Justin Warren

It's all very weird. I don't get it.

If the conversion rate to paid of 3.1% (550M total->15.5M paying in March 2025, per Zitron) holds, that's a theoretical total paying market of 248M people. How much do they have to charge to recoup costs, let alone make a risk-weighted return?

That's a lot of people, but still, they've benefitted from probably the world's biggest ongoing amount of free, inescapable marketing for multiple years now. Straight line growth for a year suggests the middle part of the S adoption curve, no?

I don't get OpenAI's claimed weekly user figure. If 700M weekly users is 400% of a year ago, and via @edzitron.com it was ~500M in March, that's linear growth of about 50M a month for a year.

It's interesting to me that the social media ban is framed by the government as "world leading" whereas not giving many of the same companies what they want to do in AI is framed as us falling behind.

Should big tech be allowed to mine Australians’ text and data to train AI? The Productivity Commission is considering it Interim report on digital economy also mulls changes to privacy rules and copyright collections to help harness AI’s benefits

Idk why the productivity commission believes productivity can be derived by giving away other people's labour for free to companies with way too much money. www.theguardian.com/technology/2...

Australia Admits All Those Animals Made Up

Australia Admits All Those Animals Made Up theonion.com/austral...

The latest issue of The Crux is out: Copyparty, Papervault, sneaky fine print, online safety in the UK, The Line loves tech, and the near-term market risk of AI datacentre CapEx. https://pivotnine.com/the-crux/archive/beware-of-the-fine-print/

Ep 26 - Thanks for watching! - Media Watch The new tech behind the Government's social media ban has the gambling lobby rubbing their hands.

I can now claim to be "another prominent expert" according to ABC MediaWatch
www.abc.net.au/mediawatch/e...

“AI” is the excuse. Tech companies experienced unsustainable growth at the height of COVID and massively overhired, and they’re still correcting. Blaming “AI” for headcount reduction is a hype tool to feed its market value.

"Here's what the NV1 clearance process taught me about B2B sales…"

Tired: "willingness to pay" pricing model
Wired: "ability to resist" pricing model

The great rewiring: is social media really behind an epidemic of teenage mental illness? Nature - The evidence is equivocal on whether screen time is to blame for rising levels of teen depression and anxiety — and rising hysteria could distract us from tackling the real causes.

As we talk about the cheerful insanity of Australia's Social Media Ban again this morning, here's your periodical reminder that the book it's inspired by - The Anxious Generation - is hogwash.

Not just me saying it, but this little journal you might have heard of: Nature.
www.nature.com/artic...

“Draw a Fish. Watch it swim in the tank with a community of other fish people have drawn.” drawafish.com Via @daedalus.eigenmagic.com.

Or you could decide to run a big, novel project you haven't done before and also be in a hurry. We do actually have quite a bit of data on how those work out. Maybe you could take a look at it before you start?

You don't have to wait for the bad thing to happen, either. You can set up early warning systems that let you know before it gets big and bad and then maybe only have a smaller mess to clean up.

Also risks interact, so treating them only in isolation is a mistake. You can start there, but you can't do defence-in-depth without looking at interactions between components. Yes, it's harder to do, but did you want to play with the grownups or not?

A better way to manage it is estimates of complexity and scale. How big a deal would it be if this bad thing happened? A big deal to lots of people? Quite complex. A small thing affecting 2 people? Easier to manage.

The "likelihood x impact = score" method for doing risk analysis is mostly nonsense for anything novel because, by definition, you've not done it before and have no historical data on likelihood or impact.

A red and white label with a red checkmark icon in the centre. The text says The Risk Is: Confirmed

Every new customer involves an exciting game of "which user-hostile mechanism of setting up payments will they have to use today" because of decisions made 100+ years ago by agrarian socialists obsessed with silver.

I am once again having to deal with the US banking system and its anachronistic weirdness. Y'all really need to get on board with the idea of "freedom from" instead of focusing on "freedom to" all the time.

The latest issue of The Crux is out: AI backdoors, Intel implodes further, HBM is hot, and the Tea is cold. https://pivotnine.com/the-crux/archive/the-security-vibes-are-off/

When the same people who say a teenager stumbling across an unsecured API endpoint is a "sophisticated attack" are convinced a conversation simulator will replace all their staff, maybe we could be a little more sceptical of those claims.

It is darkly amusing that "hackers gained access to" often means "stumbled across a thing we left out on the street for anyone to find".

The Crux Weekly Newsletter PivotNine's weekly newsletter covering enterprise datacentre, cloud, and cybersecurity.

In this week’s issue of #TheCrux, I connect Broadcom’s failure to provide security patches to perpetual license customers to broader issues of cybersecurity, sovereign risk, and the maintenance of connected ecosystems of technology. Subscribe here: pivotnine.com/newsletter/

The vibe-coding/MCP fad throws out any pretence of taking security seriously to embrace #yolosec with barely a first thought, let alone a second one.

Catching the corporate conscience: a new model of “systems intentionality”

Using the Bant "systems intentionality" framework (research-repository.uwa.edu.au/en/publicati...), we can argue that this was intentional because it is what happened. The purpose of a system is what it does. #POSIWID

Broadcom has had plenty of time to figure out how to deliver security patches to perpetual license customers since it decided to change its licensing approach, and it failed to do so.

Customers are entirely reliant on vendors to fix the broken software products they sell. This is a significant risk to not only customers, but everyone else who depends on software infrastructure continuing to function as desired.