The Wake: May 15, 2026

The Wake is a daily briefing from George's saved internet. The issue is written as a newsletter first. The tweets are the source material, preserved below for receipts.

Source window: May 14, 2026. Signals: 16 bookmarks and 1 likes.

Brief

This morning: two converging trends reshaping risk and opportunity in tech. First, a quiet collapse of privacy assumptions: a mainstream VPN is leaking identity cues in a way most users never considered. Second, AI is moving from assistive to autonomous and operational: models are running optimization loops on research problems, shipping on mobile while executing on your devbox, and getting better at formal math. Those trends amplify one another: faster, more autonomous AI increases the payoff of weak anonymity and brittle engineering, while shifting geopolitics and platform churn change who controls the levers. Read the short take, then the implications.

Privacy's thin peel: VPNs, exit IPs, and a new class of deanonymization

A respected VPN is now implicated in what looks like an unexpected deanonymization vector. The problem is not the headline "logs kept" failure. It is a subtle interaction between how exit IPs and user behavior are assigned and observed: a threat model most users never built into their mental model of a privacy product. Early reporting calls it borderline backdoorish because the deanonymization happens without obvious overt logging or policy changes; it is an emergent property of how the system operates.

Why this matters now. As compute and models become more entwined with edge devices and mobile workflows, people will increasingly assume that routing and identity layers are opaque. That assumption is brittle. A small metadata leakage in IP assignment, timing, or session stitching is now enough to deanonymize a target if you have the right external signals. Combine that with automated scraping, model-driven correlation, or powerful adversaries and the problem scales quickly.

Practical read: anonymity is a system property, not a checkbox on a product page. Threat models must include automated correlation at scale and adversaries that can combine ostensibly innocuous signals. If you or your teams rely on VPNs for operational privacy, treat this as an incident to audit systems and user guidance, not as a niche technical curiosity.

AI running labs: autonomous research and accelerating discovery

Over the last 48 hours we saw multiple demonstrations of machines taking more responsibility for their own improvement. Two research stacks: Opus 4.7 and Codex/GPT-5.5: were run on automated optimizers across thousands of trials and tens of thousands of GPU hours. The headline: models tuned by autonomous processes bested a human baseline on a speedrun task. That is incremental in isolation, but telling for system dynamics.

Simultaneously, large LMs are being operationalized: Codex moved into ChatGPT mobile in preview, with execution delegated to your laptop or devbox while the app manages orchestration. Open-source tooling for local agent debugging landed as a one-line install and promises to make testing and traceability straightforward for developer teams.

Put these together and you get a closed loop: models that can run experiments, monitor outcomes, and push code into local or distributed compute. That loop cuts iteration time dramatically. It also changes failure modes. Research mistakes become reproducible at scale; optimization objectives drift; what used to be a weekend of human tuning can become an automated multi-day hunt for brittle local optima that look like progress.

This is the era of "operationalized research": not just model improvements but model-driven infrastructure improvements. Expect faster cycles, more surprising emergent capabilities, and a heavier dependence on observability and principled safety checks.

Tooling and platform churn: languages, plugins, and the developer experience

Developer ecosystems are in flux. Bun's rewrite debate illustrates how language and tooling choices are now fungible and political at once. The point to extract is not "Rust good, Zig bad." It is that modern apps and runtimes can be moved between languages rapidly, which rewrites the calculus of lock-in, security guarantees, and messaging. Leadership choices matter: steering the narrative to the engineering wins, not just the language battle, is a capability some teams are failing to demonstrate.

At the same time, plugin ecosystems are proliferating, and copycat dynamics are accelerating. Expect more competition around extension models and developer UX as platforms seek to be the substrate for the next wave of agents. That race is why simple, well-produced launch videos and zero-friction tooling are more than marketing; they become a liability to competitors and a vector for rapid adoption.

Operational detail: a new generation of agent debuggers (open source, one-line installs) plus mobile-executed Codex mean you can prototype and iterate locally at speed. But they also expand the attack surface: mobile clients orchestrating execution on local machines, plugins with broad permissions, and fast language rewrites increase the chance of regressions and subtle security gaps.

Geopolitics and the research landscape

Anthropic published an outline of the US and democratic allies holding the lead in frontier AI and what it will take to keep it. That framing is important because the technical accelerations above are not evenly distributed. Autonomous optimization and operational stacks favor those with large, coordinated compute, engineering talent, and the capacity to instrument workflows for safety.

The consequence is a strategic dynamic where democracies must decide whether to treat capability as a public good to be stewarded through shared norms and research safety, or leave it to corporate competition. The latter buys speed but not resilience. The former slows some deployments but creates stronger safety primitives. Either way, the technical story is not abstract: how we choose to fund compute, audit models, and govern data flows will determine whether these automations amplify public benefit or concentrate risk.

A note on credibility: extraordinary social-media claims

Viral personal-claim threads flooded timelines yesterday: one student claims to have "solved schizophrenia." These pieces attract attention for emotional reasons and often lack the rigorous controls, peer review, and replication that real biomedical advances require. With AI accelerating hypothesis generation and pattern matching, we will see more plausible-sounding but under-validated claims. Treat them as leads for skeptical investigation, not breakthroughs.

What to watch

• Mullvad follow-ups. Look for technical writeups that explain the exact vector: session stitching, exit IP assignment, timing leaks, or an operational policy mismatch. If a VPN can leak identity via a subtle protocol or implementation detail, others can too.
• Autonomous optimizer research logs. Watch the code and eval artifacts from the Opus/Codex runs for failure modes: reward hacking, overfitting to synthetic benchmarks, and reproducibility issues.
• Codex mobile rollout. The preview is a testbed for model-orchestration UX and security. Track permission models, local execution telemetry, and how orchestration handles interrupted sessions or compromised devboxes.
• Open-source agent debuggers adoption. If teams adopt these debuggers widely, we will see both better testing hygiene and new attack surfaces as reproducible traces become standard artifacts.
• Policy moves from democratic governments. Anthropic's framing will be used by policymakers; watch for funding, export controls, or shared infrastructure proposals that aim to keep the lead.
• Developer platform battles. Bun’s messaging and the plugin wars will shape where developers build agents. Look for friction points that convert to security incidents or mass migrations.

Short version: privacy assumptions are brittle, and AI is turning into a set of automated, operational loops that amplify both innovation and risk. The first task for teams and policymakers is to assume the worst-case composability of systems and act accordingly.

Generated from Birdclaw bookmarks and likes. Edited by Ody before publication.