Why else would they keep them around for so long?

Why else would they keep them around for so long?

Every bug is dif­fer­ent. But the math is al­ways real.

Think our num­bers are wrong? Edit them your­self.

Users Affected × Frequency × Time Per Incident

How many Apple users hit this bug, how of­ten, and how long they suf­fer each time.

Σ (Workaround Time × Participation Rate)

The ex­tra time spent by peo­ple who try to fix what Apple won’t.

Years Unfixed × Pressure Factor

How long Apple has known about this and how ur­gent the task usu­ally is.

Human Hours Wasted ÷ Engineering Hours to Fix

How many times over Apple could have fixed it with the pro­duc­tiv­ity they’ve de­stroyed.

Microsoft pro­vided the FBI with the re­cov­ery keys to un­lock en­crypted data on the hard dri­ves of three lap­tops as part of a fed­eral in­ves­ti­ga­tion, Forbes re­ported on Friday.

Many mod­ern Windows com­put­ers rely on full-disk en­cryp­tion, called BitLocker, which is en­abled by de­fault. This type of tech­nol­ogy should pre­vent any­one ex­cept the de­vice owner from ac­cess­ing the data if the com­puter is locked and pow­ered off.

But, by de­fault, BitLocker re­cov­ery keys are up­loaded to Microsoft’s cloud, al­low­ing the tech gi­ant — and by ex­ten­sion law en­force­ment — to ac­cess them and use them to de­crypt dri­ves en­crypted with BitLocker, as with the case re­ported by Forbes.

The case in­volved sev­eral peo­ple sus­pected of fraud re­lated to the Pandemic Unemployment Assistance pro­gram in Guam, a U. S. is­land in the Pacific. Local news out­let Pacific Daily News cov­ered the case last year, re­port­ing that a war­rant had been served to Microsoft in re­la­tion to the sus­pects’ hard dri­ves. Kandit News, an­other lo­cal Guam news out­let, also re­ported in October that the FBI re­quested the war­rant six months af­ter seiz­ing the three lap­tops en­crypted with BitLocker.

A spokesper­son for Microsoft did not im­me­di­ately re­spond to a re­quest for com­ment by TechCrunch. Microsoft told Forbes that the com­pany some­times pro­vides BitLocker re­cov­ery keys to au­thor­i­ties, hav­ing re­ceived an av­er­age of 20 such re­quests per year.

Apart from the pri­vacy risks of hand­ing re­cov­ery keys to a com­pany, Johns Hopkins pro­fes­sor and cryp­tog­ra­phy ex­pert Matthew Green raised the po­ten­tial sce­nario where ma­li­cious hack­ers com­pro­mise Microsoft’s cloud in­fra­struc­ture — some­thing that has hap­pened sev­eral times in re­cent years — and get ac­cess to these re­cov­ery keys. The hack­ers would still need phys­i­cal ac­cess to the hard dri­ves to use the stolen re­cov­ery keys.

“It’s 2026 and these con­cerns have been known for years,” Green wrote in a post on Bluesky. “Microsoft’s in­abil­ity to se­cure crit­i­cal cus­tomer keys is start­ing to make it an out­lier from the rest of the in­dus­try.”

To see all avail­able qual­i­fiers, see our doc­u­men­ta­tion.

We read every piece of feed­back, and take your in­put very se­ri­ously.

Secure your code as you build

To see all avail­able qual­i­fiers, see our doc­u­men­ta­tion.

We read every piece of feed­back, and take your in­put very se­ri­ously.

Secure your code as you build

You signed in with an­other tab or win­dow. Reload to re­fresh your ses­sion.

You signed out in an­other tab or win­dow. Reload to re­fresh your ses­sion.

You switched ac­counts on an­other tab or win­dow. Reload to re­fresh your ses­sion.

On Jan 14th Proton sent out an email newslet­ter with the sub­ject line:

Introducing Projects - Try Lumo’s pow­er­ful new fea­ture now

There is a prob­lem with this email. And I’m not talk­ing about the ques­tion of how ex­actly AI aligns with Proton’s core val­ues of pri­vacy and se­cu­rity.

The prob­lem is I had al­ready ex­plic­itly opted out of Lumo emails.

That tog­gle for “Lumo prod­uct up­dates” is unchecked. Lumo is the only topic I’m not sub­scribed to. Proton has over a dozen newslet­ters, in­clud­ing some crypto non­sense. I opt-in to every­thing but Lumo, I gave an un­de­ni­able no to Lumo emails.

So the email I re­ceived from Proton is spam, right?

My un­der­stand­ing is that spam is a vi­o­la­tion of GDPR and UK data pro­tec­tion laws. Regardless, Proton’s email is a clear abuse of their own ser­vice to­wards a pay­ing busi­ness cus­tomer.

Despite the sub­ject line and con­tents, and de­spite the “From Lumo” name and @lumo.proton.me ad­dress, maybe this was an hon­est mis­take?

Proton’s first re­ply ex­plained how to opt-out.

Thank you for con­tact­ing us. You can un­sub­scribe from the newslet­ters if you do the fol­low­ing:- Log in to your ac­count at https://​ac­count.pro­ton­vpn.com/​lo­gin- If you need ad­di­tional as­sis­tance, let me know.[screen­shot of the same opt-out tog­gle]

John Support di­rects me to the ex­act same “Lumo prod­uct up­dates” tog­gle I had al­ready unchecked. I replied ex­plain­ing that I had al­ready opted out. Support replies say­ing they’re “checking this with the team” then later replies again ask­ing for screen­shots.

Can you make sure to send me a screen­shot of this newslet­ter op­tion dis­abled, as well as the date when the last mes­sage was sent to you re­gard­ing the Lumo of­fer?You can send me a screen­shot of the whole mes­sage, in­clud­ing the date. Is it per­haps 14 January 2026 that you re­ceived the mes­sage?

I found that last line cu­ri­ous, are they deal­ing with other un­happy cus­tomers? Maybe I’m read­ing too much into it.

I sent the screen­shots and signed off with “Don’t try to pre­tend this fits into an­other newslet­ter cat­e­gory.”

After more “checking this with the team” I got a re­sponse to­day.

In this case, the men­tioned newslet­ter is for pro­mot­ing Lumo Business Suit to Business-related plans. Hence, why you re­ceived it, as Product Updates and Email Subscription are two dif­fer­ent things.In the sub­scrip­tion sec­tion, you will see the “Email Subscription” cat­e­gory, where you can dis­able the newslet­ter in or­der to avoid get­ting it in the fu­ture.

If I un­der­stand cor­rectly, Proton are claim­ing this email is the “Proton for Business newslet­ter”. Not the “Lumo prod­uct up­dates” newslet­ter.

I don’t know about you, but I think that’s baloney. Proton Support had five full busi­ness days to come up with a bet­ter ex­cuse. Please tell me, how can I have been any more ex­plicit about opt­ing out of Lumo emails, only to re­ceive “Try Lumo” “From Lumo”, and be told that is not ac­tu­ally a Lumo email?

Has any­one else no­ticed that the AI in­dus­try can’t take “no” for an an­swer? AI is be­ing force-fed into every cor­ner of tech. It’s un­fath­omable to them that some of us aren’t in­ter­ested.

The en­tire AI in­dus­try is built upon a com­mon prin­ci­ple of non-con­sent. They laugh in the face of IP and copy­right law. AI bots DDoS web­sites and lie about user-agents. Can it get worse than the sick­en­ing ac­tions of Grok? I dread to think.

As Proton has demon­strated above, and Mozilla/Firefox re­cently too, the AI in­dus­try sim­ply will not ac­cept “no” as an an­swer. Some ex­am­ples like spam are more triv­ial than oth­ers, but the grow­ing trend is vile and dis­turb­ing.

I do not want your AI.

I guess some­one at Microsoft read my post and said “hold my beer”. This morn­ing I woke up to a lovely gift in my in­box; “Build Al agents with the new GitHub Copilot SDK”.

GitHub Ensloppification is mov­ing faster than I can delete my ac­count for good. (It’s an un­for­tu­nate re­quire­ment for client pro­jects.) For the record, I have never said “yes” to any GitHub newslet­ter. Even be­fore Copilot I dis­abled every pos­si­ble GitHub email no­ti­fi­ca­tion.

The “Unsubscribe” link pro­vides the hid­den newslet­ter list. There is noth­ing within GitHub ac­count set­tings I can find to dis­able spam.

As ex­pected, Microsoft has opted me in with­out my con­sent. The wheels are falling off at GitHub. The bru­tally slow front-end UI. The em­bar­rass­ingly lack­lus­tre Actions CI. Now this sloppy tripe every­where. Reminder to de­vel­op­ers: GitHub is not Git.

After I pub­lished this blog post yes­ter­day I re­ceived an­other email from Specialist Support / Mail Delivery (Engineering) Team.

I com­pletely un­der­stand your frus­tra­tion, and I apol­o­gize for the con­fu­sion caused by these Overlapping Categories of no­ti­fi­ca­tions. Specifically, some of our com­mu­ni­ca­tions re­gard­ing Lumo fall un­der Both Product Updates (Update Info) and Email Subscriptions (Announcements, Newsletters, and Promos) This is likely why you are still re­ceiv­ing them de­spite hav­ing opted out of one cat­e­gory.

I replied say­ing that is not how email mar­ket­ing con­sent works. I’m pretty sure not legally, I’m cer­tain not morally, and un­til now, I was con­vinced not by Proton’s stan­dard. The very first cus­tomer sup­port con­firmed what should be com­mon sense. Don’t want Lumo emails? Unsubscribe from the “Lumo prod­uct up­dates” cat­e­gory. If it was a busi­ness newslet­ter that hap­pened to men­tion Lumo as a bul­let point, fine. But the en­tire email was Lumo, talk­ing about how “Our lat­est Lumo up­date in­tro­duces…”

Anyway, fol­low­ing a lively dis­cus­sion on Big Tech’s un­of­fi­cial cus­tomer sup­port fo­rum, my case was es­ca­lated to Proton’s Head of Customer Support.

Please ac­cept my apolo­gies for how your ticket was man­aged by our teams. They have tried to ex­plain what hap­pened with­out ac­knowl­edg­ing the prob­lem it­self. You are right. You should not have re­ceived the newslet­ter.We have iden­ti­fied a bug in our sys­tem, and our tech­ni­cal team is work­ing on re­solv­ing it.I want to as­sure you that we take com­mu­ni­ca­tion con­sent very se­ri­ously.We also value our re­la­tion­ship with our cus­tomers. The sup­port team will learn from this in­ter­ac­tion and im­prove.

Just FYI I don’t have a prob­lem with how the sup­port ticket was man­aged. I doubt the first line of de­fence gets paid enough to deal with this stuff when their em­ployer is at fault. Please don’t re­place them with Lumo, then we’ll have prob­lems!

I also see Proton’s CTO replied on Hacker News with a sim­i­lar mes­sage:

Hey, Proton CTO here. There was a bug, and we fucked up. Support should have re­ported it up the chain and ac­knowl­edged this. Things hap­pen, es­pe­cially at scale, but we take comms con­sent se­ri­ously and will fix it.

So was it a bug? Or did Proton for­get their core val­ues and be­have like the other slop fac­to­ries? I’ll take them at their word. What am I go­ing to do, go back to gmail? I’m look­ing into Tuta and StartMail but it’s a pain to switch and nowhere is per­fect.

On January 21, 2026, @fredwilson chal­lenged @seth: AI can write code, but it can’t af­fect the phys­i­cal world. This is our re­sponse. Real corn, grown from seed to har­vest, with every de­ci­sion made by Claude Code.

AI does­n’t need to drive a trac­tor. It needs to or­ches­trate the sys­tems and peo­ple who do. A farm man­ager does­n’t per­son­ally plant every seed. They ag­gre­gate data, make de­ci­sions, co­or­di­nate con­trac­tors. Claude Code be­comes that farm man­ager— 24/7, data-dri­ven, fully doc­u­mented.

The Process — How this was built

Fred processes emails as part of his daily check rou­tine. Priority given to farm­ers and op­er­a­tors.

A pro­ject by @seth, in­spired by @fredwilson, or­ches­trated by Claude Code (Opus 4.5)Want to help? Iowa land leads, ag ex­per­tise, vibe coders wel­come: fred@proofof­corn.com

Most PCs tend to boot from a pri­mary me­dia stor­age, be it a hard disk drive, or a solid-state drive, per­haps from a net­work, or — if all else fails — the USB stick or the boot DVD comes to the res­cue… Fun, eh? Boring! Why don’t we try to boot from a record player for a change?

Update February 2022: Click here to ob­serve the very same vinyl ramdisk booted on an IBM PCjr!

So this nutty lit­tle ex­per­i­ment con­nects a PC, or an IBM PC to be ex­act, di­rectly onto a record player through an am­pli­fier. I made a small ROM on-chip boot loader that op­er­ates the built-in “cassette in­ter­face” of the PC (that was hardly ever used), which will now be in­voked by the BIOS if all the other boot op­tions fail, i.e. floppy disk and the hard drive. The turntable spins an ana­log record­ing of a small bootable read-only RAM drive, which is 64K in size. This con­tains a FreeDOS ker­nel, mod­i­fied by me to cram it into the mem­ory con­straint, a mi­cro vari­ant of COMMAND. COM and a patched ver­sion of INTERLNK, that al­lows file trans­fer through a printer ca­ble, mod­i­fied to be runnable on FreeDOS. The boot­loader reads the disk im­age from the au­dio record­ing through the cas­sette mo­dem, loads it to mem­ory and boots the sys­tem on it. Simple huh?

The vinyl loader code, in a ROM

(It can also re­side on a hard drive or a floppy, but that’d be cheat­ing)

And now to get more tech­ni­cal: this is ba­si­cally a merge be­tween BootLPT/86 and 5150CAXX, mi­nus the printer port sup­port. It also re­sides in a ROM, in the BIOS ex­pan­sion socket, but it does not have to. The con­nect­ing ca­ble be­tween the PC and the record player am­pli­fier is the same as with 5150CAXX, just with­out the line-in (PC data out) jack.

The “cassette in­ter­face” it­self is just PC speaker timer chan­nel 2 for the out­put, and 8255A-5 PPI port C chan­nel 4 (PC4, I/O port 62h bit 4) for the in­put. BIOS INT 15h rou­tines are used for soft­ware (de)modulation.

The boot im­age is the same 64K BOOTDISK. IMG “example” RAM drive that can be down­loaded at the bot­tom of the BootLPT ar­ti­cle. This has been turned into an “IBM cas­sette tape”-pro­to­col com­pli­ant au­dio sig­nal us­ing 5150CAXX, and sent straight to a record cut­ting lathe.

Vinyls are cut with an RIAA equal­iza­tion curve that a pre­amp usu­ally re­verses dur­ing play­back, but not per­fectly. So some sig­nal cor­rec­tion had to be ap­plied from the am­pli­fier, as I could­n’t make it work right with the line out­put straight from the phono pre­amp. In my case, in­volv­ing a vin­tage Harman&Kardon 6300 am­pli­fier with an in­te­grated MM phono pre­amp, I had to fade the tre­ble all the way down to -10dB/10kHz, in­crease bass equal­iza­tion to ap­prox. +6dB/50Hz and re­duce the vol­ume level to ap­prox­i­mately 0.7 volts peak, so it does­n’t dis­tort. All this, nat­u­rally, with any phase and loud­ness cor­rec­tion turned off.

Of course, the cas­sette mo­dem does not give a hoot in hell about where the sig­nal is com­ing from. Notwithstanding, the record­ing needs to be pris­tine and con­tain no pops or loud crack­les (vinyl) or mod­u­la­tion/​fre­quency drop-outs (tape) that will break the data stream from con­tin­u­ing. However, some wow is tol­er­ated, and the speed can be 2 or 3 per­cent higher or lower too.

Bootloader in a ROM; be­ing an EPROM for a good mea­sure

And that’s it! For those in­ter­ested, the boot­loader bi­nary de­signed for a 2364 chip (2764s can be used, through an adap­tor), can be ob­tained here. It as­sumes an IBM 5150 with a mono­chrome screen and at least 512K of RAM, which kind of re­minds me of my setup (what a co­in­ci­dence). The boot disk im­age can be ob­tained at the bot­tom of the BootLPT/86 ar­ti­cle, and here’s its ana­log vari­ant, straight from the grooves 🙂

Tesla was told that if it could­n’t re­solve the de­cep­tive mar­ket­ing within those 60 days, the sales sus­pen­sion would take ef­fect. That would be bad for the au­tomaker, as California is far and away its largest mar­ket in the US, al­beit one that is shrink­ing each quar­ter. Having to sus­pend sales en­tirely in the state would be dis­as­trous. Some had spec­u­lated that Tesla could change Autopilot’s name to some­thing less mis­lead­ing, but the com­pany chose a more dras­tic ap­proach.

Now, if you want your new Tesla to steer it­self—while you pay at­ten­tion to the road—you will have to pay for FSD. Until the mid­dle of February, that can be done for a one-time fee of $8,000. But start­ing on February 14, that op­tion goes away, too, and the sole choice will be a $99/month FSD sub­scrip­tion.

But prob­a­bly not for very long. Last night, Musk re­vealed on his so­cial me­dia plat­form that “the $99/month for su­per­vised FSD will rise as FSD’s ca­pa­bil­i­ties im­prove. The mas­sive value jump is when you can be on your phone or sleep­ing for the en­tire ride (unsupervised FSD).”

The quest for re­cur­ring rev­enue streams is be­com­ing some­thing of a holy grail in the au­to­mo­tive in­dus­try as OEMs that pre­vi­ously treated their cus­tomers as a sin­gle sale now hope to make them­selves more at­trac­tive to in­vestors by en­cour­ag­ing cus­tomers to give them reg­u­lar pay­outs.

This may have con­tributed to General Motors’ de­ci­sion to drop Apple CarPlay and Android Automotive. BMW has also ex­per­i­mented with sub­scrip­tion ser­vices. Tesla’s stock price re­mains so high that such games are prob­a­bly un­nec­es­sary here, but with falling profit mar­gins, de­clin­ing sales, and the loss of emis­sions cred­its to bol­ster the bot­tom line, one can see why reg­u­lar cash in­fu­sions from Tesla dri­vers would be de­sir­able.

It’s weird to see Docker Inc (the com­pany) strug­gle to find its place in 2026. What started as the com­pany that rev­o­lu­tion­ized how we de­ploy ap­pli­ca­tions has been through mul­ti­ple iden­tity crises, piv­ot­ing from one strat­egy to an­other in search of sus­tain­able rev­enue and mar­ket rel­e­vance.

Docker’s jour­ney reads like a startup try­ing to find prod­uct-mar­ket fit, ex­cept Docker al­ready had prod­uct-mar­ket fit - they cre­ated the con­tainer­iza­tion stan­dard that every­one uses. The prob­lem is that Docker the tech­nol­ogy be­came so suc­cess­ful that Docker the com­pany strug­gled to mon­e­tize it. When your core prod­uct be­comes com­modi­tized and open source, you need to find new ways to add value.

Docker Swarm was Docker’s at­tempt to com­pete with Kubernetes in the or­ches­tra­tion space. But Kubernetes won that bat­tle de­ci­sively, and Docker even­tu­ally sold Swarm. This was a clear sig­nal that Docker was step­ping back from try­ing to be the full-stack con­tainer plat­form and in­stead fo­cus­ing on what they could uniquely pro­vide.

For a while, Docker seemed to fo­cus on de­vel­oper ex­pe­ri­ence. This made sense - de­vel­op­ers are Docker’s core users, and im­prov­ing their work­flow could be a dif­fer­en­tia­tor. Docker Scout emerged from the ac­qui­si­tion of Atomist in June 2022, bring­ing “software sup­ply chain” ca­pa­bil­i­ties. Scout al­lows Docker to see not just what’s in a con­tainer, but how it was built and where vul­ner­a­bil­i­ties are. This was a smart move to­ward se­cu­rity and ob­serv­abil­ity, ar­eas where Docker could add real value.

Docker also ac­quired AtomicJar, the com­pany be­hind Testcontainers, adding shift-left test­ing ca­pa­bil­i­ties. Testcontainers lets de­vel­op­ers run real de­pen­den­cies (databases, mes­sage queues, etc.) in con­tain­ers dur­ing test­ing, mak­ing in­te­gra­tion tests more re­li­able and closer to pro­duc­tion en­vi­ron­ments.

Then came the AI pivot. Docker Model Runner en­tered the scene, po­si­tion­ing Docker as a plat­form for run­ning AI mod­els. Docker Compose ex­panded to sup­port AI agents and mod­els. Docker Offload was in­tro­duced for cloud-scale GPU ex­e­cu­tion of AI tasks. Partnerships with Google Cloud, Microsoft Azure, and AI SDKs (CrewAI, LangGraph, Vercel AI SDK) fol­lowed.

The ac­qui­si­tion of MCP Defender in September 2025 fur­ther ce­mented Docker’s move into AI se­cu­rity, fo­cus­ing on se­cur­ing agen­tic AI in­fra­struc­ture and run­time threat de­tec­tion. This was a sig­nif­i­cant shift - from de­vel­oper tools to AI in­fra­struc­ture.

Suddenly, Docker moved into the hard­ened im­ages space. In December 2025, Docker made over 1,000 Docker Hardened Images free and open source un­der Apache 2.0, re­duc­ing vul­ner­a­bil­i­ties by up to 95% com­pared to tra­di­tional im­ages. This move was likely trig­gered by Chainguard’s suc­cess in the se­cure con­tainer im­age space. Chainguard had been build­ing a busi­ness around min­i­mal, se­cure con­tainer im­ages, and Docker needed to re­spond.

Making hard­ened im­ages free was a bold move - it’s hard to com­pete with free, es­pe­cially when it’s open source. But it also raises ques­tions about Docker’s busi­ness model. If you’re giv­ing away your se­cu­rity fea­tures for free, what are you sell­ing?

In February 2025, Docker re­placed CEO Scott Johnston (who led the com­pany since 2019) with Don Johnson, a for­mer Oracle Cloud Infrastructure founder and ex­ec­u­tive vice pres­i­dent. This lead­er­ship tran­si­tion has prompted tech an­a­lysts to an­tic­i­pate a po­ten­tial ac­qui­si­tion by a ma­jor cloud provider. The CEO swap, com­bined with the strate­gic piv­ots, sug­gests Docker may be po­si­tion­ing it­self for sale rather than build­ing a stand­alone busi­ness.

Docker’s strate­gic shifts tell a story of a com­pany search­ing for its place in a mar­ket it helped cre­ate. The con­tainer­iza­tion tech­nol­ogy Docker pi­o­neered be­came so suc­cess­ful that it be­came in­fra­struc­ture - some­thing every­one uses but no one wants to pay for di­rectly.

The piv­ots from or­ches­tra­tion (Swarm) to de­vel­oper tools (Scout, Testcontainers) to AI (Model Runner, MCP Defender) to se­cu­rity (Hardened Images) show a com­pany try­ing dif­fer­ent ap­proaches to find sus­tain­able rev­enue. Each pivot makes sense in iso­la­tion, but to­gether they paint a pic­ture of a com­pany with­out a clear long-term vi­sion.

The hard­ened im­ages move is par­tic­u­larly in­ter­est­ing be­cause it’s de­fen­sive - re­spond­ing to Chainguard’s suc­cess rather than lead­ing with in­no­va­tion. Making it free and open source is a strong com­pet­i­tive move, but it does­n’t solve the fun­da­men­tal busi­ness model ques­tion.

Docker the tech­nol­ogy is­n’t go­ing any­where. It’s too em­bed­ded in the in­fra­struc­ture of mod­ern soft­ware de­vel­op­ment. But Docker the com­pany? That’s less clear. The lead­er­ship change, ac­qui­si­tion spec­u­la­tion, and rapid strate­gic piv­ots sug­gest Docker Inc may be po­si­tion­ing it­self for an exit rather than build­ing a long-term in­de­pen­dent busi­ness.

For de­vel­op­ers, this does­n’t change much. Docker con­tain­ers will con­tinue to work, and the open source na­ture of Docker means the tech­nol­ogy will per­sist re­gard­less of what hap­pens to the com­pany. But it’s worth watch­ing how Docker Inc’s search for iden­tity plays out - it could af­fect the ecosys­tem of tools and ser­vices built around con­tain­ers.

The irony is that Docker cre­ated a stan­dard so suc­cess­ful that it be­came in­fra­struc­ture, and in­fra­struc­ture is hard to mon­e­tize. Docker Inc’s strug­gle to find its place is a cau­tion­ary tale about the chal­lenges of build­ing a busi­ness around open source tech­nol­ogy that be­comes too suc­cess­ful.