Andy Greenberg and Matt Burgess, writing at Wired:

For three years, the UCSD and UMD researchers developed and used an off-the-shelf, $800 satellite receiver system on the roof of a university building in the La Jolla seaside neighborhood of San Diego to pick up the communications of geosynchronous satellites in the small band of space visible from their Southern California vantage point. By simply pointing their dish at different satellites and spending months interpreting the obscure—but unprotected—signals they received from them, the researchers assembled an alarming collection of private data: They obtained samples of the contents of Americans’ calls and text messages on T-Mobile’s cellular network, data from airline passengers’ in-flight Wi-Fi browsing, communications to and from critical infrastructure such as electric utilities and offshore oil and gas platforms, and even US and Mexican military and law enforcement communications that revealed the locations of personnel, equipment, and facilities.

...

The researchers say that they’ve spent nearly the past year warning companies and agencies whose sensitive data they found exposed in satellite communications. Most of them, including T-Mobile, moved quickly to encrypt those communications and protect the data. Others, including some owners of vulnerable US critical infrastructure whom the researchers alerted more recently—and declined to name to WIRED—have yet to add encryption to their satellite-based systems.

Scary! Use a VPN when out and about, kids.

Satellites Are Leaking the World’s Secrets: Calls, Texts, Military and Corporate Data

With just $800 in basic equipment, researchers found a stunning variety of data—including thousands of T-Mobile users’ calls and texts and even US military communications—sent by satellites unencrypted.

www.wired.com

Quick Claude Code tip: Create sub-agents for running your test suite and for going Git operations and deployment. You can have the LLM do that grunt work for you, and the ensuing output won't pollute your current working context.

AI

This was a really great interview with Eddy Cue about Apple TV. I don't follow The Town or the host Matthew Belloni (I read about the interview via Daring Fireball, but kudos to him (and to Cue) for an interview that was more engaging than most that I've seen with Apple brass. This is a recommended listen, especially if you're interested in Apple's entry in the streaming wars.

Apple’s True Intentions in Hollywood—With Top Exec Eddy Cue - The Ringer

Matt is joined by Apple senior vice president of services Eddy Cue to discuss all things Apple in Hollywood, including the latest momentum for the studio after big hits like ‘Severance,’ ‘The Studio,’ and ‘F1’; the business model of the streaming service, and much more!

www.theringer.com

Laurene Powell Jobs, in an editorial at The Wall Street Journal:

We are living in a moment when giving is too often used not to serve but to control—to decide what matters and which rules should apply. Some of the loudest voices in public life now assert that their donations give them carte blanche to dictate the terms of belonging.

The whole piece is just on point. Kudos to those who give generously without expectation of recognition or favor.

Laurene Powell Jobs: Beware of Philanthropists Who Want Control in Exchange for Their Giving — The Wall Street Journal

True generosity flows quietly to communities that already know what they need, building capacity not dependency.

apple.news

Steven Levy, has a good article speculating about the potential enshittification of AI.

When one imagines the enshittification of AI, the first thing that comes to mind is advertising. The nightmare is that AI models will make recommendations based on which companies have paid for placement. That’s not happening now, but AI firms are actively exploring the ad space.

Levy asked Cory Doctorow, who coined the term, and he said (among other things):

Because it’s so hard to see what goes on inside the “black boxes” of LLMs, he says, “they have an ability to disguise their enshittifying in a way that would allow them to get away with an awful lot.” Most of all, he says, the “terrible economics” of the field demand that the companies can’t afford to wait and will enshittify even before they deliver value. “I think they’ll try every sweaty gambit you can imagine as the economics circle the drain,” he said.

You just know Doctorow is right: we'll be getting sold stuff by AI with little visibility in no time. As it is, it's hard to see what the incentive structures are when we ask AI questions, and I have no doubt that moral clarity alone is not enough to deter the leaders of those companies from tapping that keg.

Can AI Avoid the Enshittification Trap?

Cory Doctorow’s theory of “enshittification” explains how tech platforms rot from within. As AI grows more profitable—and powerful—it risks the same fate.

www.wired.com

Apple Newsroom:

Apple TV will deliver comprehensive coverage of Formula 1, with all practice, qualifying, Sprint sessions, and Grands Prix available to Apple TV subscribers. Select races and all practice sessions will also be available for free in the Apple TV app throughout the course of the season. In addition to broadcasting Formula 1 on Apple TV, Apple will amplify the sport across Apple News, Apple Maps, Apple Music, and Apple Fitness+. Apple Sports — the free app for iPhone — will feature live updates for every qualifying, Sprint, and race for each Grand Prix across the season, with real-time leaderboards, season driver and constructor standings, Live Activities to follow on the Lock Screen, and a designated widget for the iPhone Home Screen.

I haven't been following F1 for a while, but I will dip in and check out this coverage. I noted that they didn't explicitly mention Vision Pro in this, except in a footnote that noted that Apple TV is available on that platform. I'm still hoping that there will be a more immersive experience for Vision Pro.

Apple is the exclusive new broadcast partner for Formula 1® in the U.S.

Apple and Formula 1 announced a five-year partnership that will bring all F1 races exclusively to Apple TV in the United States beginning next year.

www.apple.com

John Gruber, writing about Halo Fund's announcement of a secondary investment into 1password:

Well I’m sure this will halt 1Password’s rapid descent into enterprise shittiness.

Oof, that's a rough take.

While I was reticent about 1password's path away from a "native app", I have found that it's maintained its high quality. Indeed, the addition of being able to easily (and portably!) store my SSH keys and other credentials and have them filled automagically with a Touch ID authentication everywhere was the best improvement in years. It's even baked into my automated flow to deploy this very site, requesting a Touch ID to complete the deployment, and configuring the site with all the secrets it needs in a secure fashion. It was also very early to the Vision Pro (albeit as an iPad app, but one that needed work to fit in well on Vision Pro), where many other apps eschewed the work necessary to be on that App Store.

Anyway, I know I've heard others in the Apple commentary sphere (like Casey Liss) complain about it, but I'm here to say that I remain a happy 1password user.

‘Halo Fund Announces Strategic Secondary Investment in 1Password’

Link to: https://www.businesswire.com/news/home/20251009156976/en/Halo-Fund-Announces-Strategic-Secondary-Investment-in-1Password

daringfireball.net

Automating Production Releases with AI Agents

I just completed a milestone I'm pretty happy with, so I thought I'd write a post describing it.

As part of my ongoing experiments using AI agents, I created two specialized agents that work together to automate an entire release process---from test verification through production deployment. The "QA Manager" agent ensures code quality, while the "Release Manager" agent orchestrates version control and deployment. (I generally find that it's best to not create AI agents as anthropomorphized replacements for roles traditionally conducted by humans. In this case, these agents are doing a small set of focused tasks, and the names are really just about that narrow responsibility, and not intended to convey that they do everything that real people in those roles would do. Perhaps "deployment orchestrator" and "quality gate" or something similar would have been more appropriate.)

How They Work Together

The agents communicate asynchronously through context files---Markdown-formatted documents in a directory that serves as a shared workspace:

  • test-pass-{timestamp}.md - QA approval signal with test results
  • test-failures-{timestamp}.md - Test failure reports requiring attention
  • test-gaps-{timestamp}.md - Missing test coverage that needs addressing

These timestamped files allow agents to verify recency: the QA approval must be newer than all code changes before deployment proceeds.

The Automated Workflow

QA Manager: Quality Gate

Triggers: Code changes, bug fixes, or pre-release verification

Process:

  1. Checks for existing test reports and compares timestamps with code changes
  2. Analyzes recent commits to understand what behavior changed
  3. Evaluates test coverage for new/modified code
  4. Runs the full test suite
  5. Generates one of three outcomes:
  • test-pass file if all tests pass with adequate coverage
  • test-failures file with detailed failure analysis
  • test-gaps file identifying missing test coverage

Output: A timestamped report that serves as the quality gate for releases

Release Manager: Deployment Orchestrator

Triggers: Explicit deployment request or after feature completion

Process:

Pre-flight

  1. Verifies clean git state and correct branch
  2. Checks QA approval - Reads most recent test-pass-{timestamp}.md
  3. Validates timestamp - QA approval must be newer than all pending changes
  4. If QA approval is stale, invokes QA Manager and waits for fresh approval

Release Creation

  1. Analyzes commits to determine semantic version bump (MAJOR/MINOR/PATCH)
  2. Updates context/release-number with new version
  3. Generates config/version.yml with version, timestamp, and git SHA
  4. Creates comprehensive CHANGELOG.md entry
  5. Commits version changes
  6. Creates annotated git tag
  7. Pushes commits and tags to GitHub

Deployment

  1. Executes deployment to production
  2. Monitors deployment progress
  3. Verifies application health in production

Key Benefits

Rigorous Quality Control—No code reaches production without passing tests and QA verification

Zero Human Error—Automated version bumping, tagging, and changelog generation

Full Traceability—Every release has a git tag, changelog entry, and version metadata

Agent Coordination—QA Manager acts as a hard gate; Release Manager cannot bypass it

Audit Trail—Context files document every decision and verification step

Example Flow

Developer finishes feature:git commit -m "Added version number to system info pane"

User requests deployment:> "Deploy this to production"

Release Manager checks QA approval:No recent test-pass file found

Release Manager invokes QA Manager

  • QA Manager runs test suite
  • All tests pass
  • Creates context/test-pass-20251013-234559.md

Release Manager proceeds

  • Determines version 4.2.0 (MINOR bump), or whatever is appropriate
  • Creates config/version.yml
  • Updates CHANGELOG.md
  • Commits and tags release
  • Deploys to production

The entire process---from code commit to production deployment---is now a coordinated dance between two AI agents, each expert in their small domain, ensuring quality and consistency at every step. Moreover, the main context window I'm using doesn't get polluted with too much of the test running and deployment noise. I've also appreciated that the reports that the agents generate are genuinely useful: they detail the current quality and deployment state of the application over time.

Like I said at the top, I'm pretty happy with the way this is working, and I'm looking forward to iterating on this approach.