Saturday, 11 July 2026

Apple sues OpenAI over alleged theft of hardware trade secrets by ex-employees; a Cambridge-linked report finds Boko Haram has moved from ad hoc chatbot use to systematized adoption of frontier AI for weapons and combat planning; GitHub's Copilot code review team finds that swapping in better tools first made reviews worse, until they rewrote the instructions around a reviewer's actual workflow

Today's Lead

Engineering

9to5Mac

Apple Sues OpenAI Over Trade Secret Theft

Apple filed suit against OpenAI, alleging that two former employees — Tang Tan, a former VP of product design, and Chang Liu, a former senior electrical engineer — carried confidential hardware designs, CAD files, and internal engineering documents with them when they left for OpenAI's hardware division. The complaint goes further than a garden-variety trade-secret claim: it alleges OpenAI instructed job candidates to bring physical Apple prototypes to interviews, and notes that more than 400 former Apple employees now work at OpenAI as the company races to ship its own consumer hardware. The case lands at a moment when the AI labs' hardware ambitions depend heavily on exactly the kind of industrial-design and manufacturing know-how Apple has spent two decades building — a reminder that talent migration in this cycle isn't just about model weights and research taste, it's about who's carrying tacit, undocumented product knowledge out the door with them.

Read →

Engineering

GitHub Blog

Better Tools Made Copilot Code Review Worse. Here's How We Actually Improved It

When GitHub swapped Copilot code review's bespoke code-exploration tools for the shared grep/glob/view tools that power the Copilot CLI, the migration looked like a clean win on paper — less duplicated infrastructure, one shared place to improve tool quality across products. Instead, benchmarks got worse: average review cost went up and the number of useful comments caught went down. The root cause wasn't the tools, it was the instructions riding along with them — the shared tools were tuned for an interactive coding assistant that benefits from broadly mapping a repository before making a change, and the review agent inherited that same 'browse broadly, guess paths, read broadly' instinct even though a reviewer's job is the opposite: start from the diff, ask a narrow question, and find the smallest nearby evidence that answers it. Rewriting the tool instructions around that reviewer-shaped workflow cut average review cost by roughly 20% with no quality regression — a clean illustration that a tool surface isn't a value-neutral capability bolted onto an agent, it's part of the product experience, and identical tools produce very different behavior depending on what workflow the surrounding instructions imply.

Read →

Cloudflare Blog

Improving Smart Tiered Cache for Public Cloud Regions

Cloudflare's Smart Tiered Cache picks a single best upstream data center to route cache misses through, based on real-time latency — a design that assumes an origin has one fixed location to be 'closest' to. That assumption breaks for the growing share of origins hosted behind cloud-provider anycast or regional-unicast front ends (AWS, GCP, Azure, Oracle), where the same origin IP can look equally close to a dozen Cloudflare data centers simultaneously and latency probing degenerates into noise. Left alone, the system falls back safely to multiple upper tiers but loses the cache-efficiency benefit a single tier provides, and can produce genuinely bad routing — like hairpinning a Singapore-origin request through a Chicago upper tier because that's where an ambiguous anycast probe happened to land. The fix lets customers supply an explicit cloud-region hint so Cloudflare can map the origin to its real region and pick tiers from real probe data instead of an ambiguous signal — a good example of a caching system's core assumption quietly becoming false as origin topology shifted, needing a targeted patch rather than a redesign to keep working.

Read →

LWN

An Update on Residential Proxies and the Scraper Situation

LWN's update on the ongoing arms race between websites and AI-training-data scrapers describes an escalation outpacing most sites' defenses: rather than scraping from a handful of easily-blocked data-center IPs, coordinated operations now route requests through residential proxy networks — millions of real consumer IP addresses, sourced from compromised devices or from apps that pay users to monetize idle bandwidth — making individual requests indistinguishable from ordinary traffic. The countermeasures available to sites (proof-of-work challenges, CAPTCHAs, deliberately poisoned data to degrade scraped training sets) all share the same weakness: they impose a real cost on legitimate users, while a scraping operation with millions of proxy endpoints can absorb that cost trivially and keep going. It's a case study in a familiar security pattern — the defender has to hold every door, the attacker only needs one that's cheap enough — made sharper by the fact that the resource being scraped is inherently supposed to be readable, so the entire defensive posture ends up fighting the openness the web was built on rather than a discrete vulnerability.

Read →

avi.press

After 7 Years in Production, Scarf Has Reluctantly Moved Away From Haskell

Scarf's decision to retire seven years of production Haskell wasn't driven by the usual complaints about the language — it was driven by the economics of AI-assisted development colliding with Haskell's slow, resource-heavy compile cycle. When an LLM can draft and iterate on a change in minutes, a build pipeline that takes far longer turns the compiler into the bottleneck in a way it never was when humans were writing and reviewing code at human speed; the mismatch got worse because provisioning cheap, disposable sandboxes for AI agents to experiment in is much easier in ecosystems with lighter infrastructure footprints than Haskell's. The team also describes a cultural gap: the Haskell community's characteristically cautious, type-safety-first stance toward AI-generated code sat awkwardly against a company that needed its tooling optimized for fast, disposable, AI-driven iteration rather than compile-time-guaranteed correctness. It's a pointed data point for a debate that's mostly been theoretical so far — that the rise of AI coding agents doesn't just change how code gets written, it can quietly reprice the tradeoffs that made a given language or toolchain the right choice in the first place.

Read →
Humanities

War Atlas

War Atlas: An Interactive Cartography of Every Named War in Human History

War Atlas is an attempt to map essentially all of recorded organized conflict — roughly 5,000 years, from 3000 BCE to the present — onto a single interactive, zoomable timeline-and-map interface rather than a static reference work. What distinguishes it from a simple historical database is its handling of uncertainty: empire borders are marked as reconstructed or approximate rather than presented as settled fact, with dashed lines specifically flagging territories whose extent is dated but whose precise boundaries remain genuinely contested among historians. That choice to visualize disagreement rather than paper over it is the interesting design decision here — most popular historical cartography defaults to false precision because a map without a hard edge looks unfinished, and War Atlas instead treats the boundary of scholarly consensus as data worth showing, a rare instance of a digital humanities tool making its own epistemic limits part of the interface rather than hiding them.

Read →

JSTOR Daily

The Meaning Behind Philippine Crucifixions

JSTOR Daily surveys anthropological research on the Philippines' Good Friday crucifixion reenactments, built around the concept of panata — a solemn, binding vow to God, fulfilled through self-mortification, in exchange for healing, protection, or gratitude for something already granted. The anthropologist Julius Bautista, who studied the Cutud reenactments, was once offered the chance to be nailed to a cross himself 'in the name of empirical authenticity' and declined, on the grounds that undergoing the ritual without the religious motivation that gives it meaning wouldn't actually get him closer to understanding it — a small, sharp illustration of a methodological problem that runs through all participant-observation fieldwork, not just this one. The practice varies meaningfully by region — actual nailing in Cutud, masked centurion reenactors on Marinduque, mystic-trance practitioners in Bulacan — but the throughline researchers draw out is that Filipino Catholics aren't performing exoticism for outside observers, they're taking the 'founding myth' of Christianity literally enough to embody it, which reframes what looks like spectacle from the outside as, from the inside, an unusually direct and consistent theology.

Read →