Sunday, 12 July 2026
xAI's Grok Build CLI silently uploads entire private repos to Google Cloud regardless of user privacy settings; Bruce Schneier argues AI mass surveillance is chilling the social experimentation that historically drives progress; a Smithsonian retrospective shows engineers and executives knew leaded gasoline was poison the day they patented it
Today's Lead
EngineeringGitHub Gist (cereblab)
What xAI's Grok Build CLI Actually Sends to xAI
A reverse-engineering teardown of xAI's Grok Build CLI found that the tool uploads entire repository snapshots to Google Cloud Storage buckets regardless of a user's privacy settings, and transmits unredacted secrets and environment files along with them. The headline number is stark: a 12 GB repository generated roughly 5.1 GB of upload traffic while the model itself only consumed 192 KB of that data to answer the actual query — a 27,800x ratio between what got shipped off the developer's machine and what the assistant needed to do its job. That gap matters because it means the privacy toggle a user sets isn't actually gating what leaves the laptop; the bulk upload happens as an implementation detail of how the tool stages context, independent of user intent. For a category of tool being pitched at enterprises specifically on the promise that it can be pointed at proprietary codebases, a bulk-exfiltration default that ignores the privacy setting is the kind of finding that turns an efficiency pitch into a supply-chain liability, and it's a pattern worth checking for in any coding agent before trusting it with credentials or a monorepo.
ClickHouse Blog
We Scaled PgBouncer to 4x Throughput
PgBouncer is famously single-threaded, which meant ClickHouse's managed Postgres offering was leaving most of a machine's CPU idle no matter how many cores it provisioned — the connection pooler itself became the bottleneck long before Postgres did. Their fix was to run a fleet of PgBouncer processes on the same host and use the kernel's SO_REUSEPORT socket option to let the OS load-balance incoming connections across them, rather than trying to make PgBouncer itself multi-threaded. The result was a 4x throughput improvement (336k vs. 87k transactions/sec) and CPU utilization climbing from a single core to eight on a 16-vCPU box — a good reminder that a well-known architectural limitation in a piece of critical infrastructure doesn't always need to be fixed at the source; sometimes the kernel already has the primitive you need to route around it.
Read →iroh.computer
Mesh LLM: Distributed AI Computing on Iroh
Mesh LLM is a distributed inference layer built on the iroh peer-to-peer networking library that lets an organization pool its own scattered GPU capacity — desktops, workstations, spare rack space — into shared inference infrastructure instead of routing every request through a third-party API. Requests are served locally when possible, routed to a peer machine when it isn't, and large models can be split across multiple machines as a pipeline, all exposed to applications through a standard OpenAI-compatible localhost endpoint so nothing downstream needs to know the compute is distributed. The interesting engineering piece is the transport: authenticated, NAT-traversing peer-to-peer QUIC connections mean the mesh can span machines behind different home and office networks without a central relay becoming a bottleneck or a trust boundary, turning otherwise-idle hardware into collaborative infrastructure and sidestepping both the cost and the vendor lock-in of API-based inference.
Read →Evan Hahn
Prefer STRICT Tables in SQLite (2026)
SQLite's famously loose type system — where a column declared INTEGER will happily store a string — has always been a deliberate design choice, but Evan Hahn makes the case that STRICT tables (available since SQLite 3.37.0) should be the default anyway: they reject type mismatches at insert time instead of silently storing malformed data that only breaks something downstream, converting a class of latent data-integrity bugs into loud, immediate failures. The catch is that you can't ALTER an existing table into strict mode — the data has to be copied into a freshly created strict table — which is exactly the kind of paper cut that keeps people on the flexible default even when they know better. The post got enough traction that Simon Willison shipped strict-mode support into his sqlite-utils tool the same day, adding a `transform` option to convert tables between strict and non-strict modes, which is a nice small example of an argument about defaults turning into a shipped feature within hours rather than sitting as a blog-post opinion.
Read →Sean Goedecke
In Defense of Not Understanding Your Codebase
Sean Goedecke pushes back on Peter Naur's influential claim that good programming requires holding a complete, accurate mental model of a system — arguing that at any real scale, every engineer on a team is operating on a partial, slightly-wrong model of the codebase, and that this isn't a failure state to be corrected but an inescapable tradeoff organizations make deliberately in exchange for speed, team mobility, and the ability to onboard people who weren't there for the system's early decisions. The useful reframe is treating 'partial understanding, held with appropriate confidence' as a legitimate professional skill in its own right, distinct from and sometimes in tension with the instinct to fully trace a system before touching it — which matters more, not less, as AI coding agents make it cheap to generate changes to code nobody on the team, human or otherwise, fully understands, and the discipline shifts from 'understand everything before you act' to 'know how much you don't know, and act accordingly.'
Read →Smithsonian Magazine
Leaded Gas Was a Known Poison the Day It Was Invented (2016)
Tetraethyl lead went into American gasoline in 1921 not because it was the only anti-knock additive available, but because — unlike the leading alternative, ethanol, which anyone could distill from grain — it could be patented and its supply chain controlled for profit. GM, Du Pont, and Standard Oil pursued it knowing the risk: Du Pont's own internal correspondence called it 'very poisonous if absorbed through the skin,' and workers began dying and suffering severe neurological damage at production plants within the first years of manufacturing, prompting one 1920s newspaper to dub the substance 'loony gas.' Regulators allowed continued sale with only minimal safeguards, and the resulting five decades of ambient lead exposure caused measurable, population-wide drops in children's IQ and increases in violent crime before the EPA finally forced a phase-out starting in the 1970s. It's a clean historical case study in a pattern that keeps recurring in engineering ethics — a known hazard, documented in writing by the people profiting from it, surviving for decades because the harm was diffuse, delayed, and inconvenient to the business model that depended on ignoring it.
Read →geohot.github.io
AI 2040 and the Cult of Intelligence
George Hotz argues that both AI utopians and AI doomers make the same mistake: treating intelligence as a solvent that dissolves physical constraints, when manufacturing timelines, supply chains, and hard engineering problems don't move faster just because the software planning them got smarter. He's particularly dismissive of recursive self-improvement as a near-term threat model, arguing that even a superhuman research assistant still has to wait for fabs to be built and materials to be shipped, and that this physical bottleneck caps how fast any 'intelligence explosion' can actually cash out in the real world. The essay's sharper edge is political: he frames the choice as 'Plan L' (local, user-controlled AI alignment) against 'Plan A' (centralized regulatory oversight of AI, which he reads not as safety engineering but as a vehicle for consolidating government control over the technology) — a useful provocation for anyone treating AI governance proposals as self-evidently neutral safety measures rather than contested bets about where power should sit.
Read →