Many people think any given ML project is 99% training.
In reality, it’s 50% evaluation, 40% data cleaning, 8% integration, and 2% training.
The first two set the noise floor for learning. No ML magic matters; the model cannot lower the noise floor, as that’s the optimal bound of Shannon encoding of your data.
Thus, not a single day goes by without me thinking about ontology. Even the old labels have to be constantly reviewed.
‼️🚨 BREAKING: An AI found a Linux kernel zero-day that roots every distribution since 2017. The exploit fits in 732 bytes of Python. Patch your kernel ASAP.
The vulnerability is CVE-2026-31431, nicknamed "Copy Fail," disclosed today by Theori. It has been sitting quietly in the Linux kernel for nine years.
Most Linux privilege-escalation bugs are picky. They need a precise timing window (a "race"), or specific kernel addresses leaked from somewhere, or careful tuning per distribution. Copy Fail needs none of that. It is a straight-line logic mistake that works on the first try, every time, on every mainstream Linux box.
The attacker just needs a normal user account on the machine. From there, the script asks the kernel to do some encryption work, abuses how that work is wired up, and ends up writing 4 bytes into a memory area called the "page cache" (Linux's high-speed copy of files in RAM). Those 4 bytes can be aimed at any program the system trusts, like /usr/bin/su, the shortcut to becoming root.
Result: the next time anyone runs that program, it lets the attacker in as root.
What should worry most: the corruption never touches the file on disk. It only exists in Linux's in-memory copy of that file. If you imaged the hard drive afterwards, the on-disk file would match the official package hash exactly. Reboot the machine, or just put it under memory pressure (any normal system load that needs the RAM), and the cached copy reloads fresh from disk.
Containers do not help either. The page cache is shared across the whole host, so a process inside a container can use this bug to compromise the underlying server and reach into other tenants.
The original sin was a 2017 "in-place optimization" in a kernel crypto module called algif_aead. It was meant to make encryption slightly faster. The change broke a critical safety assumption, and nobody noticed for nine years. That bug then rode every kernel update from 2017 to today.
This vulnerability affects the following:
🔴 Shared servers (dev boxes, jump hosts, build servers): any user becomes root
🔴 Kubernetes and container clusters: one compromised pod escapes to the host
🔴 CI runners (GitHub Actions, GitLab, Jenkins): a malicious pull request becomes root on the runner
🔴 Cloud platforms running user code (notebooks, agent sandboxes, serverless functions): a tenant becomes host root
Timeline:
🔴 March 23, 2026: reported to the Linux kernel security team
🔴 April 1: patch committed to mainline (commit a664bf3d603d)
🔴 April 22: CVE assigned
🔴 April 29: public disclosure
Mitigation: update your kernel to a build that includes mainline commit a664bf3d603d. If you cannot patch immediately, turn off the vulnerable module:
echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf
rmmod algif_aead 2>/dev/null || true
For environments that run untrusted code (containers, sandboxes, CI runners), block access to the kernel's AF_ALG crypto interface entirely, even after patching. Almost nothing legitimate needs it, and blocking it shuts the door on this whole class of bug...
Welcome Salesforce Headless 360: No Browser Required! Our API is the UI. Entire Salesforce & Agentforce & Slack platforms are now exposed as APIs, MCP, & CLI. All AI agents can access data, workflows, and tasks directly in Slack, Voice, or anywhere else with Salesforce Headless 360. Faster builds, agentic everything. 🚀
#Salesforce #Agentforce #AI
https://t.co/mxySdJS7HR
Executive compression is happening faster than anyone expected.
Workday's CTO took "Member of Technical Staff" at Anthropic. Atlassian's CTO took "Business Lead" at Stripe. Mike Krieger went from CPO to MTS on the Claude Code team. Instagram cofounder voluntarily dropping "Chief" from his title to write code.
Four senior executives in six months all made the same bet: get closer to the work.
AI tools are collapsing the ratio of managers to makers. One senior IC with Claude Code and deep domain knowledge is starting to outproduce a 15-person team with three layers of oversight. The management layer that made sense when shipping software required 200-person orgs is compressing fast.
When that happens, the value of "Chief" anything drops and the value of "person who actually builds" spikes. A CTO managing 500 engineers is less differentiated than an engineer who can ship with frontier models.
The smartest executives in tech are dismantling the ladder and moving to the floor where the work happens. The org chart of 2030 is going to look nothing like today, and these moves are the first draft.
sent this to the team today
everything great comes from being able to delay gratification for as long as possible
and it feels like we're collectively losing our ability to do that
Brilliant post by CEO of Cursor.
Your next software engineering teammate isn't human.
- The first era of AI software development relied on Tab autocomplete to automate repetitive, single-keystroke coding tasks.
- The second era introduced synchronous agents guided by developers through prompt-and-response loops, leading to agent users outnumbering Tab users two-to-one.
- A third era is now emerging, driven by autonomous cloud AI agents capable of tackling large tasks independently over extended periods.
These cloud agents deliver easily reviewable artifacts like live previews, videos, and logs instead of traditional code diffs.
The developer's role is transitioning from writing code to defining problems, setting review criteria, and managing multiple simultaneous agents.
Internal metrics at Cursor show that autonomous cloud agents already generate 35% of their merged pull requests.
Early adopters of this third-era workflow write almost no code, spending their time entirely on problem breakdown and artifact review.
Scaling this approach requires resolving environmental issues, like flaky tests, that can interrupt autonomous agent runs at an industrial level.