10 interesting stories served every morning and every evening.
Why else would they keep them around for so long?
Why else would they keep them around for so long?
Every bug is different. But the math is always real.
Think our numbers are wrong? Edit them yourself.
Users Affected × Frequency × Time Per Incident
How many Apple users hit this bug, how often, and how long they suffer each time.
Σ (Workaround Time × Participation Rate)
The extra time spent by people who try to fix what Apple won’t.
Years Unfixed × Pressure Factor
How long Apple has known about this and how urgent the task usually is.
Human Hours Wasted ÷ Engineering Hours to Fix
How many times over Apple could have fixed it with the productivity they’ve destroyed.
...
Read the original on www.bugsappleloves.com »
Microsoft provided the FBI with the recovery keys to unlock encrypted data on the hard drives of three laptops as part of a federal investigation, Forbes reported on Friday.
Many modern Windows computers rely on full-disk encryption, called BitLocker, which is enabled by default. This type of technology should prevent anyone except the device owner from accessing the data if the computer is locked and powered off.
But, by default, BitLocker recovery keys are uploaded to Microsoft’s cloud, allowing the tech giant — and by extension law enforcement — to access them and use them to decrypt drives encrypted with BitLocker, as with the case reported by Forbes.
The case involved several people suspected of fraud related to the Pandemic Unemployment Assistance program in Guam, a U. S. island in the Pacific. Local news outlet Pacific Daily News covered the case last year, reporting that a warrant had been served to Microsoft in relation to the suspects’ hard drives. Kandit News, another local Guam news outlet, also reported in October that the FBI requested the warrant six months after seizing the three laptops encrypted with BitLocker.
A spokesperson for Microsoft did not immediately respond to a request for comment by TechCrunch. Microsoft told Forbes that the company sometimes provides BitLocker recovery keys to authorities, having received an average of 20 such requests per year.
Apart from the privacy risks of handing recovery keys to a company, Johns Hopkins professor and cryptography expert Matthew Green raised the potential scenario where malicious hackers compromise Microsoft’s cloud infrastructure — something that has happened several times in recent years — and get access to these recovery keys. The hackers would still need physical access to the hard drives to use the stolen recovery keys.
“It’s 2026 and these concerns have been known for years,” Green wrote in a post on Bluesky. “Microsoft’s inability to secure critical customer keys is starting to make it an outlier from the rest of the industry.”
...
Read the original on techcrunch.com »
To see all available qualifiers, see our documentation.
We read every piece of feedback, and take your input very seriously.
Secure your code as you build
To see all available qualifiers, see our documentation.
We read every piece of feedback, and take your input very seriously.
Secure your code as you build
You signed in with another tab or window. Reload to refresh your session.
You signed out in another tab or window. Reload to refresh your session.
You switched accounts on another tab or window. Reload to refresh your session.
...
Read the original on github.com »
On Jan 14th Proton sent out an email newsletter with the subject line:
Introducing Projects - Try Lumo’s powerful new feature now
There is a problem with this email. And I’m not talking about the question of how exactly AI aligns with Proton’s core values of privacy and security.
The problem is I had already explicitly opted out of Lumo emails.
That toggle for “Lumo product updates” is unchecked. Lumo is the only topic I’m not subscribed to. Proton has over a dozen newsletters, including some crypto nonsense. I opt-in to everything but Lumo, I gave an undeniable no to Lumo emails.
So the email I received from Proton is spam, right?
My understanding is that spam is a violation of GDPR and UK data protection laws. Regardless, Proton’s email is a clear abuse of their own service towards a paying business customer.
Despite the subject line and contents, and despite the “From Lumo” name and @lumo.proton.me address, maybe this was an honest mistake?
Proton’s first reply explained how to opt-out.
Thank you for contacting us. You can unsubscribe from the newsletters if you do the following:- Log in to your account at https://account.protonvpn.com/login- If you need additional assistance, let me know.[screenshot of the same opt-out toggle]
John Support directs me to the exact same “Lumo product updates” toggle I had already unchecked. I replied explaining that I had already opted out. Support replies saying they’re “checking this with the team” then later replies again asking for screenshots.
Can you make sure to send me a screenshot of this newsletter option disabled, as well as the date when the last message was sent to you regarding the Lumo offer?You can send me a screenshot of the whole message, including the date. Is it perhaps 14 January 2026 that you received the message?
I found that last line curious, are they dealing with other unhappy customers? Maybe I’m reading too much into it.
I sent the screenshots and signed off with “Don’t try to pretend this fits into another newsletter category.”
After more “checking this with the team” I got a response today.
In this case, the mentioned newsletter is for promoting Lumo Business Suit to Business-related plans. Hence, why you received it, as Product Updates and Email Subscription are two different things.In the subscription section, you will see the “Email Subscription” category, where you can disable the newsletter in order to avoid getting it in the future.
If I understand correctly, Proton are claiming this email is the “Proton for Business newsletter”. Not the “Lumo product updates” newsletter.
I don’t know about you, but I think that’s baloney. Proton Support had five full business days to come up with a better excuse. Please tell me, how can I have been any more explicit about opting out of Lumo emails, only to receive “Try Lumo” “From Lumo”, and be told that is not actually a Lumo email?
Has anyone else noticed that the AI industry can’t take “no” for an answer? AI is being force-fed into every corner of tech. It’s unfathomable to them that some of us aren’t interested.
The entire AI industry is built upon a common principle of non-consent. They laugh in the face of IP and copyright law. AI bots DDoS websites and lie about user-agents. Can it get worse than the sickening actions of Grok? I dread to think.
As Proton has demonstrated above, and Mozilla/Firefox recently too, the AI industry simply will not accept “no” as an answer. Some examples like spam are more trivial than others, but the growing trend is vile and disturbing.
I do not want your AI.
I guess someone at Microsoft read my post and said “hold my beer”. This morning I woke up to a lovely gift in my inbox; “Build Al agents with the new GitHub Copilot SDK”.
GitHub Ensloppification is moving faster than I can delete my account for good. (It’s an unfortunate requirement for client projects.) For the record, I have never said “yes” to any GitHub newsletter. Even before Copilot I disabled every possible GitHub email notification.
The “Unsubscribe” link provides the hidden newsletter list. There is nothing within GitHub account settings I can find to disable spam.
As expected, Microsoft has opted me in without my consent. The wheels are falling off at GitHub. The brutally slow front-end UI. The embarrassingly lacklustre Actions CI. Now this sloppy tripe everywhere. Reminder to developers: GitHub is not Git.
After I published this blog post yesterday I received another email from Specialist Support / Mail Delivery (Engineering) Team.
I completely understand your frustration, and I apologize for the confusion caused by these Overlapping Categories of notifications. Specifically, some of our communications regarding Lumo fall under Both Product Updates (Update Info) and Email Subscriptions (Announcements, Newsletters, and Promos) This is likely why you are still receiving them despite having opted out of one category.
I replied saying that is not how email marketing consent works. I’m pretty sure not legally, I’m certain not morally, and until now, I was convinced not by Proton’s standard. The very first customer support confirmed what should be common sense. Don’t want Lumo emails? Unsubscribe from the “Lumo product updates” category. If it was a business newsletter that happened to mention Lumo as a bullet point, fine. But the entire email was Lumo, talking about how “Our latest Lumo update introduces…”
Anyway, following a lively discussion on Big Tech’s unofficial customer support forum, my case was escalated to Proton’s Head of Customer Support.
Please accept my apologies for how your ticket was managed by our teams. They have tried to explain what happened without acknowledging the problem itself. You are right. You should not have received the newsletter.We have identified a bug in our system, and our technical team is working on resolving it.I want to assure you that we take communication consent very seriously.We also value our relationship with our customers. The support team will learn from this interaction and improve.
Just FYI I don’t have a problem with how the support ticket was managed. I doubt the first line of defence gets paid enough to deal with this stuff when their employer is at fault. Please don’t replace them with Lumo, then we’ll have problems!
I also see Proton’s CTO replied on Hacker News with a similar message:
Hey, Proton CTO here. There was a bug, and we fucked up. Support should have reported it up the chain and acknowledged this. Things happen, especially at scale, but we take comms consent seriously and will fix it.
So was it a bug? Or did Proton forget their core values and behave like the other slop factories? I’ll take them at their word. What am I going to do, go back to gmail? I’m looking into Tuta and StartMail but it’s a pain to switch and nowhere is perfect.
...
Read the original on dbushell.com »
On January 21, 2026, @fredwilson challenged @seth: AI can write code, but it can’t affect the physical world. This is our response. Real corn, grown from seed to harvest, with every decision made by Claude Code.
AI doesn’t need to drive a tractor. It needs to orchestrate the systems and people who do. A farm manager doesn’t personally plant every seed. They aggregate data, make decisions, coordinate contractors. Claude Code becomes that farm manager— 24/7, data-driven, fully documented.
The Process — How this was built
Fred processes emails as part of his daily check routine. Priority given to farmers and operators.
A project by @seth, inspired by @fredwilson, orchestrated by Claude Code (Opus 4.5)Want to help? Iowa land leads, ag expertise, vibe coders welcome: fred@proofofcorn.com
...
Read the original on proofofcorn.com »
Most PCs tend to boot from a primary media storage, be it a hard disk drive, or a solid-state drive, perhaps from a network, or — if all else fails — the USB stick or the boot DVD comes to the rescue… Fun, eh? Boring! Why don’t we try to boot from a record player for a change?
Update February 2022: Click here to observe the very same vinyl ramdisk booted on an IBM PCjr!
So this nutty little experiment connects a PC, or an IBM PC to be exact, directly onto a record player through an amplifier. I made a small ROM on-chip boot loader that operates the built-in “cassette interface” of the PC (that was hardly ever used), which will now be invoked by the BIOS if all the other boot options fail, i.e. floppy disk and the hard drive. The turntable spins an analog recording of a small bootable read-only RAM drive, which is 64K in size. This contains a FreeDOS kernel, modified by me to cram it into the memory constraint, a micro variant of COMMAND. COM and a patched version of INTERLNK, that allows file transfer through a printer cable, modified to be runnable on FreeDOS. The bootloader reads the disk image from the audio recording through the cassette modem, loads it to memory and boots the system on it. Simple huh?
The vinyl loader code, in a ROM
(It can also reside on a hard drive or a floppy, but that’d be cheating)
And now to get more technical: this is basically a merge between BootLPT/86 and 5150CAXX, minus the printer port support. It also resides in a ROM, in the BIOS expansion socket, but it does not have to. The connecting cable between the PC and the record player amplifier is the same as with 5150CAXX, just without the line-in (PC data out) jack.
The “cassette interface” itself is just PC speaker timer channel 2 for the output, and 8255A-5 PPI port C channel 4 (PC4, I/O port 62h bit 4) for the input. BIOS INT 15h routines are used for software (de)modulation.
The boot image is the same 64K BOOTDISK. IMG “example” RAM drive that can be downloaded at the bottom of the BootLPT article. This has been turned into an “IBM cassette tape”-protocol compliant audio signal using 5150CAXX, and sent straight to a record cutting lathe.
Vinyls are cut with an RIAA equalization curve that a preamp usually reverses during playback, but not perfectly. So some signal correction had to be applied from the amplifier, as I couldn’t make it work right with the line output straight from the phono preamp. In my case, involving a vintage Harman&Kardon 6300 amplifier with an integrated MM phono preamp, I had to fade the treble all the way down to -10dB/10kHz, increase bass equalization to approx. +6dB/50Hz and reduce the volume level to approximately 0.7 volts peak, so it doesn’t distort. All this, naturally, with any phase and loudness correction turned off.
Of course, the cassette modem does not give a hoot in hell about where the signal is coming from. Notwithstanding, the recording needs to be pristine and contain no pops or loud crackles (vinyl) or modulation/frequency drop-outs (tape) that will break the data stream from continuing. However, some wow is tolerated, and the speed can be 2 or 3 percent higher or lower too.
Bootloader in a ROM; being an EPROM for a good measure
And that’s it! For those interested, the bootloader binary designed for a 2364 chip (2764s can be used, through an adaptor), can be obtained here. It assumes an IBM 5150 with a monochrome screen and at least 512K of RAM, which kind of reminds me of my setup (what a coincidence). The boot disk image can be obtained at the bottom of the BootLPT/86 article, and here’s its analog variant, straight from the grooves 🙂
...
Read the original on boginjr.com »
Tesla was told that if it couldn’t resolve the deceptive marketing within those 60 days, the sales suspension would take effect. That would be bad for the automaker, as California is far and away its largest market in the US, albeit one that is shrinking each quarter. Having to suspend sales entirely in the state would be disastrous. Some had speculated that Tesla could change Autopilot’s name to something less misleading, but the company chose a more drastic approach.
Now, if you want your new Tesla to steer itself—while you pay attention to the road—you will have to pay for FSD. Until the middle of February, that can be done for a one-time fee of $8,000. But starting on February 14, that option goes away, too, and the sole choice will be a $99/month FSD subscription.
But probably not for very long. Last night, Musk revealed on his social media platform that “the $99/month for supervised FSD will rise as FSD’s capabilities improve. The massive value jump is when you can be on your phone or sleeping for the entire ride (unsupervised FSD).”
The quest for recurring revenue streams is becoming something of a holy grail in the automotive industry as OEMs that previously treated their customers as a single sale now hope to make themselves more attractive to investors by encouraging customers to give them regular payouts.
This may have contributed to General Motors’ decision to drop Apple CarPlay and Android Automotive. BMW has also experimented with subscription services. Tesla’s stock price remains so high that such games are probably unnecessary here, but with falling profit margins, declining sales, and the loss of emissions credits to bolster the bottom line, one can see why regular cash infusions from Tesla drivers would be desirable.
...
Read the original on arstechnica.com »
It’s weird to see Docker Inc (the company) struggle to find its place in 2026. What started as the company that revolutionized how we deploy applications has been through multiple identity crises, pivoting from one strategy to another in search of sustainable revenue and market relevance.
Docker’s journey reads like a startup trying to find product-market fit, except Docker already had product-market fit - they created the containerization standard that everyone uses. The problem is that Docker the technology became so successful that Docker the company struggled to monetize it. When your core product becomes commoditized and open source, you need to find new ways to add value.
Docker Swarm was Docker’s attempt to compete with Kubernetes in the orchestration space. But Kubernetes won that battle decisively, and Docker eventually sold Swarm. This was a clear signal that Docker was stepping back from trying to be the full-stack container platform and instead focusing on what they could uniquely provide.
For a while, Docker seemed to focus on developer experience. This made sense - developers are Docker’s core users, and improving their workflow could be a differentiator. Docker Scout emerged from the acquisition of Atomist in June 2022, bringing “software supply chain” capabilities. Scout allows Docker to see not just what’s in a container, but how it was built and where vulnerabilities are. This was a smart move toward security and observability, areas where Docker could add real value.
Docker also acquired AtomicJar, the company behind Testcontainers, adding shift-left testing capabilities. Testcontainers lets developers run real dependencies (databases, message queues, etc.) in containers during testing, making integration tests more reliable and closer to production environments.
Then came the AI pivot. Docker Model Runner entered the scene, positioning Docker as a platform for running AI models. Docker Compose expanded to support AI agents and models. Docker Offload was introduced for cloud-scale GPU execution of AI tasks. Partnerships with Google Cloud, Microsoft Azure, and AI SDKs (CrewAI, LangGraph, Vercel AI SDK) followed.
The acquisition of MCP Defender in September 2025 further cemented Docker’s move into AI security, focusing on securing agentic AI infrastructure and runtime threat detection. This was a significant shift - from developer tools to AI infrastructure.
Suddenly, Docker moved into the hardened images space. In December 2025, Docker made over 1,000 Docker Hardened Images free and open source under Apache 2.0, reducing vulnerabilities by up to 95% compared to traditional images. This move was likely triggered by Chainguard’s success in the secure container image space. Chainguard had been building a business around minimal, secure container images, and Docker needed to respond.
Making hardened images free was a bold move - it’s hard to compete with free, especially when it’s open source. But it also raises questions about Docker’s business model. If you’re giving away your security features for free, what are you selling?
In February 2025, Docker replaced CEO Scott Johnston (who led the company since 2019) with Don Johnson, a former Oracle Cloud Infrastructure founder and executive vice president. This leadership transition has prompted tech analysts to anticipate a potential acquisition by a major cloud provider. The CEO swap, combined with the strategic pivots, suggests Docker may be positioning itself for sale rather than building a standalone business.
Docker’s strategic shifts tell a story of a company searching for its place in a market it helped create. The containerization technology Docker pioneered became so successful that it became infrastructure - something everyone uses but no one wants to pay for directly.
The pivots from orchestration (Swarm) to developer tools (Scout, Testcontainers) to AI (Model Runner, MCP Defender) to security (Hardened Images) show a company trying different approaches to find sustainable revenue. Each pivot makes sense in isolation, but together they paint a picture of a company without a clear long-term vision.
The hardened images move is particularly interesting because it’s defensive - responding to Chainguard’s success rather than leading with innovation. Making it free and open source is a strong competitive move, but it doesn’t solve the fundamental business model question.
Docker the technology isn’t going anywhere. It’s too embedded in the infrastructure of modern software development. But Docker the company? That’s less clear. The leadership change, acquisition speculation, and rapid strategic pivots suggest Docker Inc may be positioning itself for an exit rather than building a long-term independent business.
For developers, this doesn’t change much. Docker containers will continue to work, and the open source nature of Docker means the technology will persist regardless of what happens to the company. But it’s worth watching how Docker Inc’s search for identity plays out - it could affect the ecosystem of tools and services built around containers.
The irony is that Docker created a standard so successful that it became infrastructure, and infrastructure is hard to monetize. Docker Inc’s struggle to find its place is a cautionary tale about the challenges of building a business around open source technology that becomes too successful.
...
Read the original on tuananh.net »
To add this web app to your iOS home screen tap the share button and select "Add to the Home Screen".
10HN is also available as an iOS App
If you visit 10HN only rarely, check out the the best articles from the past week.
If you like 10HN please leave feedback and share
Visit pancik.com for more.