Annie Vella

I've got an agent in a loop optimizing a renderer with the goal to minimize frame times (and tests to measure). It got times down from 88ms to 2ms and allocations down from ~150K to 500. Sounds good, right? Wrong. This is exactly why agent psychosis is a big fucking problem. As an experiment, I rewrote the Ghostty core render state in Go, with access to identically laid out data structures as Ghostty and the exact same validation tests. I made a purposely naive renderer (simple, correct, but slow). 88ms per frame with 150,000 allocations (horrendous, lol)! I then kickstarted a Ralph loop to bring the frame times down. I told it it can't modify input data structures or the public API or tests (they're correct), but it can do anything else it wants. It got to work. It has worked for about 4 hours. I've spent around $350 on this experiment so far. The results? 88ms => 1.5ms 150K allocs => ~500 allocs Incredible right? Nope. My hand-written renderer I ported has frame times (same benchmark) of ~20us (0.020ms) and 0 allocations in the update path. This is the problem with psychosis and lacking systems understanding. If you don't understand the system, you're going to accept that this is an incredible result. If you understand the system, you'll see better solutions immediately and can do roughly 75x better on throughput. The people who blindly trust agent output are in the former camp. They're sheeple, overdrinking from a fountain of mediocrity. Standard disclaimer: I use AI all the time. I like AI. The point I'm making is to not blindly accept results. Think. Analyze. Learn.

Take whatever number of people you thought might be in jobs related to AI deployment in the enterprise and multiply it by 10. Then probably 10 again. A major topic that keeps coming up in talking to CIOs across enterprises of all sizes and industries is the implementation gap for getting agents to work at scale and organizations on mission critical work. As the task goes from implementing a chat system that’s basically an LLM plus search, to connecting to real production systems that both can deliver meaningfully better productivity gains but also introduces meaningfully more risk, a whole new set of work has to be done. You have to ensure the right level of protection of data, updates to access control controls, migration of legacy systems to common modern platforms, create observability across what agents are doing, implement new workflows, figure out the human in the loop moments, drive the change management of the new workflows, and more. Then, all of a sudden the model capabilities get updated and you have to do a set of the above steps over again. Half of what you’ve done is obsolete, and the other half needs to be upgraded to take advantage of new capabilities. Or, token budgets run hot and you have to peel off some of the workloads to lower cost models that will be more cost effective. But then you have to go through those same steps. Enterprise are trying to figure out what is the right set of roles to go and implement the systems in their organization to ensure that the workflows are actually being executed properly, ensure it’s not just slop being produced, and to make sure their organization remains safe and secure. Many companies are starting by repositioning existing IT talent in these functions, but there’s also a growing need for the equivalent of internal FDEs to go take on these tasks in an enterprise. The looks incrementally closer to software engineering than it does traditional IT implementation. Next, almost all AI vendors (labs and the software players) will have some form of next-gen FDE or Applied AI architecture functions to help support these use-cases. The benefit here will be these companies have an incentive to make their capabilities work well so they can bring best practices from a range of customers they’re seeing and directly from the product innovation. And finally, we’re seeing the rise of all new AI services firms or major parts of existing services firms move into AI implementation. Companies will often want to bring in ostensibly neutral players that can work across their tech stack but also have seen best practices across their vertical. There are going to be tons of new service providers that get launched to do this, and many will eventually go and disrupt (or get acquired) by the larger player. Either way, all told, we’re in for years of AI diffusion, and along with it tons of new roles and areas of work to be done to deploy AI at scale.

Are you into safety ∩ AI coding (if not, you should ;-) and you are itching to try out all the cool new features in Claude Code, are you curious about Google's fabulous antigravity, or convinced open models are the way to go? Then participate in the https://t.co/JFNmn8L2Ar. Top teams from this hackathon are invited to apply to the https://t.co/UlCxFsDOmM (June-October 2026). The projects and mentors look amazing! https://t.co/4JQFA1cb5y

🚨 The "𝙼𝚎𝚐𝚊𝚕𝚘𝚍𝚘𝚗" Campaign is live... 𝟻,𝟽𝟷𝟾 malicious commits to 𝟻,𝟻𝟼𝟷 GitHub repositories in a six-hour window. Using throwaway accounts and forged author identities (build-bot, auto-ci, ci-bot, pipeline-bot), the attacker injected 𝙶𝚒𝚝𝙷𝚞𝚋 𝙰𝚌𝚝𝚒𝚘𝚗𝚜 workflows containing 𝚋𝚊𝚜𝚎𝟼𝟺-𝚎𝚗𝚌𝚘𝚍𝚎𝚍 bash payloads that exfiltrate: - CI secrets, - cloud credentials - SSH keys - OIDC tokens - source code secrets Check your repo / Technical details: https://t.co/tua3jYU1wa

https://t.co/Pej8fwcevm For a long time now, I have been pitching that we need a new programming language that is design specifically for AIs, and not for human ergonomics and binary computers. So far, I have been consistently laughed out of the room. What I have implemented might be a bit different from what you have in mind; - I do think we need a real programming language to interface between humans and AIs (not markdown). - The language should be amendable for formal verification (and *automatic* theorem proving) by trusted, non-AI checkers. - The language be mechanically sympathetic to how models compute, or as I say, should be the mentalese or language of thought for them. - Programs in this language orchestrate external tools, basically they are fancy scripts. - Computations at the leafs is still done on traditional computers (no need to teach models to do arithmetic), and we do not really need new languages to specify those.

Next.js just got its worst vulnerability ever, CVSS 8.6. → affects versions 13.4.13+, 14.x, 15.x, and 16.0.0–16.2.4 → attackers can access your internal services, cloud credentials, API keys, and admin panels → no authentication needed → one crafted request is all it takes → roughly 79,000 instances are exploitable right now → vercel-hosted apps are safe, self-hosted are not upgrade to 15.5.16 or 16.2.5 immediately.

🚨 UPDATE: 19 MILLION exposed NGINX instances hit by the 18-year-old NGINX RCE found by AI. Top exposure by country: - United States: 5,340,011 - China: 2,540,008 - Germany: 1,871,780 Note on ASLR as added security: not all of these instances will have ASLR disabled, but every one of them is running a version inside the vulnerable band. The vulnerability is a heap buffer overflow. ASLR randomizes memory layout, which makes reliable RCE much harder because the attacker cannot predict where their payload or useful gadgets land. But the overflow itself still happens. The corrupted memory still causes the NGINX worker process to crash. ASLR-enabled hosts are still trivially DoS-able. ASLR-disabled or non-PIE builds are RCE-able. Either way, patch ASAP!