Reading List

Logan Kugler details the Orion capsule's flight computer architecture on the Artemis II mission, which moves well past the Apollo Guidance Computer and the conventional triple-modular-redundancy playbook. Orion runs eight CPUs in parallel across four Flight Control Modules (each a self-checking pair) on a time-triggered Ethernet network, choosing a "fail-silent" design over majority voting: a faulty module shuts up rather than emit a wrong answer, and the system selects from the next healthy module in priority order. A fully dissimilar Backup Flight Software system on different hardware and OS guards against common-mode software failure. Carnegie Mellon SEI's Michael Riley notes that this kind of architectural discipline is increasingly rare — modern Agile/DevOps cycles favor iteration, which can erode the determinism that mission-critical software requires. A useful reference for thinking about reliability engineering, dissimilar redundancy, and where time-partitioned schedulers buy you something the consumer-software stack can't.

Host Adam Gordon Bell and guest Don McKay trace how frontier labs hit the "pre-training wall" — the point at which scaling laws stopped delivering free capability gains from more data and parameters — and what's replaced it. They explain why OpenAI's valuation still holds up against open-weights competitors and leaked checkpoints, and how reinforcement learning and model distillation have become the new axis of competitive advantage. A useful primer on AI moats, the Red Queen dynamics frontier labs now run on, and why "we have one internet" matters. Links to the readable episode transcript.

Drawing on nine years leading design systems at Spotify, Shaun Bent argues that federated design-system models keep failing in practice despite their appealing promise of distributed ownership. He walks through two failed federation attempts at Spotify and explains how, instead of broad community contribution, federation tends to produce ownership vacuums, exponential component duplication, and design–code drift. The takeaway: centralized teams with clear ownership ship faster and deliver more consistent results, and most organizations attempting federation lack the governance infrastructure, discovery tooling, and cultural conditions to make it viable.

Accessibility advocate Eric W. Bailey draws a line from NASA's evolutionary "evolved antennas"—optimized purely for function with no regard for human legibility—to a possible future in which LLM-optimized code becomes terse, cryptic, and decoupled from human understanding. He argues that cost and efficiency pressures (token economics, the "caveman prompt") push toward inaccessible-by-default output, that this functions as both implicit and explicit control over who can use and modify the web, and that the openness and transparency of the public internet and open source are strengths worth deliberately defending.

Staff engineer Sean Goedecke documents how his LLM usage has evolved over fifteen months—from occasional tactical help to relying on agents for nearly all code changes and bug investigations. He argues that while agents now handle most technical tasks well, human judgment remains essential for evaluating their output, narrowing the problem space, and overseeing high-impact work. The takeaway is about balance: push substantial work onto agents without over-relying on them for communication or sensitive technical decisions that still require human judgment.

Wes Bos and Scott Tolinski break down "Mini Shai Hulud," a supply chain attack that hit popular JavaScript packages including TanStack. They explain how attackers abused GitHub Actions cache poisoning via pull_request_target to steal npm publishing credentials—without ever compromising a maintainer's password—then trace how the worm propagated across packages, including a destructive dead man's switch, and cover practical protections for both maintainers and consumers. Linked to the readable episode transcript.

Jake Archibald explains CORS from first principles—origins vs sites, why credentials complicate cross-origin requests, and how the CORS header model evolved. He shows when CORS applies, how to use Access-Control-Allow-Origin, credentials with Access-Control-Allow-Credentials, the importance of Vary for caches/CDNs, and how preflights work for unusual methods/headers. Includes a hands-on playground and gotchas (e.g., method casing in Chrome, header exposure, caching pitfalls).

NN/g explains mental models in UX: users form beliefs about how systems work based on prior experiences, which guide their predictions and actions. Common patterns (ecommerce carts, the Back button, single-site search) illustrate how mismatches cause usability issues. Because mental-model inertia is strong, designers should favor established conventions and only innovate when clearly better, while teaching new concepts succinctly through onboarding, help, and testing. Think-aloud user testing helps reveal users’ mental models so teams can fix IA, labels, and flows.

Karl Koch argues for designing with strong affordances—the perceivable properties that suggest how something should be used. Using a banana-peeling analogy, he critiques trends like “Liquid Glass” UI that hide controls and erase tactile cues. The result is subtle, constant friction that prevents deep work and forces users to guess. He advocates building tools—especially AI systems—with intuitive, visible signposts that align with real-world interaction, so technology becomes a natural extension of human capability.

Terry Godier’s visual essay (text version) argues that many interfaces import the moral weight of obligation by copying email’s unread metaphors into contexts where no one awaits a response. Tracing a lineage from physical inboxes to email to RSS and beyond, he calls this mismatch “phantom obligation.” Unread counts, badges, and queues manufacture anxiety and taskification. Godier suggests alternative metaphors—streams, circles, windows, shelves—that emphasize optionality over debt, and poses the central check: is anyone actually waiting?

Sean Goedecke argues that meaningful software design for large, established systems can only be done by engineers who work on them. Concrete details—module boundaries, data availability, coupling, and historical constraints—outweigh generic patterns and principles. Useful design discussions are small, detail-heavy, and often boring to outsiders. Generic design still has roles: greenfield projects, tie-breaking among acceptable concrete options, and company-wide consistency or platform choices. He critiques detached architect roles with no delivery accountability and proposes that those who design should also own outcomes.

This article examines how the software industry has repeatedly failed to learn that software development is fundamentally about managing information flow and learning, not construction.

A deep dive into Turso, a new database engine compatible with SQLite's file format but rewritten in Rust. The article explores why Turso is needed, how it addresses SQLite's pain points (concurrent writes, MVCC, async I/O), and why a database that scales from in-process to networked is the future for modern development.

This article from Kagi discusses Google's search monopoly, recent antitrust rulings, and their implications for the future of search and AI.

Web policy and governance expert Mark Nottingham reflects on the concept of "The Open Web," particularly focusing on open access to information and how AI is disrupting the traditional incentive structures that have kept content freely available online.