Posts
539
Following
36
Followers
2315

Jonathan Corbet

As the number of LLM-generated patches in my inbox increases, I am starting to experience the sort of maintainer stress that has long been predicted. But there's another aspect of this that has recently crossed my mind.

Just over a week ago, a new personality showed up with a whole pile of machine-generated patches claiming to fill in our memory-management documentation. A few reviewers had some sharp questions, the response to which has been ... silence. This person doesn't seem to have cared enough about that work to make an effort to get past the initial resistance.

Once upon a time, somebody who had produced many pages of MM documentation would be invested enough in that work to make at least a minimal attempt to defend it.

Kernel developers often worry that a patch submitter will not stick around to maintain the code they are trying to push upstream. Part of the gauntlet of getting kernel patches accepted can be seen as a sort of "are you serious?" test.

When somebody submits a big pile of machine-generated code, though, will they be *able* to maintain it? And will they be sufficiently invested in this code, which they didn't write and probably don't understand, to stick around and fix the inevitable problems that will arise? I rather fear not, and that does not bode well for the long-term maintainability of our software.
19
264
357

Jonathan Corbet

According to the O'Reilly Radar blog, "code review is an expensive way to do something that may not be all that useful in the long run". We just have to get the specifications right in our vibe-coded future.

https://www.oreilly.com/radar/beyond-code-review/
4
3
8

Jonathan Corbet

I've been in Boulder for a long time; I don't think I've ever seen this sort of mass closure of our open spaces. What a "winter" this is.

Be careful out there...

https://bouldercounty.gov/news/all-trails-closed-west-of-highway-36/
0
2
5

Jonathan Corbet

So somebody is really convinced that there is an SQL-injection vulnerability lurking in the LWN login form, and they have been employing a small botnet in a determined effort to find it. I'm not hugely worried about the attack, but I still find this kind of thing annoying.
3
2
16

Today, I met with Colorado Senator Matt Ball, co-author of Colorado OS Age Attestation Bill SB26-051.

Sen. Ball suggested excluding open source software from the bill. This appears to be a real possibility.

Amendments are expected for the CA age attestation bill. It's my hope we can move fast enough to influence excluding open source in the CA bill amendments.

No illusions, it's an uphill battle, but we have an open door to advocate for the open source community.

6
10
0

Jonathan Corbet

The second fire in a week — in what is supposed to be our wettest season.

https://boulderreportinglab.org/2026/03/04/boulder-wildfire-crews-responding-to-vegetation-fire-at-heil-valley-ranch/

They seem to have a handle on it, but unless something changes this is going to be a long and brutal summer.
1
2
9

RE: https://flipboard.social/@newsguyusa/116145194552591221

US government finally acts to pop AI bubble 🤣

3
2
0

Jonathan Corbet

Dan Simmons is gone.

https://arstechnica.com/culture/2026/02/hyperion-author-dan-simmons-dies-from-stroke-at-77/

There are people saying that he was not an entirely pleasant person. I know nothing about that. I do know that I found the Hyperion series to be mind-blowing; I wish I could write like that. May he rest in peace.
2
10
16

Jonathan Corbet

I just stumbled across the "Open Source Endowment":

https://endowment.dev/

Seems like a good cause, but the page to nominate a project for funding requires a GitHub URL to identify that project. There are, I guess, no open-source projects outside of GitHub?
2
3
9

Jonathan Corbet

"This winter wasn’t just a bit warm or slightly unusual. It was a complete failure of the cold‑season that the West depends on, and the consequences will extend far beyond a lack of snow along Colorado’s Continental Divide. When winter fails this profoundly, the disruption radiates outward through every system that relies on the steady rhythm of cold, snow, and gradual melt. Water managers lose the natural reservoir that mountain snowpack is supposed to provide, leaving cities, farms, and entire states in the Colorado River Basin facing increasingly uncomfortable decisions about how to stretch a shrinking supply. Reservoirs that should be quietly refilling through winter will instead stumble into this spring underfilled, offering far less protection against the triple punch of summer heat, irrigation demand, and wildfire suppression. Millions of Americans who depend on the Colorado River will feel the consequences of this winter long after our snow-starved peaks fade from the headlines."

https://bouldercast.com/a-complete-failure-of-winter-across-the-west-and-what-it-means-for-the-rest-of-2026/

*sigh*
3
40
35

Jonathan Corbet

One of those little details that, probably, only I care about ... a year ago, when dealing with AI scraper problems, I observed that almost all of the traffic came from IPv4 addresses — millions of them. Use of IPv6 was a pretty strong indication that there was a human involved.

Now, when we get a heavy attack wave, it is strongly dominated by IPv6 addresses; the bots seem to actively prefer IPv6.

I wonder if it's because IPv6 addresses are more likely to remain unique through NAT boxes, giving these sleazy people yet more IP addresses to bring down web sites with?
4
4
11

Jonathan Corbet

I was just informed that today is an important holiday; is it too early to start celebrating?

https://nationaltoday.com/national-drink-wine-day/
2
1
6

Jonathan Corbet

Ah...winter in Colorado...
2
4
9

Jonathan Corbet

There is a phase of life where Valentine's Day brings images of flowers, fancy dinners, and romance.

There is another, later phase where one is informed that the best way to demonstrate the depth of one's affection would be to finally get around to re-caulking the shower.
2
5
48

Jonathan Corbet

So let's assume, just for the sake of argument, that you were foolish enough to try to make a living by writing high-quality, well-researched, technical articles about Linux and free-software development. I know that's crazy, but bear with me. In such a scenario, how does one succeed in a world increasingly full of stuff like this?

https://www.webpronews.com/linux-7-0-looms-large-inside-the-landmark-kernel-release-that-could-reshape-open-source-computing/

(I'll post no more links to that site, I promise).

These folks appear to take the stuff we humans write, inject a bunch of errors, then slop it out to the world.

If you were to engage in the silly quest described above, you would find that what you do is increasingly buried in the flood of this kind of material. Does anybody have any bright ideas about how one might survive in such an environment?
25
46
53

Jonathan Corbet

Dan Carpenter is looking for support for his ongoing bug-fixing work:

https://lwn.net/ml/all/caa37f28-a2e8-4e0a-a9ce-a365ce805e4b@stanley.mountain

He says: "The situation isn't great. The zero day bot can't do cross function analsysis and it only looks at checks with a low false positive rate. We're missing out on a bunch of bugs." *Not* missing those bugs sounds like it would be a good thing.
0
12
6

Jonathan Corbet

I got a phishy-looking text from LWN's bank asking me to confirm that I really wanted to spend over $2000 in a Minnesota shoe store. It turns out that it really was the bank, though. People who know me know that shoes are not one of my bigger budget items ... so, once again, somebody has leaked my card information.

Thus begins the whole process of disputing the charges, getting a new card, updating the recurring charges before things start bouncing, etc. Just what I was planning to do this day.
2
2
25

K. Ryabitsev-Prime 🍁

The Open Source Summit North America is in May this year, in the lovely Minneapolis, where nothing is happening. Nosiree, nothing that would want a bunch of people think twice about attending.
6
7
21

Jonathan Corbet

As of the last count, @lwn has been hit by 1.6 million unique IP addresses since yesterday morning. We have managed to stabilize the site against that level of attack, but it is still annoying.

If only we could get them all to subscribe.

I do find myself wondering if there isn't material for a good class-action lawsuit here. We are far from the only ones having to cope with this crap. I'm not normally much of a fan of the US class-action lawsuit machine, but extracting money from the Bright Datas of the world to make some lawyers richer doesn't sound like an entirely bad proposition.
6
27
58
Show older