| sqlite AGENTS.md |
https://github.com/sqlite/sqlite/blob/master/AGENTS.md |
SQLite gained an AGENTS.md file [five days ago](https://github.com/sqlite/sqlite/commit/a1e5778889252d2609a59fd9b819d70392c5789e) - but it's not intended for their own development, it's presumably aimed at people who are pointing agents at the SQLite codebase. It includes:
> SQLite does not accept pull requests without prior agreement and/or accompanying legal paperwork that places the pull request in the public domain. However, the human SQLite developers will review a concise and well-written pull request as a proof-of-concept prior to reimplementing the changes themselves.
>
> SQLite does not accept agentic code. However the project will accept agentic bug reports that include a reproducible test case. Patches or pull requests demonstrating a possible fix, for documentation purposes, are welcomed.
The [most recent commit](https://github.com/sqlite/sqlite/commit/db7fe319ed5a18dbc732ab8eacea557f41cd910f) to that file removed "(currently)" from "SQLite does not (currently) accept agentic code", with the commit message "Strengthen the statement about not accepting agentic code".
Meanwhile the SQLite forum was being flooded with so many AI-generated bug reports - of varying quality - that they've now [split those off](https://sqlite.org/forum/forumpost/2e7a8d6ba4b46d8315e80fd4a1e2feb40948dff5b7b11d5ba9cea5cb40aa252b) into a [new SQLite Bug Forum](https://sqlite.org/bugs/forum). D. Richard Hipp is resolving issues on there with a flurry of commits to the codebase. |
2026-05-27 23:44:37+00:00 |
| The pressure |
https://daniel.haxx.se/blog/2026/05/26/the-pressure/ |
Daniel Stenberg on the unprecedented level of pressure the `curl` team are facing right now thanks to the deluge of (credible) AI-assisted security issues being reported.
> The rate of incoming security reports is 4-5 times higher than it was in 2024 and double the speed of 2025 -- meaning that **on average we now get more than one report per day**. The quality is way higher than ever before. The reports are typically *very* detailed and long. [...]
>
> For the first time in my life, my wife voiced concerns about my work hours and my imbalanced work/life situation. I work more than I’ve done before, but the flood keeps coming. [...]
>
> This is a never-before seen or experienced pressure on the curl project and its security team members. An avalanche of high priority work that trumps all other things in the project that is primarily mental because we certainly *could* ignore them all if we wanted, but we feel a responsibility, we have a conscience and we are proud about our work.
The good news is that `curl` is a very solid piece of software, so the vulnerabilities people are finding tend not to be of high severity:
> What is also a good trend: almost no one finds *terrible* vulnerabilities. All vulnerabilities found the last few years in curl have *all* been deemed severity LOW or MEDIUM. I'm not saying there won't be any more HIGH ever, but at least they are rare. The [most recent severity high curl CVE](https://curl.se/docs/CVE-2023-38545.html) was published in October 2023. |
2026-05-26 23:48:45+00:00 |
| Microsoft Copilot Cowork Exfiltrates Files |
https://www.promptarmor.com/resources/microsoft-copilot-cowork-exfiltrates-files |
The biggest challenge in designing agentic systems continues to be preventing them from enabling attackers to exfiltrate data.
In this case Microsoft Copilot Cowork (yes, that's [a real product name](https://www.microsoft.com/en-us/microsoft-365/blog/2026/03/09/copilot-cowork-a-new-way-of-getting-work-done/)) was allowing agents to send emails to the user's own inbox without approval... but those messages were then displayed in a way that could leak data to an attacker via rendered images:
> Because these messages can contain external images that trigger network requests to external websites, data can be exfiltrated when a user opens a compromised message sent by the agent.
Since OneDrive can create pre-authenticated download links, a successful prompt injection could cause those links to be leaked, allowing files to be downloaded by the attacker. |
2026-05-26 15:36:48+00:00 |
| Magnifica Humanitas of His Holiness Pope Leo XIV on Safeguarding the Human Person in the Time of Artificial Intelligence |
https://www.vatican.va/content/leo-xiv/en/encyclicals/documents/20260515-magnifica-humanitas.html |
This is a *very interesting* document.
Pope Leo XIV chose the name Leo in honor of Pope Leo XIII, who is known for his 1891 *[Rerum novarum](https://en.wikipedia.org/wiki/Rerum_novarum)* encyclical on "Rights and Duties of Capital and Labor".
[This story](https://www.vaticannews.va/en/church/news/2025-05/leo-xiii-s-times-and-our-own.html) on Vatican News further clarifies the significance of that decision:
> Meeting with the College of Cardinals for their first formal encounter after his election, Pope Leo XIV explained part of the reason for the choice of his papal name. "There are different reasons for this," he said, before going on to explain that he chose the name Leo "mainly because Pope Leo XIII, in his historic encyclical *[Rerum novarum](https://www.vatican.va/content/leo-xiii/en/encyclicals/documents/hf_l-xiii_enc_15051891_rerum-novarum.html)* addressed the social question in the context of the first great industrial revolution."
>
> "In our own day," he continued, "the Church offers to everyone the treasury of her social teaching in response to another industrial revolution and to developments in the field of artificial intelligence that pose new challenges for the defence of human dignity, justice, and labour."
And now we get Pope Leo XIV's own encyclical on the AI revolution. I'm still working my way through it. There's a lot in here, but the writing style is very approachable, including to non-Catholics.
I can't resist including this lightly edited segment of the transcript of our [Oxide and Friends 2026 predictions](https://simonwillison.net/2026/Jan/8/llm-predictions-for-2026/) podcast episode from the 6th of January this year:
> **Bryan Cantrill:** [37:13](https://oxide-and-friends.transistor.fm/episodes/predictions-2026/transcript#t=37m13s)
>
> I think that AI has created some real public perception problems for itself. And I think that you are gonna have one of the frontier model companies, this year, have a white paper explaining how the proliferation of AI will mean prosperity for everybody. They will be trying to make some economic argument - because this is gonna be a 2026 election issue, how we think of these things and how they are regulated and it's a big mess. There's more heat than light in this debate.
>
> **Simon Willison:** [38:05](https://oxide-and-friends.transistor.fm/episodes/predictions-2026/transcript#t=38m5s)
>
> I'd like to tag something on to that one: I think that only works if they can sort of wash that through existing trusted experts. Sam Altman and Dario are constantly publishing essays about this stuff and nobody believes a word they say. Get Barack Obama's signature on one of these position papers and *maybe* you've got something people might start to trust a little bit.
>
> **Adam Leventhal:** [38:27](https://oxide-and-friends.transistor.fm/episodes/predictions-2026/transcript#t=38m27s)
>
> Otherwise, it's just like "leaded gas is good for you", says Exxon.
>
> **Bryan Cantrill:** [38:31](https://oxide-and-friends.transistor.fm/episodes/predictions-2026/transcript#t=38m31s)
>
> I mean, yeah. God. Obama... let's go with that, that's a great one because if it's like Bill Clinton everyone's gonna kind of roll their eyes, so it's gotta be someone who's got real credibility saying that this is gonna be broad-based... I'd say if they get that person to do it, it's gonna be revealed that that's also a bit crooked.
>
> **Simon Willison:** [38:57](https://oxide-and-friends.transistor.fm/episodes/predictions-2026/transcript#t=38m57s)
>
> How about the Pope?
>
> **Bryan Cantrill:** [39:01](https://oxide-and-friends.transistor.fm/episodes/predictions-2026/transcript#t=39m1s)
>
> The Pope is very into this stuff! That's a great prediction. We've hit pay dirt. The Pope weighing in on LLMs and their economic impact on the world.
>
> Simon, I'm giving you full credit if the Pope weighs in believing that this is gonna be economic devastation.
(My prediction here looks a whole lot less insightful given the Leo XIV/Leo XIII relationship, which I was unaware of when we recorded the episode!) |
2026-05-25 20:22:56+00:00 |
| On the <dl> |
https://benmyers.dev/blog/on-the-dl/ |
I learned a few new-to-me things about the `<dl>` element from this article by Ben Meyer:
1. A `<dt>` can be followed by *multiple* `<dd>`
2. You can optionally group the `<dt>` and `<dd>` elements in a `<div>` for styling - but only a `<div>`.
3. You can label them using ARIA.
4. They've been called "description lists", not "definition lists", since [an HTML5 draft in 2008](https://www.w3.org/TR/2008/WD-html5-20080122/#the-dl).
So this is valid:
<pre><span class="pl-kos"><</span><span class="pl-ent">h2</span> <span class="pl-c1">id</span>="<span class="pl-s">credits</span>"<span class="pl-kos">></span>Credits<span class="pl-kos"></</span><span class="pl-ent">h2</span><span class="pl-kos">></span>
<span class="pl-kos"><</span><span class="pl-ent">dl</span> <span class="pl-c1">aria-labelledby</span>="<span class="pl-s">credits</span>"<span class="pl-kos">></span>
<span class="pl-kos"><</span><span class="pl-ent">div</span><span class="pl-kos">></span>
<span class="pl-kos"><</span><span class="pl-ent">dt</span><span class="pl-kos">></span>Author<span class="pl-kos"></</span><span class="pl-ent">dt</span><span class="pl-kos">></span>
<span class="pl-kos"><</span><span class="pl-ent">dd</span><span class="pl-kos">></span>Jeffrey Zeldman<span class="pl-kos"></</span><span class="pl-ent">dd</span><span class="pl-kos">></span>
<span class="pl-kos"><</span><span class="pl-ent">dd</span><span class="pl-kos">></span>Ethan Marcotte<span class="pl-kos"></</span><span class="pl-ent">dd</span><span class="pl-kos">></span>
<span class="pl-kos"></</span><span class="pl-ent">div</span><span class="pl-kos">></span>
<span class="pl-kos"></</span><span class="pl-ent">dl</span><span class="pl-kos">></span></pre>
Here's a useful note from Adrian Roselli on [screen reader support for description lists](https://adrianroselli.com/2025/01/updated-brief-note-on-description-list-support.html). |
2026-05-23 20:24:48+00:00 |
| The memory shortage is causing a repricing of consumer electronics |
https://davidoks.blog/p/ai-is-killing-the-cheap-smartphone |
David Oks provides the clearest explanation I've seen yet of why consumer products that use memory are likely to get significantly more expensive over the next few years.
The short version is that memory manufacturers - of which there are just three remaining large companies - have a fixed capacity in terms of how many wafers they can process at any one time. This fixed wafer capacity is then split between DDR - used in desktops and servers, LPDDR - used in mobile phones and low-energy devices, and HBM - used with GPUs.
Until recently, HBM got just 2% of that wafer allocation. The enormous growth in AI data centers has pushed that up to an expected 20% by the end of 2026, and "a single gigabyte of HBM consumes more than three times the wafer capacity that a gigabyte of DDR or LPDDR does".
Memory companies have learned from the extinction of their rivals that you should always under-provision rather than over-provision your fabricator capacity. The profit margins and demand for HBM (high-bandwidth memory) will constrain the production of consumer-device RAM for several years.
This is already being felt in the sub-$100 smartphone market, which is particularly important to markets like Africa and South Asia.
(The original title of the piece was "AI is killing the cheap smartphone" but I'm using the Hacker News rephrased title, which I think does more justice to the content.) |
2026-05-22 22:01:31+00:00 |
| FTC to Require Cox Media Group, Two Other Firms to Pay Nearly $1 Million to Settle Charges They Deceived Customers About “Active Listening” AI-Powered Marketing Service |
https://www.ftc.gov/news-events/news/press-releases/2026/05/ftc-require-cox-media-group-two-other-firms-pay-nearly-1-million-settle-charges-they-deceived |
Back in 2024 Cox Media Group were caught trying to sell advertisers packages based on "active listening", with [this deck](https://www.documentcloud.org/documents/25051283-cmg-pitch-deck-on-voice-data-advertising-active-listening/) which claimed:
> - Smart devices capture real-time intent data by listening to our conversations
> - Advertisers can pair this voice-data with behavioral data to target in-market consumers
I wrote about this [in September 2024](https://simonwillison.net/2024/Sep/2/facebook-cmg/). My theory:
> I think **active listening** is the term that the team came up with for “something that sounds fancy but really just means the way ad targeting platforms work already”. Then they got over-excited about the new metaphor and added that first couple of slides that talk about “voice data”, without really understanding how the tech works or what kind of a shitstorm that could kick off when people who DID understand technology started paying attention to their marketing.
This FTC press release appears to confirm that's pretty much what happened:
> CMG, MindSift and 1010 Digital Works claimed their “Active Listening” branded marketing service listened in on consumers’ conversations overheard by smart devices, in real time, to target advertising [...]
>
> According to the complaints, this service did not, in fact, listen in on consumers’ conversations or use voice data at all—nor did the service accurately place ads in customers’ desired locations. Instead, the service the companies provided consisted of reselling—at a significant markup—email lists obtained from other data brokers.
The FTC also clarify that hiding an "opt-in" to using voice data in terms of service would not be acceptable, as tricks like that do not constitute "adequate consent":
> The FTC also alleged that all three companies deceived potential customers by claiming that consumers had opted into the Active Listening service. The company, however, did not seek or obtain consumers’ consent, according to the complaints. Instead, the companies claimed that consumers had “opted in” by agreeing to the terms of service that people have to accept when downloading and using apps. Clicking through mandatory terms of service does not constitute “opt-in consent” for such an invasive service or for use of consumers’ voice data from inside their homes. If the Active Listening service had functioned as advertised, this collection and use of consumers’ voice data without adequate consent would itself violate Section 5 of the FTC Act.
Attempting to myth bust [the conspiracy theory](https://simonwillison.net/tags/microphone-ads-conspiracy/) that our mobile devices target ads to us based on spying through the microphones continues to be my least rewarding niche online hobby. It's nice to have a new piece of ammunition. |
2026-05-22 04:48:32+00:00 |
| How fast is 10 tokens per second really? |
https://mikeveerman.github.io/tokenspeed/ |
Neat little HTML app by Mike Veerman ([source code here](https://github.com/MikeVeerman/tokenspeed/blob/master/index.html)) which simulates LLM token output speeds from 5/second to 800/second.
Useful if you see a model advertised as "30 tokens/second" and want to get a feel for what that actually looks like. |
2026-05-20 17:57:45+00:00 |
| GDS weighs in on the NHS's decision to retreat from Open Source |
https://shkspr.mobi/blog/2026/05/gds-weighs-in-on-the-nhss-decision-to-retreat-from-open-source/ |
Terence Eden continues his coverage of the NHS' [poorly considered decision](https://shkspr.mobi/blog/2026/05/nhs-goes-to-war-against-open-source/) to close down access to their open source repositories in response to vulnerabilities reported to them as part of [Project Glasswing](https://simonwillison.net/2026/Apr/7/project-glasswing/).
Now the Government Digital Service have joined the conversation with [AI, open code and vulnerability risk in the public sector](https://www.gov.uk/guidance/ai-open-code-and-vulnerability-risk-in-the-public-sector), published May 14th. Their key recommendation:
> Keep open by default. Making everything private adds additional delivery and policy costs, and can reduce reuse and scrutiny. Openness should remain the default posture, with closure used sparingly and deliberately.
While they don't mention the NHS by name, Terence speaks the language of the civil service and interprets this as a major escalation:
> Within the UK's Civil Service you occasionally hear the expression "being invited to a meeting *without biscuits*". It implies a rather frosty discussion without any of the polite niceties of a normal meeting. In general though, even when people have severe disagreements, it is rare for tempers to fray. It is even rarer for those internal disagreements to spill over into public. |
2026-05-17 15:59:41+00:00 |
| Welcome to the Datasette blog |
https://datasette.io/blog/2026/new-blog/ |
We have a bunch of neat Datasette announcements in the pipeline so we decided it was time the project grew an official blog.
I built this using OpenAI Codex desktop, which turns out to have the Markdown session transcript export feature I've always wanted. Here's [the session that built the blog](https://gist.github.com/simonw/885b11eee46822622b8031a1f4e5f3a3). See also [issue 179](https://github.com/simonw/datasette.io/issues/179). |
2026-05-13 23:59:39+00:00 |