Migrating to Hetzner cuts cloud costs 84%, critical command injection flaws found in Claude Code's CLI, and NIST engineers put 10,000 photonic circuits on a fingernail-sized chip

Beyond Machines

Anthropic Claude Code Leak Reveals Critical Command Injection Vulnerabilities

Three critical command injection vulnerabilities (CVE-2026-35022, CVSS 9.8) were disclosed in Anthropic's Claude Code CLI tool, affecting version 0.2.87 and later. The flaws exploit environment variable handling, file path processing, and authentication helpers to allow arbitrary command execution without user interaction — an attacker can steal API credentials and compromise supply chains through a poisoned pull request. The vulnerabilities require no special privileges and are exploitable against CI/CD pipelines that run Claude Code against untrusted code. Users should update the CLI immediately, disable authentication helpers in configuration, and avoid running Claude Code against unreviewed external contributions until a patched version is confirmed.

righto.com

The Electromechanical Angle Computer Inside the B-52 Bomber's Star Tracker

Ken Shirriff's detailed reverse-engineering of the B-52 Astro Compass reveals an ingenious electromechanical computer that automated celestial navigation calculations in the early 1960s. Rather than using software or early digital hardware, engineers built a physical half-sphere mechanism roughly 2.6 inches in radius that physically modelled the celestial sphere, with motors and synchros automatically converting star elevation, azimuth, and aircraft attitude into navigation output. The design sits at the boundary between analog and digital computing — using mechanical geometry to solve trigonometry that would have required a large digital system at the time. The post includes detailed photographs of the disassembled unit and circuit diagrams, illuminating the ingenuity required when weight and power constraints ruled out the alternatives.

Works in Progress

Why Japan Has Such Good Railways

Japan's world-class rail network is the product of institutional design rather than culture or geography. Private railway companies are vertically integrated with real estate development, allowing them to capture the land value uplift their infrastructure creates — an alignment of incentives that funds continuous reinvestment. Strict parking supply limits around stations and balanced fare regulation create genuine competition between rail and car travel instead of one subsidising the other. The article draws a direct parallel to 19th-century American railways, which operated under similar incentive structures before policy fragmentation dismantled them. The core argument: what looks like a cultural achievement is actually a set of replicable policy choices, and other countries could build equivalent systems with the right regulatory framework.

NIST

Any Color You Like: NIST Scientists Create 'Any Wavelength' Lasers in Tiny Circuits

NIST researchers have fabricated integrated photonics chips that can generate laser light at any visible wavelength by stacking lithium niobate and tantalum pentoxide onto standard silicon wafers using monolithic 3D integration. The fingernail-sized chips pack approximately 10,000 photonic circuits and use the nonlinear optical properties of the materials to shift invisible infrared laser light into any colour of the visible spectrum on demand. The breakthrough removes a longstanding barrier to miniaturising quantum computers, optical atomic clocks, and lidar systems, which have historically required large and expensive discrete laser equipment tuned to fixed wavelengths. The technique is compatible with existing semiconductor fabrication processes, raising the prospect of mass-produced, application-specific photonic chips.

NearlyFreeSpeech Blog

How (and Why) NearlyFreeSpeech.NET Rewrote Its Production C++ Frontend Infrastructure in Rust

NearlyFreeSpeech.NET replaced the C++ implementation of nfsncore — the service responsible for routing, caching, access control, and TLS termination for all platform traffic — with a Rust rewrite. The team's frustration with C++ centred on verbosity and boilerplate: the language's low-level design made incremental improvements feel disproportionately costly, suppressing the kind of ongoing refinement that keeps production systems healthy. Rust delivered comparable performance alongside memory safety guarantees, a mature package ecosystem via Cargo, and error-handling patterns that made failure paths explicit without ceremony. The team reduced risk through nine testing phases including fuzz testing, shadow-mode proxy testing, and progressive traffic rollout, achieving zero production disruption across the transition.

Kdenlive Blog

State of Kdenlive 2026: Three Releases, 11 Million Downloads, and the Road to 26.04

The Kdenlive team shipped three major releases during 2025: version 25.04 delivered automatic masking and 300% faster audio waveform rendering; 25.08 was a stability-focused release with over 300 commits; and 25.12 overhauled the user experience with a new welcome screen and flexible panel docking. The project recorded 11.5 million downloads from its official site and maintained 38 active contributors through the year. The upcoming 26.04 release adds monitor mirroring for dual-display editing workflows and animated transition previews. Longer-term priorities on the roadmap include advanced colour science support, a subtitle subsystem rewrite, and a dopesheet for keyframe animation management — work the team says is necessary to compete with commercial alternatives.

Sentinel Colorado

A College Instructor Turns to Typewriters to Curb AI-Written Work and Teach Life Lessons

Cornell University German instructor Grit Matthias Phelps now requires students to complete certain assignments on manual typewriters as a response to AI-generated submissions. The physical constraint forces sustained, undistracted engagement with the writing task: without autocomplete, backspace, or an internet connection, students must think before they type and ask peers for help rather than querying a model. Students report that the friction produces more deliberate thinking and an appreciation for pre-digital writing practices. The approach reflects a broader pedagogical shift toward analog assessments — timed handwritten essays, oral examinations, in-person problem sets — as institutions search for evaluation methods that resist AI augmentation while preserving the cognitive work learning is meant to develop.

Simon Willison

What Changed in Claude's System Prompt Between Opus 4.6 and 4.7

Simon Willison analysed the publicly released diff between the Claude Opus 4.6 and Opus 4.7 system prompts using a git-history approach that treats each published prompt as a versioned commit. Notable changes include a new `<acting_vs_clarifying>` section instructing Claude to attempt tasks rather than asking upfront questions, and a `tool_search` mechanism that Claude must call before declaring it lacks a capability — addressing a common failure mode where the model would refuse tasks it could actually perform. The child safety section was significantly expanded and wrapped in a `<critical_child_safety_instructions>` tag, with new guidance that refusals on child safety grounds carry forward through the entire conversation. Anthropic also removed the 4.6-era clarification that Donald Trump is the current US president, a workaround that was needed because the older model's knowledge cutoff predated his inauguration — the 4.7 model's January 2026 cutoff makes the override unnecessary.

farlow.dev

Running a Minecraft Server and NES Emulator on a 1960s UNIVAC Computer

Nathan Farlow ran a Minecraft server, an NES emulator, and several other applications on a 1960s UNIVAC 1219B military computer with 90 KB of RAM and a 250 kHz clock. The primary obstacle was the machine's unusual architecture: an 18-bit word size, ones' complement arithmetic, and no standard calling convention required a custom toolchain that compiles C to RISC-V and then interprets RISC-V instructions through roughly 1,000 lines of hand-written UNIVAC assembly. Optimisations including instruction pre-processing and jump tables pushed effective throughput to around 6 kHz and accelerated NES emulation by approximately 30x, making real-time demos feasible. The project is a reminder of how much abstraction modern software stacks assume and how much engineering effort is hidden in the translation layers between them.