World

2026-03-26

Iran War — Day 27

• US-Israel war on Iran: Ceasefire proposals exchanged but positions remain far apart (Al Jazeera) | Guardian — Trump claims Iran wants a deal “so badly” while Iran’s foreign minister flatly denies any talks are happening. Iran has submitted a 5-point counter-proposal after rejecting the US’s 15-point plan as “maximalist.” Both sides continue military escalation.

• Two teenagers killed in Shiraz; two dead in Abu Dhabi as strikes intensify (Al Jazeera) — Deadly attacks rise as Israel announces strikes on Isfahan and the conflict spreads across the Gulf.

• Russia condemns second US-Israeli strike at Iran’s Bushehr nuclear reactor (Al Jazeera) — Russia’s foreign ministry accuses the US and Israel of trying to spark a nuclear disaster.

• Gulf states’ scepticism over alleged US-Iran talks signals distrust of Trump (Guardian) — Qatar and other Gulf states reluctant to cheerlead peace efforts, suspecting talk of diplomacy may be cover for escalation.

• Deaths and debts: Missiles in Gulf shake millions of South Asian families (Al Jazeera) — Most casualties in Iran’s Gulf strikes are South Asian workers. Entire economies back home face serious disruption.

• WHO warns of health crisis ‘unfolding in real time’ across Middle East (Guardian) — WHO’s regional chief calls for halt to hostilities and protection of healthcare facilities as humanitarian situation deteriorates.

• Germany’s defence minister: Trump has ‘no exit strategy’ in Iran (ABC Australia) | Euronews on Spanish PM — European leaders increasingly critical; Spain’s PM warns conflict “far worse” than Iraq 2003.

• War with Iran disrupts fertilizer exports as US farmers prepare for planting (NPR) — Gulf states are major fertilizer producers; war has triggered 25% price hike as corn planting begins.

Other News

• Meta and YouTube found liable in landmark social media addiction trial (BBC) | NPR — Los Angeles jury awards $6M in damages over defective product design. Verdict may influence 2,000 pending lawsuits. (Also covered in Tech)

• UN votes to recognise enslavement of Africans as ‘gravest crime against humanity’ (BBC) | Guardian — Landmark General Assembly resolution calls for apology and contributions to a reparations fund.

• Sarah Mullally enthroned as first female Archbishop of Canterbury (Al Jazeera) — First woman to lead Church of England in its 1,400-year history installed at Canterbury Cathedral.

• UK armed forces authorised to board Russian shadow fleet tankers in British waters (Guardian) — Starmer announces move to “starve Putin’s war machine” at Finland military summit. (Also covered in Ukraine)

• Russia hits Ukraine with nearly 1,000 weapons in 24 hours, setting new record (United24) — Massive bombardment as Zelenskyy warns Russia preparing to target water supply systems.

• Estonia and Latvia say territories hit by stray Ukrainian drones (BBC) — Incidents occurred same night Ukraine launched massive attack on Russia’s port of Ust-Luga near Estonian border.

• Russian government ordered Moscow internet blackout (Kyiv Independent) — The Bell reports shutdown orders came from government.

• Democrats flip Florida state seat that includes Trump’s Mar-a-Lago (BBC) — Emily Gregory wins district Republicans took by 19 points in 2024.

• Denmark’s Frederiksen given first chance at forming government after election (Guardian) — Outgoing PM to try forming new majority with leftwing parties after close election result.

• Dozens of bodies, mostly infants, discovered in Kenya mass grave (BBC) — 32 bodies including 25 children found; some believed to have come from local hospitals and mortuaries.

• Brazil’s Bolsonaro gets temporary house arrest for ill-health (BBC) — Former president moved from cell to hospital earlier this month with pneumonia.

• The US said it helped bomb a drug camp. It was a dairy farm. (NYT) — US-backed strike in Ecuador hit civilian farm, not narco target.

• US strike on alleged drug vessel kills four in the Caribbean (Guardian) — Latest strike brings death toll to at least 163 since attacks on alleged “narco-terrorists” began in September.

• Sanders and AOC push for pause on AI data centres until safeguards in place (Al Jazeera) — Bill introduced amid growing backlash to rapid AI rollout.

• House of Lords backs Australian-style social media ban for under-16s (Guardian) — Peers vote 266–141 to reject Starmer’s public consultation approach in favour of outright ban.

• Skeleton of Three Musketeers hero d’Artagnan may have been found (Guardian) — Archaeologists believe remains found in Maastricht, Netherlands may be the soldier killed in 1673 siege who inspired Dumas.

• TSA wait times exceeding four hours at major US airports (NPR) — DHS shutdown causing TSA officer call-out rates of 40–50%.

• China using financial tactics to coerce people who flee, report finds (Guardian) — UK urged to tackle transnational repression as dissidents report tax bills and threats from Beijing.

• Italy’s tourism minister resigns amid referendum failure turmoil (Guardian) — Meloni strives to restore credibility after voters rejected judicial reform.

cd ~/repos/ratatosk && claude --resume a25cf43c-ebf2-4a1a-b397-26fb3a446662

Ukraine

Russia’s spring-summer 2026 offensive is underway but faltering. A prominent Russian milblogger issued a damning critique, noting Russian forces cannot break through Ukrainian drone dominance and would take “100 years” to seize remaining Ukrainian territory at current rates — echoing ISW’s own 83-year estimate. Ukrainian counterattacks around Kupyansk and Oleksandrivka have triggered backlash in the Russian information space. The Russian military failed to complete preparations for the assault on Lyman, critical to any push against the Slovyansk-Kramatorsk fortress belt. On the ground: 158 clashes in 24 hours, nearly half around Pokrovsk and adjacent sectors; Ukrainian forces made confirmed advances in Kostyantynivka-Druzhkivka while holding elsewhere.

• US offers security guarantees in exchange for Donbas withdrawal — Zelenskyy confirms American proposal linking guarantees to territorial concession. (Reuters)
• 40% of Russia’s oil export capacity halted — Baltic port strikes shut down Ust-Luga and Primorsk. (Reuters)
• Russia supplying drones to Iran — Western intelligence confirms reverse flow of UAVs. (FT)
• UK to seize shadow fleet tankers — Armed forces authorized to stop and detain sanctioned Russian vessels in British waters. (Ukrainska Pravda) (Also covered in World)
• Pro-Kremlin blogger sent to psychiatric hospital — Ilya Remeslo forcibly confined after criticizing Putin. (Meduza)
• Zelenskyy warns of water infrastructure attacks — Russia reportedly preparing to target water supply systems. (Ukrainska Pravda)
• Moldova declares energy emergency — 60-day state of emergency after Russian strikes disconnect grid. (Fortune)

cd ~/repos/ratatosk && claude --resume 249fd0bf-9a3e-4b8e-a27c-96c892f01268

Norway

Stortinget er i full krise over drivstoffavgiftene. Senterpartiet bryter med de rødgrønne og støtter Høyres forslag om å kutte veibruksavgiften midlertidig, noe MDG kaller et “åpenbart brudd på budsjettavtalen.” Arbeiderpartiet jobber febrilsk med et eget forslag som vil ta opp levekostnader i revidert nasjonalbudsjett. Avstemningen skjer i dag — politisk drama uansett utfall.

Nobelkomiteen har offentliggjort alle medlemmenes verv, gaver og økonomiske interesser etter Jagland/Epstein-skandalen. Asle Toje topper med 43 betalte oppdrag, mens de fleste har rapportert ett eller ingen. Komiteen innrømmer “rom for betydelig forbedring” i sine rutiner. (Also covered in Norway — Street Level)

En pasient i Nordland døde etter å ha ventet fem timer på akutt hjerteoperasjon da PCI-senteret i Bodø var stengt. Helsetilsynet gransker. Samtidig foreslår flere partier å la apotek utføre legeoppgaver for å avlaste fastlegemangelen — Legeforeningen advarer mot “medisinsk uforsvarlige løsninger.”

Påskeværet blir todelt: sol og oppholdsvær i øst, nedbør og ruskevær langs kysten. UV-indeksen når 3-4 flere steder — moderate nivåer som krever solbeskyttelse. Andøya Space forsøker ny rakettoppskyting i kveld etter at en fisker forstyrret forrige forsøk.

• Arbeidsledigheten stabil på 4,6 prosent i februar, samme som januar. (Aftenposten)
• Innbrudd hos Alan Walker — tyv stakk av med minnebrikker og datautstyr fra artistens Oslo-bolig. (NRK)
• Støre har 50 millioner i indeksfond, vil ikke si hvilke. (NRK)
• Harry Hole-serien har premiere på Netflix — Tobias Santelmann får gode kritikker i hovedrollen. (DN)
• Sweco skal utrede kjernekraft i Norge, blir første leverandør av tjenester til potensielt kjernekraftverk. (TU)
• Yara, Inovyn og Ineos dropper klimaprosjekter på Herøya — høye strømpriser og manglende lønnsomhet, frykter 10.000 jobber kan ryke. (TU)
• Stort våpenbeslag i Inderøy — politiet har båret ut våpen i to dager, tre siktet. (NRK)
• Sp vil kreve 500.000 kr i inntekt for familieinnvandring, inkludert for enslige mindreårige asylsøkere. (NRK)
• Digital utenforskap truer menneskerettigheter — hundretusenvis mangler elektronisk ID. (NRK)

cd ~/repos/ratatosk && claude --resume 7ca6d047-6ef5-452f-ad72-34dcf1909e7e

Norway — Street Level

The Mette-Marit/Epstein story continues to generate anger, with new details about victims waiting at hotels while the Crown Princess walked in parks with Epstein. The Norwegian Library Association doubled down on ending their patronage relationship with her, refusing to soften their position after public pressure.

On domestic policy, kindergarten workers are sounding alarms about understaffing — colleagues crying after shifts, a survey confirming too few adults per child. A US jury finding Meta and Google liable for deliberately addictive software design sparked discussion about whether Norway should follow with similar lawsuits.

The Andøya rocket launch saga continues: a fishing boat entered the safety zone during final countdown, forcing an abort. The skipper denies sabotage, citing equipment problems and questioning why rocket operations should trump fishing rights in traditional waters. With plans for 30 annual launches, this tension between space ambitions and fishing communities isn’t going away.

cd ~/repos/ratatosk && claude --resume 01583ea2-af8f-4ce1-bdab-008314cbf4ef

Tech

Security & Privacy

• “Disregard That” Attacks | HN — Solid overview of prompt injection vulnerabilities. The core problem: LLMs treat instructions and data as a single token stream with no reliable separation. Author identifies only four somewhat-effective mitigations: restricting untrusted input, accepting calculated risks, requiring human review, or having LLMs generate code rather than execute directly.

• Electric Motorcycles are a Security Nightmare | Lobsters — Security research on Zero Motorcycles revealing five major vulnerability classes: static firmware signatures forgeable with seven lines of Python, unauthenticated Bluetooth pairing, hardcoded server credentials in the Android app, unsecured CAN bus via OBD-2, and firmware-controlled security functions that can prevent their own removal.

• Data is everywhere. The government is buying it without a warrant | HN — NPR on government agencies purchasing personal data from brokers to bypass Fourth Amendment warrant requirements. Discussion surfaces the term “privacy laundering” for data obtained commercially to enable surveillance.

• The EU still wants to scan your private messages and photos | HN — Ongoing push for client-side scanning in the EU.

AI & ML

• ARC-AGI-3 | HN — New benchmark release with technical report. Controversial scoring uses second-best human solution as baseline and applies quadratic efficiency penalties. François Chollet argues this intentionally discourages brute-force approaches. HN discussion reveals fundamental disagreement about what AGI benchmarks should measure.

• Quantization from the Ground Up | HN — Comprehensive interactive guide covering symmetric vs asymmetric quantization, block-based approaches to handle outliers, and quality measurement via perplexity and KL divergence. Claims 4x size reduction and 2x speedup while maintaining 90-95% accuracy.

• Updates to GitHub Copilot interaction data usage policy | Lobsters — Starting April 24, GitHub will use Free/Pro/Pro+ user interaction data for training unless users opt out. Business and Enterprise tiers exempt. Previous opt-outs preserved.

• 90% of Claude-linked output going to GitHub repos with <2 stars | HN — Dashboard tracking Claude Code usage: 20.8M commits, +50.4B lines added, TypeScript dominates at 34.8%, Python at 18.9%.

Nix & Linux

• Announcing Lix 2.95 “Kakigōri” | Lobsters — New release of the Lix Nix fork.

• One File - What if your lockfile and your package list were the same file? | Lobsters — The Mere package manager merges package declarations and lockfile resolution into a single profile.kdl format. Users write loose specs like package "make", the system resolves to exact versions with content hashes, and the output remains valid input — a self-contained reproducibility artifact.

• VitruvianOS | Lobsters — A BeOS-inspired Linux distribution with a custom “Nexus Kernel Bridge” that enables BeOS-style node monitoring and messaging, allowing Haiku applications to run on standard Linux kernels.

Programming Languages & Compilers

• Mojo’s not (yet) Python | Lobsters — Despite marketing, Mojo requires explicit type annotations, lacks f-strings and __name__, is missing standard library packages like shutil, won’t run files without .mojo extension, and wrapping Python shows 24x overhead. Currently requires substantial rewrites rather than compatibility.

• Compiler Crates | Lobsters — Curated guide to Rust crates for compiler development: pest/chumsky/lalrpop for parsing, logos for lexing, cranelift/inkwell/melior for codegen, ariadne/codespan-reporting for errors. Includes stack recommendations from prototypes to production.

• Zero-copy protobuf and ConnectRPC for Rust | Lobsters

• The Cost of Concurrency Coordination | Lobsters

Developer Tools

• vim-classic: Long-term maintenance of Vim 8.x | Lobsters — Drew DeVault maintaining a Vim 8.2 fork focused on stability without new features. Created partly in response to concerns about AI-generated code in upstream Vim/Neovim.

• Fyrox 1.0.0 | Lobsters — First stable release of the Rust game engine after seven years. Includes native editor, project manager, cross-platform support (PC/WebAssembly/Android), and improved async scene loading.

• FreeCAD v1.1 | HN

Hardware & Tinkering

• Running Tesla Model 3’s computer on my desk using parts from crashed cars | HN — Security researcher obtained MCU and autopilot computer from salvage (~$200-300), connected via Ethernet at 192.168.90.100, and discovered exposed SSH, REST API, and “ODIN” diagnostic interfaces. Required buying an $80 dashboard harness just for one cable.

• Sodium-ion EV battery breakthrough delivers 11-min charging and 450 km range | HN

• OpenBSD on Motorola 88000 processors | Lobsters — Historical account of OpenBSD’s m88k port.

cd ~/repos/ratatosk && claude --resume f3ffdc86-775d-4784-bd37-ed59a5e233ae

Linux & Infrastructure

NixOS & Nix

• Let’s have a great 26.05 release cycle! — NixOS 26.05 (“Yarara”) release managers announced. Schedule posted; community coordination underway.

• Full Time Nix: Devenv 2.0 with Domen Kožar | r/NixOS — Devenv 2.0 is now a TUI with interactive progress display while building dev shells. Adds process-compose integration for process management and expanded secrets management with SOPS, Vault, and cloud provider support.

• Jails, Not Containers: A CTFer’s PWN Environment with Nix and Bwrap | r/NixOS — Replaces Docker with Nix + Bubblewrap for CTF environments. All packages declared in one Nix file, kernel namespace isolation with minimal attack surface, and fine-grained control over what each jail can access.

• nix-apple-container | r/NixOS — A nix-darwin module for Apple’s native Linux container runtime on Apple Silicon. Declaratively manage containers as launchd user agents, auto-creates volume mounts, handles kernel installation. Includes optional Linux builder container for aarch64-linux cross-compilation.

• Dendritic pattern for NixOS configs | r/NixOS — Discussion on adopting the dendritic configuration pattern from Vimjoyer’s recent video.

Hyprland

• Hymission: MacOS-like Mission Control plugin | r/hyprland — New Hyprland plugin implementing Mission Control-style overview with live compositor-side previews, native trackpad gesture support, workspace strip sidebar, and KEY+Tab switching. Supports scope modes: current workspace only, all workspaces, or config-driven default.

• Quickshell as lockscreen replacement for Hyprlock | r/hyprland — Uses Quickshell’s PAM service for authentication while gaining full QML capabilities for smooth animations and custom interfaces beyond what Hyprlock offers.

CLI Tools

• jnv v0.7.0: Interactive JSON Viewer with jq | r/commandline — Terminal JSON explorer with integrated jq filtering. v0.7.0 brings revamped TOML configuration syntax (breaking change, no migration tool), improved customization for UI, keybindings, and styling.

• cstat: Compact status line for Claude Code | r/commandline — Rust status line showing model, rate limits, context usage, active tools, and git status. Sub-millisecond startup, zero dependencies, ~2ms vs 62ms for alternatives that spawn 24 subprocesses.

• ghgrab: Download files from GitHub repos | r/commandline — Rust TUI for browsing GitHub repos and downloading specific files/folders without cloning. Fuzzy search, file preview, batch downloads, LFS support.

• envsec: Secrets in OS keychain, not shell history | r/commandline — Stores secrets in macOS Keychain, GNOME Keyring, KDE Wallet, or Windows Credential Manager. Injects values as env vars when running commands — never touches disk as plaintext, never appears in shell history.

• wardn: Placeholder tokens for AI agents — Gives AI agents fake placeholder tokens while keeping real API keys encrypted. Local proxy on :7777 substitutes real values at request time.

• wat: Config-driven file watcher | r/commandline — Minimal Rust CLI using TOML config to define watch patterns and commands.

Self-Hosting

• Let’s Encrypt dns-persist-01 | r/selfhosted — New challenge method: set a single persistent TXT record at _validation-persist.example.com to authorize certificates indefinitely. No more DNS updates during renewals. Supports wildcards via policy parameter. Staging rollout late Q1 2026, production Q2 2026.

• Linkwarden 2.14 | r/selfhosted — Collaborative bookmark manager with full-page preservation, reader view with annotations, AI tagging, RSS integration.

• PipesHub: Self-hosted enterprise search | r/selfhosted — Open source alternative to Gemini Enterprise. Natural language search across Google Workspace, Slack, Jira, Confluence, Notion, etc.

• Komodo v2.0.0 | r/selfhosted — Container manager adds Docker Swarm support, PKI auth with auto-rotation, 2FA with Passkey/TOTP, and multi-login linking.

Home Assistant

• Heatit joins Works with Home Assistant — 5 Z-Wave devices certified: climate controls, heating, smoke detectors.

• Home Assistant 2026.4 beta — Beta release notes available.

• HA BookStack Docs — Tool that auto-generates and maintains documentation for your Home Assistant setup in BookStack.

cd ~/repos/ratatosk && claude --resume a2d41232-298f-4425-a695-a019afc4c837

cd ~/repos/ratatosk && claude --resume 979dc280-34fb-4ae6-a917-fa6474120572