Compiler construction is one of the oldest, best understood CS fields. It's decades of work by the brightest minds, and it's grounded in logic, informed by experience and strictly deterministic.
Comparing that with LLM-based coding agents is just wrong.
https://t.co/4EVmjMIAwn
In the 80s I loved the sublime satisfaction of writing an entire application, game, utility myself, knowing every detail, from the key press to what happens at the transistor junction. In the "modern" world of "professional software engineering" that feeling has always eluded me, drowned out by the bureaucracy of hierarchy, instinct extinguished by a "style" guide, a clever optimization trick banned by "maintainability", any glance at the chance of getting close to metal forbidden by "security", my youthful agility weighed down by the middle age spread of APIs and frameworks. I yearn for those BBC BASIC and 6502 assembly days on my BBC Microcomputer Model A of total self-control and self-determination. Finally, AI coding agents are the Wegovy/Zepbound of software weight loss drugs, the only dependency injection I actually need, letting me knock up an entire application in an afternoon, giving me back my lightweight agility and freeing me from the weight of process over creativity. For those about to hack, we salute you.
In 2026, we have CPUs with billions of transistors and 2-nanometer architecture, yet it takes your laptop longer to open a basic "To-Do" app today than it took a computer in 1995 to launch a word processor.
This is Wirth's Law: Software is getting slower more rapidly than hardware becomes faster. We have essentially "spent" all our hardware gains on layers of abstraction, unoptimized libraries and AI-generated code bloat
The Claude C Compiler is the first AI-generated compiler that builds complex C code, built by @AnthropicAI. Reactions ranged from dismissal as "AI nonsense" to "SW is over": both takes miss the point.
As a compiler🐉 expert and experienced SW leader, I see a lot to learn: 👇
Writing is thinking
Outsourcing the entire task of writing to LLMs will deprive us of the essential creative task of interpreting our findings and generating a deeper theoretical understanding of the world.
Reading Microsoft’s new Void Blizzard report, one thing stands out (again): Everything is about credential theft, phishing, and tokens. Initial access comes from buying or stealing creds - often through low-effort phishing. All the real action happens in the cloud, not on endpoints.
Gone are the days of multi-stage attacks where you’d see lateral movement, privilege escalation, or fancy malware on file servers. Now it’s just: steal creds, log in to cloud, exfiltrate data, repeat. Detection? Only possible if you have access to expensive cloud logs. No logs, no chance.
The perimeter has shifted from endpoints to identity. The detection surface shrank from your whole network down to some logs you might get from your cloud provider if you pay extra. Honestly, not sure if that’s “progress” or just shifting the visibility problem somewhere else.
This could be an incredible revolution in Cosmology.
The Dark Energy model of the universe, which won a Nobel Prize in 2011, may be completely wrong.
The accelerating expansion instead is simply because time runs faster in the voids between galaxies.
Let me explain:
There is an arms race going on between loader developers and security vendors.
I came across a particularly egregious example of this recently. I wish to share with you. 🧵
* Unauthenticated RCE vs all GNU/Linux systems (plus others) disclosed 3 weeks ago.
* Full disclosure happening in less than 2 weeks (as agreed with devs).
* Still no CVE assigned (there should be at least 3, possibly 4, ideally 6).
* Still no working fix.
* Canonical, RedHat and others have confirmed the severity, a 9.9, check screenshot.
* Devs are still arguing about whether or not some of the issues have a security impact.
I've spent the last 3 weeks of my sabbatical working full time on this research, reporting, coordination and so on with the sole purpose of helping and pretty much only got patronized because the devs just can't accept that their code is crap - responsible disclosure: no more.
Israel didn’t intercept the pagers. It built a fake company and manufactured the pagers themselves.
Imagine the paranoia that must be running through Hezbollah now. If Israel can do this, what it can it do in a war? No wonder they’re so afraid to escalate.
Web programmers seem to have no idea just how fast computers have become. The vast majority of all SaaS apps ever made could easily run on a single, beefy beast. Main reason to add multiple machines is for redundancy, and even that is something you can put off for ages.