Kelly Shortridge

Anthropic’s paper argues reality distortion is rare in software domains, but I’m not so sure.

https://aphyr.com/posts/405-trudging-through-nonsense

FASTLY - 15 January 2026 - LA This is "FASTLY - 15 January 2026 - LA" by FutureCon Events on Vimeo, the home for high quality videos and the people who love them.

Big props to Rick Horwitz, Senior Sales Engineer at Fastly, for speaking at FutureCon LA on “Making attackers cry: outsmarting them with deception.”

Great insights on using deception to turn the tables on attackers. 👏 Take a look: vimeo.com/1156613679/2...

The skyline of New York City at night, with the Statue of Liberty lit up in the foreground. The Twin Towers dominate the background with tyrannical grandeur. Samantha has a sudden premonition, two ravaged steel and concrete husks, hunched over the harbor like a pair of broken spines. She shakes off the vision and ALT-TABs over to Minesweeper.

NEWYORKC.BMF

One of my 2026 goals is to start writing more, so over the holidays I resurrected my old blog and plopped out a post about silly coding interview problems in the Lean theorem prover dijkstracula.github.io/posts/provin...

Free (as in puppy) idea for an enterprising tech journalist/blogger: the 10 year rise of corporatized open source

Following last week’s critical #React2Shell disclosures, two more related CVEs dropped on 12/11.

Fastly customers: Based on current info, Fastly’s platform & apps aren’t vulnerable — but orgs should still review their own React + Next.js apps.

Learn more here: www.fastly.com/blog/react2s...

Unparalleled Performance: Bring Your C++ Logic to the Edge | Fastly Bring your C++ logic to the edge with the Beta Fastly Compute SDK. Achieve unparalleled, near-native performance, low-latency, and enhanced security via WebAssembly (Wasm).

www.fastly.com/blog/unparal... This is my first big project since joining @fastly.com and I'm very hype about it. Literally C++ built on _top_ of our Rust SDK, because having access to C++ does, in fact, still open doors to a lot of folks.

A new #Jepsen report: we demonstrate data loss and persistent split-brain in the NATS streaming system, in response to simulated power failures/OS crashes.

https://jepsen.io/analyses/nats-2.12.1

Congestion pricing improved air quality in NYC and suburbs | Cornell Chronicle Cornell researchers tallied the environmental benefits of New York City’s congestion pricing program and found air pollution dropped by 22% in Manhattan, with additional declines across the city’s fiv...

In addition to all of the other benefits already reported about NYC congestion pricing, "In the first six months of the program, air pollution – in the form of particulate matter 2.5 micrometers and smaller – dropped by 22% in the Congestion Relief Zone (CRZ)"

news.cornell.edu/stories/2025...

🚨 React2Shell Update: Fastly saw a 2,775% spike in attack traffic after the public PoC dropped. Attackers are actively scanning — verify exposure and patch now.

Updates:
• Expanded Virtual Patch
• NGWAF detecting new scanners
• Bot Management flagging tooling

More intel to come. #React2Shell

⚠️ Friday’s #React2Shell update

@fastly.com saw a 2,775% increase in attack activity across our global network between the peak we reported yesterday (Dec. 4th) and 20:00 UTC today (see graph).

We recommend you immediately patch vulnerable apps and apply proactive protections to buy time as needed.

subsequent update: bsky.app/profile/shor...

You might want to check on your apps. There’s some 🔥 🥒 🔥 spicy unpickling going on …

⚠️ update on #React2Shell

After the POC dropped ~21:04 GMT today, Fastly detected a profound proliferation in the # of requests triggering our NGWAF signal for React2Shell (see graph).

We strongly recommend you immediately identify and update your React / Next.js apps + apply proactive protection.

There’s a react2shell POC circulating that appears to be viable.

Fastly verified our NGWAF successfully blocks this exploit variant.

⚠️ Our initial data points suggest attackers are actively probing for vulnerable apps. ⚠️

Identify and update your React & Next.js apps + layer proactive protection.

Fastly’s Proactive Protection for Critical React RCE CVE-2025-55182 and CVE-2025-66478 | Fastly Protect your apps from the critical React RCE bugs (CVE-2025-55182/66478). Fastly's NGWAF Virtual Patch provides proactive defense.

the bad news: lots of sloppity slop PoCs (slopocs???) abounding for the critical pre-auth React RCE

the good news: more time for you to patch your #React & #Nextjs apps ✨

my write up from yesterday on what to know & what to do: www.fastly.com/blog/fastlys...

comparison between apple's finder icon and mine. apple's is the split blue and white smiley face, mine is two blue and white anime girls making out

comparison between discord's icon and mine. mine is like a screaming cat on a blue/purple slimy background

comparison between celsys's clip studio paint icon and mine. mine is similar but rotated with some comic styling and pink and blue highlights

comparison between mozilla's firefox icon and mine. mine is similar but looks closer to the old firefox icon and brings back the little arm and gives the fox a cute little smiley face

last week i remembered that macOS lets you set your own icons and that *I* have the power to delegitimize the professionalism of the software that runs on my machine, so here's a thread of the 16 new icons i've made so far

i really forgot how fun it was to just sit down and make art for myself :')

So, in case you haven’t heard, a recent upset of an A320:
avherald.com/h?article=52...
Was traced back to, of all things, solar flares disrupting an onboard system:
avherald.com/files/AOT-A2...
The fix is a software patch on most of the 6000 affected aircraft, but it still takes 3 hours to complete

“nothing like this,” which feels like an evergreen comparative statement

OH in my downtown Manhattan hot yoga class:

woman 1, sad: “Yeah, I unfortunately had to move to Boston for work.”

woman 2, sincere: “Oh no! Do they even have yoga out there?”

Can you believe I wrote about manager READMEs again? medium.com/@skamille/re...
If you hate medium, you can also look at my ancient blogger where the formatting is a bit wonky: www.elidedbranches.com/2025/11/revi...

Closing Central Madrid To Cars Resulted In 9.5% Boost To Retail Spending, Finds Bank Analysis City of Madrid significantly boosted the takings of its shops and restaurants last Christmas by banning cars from the CBD, finds an analysis by Spain's second largest bank.

Keep this in mind when people claim cars mean business — closing Central #Madrid to cars over holidays resulted in a 9.5% boost in retail spending on its main shopping street: STUDY.

There was also a 71% drop in air pollution.

Via @carltonreid.com in @forbes.com. #citymakingmath #citiesforpeople

Frog and Toad illustration edited to say: Frog put the value in an option. "There", he said, "now we will not deref any more null pointers". "But we can unwrap the option," said Toad. "That is true", said Frog.

on type safety

try “Stealing the Corner Office” (book). It covers bullet #3 in particular depth

The Last Couple Years in V8’s Garbage Collector, by @wingolog.org:

https://wingolog.org/archives/2025/11/13/the-last-couple-years-in-v8s-garbage-collector

#v8 #javascriptengines #garbagecollection #memory #retrospectives

Which podcast is mispronouncing either metric or matrices as metrices

big if true

as someone who often thinks in ancient oak-style trees with their sprawling, gnarled branches extending into the blue infinity:

I’m so so hyped we launched a way for you to visualize your public API hierarchy as a tree!!! ✨ let us know what you think

💻 Make sense of the chaos with API Discovery 🔍

Managing APIs doesn’t have to be a burden. With just one click, API Discovery takes away the mystery and gives you complete visibility into what APIs are in use on the Fastly edge network. Learn more: www.fastly.com/blog/make-se...

thank you 🖤 I’m curious how it tied into the strategy y’all were discussing? 👀