year alone. It’s arguably the most heavily audited C codebase on the planet.

Mythos scanned it and found five “confirmed” vulnerabilities.

After the curl security team reviewed them: one was real. Severity: low. The other four were false positives or documented API behavior.

One. Low. On the most scrutinized codebase available.

Anthropic’s own risk report — the one that set off the panic — says over 99% of the vulnerabilities they found haven’t been patched yet and can’t be disclosed. Convenient. The 1% they can talk about are framed as watershed moments. But the single independently verifiable test on a well-known target produced a single low-severity CVE.

This doesn’t mean Mythos is useless. Stenberg is careful to say the bug reports it did produce were well-explained and the false positive rate was low. AI code analyzers are genuinely better than traditional static analysis. Any project that hasn’t been scanned with AI tooling will probably find a lot.

But “dangerously good”? Too dangerous to release? The data doesn’t support that story. The story supported the story.

Calling this a marketing stunt isn’t cynical. It’s just accurate. Anthropic invented a crisis — “our model is too powerful to share” — and everyone played along. The real test on real code says Mythos is maybe incrementally better than tools already available. That’s worth talking about. It’s not worth a global panic.

The security community should keep scanning code with AI. It finds bugs. It makes software safer. What it doesn’t need is a lab coat and a scary soundtrack.

Anthropic shipped Claude Opus 4.8 today. Better across the usual benchmarks — coding, reasoning, agentic tasks. Same price. Available now.

That’s the headline. Here’s what actually matters.

Opus 4.8 didn’t ship alone. It came with three things that have nothing to do with model weights:

1. Effort control on claude.ai. Users can now tell Claude how hard to think. Want a quick answer? Dial it down. Working through a legal contract or system architecture? Crank it up. This isn’t a gimmick — it’s an admission that one-size-fits-all inference is wasteful, and the user should decide where the compute goes.

2. Dynamic workflows in Claude Code. This is the big one. Claude Code can now decompose massive problems into parallel sub-tasks and orchestrate them. It’s not just writing code anymore — it’s running a miniature engineering team. If you’ve used Claude Code for anything non-trivial, you know this is the feature that makes it go from “helpful junior dev” to “actually shipping things.”

3. Fast mode got 3× cheaper while running at 2.5× speed. That’s not a marginal improvement. That’s a pricing signal — Anthropic wants fast mode to be the default for most interactions, reserving full Opus for when you actually need it.

The model itself is better. That’s table stakes now. What’s interesting is that Anthropic is building a platform. The model is the engine. The product is everything around it — developer tools, user-facing controls, pricing that makes deep reasoning accessible without burning your budget.

Six months ago, the AI conversation was “who has the best model?” Today it’s “who has the best system?” Anthropic just made a strong argument that those are different questions.

Jeremy Gray, for PetaPixel: VSCO is running a campaign built around a letter from CEO Eric Wittman that pushes back against the idea that generated images make the photographer obsolete.

“Your eye, the way you see the world, can’t be generated. It can’t be prompted. It’s irreplaceable.”

The letter names the pressures: platforms that bury original work in reels, brands that would rather skip the shoot and generate the image instead, and the steady drumbeat telling working photographers to give up. VSCO’s answer is blunt: real work made by real people has never mattered more.

They’ve also shipped AI features in their own product. The distinction they’re drawing is that the tools can handle the drudgery; the eye that decides what matters in the frame cannot be faked later.

The campaign pairs photographers working in both digital and film, documenting each other. It’s not a rejection of technology. It’s a reminder that the part worth paying for — or looking at twice — is the one decision no prompt can outsource.

No one but you is behind the lens.

Océane Herrero, reporting for POLITICO: Silicon Valley is doing what Silicon Valley always does when it smells a regulator — show up early, talk ethics, and call it partnership.

The April 29 gathering was the latest in a series of meetings that, taken together, amount to a quiet lobbying push by the tech industry ahead of Leo’s first encyclical, according to interviews with seven people for this article.

The funny part isn’t that Meta and Amazon are lobbying. Of course they are. The funny part is that they’re lobbying the Vatican because the Vatican still does something almost nobody else in public life can do anymore: write a moral argument meant to outlast the news cycle.

If Leo XIV publishes an encyclical that takes AI seriously and treats “responsible development” as something other than a press release, it will annoy the right people. Which is a decent early signal that it might be worth reading.