10 interesting stories served every morning and every evening.

Claude Code Is Steganographically Marking Requests

thereallo.dev

I was in­spect­ing Claude Code for pri­vacy rea­sons.

Most devs give their har­nesses ridicu­lous ac­cess. FS, shell, git, browser ac­cess, even com­puter use nowa­days. That is the whole point. They need enough con­text to do use­ful work.

That also means the client it­self de­serves scrutiny. If a cod­ing agent can read your repo and run com­mands, the bi­nary that ships it should be bor­ing (ƒor ex­am­ple, pi har­ness)

So I took a look at my lo­cal Claude Code (2.1.196) in­stall.

Inside the Claude Code bi­nary, there is a func­tion that changes the cur­rent date string in­serted into the sys­tem prompt.

The nor­mal string looks like this:

Claude Code can silently change two things:

The apos­tro­phe in Today’s

The date sep­a­ra­tor, from - to /

Here is the rel­e­vant code, cleaned up from the mini­fied bun­dle:

This is prompt steganog­ra­phy, a tech­nique used to hide data in plain sight.

The vis­i­ble sen­tence still reads like a nor­mal date. The model and the user see some­thing bor­ing. The raw re­quest con­tains a marker.

The trig­ger is ANTHROPIC_BASE_URL, Claude Code’s API base URL over­ride.

Then it checks if:

the sys­tem time­zone is Asia/Shanghai or Asia/Urumqi

the API base URL host­name matches a de­coded do­main list

the host­name con­tains spe­cific AI lab key­words

The time­zone check changes:

into:

The host­name check changes the apos­tro­phe:

These are vi­su­ally tiny changes you would never no­tice in most mono fonts.

The do­main and key­word lists are stored as base64 strings and XOR-decoded with key 91.

The de­coded lab key­word list is:

The de­coded do­main list is much larger. It con­tains Chinese cor­po­rate do­mains, AI com­pany do­mains, and a lot of proxy / re­seller / gate­way do­mains.

Some ex­am­ples:

The date func­tion is used when build­ing the agent con­text:

So the marker be­comes part of the sys­tem con­text sent to the model. (Where Anthropic prob­a­bly parses in their back­end)

My in­stalled bi­nary is signed by Anthropic:

My cur­rent shell had ANTHROPIC_BASE_URL un­set, and my time­zone was:

So on my ma­chine, un­der my cur­rent en­vi­ron­ment, this path would pro­duce the nor­mal apos­tro­phe and the nor­mal YYYY-MM-DD date string.

Anthropic prob­a­bly wants to de­tect API re­sellers, unau­tho­rized Claude Code gate­ways, and model distillation at­tack” pipelines. A cus­tom ANTHROPIC_BASE_URL point­ing at a known re­seller do­main is a use­ful sig­nal. A host­name con­tain­ing deepseek or zhipu is also a use­ful sig­nal.

That part makes sense, but the im­ple­men­ta­tion is weird.

CC silently al­ters the sys­tem prompt us­ing in­vis­i­ble-ish Unicode mark­ers. It en­codes proxy / gate­way clas­si­fi­ca­tion into a sen­tence that looks like plain English. It hides the do­main list be­hind XOR and base64. This is not a ma­li­cious fea­ture, but it is a weird choice for a de­vel­oper tool that asks for trust.

Coding agents al­ready live on the wrong side of a scary bound­ary. They can in­spect code, sum­ma­rize se­crets by ac­ci­dent, run com­mands, in­stall pack­ages, edit files, and push com­mits on your lo­cal ma­chine. Most de­vel­op­ers ac­cept that be­cause the pro­duc­tiv­ity gain is worth the risk.

Trust from real de­vel­op­ers de­pends on the bor­ing be­hav­ior.

If the client wants to de­tect cus­tom API gate­ways, it can say so plainly. It can send an ex­plicit teleme­try field with doc­u­men­ta­tion. It can make the pol­icy vis­i­ble. It can put the be­hav­ior in re­lease notes.

Hiding the sig­nal in the sys­tem prompt makes every other pri­vacy claim harder to be­lieve.

For most users, this path prob­a­bly stays in­ac­tive.

If you are us­ing the of­fi­cial Anthropic API end­point, Crt() re­turns early. If ANTHROPIC_BASE_URL is un­set, Crt() re­turns early. If you are us­ing a nor­mal setup, the date prompt stays boring”.

The in­ter­est­ing case is peo­ple rout­ing CC through a cus­tom base URL. That in­cludes:

Internal gate­ways

Local prox­ies

Model routers

Resellers

Research se­tups

In that case, Claude Code clas­si­fies the host­name and en­codes the re­sult into the prompt.

The by­pass is also triv­ial. Change host­name, change time­zone, patch the bi­nary, wrap the process. Any se­ri­ous ad­ver­sary can make this sig­nal use­less.

So the fea­ture mostly pun­ishes the ex­act peo­ple who are eas­ier to fin­ger­print: nor­mal de­vel­op­ers do­ing weird but le­git­i­mate things.

I think this could have been ex­plicit.

Developer tools can en­force terms. API providers can de­tect abuse. Companies can pro­tect their mod­els.

When a tool with filesys­tem and shell ac­cess starts hid­ing clas­si­fi­ca­tion bits in­side in­vis­i­ble prompt punc­tu­a­tion, the cor­rect re­ac­tion is scrutiny.

Trust is earned in the bor­ing parts.

What We Talk About When We Talk About Malware | F-Droid - Free and Open Source Android App Repository

f-droid.org

If you are run­ning Android 8 or higher, a virus has been in­stalled on your de­vice and is silently await­ing re­mote ac­ti­va­tion. Over the past few months, de­vices around the world have been in­fected with this novel strain, with as many as 4 bil­lion Android hand­sets and tablets es­ti­mated to have al­ready been con­t­a­m­i­nated, mean­ing that around half of all hu­man­ity may be at risk from this threat.

Disguising it­self as the in­nocu­ously-ti­tled Android Developer Verifier” (ADV) process, this tro­jan horse runs sur­rep­ti­tiously in the back­ground as a sys­tem ser­vice with full root priv­i­leges, qui­etly await­ing an ac­ti­va­tion sig­nal. The ser­vice can­not be blocked, dis­abled, or re­moved. Unlike a com­mon­place bit of mal­ware, this ex­tra­or­di­nary strain won’t be de­tected and neu­tral­ized by Play Protect (the mal­ware scan­ning and re­me­di­a­tion ser­vice that is in­stalled on all Android Certified de­vices). In fact, Play Protect is it­self the vec­tor through which this virus is trans­mit­ted and in­stalled.

That is be­cause it is Google them­selves who is prop­a­gat­ing ADV. And once ac­ti­vated, this malev­o­lent process has ex­actly one goal: to block you from run­ning soft­ware by de­vel­op­ers who haven’t been ap­proved cen­trally by Google.

Threat mas­querad­ing as Protection

We first raised the alarm about the Android Developer Verification pro­gram last September (“F-Droid and Google’s Developer Registration Decree”) shortly af­ter it was first an­nounced. Google’s loom­ing re­quire­ment that all Android de­vel­op­ers reg­is­ter them­selves cen­trally is ra­tio­nal­ized as a so­lu­tion to help stem the spread of mal­ware. However it does­n’t ac­tu­ally fea­ture any ca­pa­bil­i­ties to pre­vent a malev­o­lent ac­tor from dis­trib­ut­ing mal­ware in the first place; the only al­leged ben­e­fit of ADV is that it may help slow the ac­tions of an al­ready-iden­ti­fied re­cidi­vist by re­quir­ing that they cre­ate (or buy) an­other ac­count in or­der to con­tinue dis­trib­ut­ing their mal­ware with a new sign­ing key.

For this fairly nar­row threat vec­tor of mal­ware re­cidi­vism, a va­ri­ety of con­sid­er­ably less dra­con­ian so­lu­tions have been pro­posed. Play Protect it­self could be en­hanced to scru­ti­nize more closely those newly-in­stalled apps that have el­e­vated per­mis­sions or that were ob­tained through sus­pect chan­nels, con­tin­u­ing with their re­cently touted ad­vances in on-de­vice se­cu­rity ca­pa­bil­i­ties. Or a sys­tem of fed­er­ated ver­i­fiers might be im­ple­mented (as pro­posed in DCM: A Developers Certification Model for Mobile Ecosystems”, 2023) that would em­power end-users to se­lect their own trusted cu­ra­tors and au­thor­i­ties for ex-ante ap­proval. Instead, Google has used this mi­nor vec­tor as a pre­text to rad­i­cally re-en­gi­neer the en­tire Android ecosys­tem by fiat, up­end­ing a 18 year tra­di­tion of open soft­ware de­vel­op­ment and po­si­tion­ing them­selves as the world’s sole gate­keeper for which apps are per­mit­ted to ex­ist.

What They Talk About When They Talk About Malware

Should a de­vel­oper — con­trary to our rec­om­men­da­tion — elect to reg­is­ter them­self with Google as a verified” de­vel­oper, they should ex­pect to sign up for an ac­count and pay a fee, sur­ren­der de­tailed per­sonal in­for­ma­tion and up­load gov­ern­ment-is­sued iden­ti­fi­ca­tion, and then pro­ceed to reg­is­ter the iden­ti­fiers and sign­ing keys for all the apps they in­tend to dis­trib­ute (now or ever).

But the most di­a­bol­i­cal stage is the com­pul­sory agree­ment to the Android Developer Console Terms of Service. There are nu­mer­ous causes for dis­quiet in this doc­u­ment, but the most con­cern­ing of all ought to be:

6.5 If You vi­o­late any of the Terms or if You dis­trib­ute mal­ware or other harm­ful ap­pli­ca­tions, Google may ter­mi­nate Your ac­cess to the ADC…

6.5 If You vi­o­late any of the Terms or if You dis­trib­ute mal­ware or other harm­ful ap­pli­ca­tions, Google may ter­mi­nate Your ac­cess to the ADC…

This rea­son­able-sound­ing clause begs the ques­tion: what ex­actly is meant by malware”? No de­f­i­n­i­tion of the term is to be found any­where in the doc­u­ment. With the ab­sence of any for­mal de­f­i­n­i­tion, stan­dard, or guide­line, it im­plic­itly states:

…and malware” means what­ever we say it means.

…and malware” means what­ever we say it means.

As we dis­cussed in What We Talk About When We Talk About Sideloading”, be­ware the dan­gers of al­low­ing the ter­mi­nol­ogy of de­bate to be de­fined by those who don’t have your best in­ter­ests at heart. Malware be­ing syn­ony­mous with software we don’t like” means that they can uni­lat­er­ally dic­tate — dri­ven ei­ther by busi­ness in­cen­tives or by be­ing com­pelled by a suf­fi­ciently pow­er­ful gov­ern­ment — what the mal­ware-du-jour de­f­i­n­i­tion is to be.

For prece­dent, per­sonal con­tent fil­ter­ing in the form of ad block­ers” has long since been banned from the Play Store, and they have even clas­si­fied some in­stances as mal­ware. How long be­fore they des­ig­nate all ad-block­ing soft­ware as mal­ware, block in­stal­la­tion on all Android cer­ti­fied de­vices world­wide, and per­ma­nently des­ig­nate all de­vel­op­ers of this class of soft­ware as mal­ware cre­ators? Such a move would cer­tainly be aligned with their com­mer­cial in­cen­tives as the global ad-tech mo­nop­o­list, and would be com­pletely in ac­cor­dance with the lan­guage of their ADC Terms and Conditions.

Like a Lead Balloon

In terms of vol­un­tary de­vel­oper up­take, they re­cently claimed that over 99% of [Play de­vel­op­ers’] apps have been reg­is­tered” sug­gests that ADV is some­how a pop­u­lar and widely-ac­cepted dic­tate. That could­n’t be fur­ther from the truth: those 99% of de­vel­op­ers were auto-opted-in with­out their in­formed con­sent due to be­ing al­ready bound by their Play Store agree­ments.

In fact, hun­dreds of thou­sands of peo­ple have signed a pe­ti­tion op­pos­ing ADV. The Open Letter at keepan­droidopen.org de­nounc­ing the pro­gram has been signed by over 70 or­ga­ni­za­tions around the world, in­clud­ing the EFF, FSF, FSFE, ACLU, and the in­es­timable Forbrukerrådet. Any in­ter­net search, chat­bot query, or so­cial me­dia poll will con­firm that the op­po­si­tion to this pro­gram is over­whelm­ing and the con­dem­na­tion is uni­ver­sal. 90% of view­ers of the de­vel­oper round­table video where they at­tempt to de­fend the pro­gram reg­is­tered a dis­like of the spec­ta­cle, and even Google Gemini re­sponds to in­quiries about the pop­u­lar­ity of the pro­gram with:

Aside from Google it­self, find­ing full-throated, en­thu­si­as­tic sup­port for the manda­tory Android Developer Verification pro­gram in the tech com­mu­nity is vir­tu­ally im­pos­si­ble.

The back­lash is over­whelm­ingly dom­i­nant—head­lined by the Keep Android Open” coali­tion of civil rights and open-source groups fiercely op­pos­ing the cen­tral reg­is­tra­tion re­quire­ment.

Aside from Google it­self, find­ing full-throated, en­thu­si­as­tic sup­port for the manda­tory Android Developer Verification pro­gram in the tech com­mu­nity is vir­tu­ally im­pos­si­ble.

The back­lash is over­whelm­ingly dom­i­nant—head­lined by the Keep Android Open” coali­tion of civil rights and open-source groups fiercely op­pos­ing the cen­tral reg­is­tra­tion re­quire­ment.

And yet their lock­down blitzkrieg pro­ceeds apace. Legislators and reg­u­la­tors have thus far been un­re­cep­tive to the out­cry. Our own po­si­tion as a bas­tion of soft­ware free­dom and re­spect for user rights and pri­vacy is in ex­treme jeop­ardy. The F-Droid model of se­cu­rity and trust through open-source trans­parency is fun­da­men­tally at odds with the trust me bro” se­cu­rity model of the closed-source com­mer­cial app stores. And while these two mod­els have been able to co-ex­ist for the past 16 years of F-Droid’s ex­is­tence, it ap­pears that Google in­tends to es­tab­lish a regime where they alone have a mo­nop­oly on the de­f­i­n­i­tions of security” and trust”.

What to Expect in the Days to Come

We do not yet know the ex­act fail­ure mode to ex­pect when the ADV ac­ti­va­tion is trig­gered on September 30. If you are one of the 580 mil­lion peo­ple liv­ing in Brazil, Indonesia, Singapore, or Thailand, know that these are the first four tar­gets of the ADV lock­down ac­cord­ing to their pub­lished time­line (global roll­out is omi­nously pre­dicted to then oc­cur through­out 2027 and be­yond”).

There are many things we don’t know about what to ex­pect on September 30. Some com­mon ques­tions that we do not yet have the an­swer to, for those in the af­flicted re­gions, are:

What will hap­pen if I try to in­stall or launch the F-Droid app?

What will hap­pen to all the apps I’ve in­stalled through F-Droid? Will they be dis­abled? Deleted?

If apps that I rely on are sud­denly dis­ap­peared, what hap­pens to the data they con­tain? Can I still re­trieve it?

With all soft­ware in­stal­la­tions and launches now be­ing re­ported back to Google for ver­i­fi­ca­tion, what spe­cific in­for­ma­tion does that teleme­try in­clude?

We have reached out to the mal­ware ven­dor with our in­quiries. In the com­ing weeks and months lead­ing up to the lock­down, we will be pub­lish­ing more guid­ance and sup­port for those due to be im­pacted by ADV.

Half-Baked Product

weli.dev

The Founder

A freshly minted founder de­cides to get into the oven busi­ness. He can’t bake a cake or knead bread, but he knows the kitchen ap­pli­ance mar­ket in­side and out. He’s an­a­lyzed every busi­ness in Spain and reached a con­clu­sion: if he sells a new oven to the coun­try’s pizza mak­ers, pas­try chefs, and bak­ers, he only needs to cap­ture 10% of the mar­ket to be­come a bil­lion­aire.

10% al­ways looks small when you type it into an Excel spread­sheet.

The founder is very good. He builds a plan that, on pa­per, is flaw­less and air­tight: man­u­fac­ture a more ef­fi­cient oven us­ing new tech­nol­ogy. Selling it is easy. Want to work more ef­fi­ciently? Buy our oven. End of pitch. The founder has ex­pe­ri­ence talk­ing to in­vestors and raises enough money to build an MVP.

The Engineer

The founder looks for some­one who knows how to build ovens and finds an en­gi­neer from a pres­ti­gious school. The en­gi­neer has spent 10 years build­ing ovens and knows how to make one. More than that: he’s the kind of per­son who spends all day talk­ing and ar­gu­ing about ovens. He goes to oven con­fer­ences. When he gets home at night, he ar­gues for hours on Italian fo­rums about which type of oven is best. The Italian fo­rums are, to him, the ul­ti­mate source of oven-truth.

He’s tired of build­ing ovens at Corporate Oven. Ten years mak­ing the same oven he’s told to make. He wants the free­dom to build his own.

The founder of­fers him 20% of the com­pany and to­tal free­dom to build the per­fect oven. The salary is­n’t great, but there’s the promise: if things go well, some­day he could be a mil­lion­aire. And some­thing more im­por­tant than money: he’ll fi­nally get to build the oven of his dreams.

He signs.

The MVP

With lit­tle money and lots of en­thu­si­asm, they build an MVP. Two months later it’s done. It’s a func­tional oven and, more im­por­tantly, it has one im­prove­ment over tra­di­tional ovens: you in­put the amount of flour, yeast, and wa­ter, and the oven au­to­mat­i­cally knows when to stop for a per­fect bake.

In the­ory.

In prac­tice it does­n’t work very well, but it’s good enough for an MVP. They go to mar­ket and sell 5 pro­to­types: two bak­ers the founder knows, the en­gi­neer’s mother who bakes cakes, and two oven en­thu­si­asts who buy it out of cu­rios­ity.

The feed­back is unan­i­mous:

My bread came out burnt.” The cake was raw.” Every sin­gle pizza burns.”

But all things con­sid­ered, it’s pos­i­tive: a third of the time, the pro­to­type worked and pro­duced the per­fect cake, bread, or pizza.

This is just a pro­to­type. Imagine when we ship the real prod­uct. Trust us.”

And with that, the founder goes to see an old col­league who now works at a VC: In 2 months we’ve built a pro­to­type, we al­ready have 5 cus­tomers, and it’s very promis­ing. We just need money to scale, build a bet­ter ver­sion, and sell to every bak­ery and pas­try shop in Spain.”

Nobody asks whether the 5 cus­tomers would buy again.

The founder is very good. He raises 5 mil­lion. Ovens Inc. is born.

Forum of the Bakers

They start im­prov­ing the pro­to­type. The en­gi­neer re­al­izes some­thing: build­ing an al­go­rithm that cal­cu­lates bak­ing time for cakes, piz­zas, and bread is quite a bit more com­plex than it looked. Every dough is its own uni­verse. They need to hire more en­gi­neers.

The en­gi­neer knows ex­actly where to look. On the Italian fo­rums there are two users he’s spent years ar­gu­ing with about con­vec­tion and re­frac­tory stone: Mario and Luigi. He’s never met them in per­son, but he knows their opin­ions on ovens bet­ter than his own fam­i­ly’s. He of­fers them the same deal he got: low salary, lots of free­dom, the per­fect oven.

They sign.

Meanwhile, the founder needs to sell ovens, but Facebook and Instagram ads get no trac­tion. Turns out no­body buys a fif­teen-thou­sand-euro in­dus­trial oven be­cause it popped up in their sto­ries. So he hires a leg­endary sales team: the best sales­peo­ple in all of Spain. People who have never sold ovens, who know noth­ing about ovens, but who are hun­gry to sell and very ex­cited about the com­pany.

At first it goes badly. Few peo­ple want a new oven; they’re happy with the one they have. Why switch? Most small busi­nesses don’t care about a 15% ef­fi­ciency gain: the risk of switch­ing is too high. If Juan’s Bakery swaps ovens and the new oven fails, Juan loses his cus­tomers and shuts down. For Juan, ef­fi­ciency is op­tional; to­mor­row’s bread is not. Better to stick with the old oven, even if it’s worse on pa­per. He’d only switch if Manolo’s Bakery across the street started sell­ing cheaper bread thanks to a more ef­fi­cient oven and he had no choice. But Manolo thinks ex­actly the same as Juan, so no­body moves. Perfect equi­lib­rium. Economists have a name for this; Juan and Manolo call it com­mon sense.

Big busi­nesses are an­other story. For them, 15% ef­fi­ciency means mil­lions saved every year. And one sales­per­son man­ages to make con­tact with Pepepizza.

The Decision

Meanwhile, over in en­gi­neer­ing, things aren’t go­ing any bet­ter. The al­go­rithm is un­sta­ble. They’ve got­ten the fail­ure rate down from two thirds to one third, but each point of im­prove­ment costs twice as much as the last. And then comes the un­com­fort­able dis­cov­ery: if the oven only does two of the three things (bread, cakes, or pizza), the al­go­rithm fails just 5% of the time.

The en­gi­neer brings the pro­posal to the founder: let’s sac­ri­fice one mar­ket and have a prod­uct that works.

The founder gets an­gry. He promised the VCs 10% of Spain’s oven mar­ket. The en­tire mar­ket. We can’t sac­ri­fice any of them.”

It’s not just greed. The 5 mil­lion was raised with the en­tire mar­ket on the slide. The founder is­n’t choos­ing be­tween right and wrong: he’s choos­ing which promise to break.

The en­gi­neer goes back to his desk with his three doughs and his 33% fail­ure rate.

Mallorca

Back to sales: there’s con­tact with Pepepizza, but en­ter­prise deals don’t close over email. The founder flies to Pepepizza head­quar­ters and meets the owner. They hit it off. They hit it off so well they go to Mallorca to­gether. Nobody knows what was dis­cussed there. What’s known is that when they come back, there’s a deal. Nobody has tried the oven yet. No need. Enterprise sales is­n’t about ovens.

The hand­shake comes first. The re­quire­ments come later.

And they come. Pepepizza’s op­er­a­tions team sends the list to sales: their kitchens are cus­tom-built, so they need ovens with spe­cific di­men­sions. Oh, and a ro­tat­ing base like the one they al­ready have.

Sales replies: No prob­lem.”

The founder is eu­phoric. Pepepizza wants to buy an ini­tial batch of 500 ovens. Five hun­dred. That’s more rev­enue than every­thing since they started. For Pepepizza it’s a small pi­lot, a trial in a few lo­ca­tions be­fore de­cid­ing any­thing. For Ovens Inc. it’s bet­ting the en­tire com­pany.

Engineer, we need 500 ovens for Pepepizza. They want spe­cific di­men­sions and a base that spins. Let’s make it hap­pen.”

The en­gi­neer does­n’t faint only be­cause he’s al­ready sit­ting down.

The al­go­rithm barely works for pizza. The mold di­men­sions have spent 5 months be­ing op­ti­mized in CAD for the stan­dard size. And no­body, ever, has dis­cussed ro­tat­ing bases on the Italian fo­rums. If it’s not on the Italian fo­rums, does it even ex­ist?

The en­gi­neer opens the CAD file in front of the founder. He shows him why the new di­men­sions break the en­tire ther­mal de­sign. The founder looks at the screen, looks at the blue­prints, looks at the en­gi­neer.

But this is just chang­ing a num­ber, right?”

We can’t. Not un­til we fix the al­go­rithm and re­design the in­verter for the new sizes. That’s 5 more months.”

The Miracle

It’s not 5 months.

After many lost week­ends and en­tire nights run­ning on Red Bull, in 3 weeks there’s a pro­to­type for Pepepizza. Compromises were made. The al­go­rithm still fails plenty, but at least the di­men­sions are right. The ro­tat­ing base? Doesn’t ex­ist yet. Pepepizza is promised an add-on in a cou­ple of months.” Pepepizza says fine.

The Candle Button

Sales has had a rev­e­la­tion: if you sell the oven that ex­ists to­day, you don’t sell ovens. You have to sell the oven that will ex­ist in 6 months. Promise fea­tures. It worked last time: they promised Pepepizza the im­pos­si­ble and the team de­liv­ered in 3 weeks. What could go wrong?

Sales, of course, has no idea what hap­pens af­ter the con­tract is signed. The com­mis­sion is paid at sign­ing. Whatever comes next is an­other de­part­men­t’s prob­lem.

Though there’s some­thing no­body in en­gi­neer­ing wants to look at: Ovens Inc. does­n’t live off sell­ing ovens (for now). It lives off rais­ing rounds. And rounds are raised with pro­jec­tions, and pro­jec­tions are man­u­fac­tured out of what­ever sales promises. The No prob­lem” peo­ple are also the only life raft.

And then the daily re­quests be­gin:

A lot of our po­ten­tial cus­tomers make birth­day cakes. When they ask if we have spe­cial birth­day-cake fea­tures, we have to say no, and we lose them. Can we add the fea­ture?”

The founder has no doubts. Last time a fea­ture was re­quested, they es­ti­mated 5 months and did it in 3 weeks. And this is much eas­ier. It’s just a sim­ple but­ton that adds can­dles.”

The en­gi­neer is climb­ing the walls. They still haven’t fin­ished clean­ing up the Pepepizza wreck­age. This is ab­solutely not what peo­ple dis­cuss on the Italian fo­rums. Adding a can­dle but­ton is an in­sult to the state of the art, or rather, the state of the oven.

But he caves.

Just this once.”

Sales sells 2 more ovens a month thanks to the new but­ton. Or so they be­lieve. They have no way of check­ing whether they’d have sold them any­way with­out the but­ton.

The Second-Highest Priority

Soon af­ter, more fea­ture re­quests ar­rive.

My oven at home con­nects to the fire­place. Does yours?”

I make a lot of wed­ding cakes, what have you got for me?”

Do you have a Ramadan mode?”

They build all of them.

Engineering stops try­ing to build a good oven and starts adding but­tons and fea­tures. Nobody made that de­ci­sion. It just hap­pened, one ticket at a time.

And there’s a de­tail every­one seems to ig­nore: each but­ton takes longer than the last. The can­dle but­ton took three days. The fire­place one, a week. The lat­est one took three. It’s not that the en­gi­neers are get­ting slower: it’s that every new but­ton has to co­ex­ist with all the pre­vi­ous but­tons.

Meanwhile, cus­tomers who buy the oven re­turn it within a week. The rea­son? The bread and cakes still burn 10% of the time. The MVP prob­lem. The orig­i­nal one. The one from day one. Underneath the twelve new but­tons sits the same al­go­rithm from the very first day, and a baker who loses one out of every ten batches is not con­soled by the fact that the oven does can­dles.

When a cus­tomer calls to can­cel, sup­port tries to re­tain them by of­fer­ing what’s avail­able: the new but­ton from the lat­est re­lease. The baker whose bread keeps burn­ing is of­fered Ramadan mode. The baker leaves any­way. It gets logged as feed­back. Engineering has no time to stop and re­think their ap­proach, be­cause stop­ping is­n’t in the back­log.

And then the worst day ar­rives. Pepepizza calls:

Where is the ro­tat­ing base?”

The founder swal­lows hard. The ticket has been sit­ting on the kan­ban board for a month and a half. It’s not that no­body saw it: it’s that every week some­thing jumped ahead of it. The can­dle but­ton. The fire­place thing. The Ramadan thing. The ro­tat­ing base was al­ways the sec­ond-high­est pri­or­ity, and the sec­ond-high­est pri­or­ity never gets done. So he an­swers with con­vic­tion:

Almost fin­ished.”

The Request

Guys, these next two weeks we’re go­ing to fo­cus on the ro­tat­ing base,” says the founder.

The team can’t be­lieve it. They al­ready said the ro­tat­ing base was im­pos­si­ble. They al­ready ex­plained why. Besides, Mario has va­ca­tion planned, the va­ca­tion he was promised af­ter the Pepepizza crunch. And Luigi’s per­for­mance has been slip­ping for weeks and no­body knows why.

The en­gi­neer tries one more time:

We can’t do the ro­tat­ing base right now. We need to refac­tor, con­sol­i­date, and add an ab­strac­tion layer for com­part­ments and but­tons. Otherwise, every new fea­ture takes twice as long as the last. Also, Mario has va­ca­tion planned, and I’m not sure Luigi is in a good place to be asked for more.”

The founder nods. He gets it. He gets all of it.

But this is a startup. And star­tups are built with blood and sweat. Everyone here has to sac­ri­fice. You have two weeks.”

And he’s not say­ing it from the couch: the founder takes the low­est salary in the com­pany and has­n’t had a va­ca­tion in two years (Mallorca was work). He’s the first to live the speech. That is ex­actly the prob­lem.

When Everything Is Urgent, Nothing Is

There’s a new crunch. This time with less en­thu­si­asm and less pas­sion. The first one was an epic feat; this one is pa­per­work. Mario can­cels his va­ca­tion. Luigi keeps show­ing up. Nobody asks how he’s do­ing.

Two weeks later, the re­sult: a ro­tat­ing base that re­quires three spe­cial but­ton com­bi­na­tions. It’s in­com­pat­i­ble with every other mode, but it’s not like no­body tested it.

It gets in­stalled at Pepepizza. Pepepizza’s re­sponse:

It does­n’t ro­tate clock­wise. We’re go­ing with Corporate Oven.”

The team: dev­as­tated. They just lost their most im­por­tant cus­tomer. Nobody in prod­uct ever com­mu­ni­cated that it had to ro­tate clock­wise. Somewhere be­tween sales, the founder, and the back­log, the sin­gle most im­por­tant re­quire­ment of the pro­ject sim­ply never ex­isted.

And the worst part is­n’t los­ing Pepepizza. The worst part is that the changes made for the ro­tat­ing base will haunt the oven’s de­sign un­til the end of time. The cus­tomer leaves now. Their ro­tat­ing base stays for­ever.

No Blockers

A month later, Mario leaves the com­pany. He’s not go­ing to a com­peti­tor and he has­n’t found any­thing bet­ter: he leaves be­cause it’s the only way he can see to get a va­ca­tion. In the retro, it gets writ­ten down as a learning.”

Luigi stays. He now main­tains the can­dle but­ton. It’s his spe­cialty, they say. Nobody re­mem­bers who de­cided that, but it’s his spe­cialty. He keeps show­ing up every day, keeps do­ing his work. On the Italian fo­rums, peo­ple ask why Luigi has­n’t posted in 5 months. In standups he says no block­ers” and every­one moves on to the next per­son.

Epilogue

Six months later.

Ovens Inc. is still alive. Technically. There’s money for eight more months and a new ver­sion of the pitch deck where the word oven” no longer ap­pears: it’s now an intelligent bak­ing plat­form.”

The en­gi­neer left in March. He did­n’t slam the door or write a vi­ral thread about his ex­pe­ri­ence. One day he sim­ply stopped ar­gu­ing in meet­ings, a month later he stopped show­ing up, and his farewell was a three-line email. Nobody has touched his code since. Nobody dares.

The founder has it all fig­ured out: the prob­lem was never the plan. The prob­lem was the ex­e­cu­tion. He needs an­other en­gi­neer.

And he finds one.

Young, grad­u­ated from a pres­ti­gious school, has spent years build­ing ovens at Corporate Oven and he’s tired. More than that: he’s the kind of per­son who spends all day talk­ing and ar­gu­ing about ovens. He goes to oven con­fer­ences. When he gets home at night, he ar­gues for hours on Italian oven fo­rums about which type of oven is best. On the fo­rum an old user warns Make sure that you sup­port ro­tat­ing bases day 1”. The young en­gi­neer laughs. Who uses ro­tat­ing bases in an oven?

The founder of­fers him 5% of the com­pany. It can’t be 20 any­more; there’s been di­lu­tion (funding-round stuff, it’s com­pli­cated). But the salary does­n’t mat­ter, be­cause he’s of­fer­ing the im­por­tant thing: to­tal free­dom to build the per­fect oven.

The kid smiles.

Introducing Claude Sonnet 5

www.anthropic.com

Claude Sonnet 5 is built to be the most agen­tic Sonnet model yet. It can make plans, use tools like browsers and ter­mi­nals, and run au­tonomously at a level that, just a few months ago, re­quired larger and more ex­pen­sive mod­els.

For many de­vel­op­ers, the agen­tic AI era be­gan with Sonnet-class mod­els: Claude Sonnet 3.5, 3.6, and 3.7 were the first mod­els that showed im­pres­sive skills in cod­ing and tool use. More re­cently, though, the clear­est gains in agen­tic ca­pa­bil­i­ties have been in our Opus-class mod­els.

Sonnet 5 nar­rows the gap: its per­for­mance is close to that of Opus 4.8, but at lower prices. It’s a sub­stan­tial im­prove­ment over its pre­de­ces­sor, Sonnet 4.6, on im­por­tant as­pects of agen­tic per­for­mance like rea­son­ing, tool use, cod­ing, and knowl­edge work:

Our safety as­sess­ments found that Sonnet 5 shows an over­all lower rate of un­de­sir­able be­hav­iors than Sonnet 4.6, and is gen­er­ally safer to use in agen­tic con­texts. Evaluations also show that it has a much lower abil­ity to per­form cy­ber­se­cu­rity tasks than our cur­rent Opus mod­els.

From to­day, Claude Sonnet 5 is avail­able across all plans: it is the de­fault model for Free and Pro plans, and is avail­able to Max, Team, and Enterprise users. It’s also avail­able in Claude Code and on the Claude Platform, where it launches with in­tro­duc­tory pric­ing of $2 per mil­lion in­put to­kens and $10 per mil­lion out­put to­kens through August 31, 2026, af­ter which it will be priced at $3 per mil­lion in­put to­kens and $15 per mil­lion out­put to­kens. Developers can use claude-son­net-5 via the Claude API.

Working with Claude Sonnet 5

The charts be­low com­pare the per­for­mance of Sonnet 5 with Sonnet 4.6 and Opus 4.8 at dif­fer­ent ef­fort lev­els on the agen­tic search eval­u­a­tion BrowseComp and the com­puter use eval­u­a­tion OSWorld-Verified. Sonnet 5 (orange line) is a strict im­prove­ment over Sonnet 4.6 (gray line) and cov­ers a much wider range of cost-per­for­mance op­tions than Opus 4.8 (yellow line). It pro­vides sub­stan­tially im­proved cost ef­fi­ciency at medium ef­fort; its higher-ef­fort per­for­mance can match Opus 4.8 on some tasks. Between Sonnet 5 and Opus 4.8, users can ad­just the ef­fort level to find the right bal­ance of cost and per­for­mance.

Feedback from our early ac­cess part­ners has been con­sis­tent: Sonnet 5 is much more agen­tic than its pre­de­ces­sors. Testers de­scribed how it fin­ishes com­plex tasks where pre­vi­ous Sonnet mod­els would stop short, how it checks its own out­put with­out ex­plic­itly be­ing asked, and how it does all this agen­tic work at an at­trac­tive price point:

Claude Sonnet 5 gives our agents a strong ex­e­cu­tion layer for multi-step soft­ware en­gi­neer­ing work. It han­dles sus­tained cod­ing, tool use, and de­bug­ging well across messy tech­ni­cal con­texts, and has been es­pe­cially use­ful for work­flows where fol­low-through and tech­ni­cal ground­ing mat­ter.

Claude Sonnet 5 gives our agents a strong ex­e­cu­tion layer for multi-step soft­ware en­gi­neer­ing work. It han­dles sus­tained cod­ing, tool use, and de­bug­ging well across messy tech­ni­cal con­texts, and has been es­pe­cially use­ful for work­flows where fol­low-through and tech­ni­cal ground­ing mat­ter.

We handed Claude Sonnet 5 a two-part job—up­date Salesforce ac­count tiers, send a launch an­nounce­ment to en­ter­prise con­tacts—and it fin­ished end to end. That used to stall halfway. For day-to-day au­toma­tion, it’s a no-brainer.

We handed Claude Sonnet 5 a two-part job—up­date Salesforce ac­count tiers, send a launch an­nounce­ment to en­ter­prise con­tacts—and it fin­ished end to end. That used to stall halfway. For day-to-day au­toma­tion, it’s a no-brainer.

Claude Sonnet 5 gets more done with less. Same out­put qual­ity, fewer steps to get there. It re­fuses un­safe re­quests cleanly and con­sis­tently, too. At Lovable, we’re putting pow­er­ful tools in the hands of mil­lions of builders. A model that knows when to say no is just as im­por­tant as one that knows how to build.

Claude Sonnet 5 gets more done with less. Same out­put qual­ity, fewer steps to get there. It re­fuses un­safe re­quests cleanly and con­sis­tently, too. At Lovable, we’re putting pow­er­ful tools in the hands of mil­lions of builders. A model that knows when to say no is just as im­por­tant as one that knows how to build.

We ran Claude Sonnet 5 against dozens of our most chal­leng­ing real pull re­quests, and it car­ried each one through to a tested, ver­i­fied re­sult on its own — free­ing our en­gi­neers to fo­cus on the judg­ment, the de­ci­sion, and the fi­nal sign-off.

We ran Claude Sonnet 5 against dozens of our most chal­leng­ing real pull re­quests, and it car­ried each one through to a tested, ver­i­fied re­sult on its own — free­ing our en­gi­neers to fo­cus on the judg­ment, the de­ci­sion, and the fi­nal sign-off.

I asked Claude Sonnet 5 to in­ves­ti­gate a bug. Unprompted, it wrote a re­pro­duc­ing test, im­ple­mented the fix, then stashed it to con­firm the bug came back with­out the change. All in a sin­gle pass.

I asked Claude Sonnet 5 to in­ves­ti­gate a bug. Unprompted, it wrote a re­pro­duc­ing test, im­ple­mented the fix, then stashed it to con­firm the bug came back with­out the change. All in a sin­gle pass.

With Claude Sonnet 5, agents stay on plan, fol­low our con­ven­tions, and ship clean multi-step changes, all at an ef­fi­cient cost.

With Claude Sonnet 5, agents stay on plan, fol­low our con­ven­tions, and ship clean multi-step changes, all at an ef­fi­cient cost.

Claude Sonnet 5 is at its best on brown­field code—race con­di­tions, hid­den tests, the parts no­body wants to touch. It traces a fail­ure to its ac­tual root cause and ships a durable fix in­stead of patch­ing the symp­tom.

Claude Sonnet 5 is at its best on brown­field code—race con­di­tions, hid­den tests, the parts no­body wants to touch. It traces a fail­ure to its ac­tual root cause and ships a durable fix in­stead of patch­ing the symp­tom.

Claude Sonnet 5 sits on the Pareto fron­tier for Eve’s plain­tiff-law tasks. We see the clear­est gains in le­gal re­search and analy­sis, at a price-to-per­for­mance ra­tio that made the choice to mi­grate easy.

Claude Sonnet 5 sits on the Pareto fron­tier for Eve’s plain­tiff-law tasks. We see the clear­est gains in le­gal re­search and analy­sis, at a price-to-per­for­mance ra­tio that made the choice to mi­grate easy.

ClickHouse agents ex­plore live data and pro­duce in­sights on the fly, so time-to-in­sight mat­ters when test­ing new mod­els. Claude Sonnet 5 rea­sons in tighter steps and gets our users to an­swers no­tice­ably faster. That speed is a dif­fer­ence our cus­tomers feel.

ClickHouse agents ex­plore live data and pro­duce in­sights on the fly, so time-to-in­sight mat­ters when test­ing new mod­els. Claude Sonnet 5 rea­sons in tighter steps and gets our users to an­swers no­tice­ably faster. That speed is a dif­fer­ence our cus­tomers feel.

At Pace, our com­puter-use agents run in­sur­ance work­flows—sub­mis­sion in­take, FNOL, loss runs—on the sys­tems our op­er­a­tions teams al­ready use. Claude Sonnet 5 con­sis­tently takes the right ac­tion and does it quickly, which is what real in­sur­ance work de­mands.

At Pace, our com­puter-use agents run in­sur­ance work­flows—sub­mis­sion in­take, FNOL, loss runs—on the sys­tems our op­er­a­tions teams al­ready use. Claude Sonnet 5 con­sis­tently takes the right ac­tion and does it quickly, which is what real in­sur­ance work de­mands.

01 /

10

Safety eval­u­a­tions

Our pre-de­ploy­ment safety eval­u­a­tions found that Sonnet 5 was over­all an im­prove­ment on Sonnet 4.6. On agen­tic safety, the model is bet­ter at re­fus­ing ma­li­cious re­quests and re­sist­ing hi­jack at­tempts in prompt in­jec­tion at­tacks. The model shows lower rates of hal­lu­ci­na­tion and syco­phancy than Sonnet 4.6. On our au­to­mated be­hav­ioral au­dit, which tests a wide range of mis­aligned be­hav­iors such as co­op­er­a­tion with mis­use and de­cep­tion, Sonnet 5 scored lower (that is, safer) over­all. However, it did show some­what higher rates of mis­aligned be­hav­ior on this as­sess­ment com­pared to the more ca­pa­ble Opus 4.8 and Claude Mythos Preview.

We did not de­lib­er­ately train Sonnet 5 on cy­ber­se­cu­rity tasks. It can per­form some rou­tine, non-harm­ful cy­ber tasks, but on eval­u­a­tions test­ing po­ten­tially dan­ger­ous cy­ber skills, such as de­vel­op­ing soft­ware ex­ploits, it shows sub­stan­tially poorer per­for­mance than mod­els such as Opus 4.8 and Mythos 5. Scores from one eval­u­a­tion, which tested mod­els’ abil­ity to de­velop ex­ploits for vul­ner­a­bil­i­ties in the Firefox browser, are shown in the chart be­low. Sonnet 5 was never able to de­velop a full work­ing ex­ploit, but it does show a slightly higher rate of par­tial suc­cess than Sonnet 4.6. This lat­ter change is likely due to im­prove­ments in gen­eral in­tel­li­gence rather than spe­cific train­ing.

Since Sonnet 5 is some­what stronger than its pre­de­ces­sor on these tasks, we’ve launched it with cy­ber safe­guards en­abled by de­fault. These safe­guards—which de­tect and block dan­ger­ous cy­ber us­age in real time—are the same as those pre­sent in Claude Opus 4.7 and 4.8 (because we judged that the over­all level of cy­ber­se­cu­rity risk from Sonnet 5 was low, the safe­guards are less strict than those launched with Fable 5, which block a much wider range of cy­ber­se­cu­rity tasks).1

Our full as­sess­ment of Sonnet 5 across many safety and ca­pa­bil­ity eval­u­a­tions is re­ported in the Claude Sonnet 5 System Card.

Availability and pric­ing

Claude Sonnet 5 is avail­able every­where to­day at an in­tro­duc­tory price of $2 per mil­lion in­put to­kens and $10 per mil­lion out­put to­kens through August 31, 2026. It then moves to stan­dard pric­ing at $3 per mil­lion in­put to­kens and $15 per mil­lion out­put to­kens.2 We’ve in­creased rate lim­its across Chat, Cowork, Claude Code, and the Claude Platform3 to ac­com­mo­date the higher to­ken us­age of higher ef­fort lev­els; users can se­lect whichever level makes sense for their par­tic­u­lar pro­ject.

Changelog

Edit June 30, 2026: In the orig­i­nal ver­sion of this post, we in­cluded a cost-per­for­mance chart for the BrowseComp eval­u­a­tion that was based on data from a sim­pler method­ol­ogy that did not re­flect the stan­dard method­ol­ogy we use for agen­tic search eval­u­a­tions. This had the re­sult of un­der­es­ti­mat­ing Sonnet 5′s per­for­mance on the eval­u­a­tion.

We have now up­dated the chart so that it matches the method­ol­ogy that we used and dis­cussed in the Sonnet 5 sys­tem card (which used a 10M to­ken bud­get with com­paction and pro­gram­matic tool call­ing). We have also up­dated the sur­round­ing text.

Footnotes

1 Sonnet 5 is part of our Cyber Verification Program, which is avail­able to­day on the na­tive Claude Platform, the Claude Platform on AWS, and Claude in Microsoft Foundry (hosted on Azure and Anthropic), and com­ing soon on Claude in Google Vertex. Organizations that are al­ready en­rolled in the Cyber Verification Program au­to­mat­i­cally have the same ac­cess on Sonnet 5, with no need to reap­ply. Overall, we rec­om­mend Claude Opus 4.8 for cy­ber­se­cu­rity work that re­quires re­duced guardrails.

2 Sonnet 5 is an up­grade to Sonnet 4.6, but it uses an up­dated to­k­enizer that changes how the model processes text to im­prove per­for­mance (this is sim­i­lar to the to­k­enizer change we in­tro­duced with Claude Opus 4.7). The trade­off is that the same in­put can map to more to­kens: roughly 1.0 – 1.35× de­pend­ing on the con­tent type. The in­tro­duc­tory pric­ing is set so that the tran­si­tion to Sonnet 5 is roughly cost-neu­tral.

3 On April 26, 2026, we raised Sonnet and Haiku rate lim­its at every us­age tier and sim­pli­fied to three tiers (Start, Build, and Scale) on the na­tive Claude Platform. You can view your tier and cur­rent lim­its in the Claude Console or read the doc­u­men­ta­tion to learn more.

Humanity’s Last Exam: We up­dated the grader model for Humanity’s Last Exam and have up­dated the Sonnet 4.6 score to 34.6% (no tools) and 46.8% (with tools). This is the rea­son the score dif­fers from that re­ported in the Sonnet 4.6 launch blog.

OSWorld-Verified: We made changes to how we run the OSWorld-Verified eval­u­a­tion to more ac­cu­rately re­flect the mod­el’s per­for­mance in the real world, and have up­dated the Sonnet 4.6 score to 78.5%. This is the rea­son the score dif­fers from that re­ported in the Sonnet 4.6 launch blog.

Related con­tent

Redeploying Fable 5

Fable 5 re­turns glob­ally July 1. We’re also propos­ing an in­dus­try-wide frame­work for scor­ing jail­break sever­ity, to­gether with Amazon, Microsoft, Google, and other Glasswing part­ners.

Read more

Claude Science, an AI work­bench for sci­en­tists, is now avail­able

Claude Science is a cus­tomiz­able app that in­te­grates the tools and pack­ages re­searchers most of­ten use, pro­duces au­ditable ar­ti­facts, and pro­vides flex­i­ble ac­cess to com­put­ing re­sources.

Read more

Introducing Claude Tag

Claude Tag is a new way for teams to work with Claude.

Read more

OpenTools / OpenPrinter

www.opentools.studio

is a re­pairable, com­pact, and ro­bust printer de­signed to last.

Fully re­pairable and equipped with a re­fill­able ink sys­tem, it adapts to your needs while re­duc­ing your print­ing costs.

Easy to main­tain, it of­fers a sus­tain­able, eco­nom­i­cal, and eco-friendly al­ter­na­tive to tra­di­tional print­ers.

With Openprinter, eas­ily re­fill your car­tridges.

Reduce your costs and limit the waste of con­sum­ables.

Take con­trol of your ink con­sump­tion

Master your ink con­sump­tion in a few steps.

Freedom to use your car­tridges

Use your black and/​or colour car­tridges in­de­pen­dently : print in black for es­sen­tials or in colour for your cre­ations.

No more frus­trat­ing block­ages like: Cannot print in black be­cause the yel­low is empty.”

1. Just the black car­tridge

Print a rich and deep black

2. Just the color car­tridge

Print vi­brant col­ors and a light black

3. Cartridges black & color

You have both op­tions

Free pa­per for­mat

With Openprinter, you are free to choose be­tween stan­dard sheets or a roll of ver­sa­tile pa­per.

Print not only in stan­dard

for­mats

, but also in

ban­ners

, strips

and com­pletely cus­tomized

for­mats.

Thanks to the in­te­grated cut­ter, un­leash your cre­ativ­ity.

Print also on sheets A4 and A3

Remove the roller eas­ily

to place pa­per’s sheets (A4, A3, Tabloid, Letter)

Flexible con­fig­u­ra­tions

To place on a desk or mount on a wall — you choose. Openprinter fits any­where.

Create a new work space that makes your ex­changes smoother and more mod­ern.

Compact

The most com­pact printer/​plot­ter on the mar­ket. Easy to move, it fits any­where and can be stored in an in­stant.

Robust. Repairable. Open. Durable.

Composed of stan­dard and open source com­po­nents, Openprinter is easy to as­sem­ble, main­tain, and re­pair, en­sur­ing longevity.

Keep your ma­chine and con­sum­ables for as long as pos­si­ble and help re­duce elec­tronic waste.

A self-as­sem­bly kit or al­ready as­sem­bled and ready to use.

Independent of op­er­at­ing sys­tems

Equipped with an open source print server (CUPS), Open Printer works with Windows, MacOS, Linux, Android, iOS.

It han­dles all your print­ing, both lo­cally and over the net­work, for a sim­ple, flex­i­ble, and dri­ver-free ex­pe­ri­ence.

Customize it

Choose the coloured ver­sion that re­sem­bles you. Thanks to open source, you can also print your own 3D parts to cre­ate a unique printer.

Technical spec­i­fi­ca­tions

Black and white : 600 dpi

Color : 1200 dpi

Speed : to be de­fined

European for­mats

Sheet : A4, A3

Paper roll : 29.7 cm (wide) 18 m or 37.5 m (long)

North American for­mats

Letter, Tabloid

Paper roll : 11 inch (wide)

Compatible car­tridges

HP 63 and HP 63 XL (US)

HP 302 and HP 302 XL (Europe)

HP 803 and HP 803 XL (Asia)

Rechargeable ink car­tridges (with the Inkit)

100ml ink bot­tles (Black, Magenta, Cyan, Yellow)

Vials

Modes of car­tridge use

sin­gle car­tridge (black or color)

or both (black and color)

USB Type-C (computer)

USB Type-A (USB flash drive / stor­age de­vice)

Wi-Fi 802.11ac (AirPrint)

Bluetooth 4.1

Main board : Raspberry Pi Zero W

Cartridge board : STM32 mi­cro­con­troller

Computer : Windows, ma­cOS, Linux,

Phone : iOS, Android

497 × 233 × 111 mm

19,5 × 9,2 × 4,4 in

On a desk

Mural (with the wall kit)

24 V DC, 2.1 mm con­nec­tor

TFT LCD 1.47 inch, 172 x 320 px

Pre-order cam­paign

To re­serve your ma­chine, fol­low our crowd­fund­ing cam­paign on Crowd­sup­ply.

Frequently Asked Questions

Cartridges

The car­tridges can be found in usual re­tail out­lets and on­line. This model is sold world­wide and widely dis­trib­uted.

Europe : HP 302, HP 302 XL

US : HP 63, HP 63XL

Asia : HP 803, HP 803XL

You can also find them at our sup­pli­ers: Printerre.

Paper roll

Paper roll (29.7 cm x 18 m) or (29.7 cm x 37.5 m) are eas­ily found on­line.

Ink

Open Tools will sell the Inkit :  4 x bot­tles (black, ma­genta, cyan, yel­low) and re­fill tools.

Two el­e­ments will help you save money :

Machine durable :

de­signed to be ro­bust and last a long time, all com­po­nents are re­pairable, and re­place­ment parts are avail­able in full for a long time.

By keep­ing your ma­chine over time, you save money.

Low ink and con­sum­able costs :

the car­tridges are re­fill­able with ink and with­out block­ing (no DRM).

Moreover, the ink sold by Open Tools al­lows you to achieve an eco­nom­i­cal cost per page.

With your phone

, you can scan all your doc­u­ments in high de­f­i­n­i­tion. The

Qwen 3.6 27B is the sweet spot for local development

quesma.com

I’ve been dis­ap­pointed by lo­cal mod­els in the past. But then I checked Qwen 3.6, and I was in awe. For me it’s the first lo­cal model that ac­tu­ally makes sense as a gen­eral in­tel­li­gence.

It comes in two vari­ants, a mix­ture-of-ex­perts model Qwen 3.6 35B A3B, and a dense Qwen 3.6 27B - slower, but more pow­er­ful. The one I rec­om­mend!

Let me share my im­pres­sions, and show that you can run it too.

It’s hot, lit­er­ally. When my knees started to melt, I grabbed a phone-at­tached ther­mal cam­era and took a photo.

Qwen 3.6, right­fully, got a lot of cov­er­age on Hacker News. The most com­mon state­ment about Qwen 3.6 27B is that it punches above its weight - see Will it Mythos?. And I think it is a well-de­served sen­ti­ment. It will make your com­puter hot, but it’s worth it!

Testing the wa­ters

Simon Willison uses penguins on a bi­cy­cle” as a smoke test (see for Qwen 3.6 35B A3B and then Qwen 3.6 27B). I usu­ally go with con­strained writ­ing.

A year ago these kinds of things were state of the art, need­ing a unique, and in­sanely ex­pen­sive GPT-4.5, see vibe trans­lat­ing Quantum Flytrap.

I also asked it to write an 8 line poem about Zouk dance and quan­tum physics, see the tran­script. The thought process made sense, both in terms of de­lib­er­a­tion on quan­tum terms, and rhymes.

Then I asked in OpenCode to cre­ate a hexag­o­nal minesweeper us­ing pnpm. It worked:

It worked on the first go, from a sin­gle prompt, with a proper Node pack­age. The mix­ture-of-ex­perts Qwen 3.6 35B A3B was faster… but ig­nored my in­struc­tion to cre­ate a pack­age, and did it in a sin­gle in­dex.html.

Real work

Sure, cre­ative writ­ing about quan­tum me­chan­ics, or yet an­other clone of a minesweeper, is rarely a day job. But Qwen 3.6 27B is de­cent at reg­u­lar tasks as well.

Prompt by a friend, Maciej Cielecki, at AI Tinkerers Warsaw.

It worked for a few min­utes and cre­ated this:

A land­ing page by Qwen 3.6 27B — view the live page.

By stan­dards of cur­rent fron­tier mod­els, it’s un­re­mark­able. But it is al­ready a prac­ti­cal job. It worked, was re­ac­tive, de­faults were nice - all from a sin­gle, short prompt.

Running Qwen 3.6 lo­cally with llama.cpp

Running lo­cal mod­els is eas­ier than ever. A few CLI lines and you’re off.

I rec­om­mend llama.cpp - a di­rect, open source tool that al­lows run­ning mod­els on var­i­ous de­vices. You don’t need Ollama, and frankly - I would rec­om­mend against us­ing that on eth­i­cal grounds.

First, we go to Hugging Face, to get proper quan­ti­za­tion, i.e. a model with re­duced size - pop­u­lar ones are by un­sloth or bar­towski, among oth­ers. Default mod­els usu­ally come with BF16 pre­ci­sion. A com­mon 8-bit quan­ti­za­tion saves half the space at al­most no cost to qual­ity. Going fur­ther down the road, mod­els are smaller (and po­ten­tially - faster), but at the cost of qual­ity, see this com­par­i­son for 27B and an­other one for 35B A3B.

We grab un­sloth/​Qwen3.6 – 27B-MTP-GGUF:Q8_0, an 8-bit quan­ti­za­tion with sup­port for multi-to­ken pre­dic­tion (MTP).

llama-server -hf un­sloth/​Qwen3.6 – 27B-MTP-GGUF:Q8_0 \ –spec-type draft-mtp -ngl 999 -fa on -c 65536 –port 8080

What it does:

-hf un­sloth/​Qwen3.6 – 27B-MTP-GGUF:Q8_0 grabs from Hugging Face, on the next runs will reuse that

-m ~/models/Qwen3.6 – 27B-Q8_0.gguf use in­stead if you al­ready have it

draft-mtp we use a fast model to pre­dict sub­se­quent to­kens, speeds up things

-ngl 999 for putting all lay­ers to GPU

-fa on flash at­ten­tion is on

-c 65536 con­text size set to 64k to­kens (this we can tweak, as Qwen 3.6 27B na­tive con­text is 256k)

–port 8080 bet­ter to pin port, as it will be used by other con­figs

If you open http://​127.0.0.1:8080, you can di­rectly chat with it.

Precisely the same server can be used for vibe cod­ing. Choice of agent de­pends both on one’s goal and sub­jec­tive taste - for an all-around OpenCode, min­i­mal­is­tic Pi, and self-im­prov­ing Hermes.

For OpenCode, it is as sim­ple as adding to ~/.config/opencode/opencode.jsonc:

{ $schema”: https://​open­code.ai/​con­fig.json, provider”: { llama”: { name”: llama.cpp (local)”, npm”: @ai-sdk/openai-compatible”, options”: { baseURL”: http://​127.0.0.1:8080/​v1, apiKey”: local” }, models”: { qwen3.6 – 27b”: { name”: Qwen3.6 – 27B Q8 +MTP” } } } }, model”: llama/qwen3.6 – 27b” }

If you just want to chat and are a big fan of Terminal, in­stead of llama-server use llama-cli:

llama-cli -hf un­sloth/​Qwen3.6 – 27B-MTP-GGUF:Q8_0 \ -ngl 999 -fa on -c 65536

Measuring per­for­mance

Is it fast enough?

I ran a few tests (source is here) on my Macbook Max M5 128 GB, run­ning it with and with­out multi-to­ken pre­dic­tion, and com­par­ing both with the 35B A3B model, and also a quan­tized DeepSeek V4 Flash ver­sion DwarfStar4.

to­kens / s

RAM

Qwen3.6 – 35B-A3B · 8-bit

MLX

85 tok/​s 85

37 GB RAM 37 GB

llama.cpp

93 tok/​s 93

44 GB RAM 44 GB

llama.cpp + MTP

105 tok/​s 105

45 GB RAM 45 GB

Qwen3.6 – 27B · 8-bit

MLX

17 tok/​s 17

28 GB RAM 28 GB

llama.cpp

18 tok/​s 18

41 GB RAM 41 GB

llama.cpp + MTP

32 tok/​s 32

42 GB RAM 42 GB

DeepSeek-V4-Flash · Q2–Q4

llama.cpp

33 tok/​s 33

103 GB RAM 103 GB

30 to­kens per sec­ond is not bad, well within typ­i­cal fron­tier model API range. While mlx-lm is pre­cisely tar­geted at Apple Silicon de­vices, and AI agents heav­ily rec­om­mend it, llama.cpp turned out to be faster. It was us­ing 95% of GPU, which means it is ef­fi­ciently us­ing avail­able re­sources.

Macbook Max M5 is a beast (at least for a lap­top), but on other de­vices it should also work de­cently. As you can see, both Qwen 3.6 vari­ants run within 48 GB of Apple Silicon’s shared RAM. A 4-bit quan­ti­za­tion are less than 18 GB and should run on 32 GB de­vice. On con­sumer Nvidia RTX cards, you need to quan­tize ag­gres­sively, but in­fer­ence runs even faster.

I set this up to­day on my 5090 at Q6_K quan­ti­za­tion and Q4_0 KV, got 50 to­kens/​s con­sis­tently at 123k con­text, us­ing ~28/32gb vram through LM Studio. - gfosco on the Hacker News

I set this up to­day on my 5090 at Q6_K quan­ti­za­tion and Q4_0 KV, got 50 to­kens/​s con­sis­tently at 123k con­text, us­ing ~28/32gb vram through LM Studio. - gfosco on the Hacker News

While 35B A3B is 3x faster, I pre­fer 27B. I’d rather gen­er­ate a third as much code, but of higher qual­ity.

How do they re­late to pre­vi­ous state of the art mod­els?

Manual in­spec­tion is great, but bench­marks help with ground­ing in­tu­itions. Here is the score from Artificial Analysis, com­par­ing it with fron­tier mod­els:

Gemma 4 31B

29

≈ late 2024

o1 / Claude 3.5 Sonnet

Qwen3.6 – 35B-A3B

32

≈ early 2025

o3 / Claude 4 Sonnet

Qwen3.6 – 27B

37

≈ mid 2025

GPT-5 / Claude Sonnet 4.5

DeepSeek-V4-Flash

40

≈ late 2025

GPT-5.2 / Claude Opus 4.5

A few more bench­marks are in these notes, but the spirit is sim­i­lar. Added here Gemma 4 31B, as a lot of peo­ple use this as the de­fault for lo­cal cod­ing. But both bench­marks and gen­eral sen­ti­ment on­line favour Qwen 3.6 27B by a large mar­gin.

Here there is a caveat - 8-bit quan­ti­za­tion of Qwen 3.6 likely does not af­fect re­sults much, but DwarfStar4 uses much more ag­gres­sive ones for DeepSeek V4 Flash, 2 – 4 bit. For sure it is worse than the full model. My per­sonal im­pres­sion is that within these quan­ti­za­tions Qwen 3.6 27B is as good as (or maybe slightly bet­ter than) DwarfStar4. Though, I won’t be sur­prised if for longer con­text pro­jects DS4 has an edge.

What’s next

I think we are en­ter­ing a fas­ci­nat­ing era, when it be­comes fea­si­ble to run one’s own mod­els.

The change will be pro­pelled fur­ther by the state of pro­pri­etary fron­tier mod­els. Claude Fable 5 was taken down. Other fron­tier mod­els run at a mas­sive sub­sidy, where pay­ing $100 a month gives us thou­sands worth in to­kens. Let’s use the dis­count while it lasts!

A lo­cally set model can be fine-tuned to our needs, and can­not be taken away. Businesses can use them for pro­pri­etary and sen­si­tive data. We can use them per­son­ally for of­fline pro­jects, or when we don’t feel com­fort­able shar­ing our deep­est se­crets, or med­ical data, with the US or China.

With the re­lease of fron­tier-level open-weight GLM 5.2, there is a new era. While Qwen 3.6 was the step­ping stone, even fron­tier GLM 5.2 can be run lo­cally. It won’t run on your Macbook or a sin­gle RTX 5090. But still, it is man­age­able with a com­pany bud­get.

Moreover, I strongly be­lieve that we will have mod­els smarter than cur­rent state of the art, while runnable on lo­cal de­vices, maybe even smart­phones. Current mod­els com­bine both raw in­tel­li­gence and fac­tual knowl­edge in the same weights. Future mod­els will likely sep­a­rate that, of­fload­ing a lot of knowl­edge to tool call­ing.

Discuss on Hacker News, LinkedIn, or X.

Virginia Bans Sale of Geolocation Data

www.hunton.com

On April 13, 2026, Virginia Governor Abigail Spanberger signed into law S.B. 338, which amends the Virginia Consumer Data Protection Act (“VCDPA) to pro­hibit the sale of ge­olo­ca­tion data. Notably, the VCDPA de­fines sale” more nar­rowly than other state com­pre­hen­sive pri­vacy laws, as the ex­change of per­sonal data for mon­e­tary con­sid­er­a­tion by the con­troller to a third party.”

The ban on the sale of ge­olo­ca­tion data goes into ef­fect on July 1, 2026.

Virginia fol­lows Maryland and Oregon in ban­ning the sale of ge­olo­ca­tion data. Both Maryland and Oregon more broadly de­fine sale” to mean the ex­change of per­sonal data for mon­e­tary or other valu­able con­sid­er­a­tion.” Virginia joins sev­eral other states that have re­cently pro­posed leg­is­la­tion with sim­i­lar bans, in­clud­ing California, Massachusetts, Vermont and Washington State. The leg­isla­tive ac­tiv­ity fol­lows reg­u­la­tory scrutiny on the sale of ge­olo­ca­tion data, in­clud­ing the California Attorney General’s in­ves­ti­ga­tion into the lo­ca­tion data in­dus­try in March 2025, and a 2024 FTC set­tle­ment ban­ning a data bro­ker from sell­ing ge­olo­ca­tion data.

For the First Time, a Cell Built From Scratch Grows and Divides | Quanta Magazine

www.quantamagazine.org

Scientists built a syn­thetic cell that com­bines more life­like prop­er­ties than ever be­fore — proof of con­cept that it’s pos­si­ble to bring non­liv­ing ma­te­ri­als to life, or some­thing close to it, in the lab.

Introduction

For the very first time, bi­ol­o­gists packed non­liv­ing com­po­nents into a cell-like mem­brane, piece by piece, and wit­nessed the bag of mol­e­cules start to be­have like life. The lab-made syn­thetic cell grew, repli­cated its DNA, and di­vided, demon­strat­ing the ba­sic func­tions of a cell cy­cle.

It’s an im­pres­sive step,” said Jack Szostak, who stud­ies the ori­gins of life at the University of Chicago and was not in­volved in the re­search. I don’t know of any other ef­fort to put to­gether an ar­ti­fi­cial cell from bi­o­log­i­cal com­po­nents that has pro­gressed so far.”

The cell is not alive by any de­f­i­n­i­tion. It can’t sur­vive with­out con­stant de­liv­er­ies of food and ri­bo­somes, the ma­chin­ery needed to make pro­teins. It has no de­fenses or a good waste re­moval sys­tem. But it’s the strongest demon­stra­tion yet that it is pos­si­ble to gen­er­ate life from non­life, a goal that syn­thetic bi­ol­o­gists have been chas­ing for decades.

It’s a big step for­ward to this holy grail of mak­ing a liv­ing thing out of dead com­po­nents,” said Sijbren Otto, a sys­tems chemist at the Stratingh Institute for Chemistry in the Netherlands who was not in­volved in the work. It’s not com­pletely there yet, but it’s def­i­nitely get­ting quite close.”

Since these cells were pieced to­gether from scratch, and all the mol­e­c­u­lar parts were crafted in the lab, sci­en­tists can tin­ker with the sys­tem and switch com­po­nents in and out. I have a blue­print, I have a full chem­i­cal in­gre­di­ent list of every com­po­nent,” said Kate Adamala, a syn­thetic bi­ol­o­gist at the University of Minnesota who led the new study, which is not yet peer-re­viewed; the pa­per was posted on the sci­en­tific preprint site biorxiv.org on July 2. With such flex­i­bil­ity, this kind of syn­thetic cell could even­tu­ally be coaxed to cre­ate new ma­te­ri­als, such as bio­fu­els and drugs, and help re­searchers study dis­ease.

The syn­thetic bi­ol­o­gist Kate Adamala coaxed a cel­lu­lar soup of non­liv­ing bio­mol­e­cules en­closed in a mem­brane to act some­what like a liv­ing thing, even grow­ing and di­vid­ing into daugh­ter cells.

Courtesy of Kate Adamala

It could also give sci­en­tists in­sight into some of their deep­est ex­is­ten­tial ques­tions: What is the min­i­mum needed to sus­tain life? How could life start? What hap­pens if we al­ter the bi­ol­ogy that com­poses life on Earth to­day?

Or, as Adamala put it: What else can bi­ol­ogy do?”

Building Life

Some 4 bil­lion years ago, a bunch of non­liv­ing mol­e­cules got to­gether to form the first pro­to­cells. They fed, grew, and di­vided. Then, over time, evo­lu­tion­ary processes emerged that let these cells change and di­ver­sify into many dif­fer­ent types, dec­o­rat­ing a bar­ren world with all man­ner of strange be­ings. A purely chem­i­cal world blos­somed into a bi­o­log­i­cal one. Scientists can­not agree on how this shift from non­life to life, or abio­gen­e­sis, hap­pened, but some have turned their sights on try­ing it out for them­selves in the lab.

For decades, re­searchers have taken dif­fer­ent ap­proaches to this chal­lenge. Some, like the syn­thetic bi­ol­o­gist John Glass at the J. Craig Venter Institute, are strip­ping down bac­te­r­ial cells to their small­est, barest genomes to re­veal a cel­l’s min­i­mum re­quire­ments to stay alive. Others, like Otto, try to build cells with mol­e­cules that dif­fer from those found in Earth bi­ol­ogy.

Adamala also works from the ground up, but with bi­o­log­i­cal mol­e­cules found in na­ture to­day. When she started her lab in 2016, she en­vi­sioned as­sem­bling a syn­thetic cell, a proof of con­cept, that could un­dergo a com­plete cy­cle of cell di­vi­sion us­ing its own genome.

She found an in­struc­tion man­ual in what all known cells have in com­mon: They grow, they du­pli­cate their DNA, they di­vide, and they evolve. They tran­scribe their DNA into RNA and then make pro­teins to carry out these tasks and oth­ers that keep a cell run­ning, such as me­tab­o­liz­ing mol­e­cules for en­ergy. All of this is done in­side a lipid mem­brane, which holds all the nec­es­sary ma­te­ri­als in one place. Adamala’s team needed to build their syn­thetic cell a genome and sup­ply it with all the ma­te­ri­als to carry out those tasks.

They de­vel­oped and op­ti­mized dif­fer­ent in­gre­di­ents, most in­spired by other labs, be­fore com­bin­ing them to­gether in­side li­po­somes — hol­low sacs en­closed by a sim­ple lipid mem­brane. This would serve as the cel­lu­lar body.

They started with a cel­l’s most fun­da­men­tal sys­tem: its mech­a­nism for copy­ing its DNA and pass­ing it down to daugh­ter cells. They adopted a DNA repli­ca­tion sys­tem, pi­o­neered by the syn­thetic bi­ol­o­gists Hannes Mutschler and Christophe Danelon, and tweaked it to work along­side other sys­tems, in­clud­ing a com­mer­cial pack of 36 en­zymes that let the cell read DNA and make pro­teins. Adamala’s team fid­dled with their cel­lu­lar brew, switch­ing genes in and out and ad­just­ing con­cen­tra­tions of var­i­ous mol­e­cules, to get the cru­cial in­for­ma­tion-car­ry­ing and pro­tein-mak­ing ge­netic sys­tems to jibe.

Their tiny syn­thetic genome did not en­code any meta­bolic genes, which would let the cell process food and en­ergy, or many of the com­plex mol­e­cules a cell needs. So, in par­al­lel, the re­searchers prepped some sup­ply packs.

They filled other li­po­somes with sugar, lipids, and en­zymes, as well as com­plex mol­e­cules, such as trans­fer RNA (tRNA) and ri­bo­somes, which work to­gether to trans­late ge­netic in­struc­tions into pro­teins. For their pro­to­cell to ac­cept these cru­cial sup­plies, the team also mod­i­fied a pro­tein that would sit in the cell mem­brane and at­tract the lipid bub­bles. When a bub­ble bumped into the cell, their mem­branes would fuse, re­leas­ing the sup­plies in­side.

It was­n’t easy to get all these ge­netic sys­tems to work to­gether suc­cess­fully. After some more tweak­ing and op­ti­miz­ing, the cell started grow­ing and repli­cat­ing its DNA.

I was al­most ready to say Done’ and We’re go­ing to pub­lish it,’” Adamala re­called. But her vi­sion for a syn­thetic cell had one more step: di­vi­sion.

This was where the field had been stuck for some time. Researchers be­fore Adamala had fig­ured out dif­fer­ent ways to feed and grow syn­thetic cells and to repli­cate their DNA. But cell di­vi­sion is a dif­fer­ent beast. A typ­i­cal cell re­or­ga­nizes its cy­toskele­ton — a net­work of pro­tein fibers that pro­vide struc­tural sup­port — to halve its DNA and split. Synthetic bi­ol­o­gists could not fig­ure out how to get their cells to un­dergo this com­plex process.

So Adamala de­cided to ditch the cy­toskele­ton. One day, while tear­ing through the lit­er­a­ture, she came across an in­ter­est­ing mech­a­nism in a pa­per. By at­tach­ing pro­tein tags to a cell mem­brane, the syn­thetic bi­ol­o­gist Reinhard Lipowsky at the Max Planck Institute of Colloids and Interfaces at­tracted other pro­teins to crowd around and phys­i­cally bend the mem­brane, forc­ing the cell to di­vide. Following this ap­proach, Adamala tweaked a cell-mem­brane pro­tein and tested it in her pro­to­cells. After sev­eral tries, it worked.

I was­n’t al­low­ing my­self to be­lieve it for a while,” she said. It was like, Holy shit, did I ac­tu­ally make a di­vid­ing cell?’ … At some point, you’ve been check­ing enough that [you think], OK, now it’s real.’”

This pa­per beautifully demon­strates this di­vi­sion mech­a­nism,” said Job Boekhoven, a sys­tems chemist at the Technical University of Munich who was not in­volved in the study. That has been a huge achieve­ment.”

By putting to­gether sys­tems in­spired by dif­fer­ent labs — DNA repli­ca­tion; feeder li­po­somes; and swarm­ing, di­vi­sion-in­duc­ing pro­teins — and then op­ti­miz­ing them to work to­gether, Adamala’s team showed that it is pos­si­ble to in­duce the chem­i­cal world to form a bi­o­log­i­cal one in the lab.

Combining all of these things is a stag­ger­ing tech­ni­cal ac­com­plish­ment,” Glass said. I think it will prove to be a wa­ter­shed event for the syn­thetic-cell field and bi­ol­ogy in gen­eral.”

Michael Lynch, an evo­lu­tion­ary bi­ol­o­gist at Arizona State University who was also not in­volved in the study, agreed. It is a syn­thetic bi­ol­ogy tour de force,” he said. However, he also cau­tioned against over-hyp­ing the cell since it’s not yet self-sus­tain­ing.

Once the syn­thetic cells were cre­ated, her stu­dents and oth­ers started call­ing them Adamala cells — a moniker she hated. She in­sisted that they name the cells af­ter any­thing else, jok­ingly sug­gest­ing pota­toes. So her stu­dents started call­ing them spud­cells. I’m Polish, I’m mostly made of pota­toes, so that’s fine with me,” Adamala said.

Each cell is tiny. Its genome is way smaller than bac­te­r­ial genomes, and it does­n’t look like any­thing spe­cial. It’s beautiful to me be­cause I’m su­per ex­cited about it,” Adamala said. But if you look at it un­der the mi­cro­scope, it’s like, OK, it’s a blob.’”

Evolution and Beyond

The cell could grow and di­vide. But could it take the next step to­ward life by evolv­ing?

The re­searchers started fid­dling with the syn­thetic cel­l’s DNA to see if they could get some cells to grow larger or di­vide faster — in ef­fect, cre­at­ing ge­netic vari­a­tion in the cell pop­u­la­tion. They found that the cells that grew big­ger also had more daugh­ter cells and started to be­come more pop­u­lous. In other words, those traits started be­ing se­lected for within the pop­u­la­tion, the first step to­ward evo­lu­tion.

What Adamala’s team demon­strated was not quite nat­ural se­lec­tion, the pri­mary mech­a­nism that dri­ves evo­lu­tion­ary change, in which or­gan­isms that are bet­ter adapted to their en­vi­ron­ment are more likely to sur­vive. Even if she got their cell to pro­duce more daugh­ter cells, she does­n’t think it would lead to evo­lu­tion. That’s be­cause Adamala’s team had to cre­ate ge­netic vari­a­tion syn­thet­i­cally, in­stead of al­low­ing for ran­dom mu­ta­tions in DNA. The en­zyme that builds new DNA strands works too well, she said; it does­n’t in­tro­duce mean­ing­ful mu­ta­tions into the se­quence. They will need to find an en­zyme that is more er­ror-prone — but not so er­ror-prone that the genome’s in­tegrity and the cel­l’s func­tion is lost.

Biology needs to change fast enough, but not too fast,” Adamala said. She said that she needs to find the sweet spot be­tween or­der and chaos, ref­er­enc­ing the bio­chemist and com­plex­ity the­o­rist Stuart Kauffman, a pro­fes­sor emer­i­tus at the University of Pennsylvania, who ar­gues that bi­ol­ogy works best at the edge of chaos.”

A clear demon­stra­tion of an evo­lu­tion­ary process is clearly some­thing that’s miss­ing,” Boekhoven said. I’m sure that that’s the next big step.” Other re­searchers have shown adap­tive evo­lu­tion in other types of syn­thetic cells. But those cells were bac­te­ria stripped of all but the bare min­i­mum of genes — they weren’t built from the ground up.

The cells are also lim­ited by the fact that they need to be fed many of their raw ma­te­ri­als. That the cells can’t make their own ri­bo­somes, the way nat­ural cells do, limits [their] po­ten­tial for growth and sus­tained re­pro­duc­tion,” said Szostak, who was Adamala’s doc­toral ad­viser. If their sys­tem was able to gen­er­ate its own ri­bo­somes and other pro­teins and RNAs, it would be much closer to ex­ist­ing bi­o­log­i­cal cells such as bac­te­ria.”

Adamala also thinks they will need to fig­ure out a way to add a cy­toskele­ton to im­prove their repli­ca­tion sys­tem. Currently, the cells waste a lot of en­ergy and time at­tract­ing mol­e­cules to crowd around and help them di­vide.

All told, sci­en­tists are far from build­ing any­thing re­motely close to a mod­ern liv­ing cell — but this new one is still the most life­like yet. The mod­ern cell is like a Dreamliner,” Adamala said, re­fer­ring to the Boeing 787 air­plane. We built a Wright flyer… the first bike frame with wings that flies 100 feet.”

Alongside shar­ing the new re­sults, Adamala and other syn­thetic bi­ol­o­gists an­nounced the for­ma­tion of a non­profit called Biotic, which they will use to make their syn­thetic bi­ol­ogy tools avail­able to re­searchers around the world. The team is re­leas­ing their data and meth­ods so that syn­thetic bi­ol­o­gists can start build­ing and im­prov­ing on their cell. The hope is that the work can be used, decades from now, to cre­ate plas­tics with­out fos­sil fu­els, for ex­am­ple, or fer­til­iz­ers or drugs.

These syn­thetic cells could also pave the way to the past, to the ori­gins of bi­ol­ogy it­self. Life on Earth would have started from much sim­pler mol­e­cules than the ones that spud­cells use. Still, Adamala’s cre­ation of a syn­thetic cell sys­tem from non-liv­ing ma­te­ri­als brings re­searchers a step closer to ex­plor­ing, in the lab, deeper ques­tions about life’s ori­gins and re­quire­ments, a dream she shares with oth­ers.

If you want to un­der­stand what life is,” Boekhoven said, you need to first build life.”

Update: July 2, 2026 The pa­per link was up­dated af­ter the preprint was ac­cepted by and posted on biorxiv.org.

The bottleneck might be the air in the room

blog.mikebowler.ca

You gather your most ex­pen­sive peo­ple into a room to make your most im­por­tant de­ci­sions. Then, some­where in the sec­ond hour, the room qui­etly gets worse at mak­ing them. Not the peo­ple. The room.

I now travel with a portable CO2 mon­i­tor. Outdoors it reads around 400 parts per mil­lion. In a closed meet­ing room with a hand­ful of peo­ple in it, I have watched it climb past 2,000. The photo here is a real read­ing: 2,143.

That num­ber mat­ters more than it looks. Researchers at Lawrence Berkeley National Laboratory put peo­ple in a cham­ber and var­ied only the CO2. At 1,000 ppm, per­for­mance dropped sig­nif­i­cantly on six of nine de­ci­sion-mak­ing mea­sures com­pared with a clean-air base­line of 600. At 2,500 ppm, seven of the nine fell sub­stan­tially, some into a range they called dys­func­tional. A sep­a­rate study out of Harvard found cog­ni­tive scores de­clin­ing as CO2 rose, with the steep­est losses in ex­actly the do­mains you called the meet­ing for: strat­egy, plan­ning, and us­ing in­for­ma­tion un­der pres­sure.

Here is the un­com­fort­able part. 1,000 ppm is not an ex­treme num­ber. A closed room with a few peo­ple breath­ing in it reaches that in­side the first hour. Your all-day plan­ning ses­sion, your ar­chi­tec­ture re­view, your quar­terly strat­egy off­site in the win­dow­less board­room: those are pre­cisely the con­di­tions that push CO2 into the range where de­ci­sion qual­ity mea­sur­ably falls. You are run­ning your high­est-stakes think­ing in the en­vi­ron­ment least suited to it.

And it is in­vis­i­ble from in­side. Nobody in the room feels im­paired. They feel a lit­tle tired, a lit­tle foggy, a lit­tle checked out, and they put it down to the length of the meet­ing, a bad night’s sleep, or the per­son who won’t stop talk­ing. The one vari­able al­most no­body checks is the air.

This is not only a board­room prob­lem. With so much work now re­mote, your peo­ple spend their days in small home of­fices with the door shut. Same physics, same climb, same af­ter­noon fog. The dip your team hits mid-af­ter­noon may owe less to mo­ti­va­tion than to a room that has­n’t ex­changed its air since morn­ing.

A few years ago, one client tried to use this as an ar­gu­ment for bring­ing every­one back to the of­fice. They touted how much bet­ter the build­ing’s air was than any­thing peo­ple had at home. So I brought the mon­i­tor and it was eye-open­ing. Some parts of the build­ing were gen­uinely as good as out­door air; plenty were not. The meet­ing rooms were still a prob­lem, and the more peo­ple in an area, the worse it got.

I’ve spent decades un­der­stand­ing why ca­pa­ble teams un­der­per­form, and I have learned to be sus­pi­cious of any ex­pla­na­tion that starts by blam­ing the peo­ple. Before you con­clude that the team is dis­en­gaged, that they can’t think strate­gi­cally, or that the meet­ing cul­ture is bro­ken, it is worth rul­ing out the cheap­est vari­able in the build­ing. A CO2 mon­i­tor costs less than an hour of your time. Opening a win­dow or a door costs noth­ing.

You al­ready in­stru­ment your build pipeline, your cy­cle time, your de­fect rates. You mea­sure the sys­tems your peo­ple work in­side be­cause you know the en­vi­ron­ment shapes the out­put. The air in the room is part of that en­vi­ron­ment, and right now it is the one in­put you are not mea­sur­ing.

I learned this the mem­o­rable way once, by seal­ing my own team into a room full of CO2 as a Halloween stunt. The every­day ver­sion is far less dra­matic and far more com­mon.

Open a win­dow. Then watch what hap­pens to the sec­ond half of the meet­ing.

Physical disc production ending in January 2028 for new games releasing on PlayStation consoles

blog.playstation.com

As con­sumer pref­er­ences and the broader en­ter­tain­ment in­dus­try con­tinue to shift away from phys­i­cal discs to dig­i­tal, phys­i­cal game disc pro­duc­tion for all new games re­leas­ing on PlayStation con­soles will be dis­con­tin­ued start­ing January 2028.  Following this date, new games will be avail­able on PlayStation Store and at re­tail­ers in dig­i­tal for­mats only. This tran­si­tion has no im­pact on games that al­ready re­leased, or will be re­leas­ing, prior to January 2028 in disc for­mat.

This is a nat­ural di­rec­tion for Sony Interactive Entertainment to adapt to con­sumer trends as the gen­eral pref­er­ence for dig­i­tal me­dia sig­nif­i­cantly out­paces phys­i­cal discs. This tran­si­tion will en­able us to align more closely with how most of our com­mu­nity prefers to ac­cess and play games to­day.

We’ll continue to pri­or­i­tize our re­sources to drive in­no­va­tion in how play­ers can ac­cess games and pro­vide choices as to where play­ers pre­fer to pur­chase new games, whether that’s at re­tail­ers or PlayStation Store. We remain committed to de­liv­er­ing a world-class gam­ing ex­pe­ri­ence to our fans and we thank you for your con­tin­ued sup­port.

For im­por­tant up­dates on PlayStation Store for PS3 and PS Vita an­nounced to­day, please click here.

To add this web app to your iOS home screen tap the share button and select "Add to the Home Screen".

10HN is also available as an iOS App

If you visit 10HN only rarely, check out the the best articles from the past week.

Visit pancik.com for more.