Search
1000 results for “Data_Ranger”
-
Cry Later: The Culture That Taught You Not to Grieve
The commands arrive early. They arrive in childhood, in the voices of parents and teachers and coaches and older relatives, and they are delivered with the same authority as instructions about traffic and hot stoves. Cry later. Hold it in. Do not show your emotions. Do not embarrass us. Be strong. Be brave. Be a man. There will be time for that later. Not here. Not now. Not in front of people.
These are grief suppressors. They are issued so routinely and across so many contexts that they have acquired the appearance of common sense. They are not common sense. They are commands to override a biological response that the body is producing for a reason. When a child is told not to cry at a funeral, the child is being told to suppress a neurochemical cascade that is already in progress. The cortisol is elevated, the amygdala has fired, and the body is doing what millions of years of evolution designed it to do when it registers the absence of an attachment figure. The command does not eliminate the response. It drives it underground, where it persists in forms the child cannot name and the adults will not recognize as grief when it resurfaces months or years later as insomnia, stomach pain, an inability to concentrate, a persistent anxiety with no identifiable source.
I have written a book about this. It is called “Go to Every Funeral: How Grief Defines the Living,” and it is published by David Boles Books Writing and Publishing, and the title comes from something I overheard in a cafe in Newark, New Jersey, about twenty-five years ago. A mother told her college-age daughter to go to every funeral, even if she did not want to, even if she did not know the dead person, because funerals are for the living and absence is remembered. I carried those six words for a quarter of a century, through the deaths of my grandmother, my grandfather, my mother, my mentor, two friends, and a cat who sat on my desk for fifteen years, and the book is the result of trying to understand why those words were true and why nobody else had ever said them to me.
The book covers a lot of ground: the neuroscience of grief, the mourning practices of elephants and crows, the history of funerals from the domestic parlor to the corporate funeral home, the economics of death as a market, the global range of mourning from the Torajan highlands to the jazz funerals of New Orleans. But the section I want to talk about here is Part Five, which is about permission. Specifically, about who gets to grieve and who gets told to stop.
The suppression commands are not distributed equally. They fall with particular weight on men, on children, on employees, and on anyone whose grief is judged to be inconvenient by the people around them. Boys are told not to cry with a frequency and an intensity that girls are not, and the instruction begins early enough that by adolescence many boys have internalized it so completely that they experience the suppression as personality rather than training. They do not cry because they are “not the kind of person who cries.” The self-description obscures the years of conditioning that produced it.
The consequences are visible in the data. Men die by suicide at rates roughly four times higher than women in the United States. They are less likely to seek mental health treatment, more likely to self-medicate with alcohol, more likely to convert emotional distress into physical aggression. These are not biological inevitabilities. They are the downstream effects of a culture that tells half its population to suppress the emotional responses the other half is permitted to express. The man who cannot cry at his father’s funeral because he was told, at age six, that men do not cry is not displaying strength. He is displaying the result of a training program that disconnected him from his own grief response, and the disconnection does not eliminate the grief. It makes the grief dangerous, because grief that cannot be expressed as grief will be expressed as something else.
The workplace runs on the same logic. The standard bereavement leave in the United States is three days for the death of an immediate family member. Three days. The body has not even begun to metabolize the cortisol surge in three days. The cognitive map has not begun to update. The neurological process of revising the brain’s internal model of the world, recognizing at the cellular level that the dead person is absent from every context in which they were expected, has barely started. And the employer expects you back at your desk, functioning, participating in meetings about quarterly targets while the fact that your mother is dead has not yet reached the parts of your brain that govern concentration.
Some companies offer five days. Some offer none. Some distinguish between the death of a spouse and the death of a parent and the death of a sibling, granting fewer days as the relationship moves outward from the nuclear center, as though the grief for a brother can be mathematically demonstrated to require less processing time than the grief for a child. The taxonomy of bereavement leave is a document written by human resources departments, and it tells the employee, in the plainest possible terms, how long their grief is permitted to inconvenience the organization.
Then there is the clinical manual. In 2022, prolonged grief disorder was added to the DSM-5-TR, giving clinicians a formal diagnostic category for grief that persists at debilitating intensity beyond twelve months. The addition was controversial among grief researchers, and the controversy is worth understanding, because it reveals how the medical establishment processes the same impulse that drives the workplace policy and the childhood command: the impulse to draw a line, to say that grief is acceptable on this side and pathological on the other, and to give the line the authority of science.
The proponents of the diagnosis argued that a subset of bereaved people, estimated at roughly ten percent, experience grief that does not follow the typical trajectory. The pain does not diminish over time. Functioning does not return. The preoccupation with the dead person remains so intense that it dominates waking life months and years after the death. These people need clinical help, and the diagnosis gives clinicians a framework for providing it, including the possibility of insurance reimbursement for treatment.
The opponents argued that pathologizing grief at twelve months imposes an arbitrary timeline on a process that has no natural expiration date. The twelve-month threshold was chosen because the clinical data showed it as a statistically significant inflection point, the point at which the probability of spontaneous recovery drops sharply. But statistical inflection points are not the same as biological boundaries. The griever at month thirteen is not clinically different from the griever at month eleven. The line exists because the diagnostic system requires lines, and the existence of the line communicates something to the broader culture: that grief beyond a year is officially a mental illness. The employer who was already impatient at three days now has clinical validation for the suspicion that the employee who is still struggling at fourteen months has something wrong with them.
The book argues that this entire apparatus, the childhood commands, the workplace policies, the diagnostic thresholds, is part of a single cultural project: the management of grief for the convenience of everyone except the griever. The child is told to stop because the adults are uncomfortable. The employee is expected back at the desk because the organization needs the labor. The patient receives a diagnosis because the clinical system requires categories. None of these interventions exists primarily to serve the person who is grieving. They exist to contain the grief, to keep it within boundaries that allow the surrounding systems to continue operating without interruption.
Meanwhile, the culture has produced a substitute for communal grief that is worse than the absence of communal grief. Social media has made performative mourning the default public response to death. When a public figure dies, the speed with which users post their condolences has become a measure of social attentiveness. The posts follow a formula: a photograph of the deceased, a statement of shock, a brief personal connection however thin, and a closing declaration of love and loss. The formula is so consistent it has been parodied, and the parodies have not slowed it down, because the function of the post is to perform belonging, to demonstrate that you are the kind of person who feels things, who notices when important people die, who participates in the rituals of the digital public square.
Some of the grief is sincere. The rest is performance, and the performance crowds out the reality. When the feeds are flooded with grief posts after a celebrity death, the person who is actually devastated, the person who had a real connection to the deceased and is not performing but drowning, finds their grief indistinguishable from the display. Their signal disappears into the noise. The communal mourning that is supposed to support the bereaved instead competes with them, reducing a specific and irreplaceable loss to one post among thousands, all using the same photographs, the same phrases, the same hashtags.
This is the inversion of what the mother in the Newark cafe was describing. She said you go to the funeral. You show up. You put your name in the book. You sit in the pew. You bring food to the house afterward. The obligation is physical: you move your body to the place where the grief is, and your presence there is the message. Social media offers the simulation of this presence without the physical fact of it. You post. You perform the gesture. You do not move your body anywhere. You do not sit in an uncomfortable chair in a room that smells like flowers and floor polish. You do not look at the face of the bereaved and allow them to see that you came. You post, and the post is seen or not seen, liked or not liked, and it scrolls away, and the next post is about something else, and the grief has been acknowledged in the same medium and at the same depth as a restaurant recommendation.
Kenneth Doka coined the term “disenfranchised grief” to describe losses the culture refuses to recognize. The death of an ex-spouse. The death of a pet. The death of a patient if you are a nurse. The death of a public figure you never met but whose work was woven into the structure of your daily life. These are real losses producing real grief, and the culture’s refusal to recognize them does not dissolve the grief. It isolates the griever, who cannot bring their loss into the social spaces where grief is processed because the spaces will not admit it. The colleague who lost a dog cannot mention it at work. The fan grieving a musician cannot break down at dinner. A nurse whose patient died that morning cannot ask for a day off. The grief has no approved venue, no sanctioned expression, no communal witness. It persists alone.
What the book asks, across all six of its parts and all seventeen of its chapters, is what happens when you add all of this up. The suppression that begins in childhood and hardens along gendered lines. The workplace that contains it in three days. The diagnostic manual that pathologizes it at twelve months. The industry that monetizes it. The digital platform that simulates it. The disenfranchisement of entire categories of loss. What you get is a culture in which millions of people grieve alone, in private, without the communal infrastructure that every human society in history built to distribute the weight of death across many shoulders. The weight did not get lighter because the infrastructure was removed. The shoulders carrying it just got fewer.
The mother in the cafe knew this. She did not use these words. She did not cite the neuroscience or the sociology or the economics. She tapped the table and told her daughter to go to every funeral, and the instruction contained everything: that grief is communal, that the community is constituted by the people who show up, that presence is the oldest technology of mourning and still the most effective, and that the dead have no needs left, and the living have every need there is.
Go to every funeral. The book is available at BolesBooks.com as a free download, and on Amazon in Kindle ($9.99) and paperback ($15.99) editions.
#bolesBooks #celebration #cremation #culture #davidBoles #funeral #grief #grieving #history #limits #midwest #timeOff #treatment -
The Page Isn’t Dead, Your Attention Is Under Siege
Every few years we are invited to attend the same funeral. Someone declares that nobody reads anymore, that the printed page is finished, that books are an aging technology destined to become a museum object while the living culture migrates to earbuds and short video. It is a tempting story because it flatters our sense that we are witnessing a clean break with the past, a decisive turn of the wheel.
But there is an immediate problem with the obituary. You are reading this right now, right?
That small fact does not prove that reading is thriving, but it does expose the real situation: the page is not dead so much as displaced. Reading has been pushed from the center of ordinary daily life into the margins between pings, feeds, meetings, errands, exhaustion, and the restless need to check what someone else is saying somewhere else.
The more accurate question is not whether books are dead, but what kinds of reading are being replaced, by what, and who benefits from the replacement.
Begin with what refuses to disappear. Print persists, stubbornly, in a market that has had more than enough time to abandon it if abandonment were truly inevitable. In U.S. print tracking that publishers and booksellers use, print book unit sales in 2024 totaled roughly 782.7 million, a slight increase over 2023, and notable precisely because it contradicts the simplistic narrative of collapse.
Now set beside it the other undeniable reality: audio is not a novelty. It is a major growth engine, and it is rapidly becoming the default way many people “read” books in the practical sense of finishing them.
The Audio Publishers Association reported U.S. audiobook sales revenue of $2.22 billion in 2024, up 13 percent over 2023, with digital audiobooks accounting for virtually all revenue. Industry reporting from the Association of American Publishers likewise places digital audio well into the multi-billion-dollar range and growing strongly year over year.
So the honest headline is not that books are dead. The honest headline is that books are mutating into a two-body system: print persists as a durable cultural technology, while audio expands as the most convenient literary delivery system ever built. The question is what this mutation does to attention, comprehension, memory, and the moral habits that a serious reading culture quietly trains.
Here is where the real crisis lives, and it is not a format war.
It is the collapse of leisure reading as a daily practice. A major study published in iScience, drawing on the nationally representative American Time Use Survey from 2003 to 2023, reports a sharp drop in the share of Americans who read for pleasure on an average day, from roughly 28 percent in 2004 to about 16 percent in 2023. The same research emphasizes widening disparities by income, education, race, and geography, which should trouble anyone who still believes reading is part of a democratic baseline rather than a luxury good for the secure.
It is worth saying plainly what is at stake. Reading is not only entertainment. It is one of the few broadly accessible disciplines that trains sustained attention, inference, patience, perspective-taking, and the capacity to follow an argument beyond a slogan. When that habit shrinks, it is not merely culture that changes; it is citizenship that thins.
Why does it feel, in the body, as if nobody reads? Because the default posture of modern media is designed to fracture the mind. The attention economy does not merely offer alternatives to reading; it profits from making deep attention difficult. That is why the battle is less about paper versus headphones and more about whether anyone can still defend unbroken time against systems engineered to interrupt it.
Across the contemporary media landscape, the pattern is visible in sober measurement. Recent national communications data in the United Kingdom reports substantial daily online time for adults and heavy use of platform video, including YouTube, which has become a default entertainment and information channel.
Even if you resist importing one country’s metrics into another’s conclusions, the direction remains unmistakable: devices have shifted the human posture from sit down and attend to carry it with you and sample.
At this point, many people reach for a comforting relativism: perhaps listening is simply the new reading, perhaps it is all the same, perhaps we should stop worrying. I reject the smug sneer that listening is cheating, because it is historically illiterate and culturally vain. For most of human history, literature lived in voice: in recitation, sermon, theater, public reading, storytelling. Audio is not a betrayal of literature. It is one of literature’s native bodies returning with modern convenience.
But the return of voice does not erase the distinct cognitive environment of the page. Listening is not inferior. It is different. Scholarly reviews comparing audiobook listening and print reading emphasize again and again that outcomes depend on context, text type, and learner characteristics, which is another way of saying that the medium shapes the mind in specific, contingent ways.
Listening is temporal and flowing; it can deepen immersion and restore tone, pacing, irony, and emotion through performance. Yet it can also invite passivity when treated as background noise, a productivity hack, a way to consume a book while doing something else. The art of listening, like the art of reading, requires intention, and our era trains intention poorly.
The printed page survives not because it is romantic, but because it performs certain tasks better than anything else. A printed book is finite, quiet, and spatial.
It does not ping.
It offers stable visual architecture, which matters when you are following a complex argument, revisiting earlier claims, tracking structure, or simply trying to remember where an idea lived on the page.
This is not nostalgia; it is cognition. Large-scale research syntheses comparing reading comprehension on paper versus screens have found a modest but consistent comprehension advantage for paper in many settings, with the size of the gap influenced by factors such as time pressure and reading purpose. Screens can host deep reading, yes, but most screens are not designed to protect it. Most screens are designed to keep you moving.
If there is a single sentence that captures the future, it is this: print will increasingly become a premium environment for attention, while audio will increasingly become the most widespread on-ramp to books. Consumer research from the audiobook industry reports that a majority of American adults have listened to an audiobook, which makes audio not an edge case but a normalized channel for literary experience.
There is another force constricting reading that has nothing to do with social video and everything to do with power: restriction. If we speak honestly about the death of reading, we must name the political and institutional assault on access.
PEN America’s reporting on U.S. public school book bans for the 2023 to 2024 school year documents 10,046 instances of bans affecting 4,231 unique titles. The American Library Association’s data for 2024 reports hundreds of censorship attempts across libraries, schools, and universities, involving thousands of titles. A society does not innocently drift away from books while simultaneously organizing to remove books from young readers’ reach. One is a technological pressure; the other is a deliberate project.
So what is the future of the word on the page? It will not die off, but it will change its social role. Reading will become less default and more chosen, more ritualized. People will read the way some people now cook from scratch: as an act that signals values, protects mental health, and asserts autonomy against convenience.
That is a loss, because reading as a democratic baseline is better than reading as a boutique practice, but it is also a realistic description of where our incentives have pushed us.
The book will also become more explicitly multi-modal.
Not in the shallow sense of attaching gimmicks to text, but in the practical sense that many works will live as a set: print for study and annotation, audio for performance and immersion, digital text for portability and search. Industry survey work already suggests emerging tensions about synthetic narration versus human performance, pointing toward a future in which audio splits into low-cost synthetic delivery and premium human interpretation.
And the word will become more contested, not less. As reading time becomes scarcer and access becomes more politicized, books become sharper symbols.
That is exactly why they are targeted. It is also why libraries, schools, and independent bookstores remain civic institutions rather than mere retailers. The future of the page will be decided less by technology than by whether citizens insist that access to ideas is not negotiable.
If you want the historical arc, it is not a clean fall from Eden but a long series of shifts in media attention. Industrial printing expanded mass literacy and mass publishing; television displaced some leisure reading; early digital text and then smartphones turned reading into an always-available screen activity; algorithmic short-form video normalized rapid sampling as a default leisure pattern. By the early 2020s, measurable decline in daily pleasure reading had become stark even as print unit sales remained resilient and audio revenues surged.
The lesson is that forms persist. What changes is the ecology of attention.
My conclusion is simple and unsentimental. Books are not dead. Print is not finished. Audio is not the enemy. The real enemy is the conversion of human attention into a strip-mined resource, and the use of moral panic to restrict access to what remains.
A culture that abandons deep reading does not merely lose a pastime. It loses a mode of thought that underwrites serious self-government.
So yes, the word will transform. It will hybridize. It will travel by paper and by voice and by pixels. But whether it dies off depends on something far more basic than format.
It depends on whether we still believe, stubbornly and publicly, that sustained attention is a virtue, that access to books is a civic right, and that the interior life is not an inconvenience to be optimized away.
And if you are reading this right now, you already know the page is not dead. You are holding it open.
#audiobooks #bolesBooks #davidBoles #digtal #ereader #experience #life #meaning #reading #silo #socialMedia #words -
The Page Isn’t Dead, Your Attention Is Under Siege
Every few years we are invited to attend the same funeral. Someone declares that nobody reads anymore, that the printed page is finished, that books are an aging technology destined to become a museum object while the living culture migrates to earbuds and short video. It is a tempting story because it flatters our sense that we are witnessing a clean break with the past, a decisive turn of the wheel.
But there is an immediate problem with the obituary. You are reading this right now, right?
That small fact does not prove that reading is thriving, but it does expose the real situation: the page is not dead so much as displaced. Reading has been pushed from the center of ordinary daily life into the margins between pings, feeds, meetings, errands, exhaustion, and the restless need to check what someone else is saying somewhere else.
The more accurate question is not whether books are dead, but what kinds of reading are being replaced, by what, and who benefits from the replacement.
Begin with what refuses to disappear. Print persists, stubbornly, in a market that has had more than enough time to abandon it if abandonment were truly inevitable. In U.S. print tracking that publishers and booksellers use, print book unit sales in 2024 totaled roughly 782.7 million, a slight increase over 2023, and notable precisely because it contradicts the simplistic narrative of collapse.
Now set beside it the other undeniable reality: audio is not a novelty. It is a major growth engine, and it is rapidly becoming the default way many people “read” books in the practical sense of finishing them.
The Audio Publishers Association reported U.S. audiobook sales revenue of $2.22 billion in 2024, up 13 percent over 2023, with digital audiobooks accounting for virtually all revenue. Industry reporting from the Association of American Publishers likewise places digital audio well into the multi-billion-dollar range and growing strongly year over year.
So the honest headline is not that books are dead. The honest headline is that books are mutating into a two-body system: print persists as a durable cultural technology, while audio expands as the most convenient literary delivery system ever built. The question is what this mutation does to attention, comprehension, memory, and the moral habits that a serious reading culture quietly trains.
Here is where the real crisis lives, and it is not a format war.
It is the collapse of leisure reading as a daily practice. A major study published in iScience, drawing on the nationally representative American Time Use Survey from 2003 to 2023, reports a sharp drop in the share of Americans who read for pleasure on an average day, from roughly 28 percent in 2004 to about 16 percent in 2023. The same research emphasizes widening disparities by income, education, race, and geography, which should trouble anyone who still believes reading is part of a democratic baseline rather than a luxury good for the secure.
It is worth saying plainly what is at stake. Reading is not only entertainment. It is one of the few broadly accessible disciplines that trains sustained attention, inference, patience, perspective-taking, and the capacity to follow an argument beyond a slogan. When that habit shrinks, it is not merely culture that changes; it is citizenship that thins.
Why does it feel, in the body, as if nobody reads? Because the default posture of modern media is designed to fracture the mind. The attention economy does not merely offer alternatives to reading; it profits from making deep attention difficult. That is why the battle is less about paper versus headphones and more about whether anyone can still defend unbroken time against systems engineered to interrupt it.
Across the contemporary media landscape, the pattern is visible in sober measurement. Recent national communications data in the United Kingdom reports substantial daily online time for adults and heavy use of platform video, including YouTube, which has become a default entertainment and information channel.
Even if you resist importing one country’s metrics into another’s conclusions, the direction remains unmistakable: devices have shifted the human posture from sit down and attend to carry it with you and sample.
At this point, many people reach for a comforting relativism: perhaps listening is simply the new reading, perhaps it is all the same, perhaps we should stop worrying. I reject the smug sneer that listening is cheating, because it is historically illiterate and culturally vain. For most of human history, literature lived in voice: in recitation, sermon, theater, public reading, storytelling. Audio is not a betrayal of literature. It is one of literature’s native bodies returning with modern convenience.
But the return of voice does not erase the distinct cognitive environment of the page. Listening is not inferior. It is different. Scholarly reviews comparing audiobook listening and print reading emphasize again and again that outcomes depend on context, text type, and learner characteristics, which is another way of saying that the medium shapes the mind in specific, contingent ways.
Listening is temporal and flowing; it can deepen immersion and restore tone, pacing, irony, and emotion through performance. Yet it can also invite passivity when treated as background noise, a productivity hack, a way to consume a book while doing something else. The art of listening, like the art of reading, requires intention, and our era trains intention poorly.
The printed page survives not because it is romantic, but because it performs certain tasks better than anything else. A printed book is finite, quiet, and spatial.
It does not ping.
It offers stable visual architecture, which matters when you are following a complex argument, revisiting earlier claims, tracking structure, or simply trying to remember where an idea lived on the page.
This is not nostalgia; it is cognition. Large-scale research syntheses comparing reading comprehension on paper versus screens have found a modest but consistent comprehension advantage for paper in many settings, with the size of the gap influenced by factors such as time pressure and reading purpose. Screens can host deep reading, yes, but most screens are not designed to protect it. Most screens are designed to keep you moving.
If there is a single sentence that captures the future, it is this: print will increasingly become a premium environment for attention, while audio will increasingly become the most widespread on-ramp to books. Consumer research from the audiobook industry reports that a majority of American adults have listened to an audiobook, which makes audio not an edge case but a normalized channel for literary experience.
There is another force constricting reading that has nothing to do with social video and everything to do with power: restriction. If we speak honestly about the death of reading, we must name the political and institutional assault on access.
PEN America’s reporting on U.S. public school book bans for the 2023 to 2024 school year documents 10,046 instances of bans affecting 4,231 unique titles. The American Library Association’s data for 2024 reports hundreds of censorship attempts across libraries, schools, and universities, involving thousands of titles. A society does not innocently drift away from books while simultaneously organizing to remove books from young readers’ reach. One is a technological pressure; the other is a deliberate project.
So what is the future of the word on the page? It will not die off, but it will change its social role. Reading will become less default and more chosen, more ritualized. People will read the way some people now cook from scratch: as an act that signals values, protects mental health, and asserts autonomy against convenience.
That is a loss, because reading as a democratic baseline is better than reading as a boutique practice, but it is also a realistic description of where our incentives have pushed us.
The book will also become more explicitly multi-modal.
Not in the shallow sense of attaching gimmicks to text, but in the practical sense that many works will live as a set: print for study and annotation, audio for performance and immersion, digital text for portability and search. Industry survey work already suggests emerging tensions about synthetic narration versus human performance, pointing toward a future in which audio splits into low-cost synthetic delivery and premium human interpretation.
And the word will become more contested, not less. As reading time becomes scarcer and access becomes more politicized, books become sharper symbols.
That is exactly why they are targeted. It is also why libraries, schools, and independent bookstores remain civic institutions rather than mere retailers. The future of the page will be decided less by technology than by whether citizens insist that access to ideas is not negotiable.
If you want the historical arc, it is not a clean fall from Eden but a long series of shifts in media attention. Industrial printing expanded mass literacy and mass publishing; television displaced some leisure reading; early digital text and then smartphones turned reading into an always-available screen activity; algorithmic short-form video normalized rapid sampling as a default leisure pattern. By the early 2020s, measurable decline in daily pleasure reading had become stark even as print unit sales remained resilient and audio revenues surged.
The lesson is that forms persist. What changes is the ecology of attention.
My conclusion is simple and unsentimental. Books are not dead. Print is not finished. Audio is not the enemy. The real enemy is the conversion of human attention into a strip-mined resource, and the use of moral panic to restrict access to what remains.
A culture that abandons deep reading does not merely lose a pastime. It loses a mode of thought that underwrites serious self-government.
So yes, the word will transform. It will hybridize. It will travel by paper and by voice and by pixels. But whether it dies off depends on something far more basic than format.
It depends on whether we still believe, stubbornly and publicly, that sustained attention is a virtue, that access to books is a civic right, and that the interior life is not an inconvenience to be optimized away.
And if you are reading this right now, you already know the page is not dead. You are holding it open.
#audiobooks #bolesBooks #davidBoles #digtal #ereader #experience #life #meaning #reading #silo #socialMedia #words -
The Page Isn’t Dead, Your Attention Is Under Siege
Every few years we are invited to attend the same funeral. Someone declares that nobody reads anymore, that the printed page is finished, that books are an aging technology destined to become a museum object while the living culture migrates to earbuds and short video. It is a tempting story because it flatters our sense that we are witnessing a clean break with the past, a decisive turn of the wheel.
But there is an immediate problem with the obituary. You are reading this right now, right?
That small fact does not prove that reading is thriving, but it does expose the real situation: the page is not dead so much as displaced. Reading has been pushed from the center of ordinary daily life into the margins between pings, feeds, meetings, errands, exhaustion, and the restless need to check what someone else is saying somewhere else.
The more accurate question is not whether books are dead, but what kinds of reading are being replaced, by what, and who benefits from the replacement.
Begin with what refuses to disappear. Print persists, stubbornly, in a market that has had more than enough time to abandon it if abandonment were truly inevitable. In U.S. print tracking that publishers and booksellers use, print book unit sales in 2024 totaled roughly 782.7 million, a slight increase over 2023, and notable precisely because it contradicts the simplistic narrative of collapse.
Now set beside it the other undeniable reality: audio is not a novelty. It is a major growth engine, and it is rapidly becoming the default way many people “read” books in the practical sense of finishing them.
The Audio Publishers Association reported U.S. audiobook sales revenue of $2.22 billion in 2024, up 13 percent over 2023, with digital audiobooks accounting for virtually all revenue. Industry reporting from the Association of American Publishers likewise places digital audio well into the multi-billion-dollar range and growing strongly year over year.
So the honest headline is not that books are dead. The honest headline is that books are mutating into a two-body system: print persists as a durable cultural technology, while audio expands as the most convenient literary delivery system ever built. The question is what this mutation does to attention, comprehension, memory, and the moral habits that a serious reading culture quietly trains.
Here is where the real crisis lives, and it is not a format war.
It is the collapse of leisure reading as a daily practice. A major study published in iScience, drawing on the nationally representative American Time Use Survey from 2003 to 2023, reports a sharp drop in the share of Americans who read for pleasure on an average day, from roughly 28 percent in 2004 to about 16 percent in 2023. The same research emphasizes widening disparities by income, education, race, and geography, which should trouble anyone who still believes reading is part of a democratic baseline rather than a luxury good for the secure.
It is worth saying plainly what is at stake. Reading is not only entertainment. It is one of the few broadly accessible disciplines that trains sustained attention, inference, patience, perspective-taking, and the capacity to follow an argument beyond a slogan. When that habit shrinks, it is not merely culture that changes; it is citizenship that thins.
Why does it feel, in the body, as if nobody reads? Because the default posture of modern media is designed to fracture the mind. The attention economy does not merely offer alternatives to reading; it profits from making deep attention difficult. That is why the battle is less about paper versus headphones and more about whether anyone can still defend unbroken time against systems engineered to interrupt it.
Across the contemporary media landscape, the pattern is visible in sober measurement. Recent national communications data in the United Kingdom reports substantial daily online time for adults and heavy use of platform video, including YouTube, which has become a default entertainment and information channel.
Even if you resist importing one country’s metrics into another’s conclusions, the direction remains unmistakable: devices have shifted the human posture from sit down and attend to carry it with you and sample.
At this point, many people reach for a comforting relativism: perhaps listening is simply the new reading, perhaps it is all the same, perhaps we should stop worrying. I reject the smug sneer that listening is cheating, because it is historically illiterate and culturally vain. For most of human history, literature lived in voice: in recitation, sermon, theater, public reading, storytelling. Audio is not a betrayal of literature. It is one of literature’s native bodies returning with modern convenience.
But the return of voice does not erase the distinct cognitive environment of the page. Listening is not inferior. It is different. Scholarly reviews comparing audiobook listening and print reading emphasize again and again that outcomes depend on context, text type, and learner characteristics, which is another way of saying that the medium shapes the mind in specific, contingent ways.
Listening is temporal and flowing; it can deepen immersion and restore tone, pacing, irony, and emotion through performance. Yet it can also invite passivity when treated as background noise, a productivity hack, a way to consume a book while doing something else. The art of listening, like the art of reading, requires intention, and our era trains intention poorly.
The printed page survives not because it is romantic, but because it performs certain tasks better than anything else. A printed book is finite, quiet, and spatial.
It does not ping.
It offers stable visual architecture, which matters when you are following a complex argument, revisiting earlier claims, tracking structure, or simply trying to remember where an idea lived on the page.
This is not nostalgia; it is cognition. Large-scale research syntheses comparing reading comprehension on paper versus screens have found a modest but consistent comprehension advantage for paper in many settings, with the size of the gap influenced by factors such as time pressure and reading purpose. Screens can host deep reading, yes, but most screens are not designed to protect it. Most screens are designed to keep you moving.
If there is a single sentence that captures the future, it is this: print will increasingly become a premium environment for attention, while audio will increasingly become the most widespread on-ramp to books. Consumer research from the audiobook industry reports that a majority of American adults have listened to an audiobook, which makes audio not an edge case but a normalized channel for literary experience.
There is another force constricting reading that has nothing to do with social video and everything to do with power: restriction. If we speak honestly about the death of reading, we must name the political and institutional assault on access.
PEN America’s reporting on U.S. public school book bans for the 2023 to 2024 school year documents 10,046 instances of bans affecting 4,231 unique titles. The American Library Association’s data for 2024 reports hundreds of censorship attempts across libraries, schools, and universities, involving thousands of titles. A society does not innocently drift away from books while simultaneously organizing to remove books from young readers’ reach. One is a technological pressure; the other is a deliberate project.
So what is the future of the word on the page? It will not die off, but it will change its social role. Reading will become less default and more chosen, more ritualized. People will read the way some people now cook from scratch: as an act that signals values, protects mental health, and asserts autonomy against convenience.
That is a loss, because reading as a democratic baseline is better than reading as a boutique practice, but it is also a realistic description of where our incentives have pushed us.
The book will also become more explicitly multi-modal.
Not in the shallow sense of attaching gimmicks to text, but in the practical sense that many works will live as a set: print for study and annotation, audio for performance and immersion, digital text for portability and search. Industry survey work already suggests emerging tensions about synthetic narration versus human performance, pointing toward a future in which audio splits into low-cost synthetic delivery and premium human interpretation.
And the word will become more contested, not less. As reading time becomes scarcer and access becomes more politicized, books become sharper symbols.
That is exactly why they are targeted. It is also why libraries, schools, and independent bookstores remain civic institutions rather than mere retailers. The future of the page will be decided less by technology than by whether citizens insist that access to ideas is not negotiable.
If you want the historical arc, it is not a clean fall from Eden but a long series of shifts in media attention. Industrial printing expanded mass literacy and mass publishing; television displaced some leisure reading; early digital text and then smartphones turned reading into an always-available screen activity; algorithmic short-form video normalized rapid sampling as a default leisure pattern. By the early 2020s, measurable decline in daily pleasure reading had become stark even as print unit sales remained resilient and audio revenues surged.
The lesson is that forms persist. What changes is the ecology of attention.
My conclusion is simple and unsentimental. Books are not dead. Print is not finished. Audio is not the enemy. The real enemy is the conversion of human attention into a strip-mined resource, and the use of moral panic to restrict access to what remains.
A culture that abandons deep reading does not merely lose a pastime. It loses a mode of thought that underwrites serious self-government.
So yes, the word will transform. It will hybridize. It will travel by paper and by voice and by pixels. But whether it dies off depends on something far more basic than format.
It depends on whether we still believe, stubbornly and publicly, that sustained attention is a virtue, that access to books is a civic right, and that the interior life is not an inconvenience to be optimized away.
And if you are reading this right now, you already know the page is not dead. You are holding it open.
#audiobooks #bolesBooks #davidBoles #digtal #ereader #experience #life #meaning #reading #silo #socialMedia #words -
FALLING BEHIND: Wales’s jobs gap with the rest of the UK has widened again — and wages are lagging too, new research finds
Wales has fallen further behind the rest of the UK on jobs, pay and living standards, according to a major new independent report published today — with the employment gap that narrowed during the 2000s and 2010s now wider than at any point since before the last financial crisis.
The findings come from the Institute for Fiscal Studies, one of the UK’s leading independent economic research organisations, in a briefing paper published as part of a series specifically examining the Welsh economy ahead of next month’s Senedd election.
The headline finding is stark. Wales’s employment rate for 16 to 64-year-olds stands at around 71%, compared to 75% in the rest of the UK — a gap of approximately four percentage points. That gap had been narrowed significantly in the decade leading up to the pandemic, falling to around two percentage points in the second half of the 2010s. But Wales’s employment rate fell more sharply after Covid-19 than the rest of the UK, and has not recovered at the same pace, reopening the divide.
As Swansea Bay News has previously reported, Wales already has the lowest employment rate of any UK nation and the highest economic inactivity rate in Great Britain — with nearly one in four working-age adults not in work and not looking for a job. The IFS findings add independent academic weight to a trend already visible in national statistics.
On pay, the picture is similarly challenging. Welsh workers earned a median monthly wage of £2,401 in 2025 — around 5% below the UK median. That gap has narrowed only marginally over the past decade, from just over 6% in 2015. The mean pay gap is even wider at 16%, reflecting the fact that Wales has relatively few high earners, both because of the shape of its economy and because Welsh employers tend to host fewer of the highest-paid roles within any given sector.
The pay divide between Wales and the rest of the UK is almost twice as large in the private sector as in the public sector. That imbalance has a striking consequence: public sector workers in Wales out-earn private sector workers of the same age, sex, education and experience — the reverse of the pattern seen across England as a whole.
Those lower wages, combined with lower employment, feed directly into household incomes. Median household net incomes in Wales are nearly 6% lower than the UK average. The gap is present across the entire income distribution but is largest at the top — 4% lower at the tenth percentile, widening to 13% lower at the ninetieth. Lower housing costs in Wales provide only partial relief, according to the IFS.
Jed Michael, one of the report’s authors and a research economist at the IFS, said the data presented a clear challenge for whoever forms the next Welsh Government. “After catching up during the first two decades of the 21st century, more recent data suggest Wales’s employment rate has fallen behind the rest of the UK,” he said. “When combined with lower earnings, this lower employment rate means both lower average household incomes and a slightly higher poverty rate than the UK as a whole — despite lower housing costs.”
Michael added that the structure of Welsh devolution limited the tools available to address poverty directly. “The Welsh Government has limited control over benefits, which are generally the most direct way to boost the income of low-income households,” he said, pointing to employment, productivity and earnings as the levers that must be pulled instead.
The report also notes that improving the employment picture would not only raise living standards but directly benefit the Welsh Government’s own finances — through higher devolved income tax revenues and lower spending on devolved benefits such as the council tax reduction scheme.
The findings landed immediately in the election campaign. Samuel Kurtz MS, Welsh Conservative Shadow Cabinet Secretary for the Economy, said the report confirmed “what people across Wales already feel.” He said: “Fewer people in work, lower wages, and living standards lagging behind the rest of the UK. The Welsh Conservatives have a clear and credible plan to get Wales working — cutting taxes, backing businesses, and creating the conditions for higher wages and more jobs.”
The IFS report is the fourth in a series of Welsh election briefings funded by the Nuffield Foundation. It does not attribute blame for the trends it identifies to any particular party or government, focusing instead on the data and its implications for future policy.
The employment picture is particularly relevant to communities across South West Wales. Swansea has recorded the weakest payroll performance of any Welsh city region in recent months, with a net loss of more than 1,300 jobs on payroll in the year to January 2026. That places the city at the bottom of a league table of Welsh regions at a time when the national picture is already challenging.
The picture in Swansea is not entirely bleak, however, and the IFS data captures trends at a regional level that don’t always reflect the grain of individual investment decisions. A significant wave of business activity has been reported in the city in recent months. Amazon-owned tech firm Veeqo has opened its new headquarters at the 71/72 Kingsway development, where global workspace operator IWG has also taken 20,000 square feet — part of a Kingsway scheme that has attracted its first wave of tenants and formally opened in recent weeks, with a further office development now under way at the former St David’s site. Amazon itself has pointed to £2.4 billion in Welsh investment with Swansea at its centre.
Beyond the office sector, retailers including Skechers and Boyes have arrived in the city, Greggs has opened a larger city centre shop as part of the ongoing regeneration programme, and a Penllergaer distribution warehouse — approved by Swansea Council’s planning committee this week — is expected to create around 250 jobs when operational. Homegrown businesses are also making their mark: a Swansea firm recently secured £8 million to develop deep-sea wind power technology, Swansea Building Society has expanded its branch network and launched a new app on the back of strong demand, and a women-led city brewery has been celebrating growth. Travis Perkins has relocated its Swansea branch to a larger site in Llansamlet, creating new jobs in the process.
The IFS report itself acknowledges that improving the employment and earnings picture is a long-term structural challenge, not one that turns on any single investment or announcement. For people in Swansea and across South West Wales, the question the data poses is whether the visible signs of regeneration and investment are translating into better-paid, more secure work — and the IFS findings suggest that on the numbers currently available, the answer is not yet a clear yes.
The IFS’s analysis is based on a range of official data sources including the Annual Survey of Hours and Earnings and the Family Resources Survey, with the authors noting that well-documented problems with UK labour market data mean the precise employment figures should be treated with some caution, even as the broader trend is clear across multiple datasets.
Related stories from Swansea Bay News
ONS figures show Wales unemployment at highest level since 2015
The national statistics that set the backdrop to today’s IFS findings — Wales already had the worst employment rate of any UK nation.BOTTOM OF THE PILE: Swansea recorded as weakest for jobs in Wales as payroll numbers plunge
The local dimension to the national picture — Swansea sitting at the bottom of the Welsh jobs league table.Amazon says £2.4bn investment has boosted Wales — with Swansea at the centre
The investment case being made for Swansea — and the question of whether it’s closing the gap the IFS has identified.SENEDD SHAKE-UP: Winners and losers revealed as First Minister on course to lose seat
#Business #Economy #employment #IFS #InstituteForFiscalStudies #jobs #livingStandards #pay #unemployment #wages #WelshEconomy
The election context in which today’s IFS report lands — and what the economic picture means for voters on May 7. -
The growing body of research we have been conducting on #TheGrackleProject is showing that #behavioral #flexibility enables birds to #adapt to #human #modified #habitats 🌆 , but plays a smaller role in expanding into new #geographic areas 🗺️
Moving to new towns likely involves more #persistence because we previously found that grackles on the edge of their range in northern California had similar levels of average flexibility (though higher variance), but were more persistent than grackles nearer the center of their range in Arizona https://peercommunityjournal.org/articles/10.24072/pcjournal.320/
This is also supported by the fact that the preliminary data we were able to collect on persistence in boat-tailed grackles (who are not rapidly expanding their geographic range) showed that they are less persistent than great-tailed grackles, while having similar levels of flexibility
Articles: https://doi.org/10.24072/pcjournal.573 and https://doi.org/10.24072/pcjournal.582
Press release: https://www.mpg.de/25000634/0701-evan-when-the-city-comes-to-you-150495-x -
Under Trump, #EPA’s enforcement of environmental laws collapses, report finds
By analyzing a range of federal court and administrative data, the nonprofit Environmental Integrity Project found that civil lawsuits filed by the US Department of Justice in cases referred by the #EnvironmentalProtectionAgency dropped to just 16 in the first 12 months after Trump’s inauguration on Jan. 20, 2025. That is 76% less than in the first year of the Biden administration.
https://arstechnica.com/science/2026/02/under-trump-epas-enforcement-of-environmental-laws-collapses-report-finds/ -
DATE: May 14, 2026 at 06:00AM
SOURCE: PSYPOST.ORG** Research quality varies widely from fantastic to small exploratory studies. Please check research methods when conclusions are very important to you. **
-------------------------------------------------TITLE: Scientists discover a new gut-brain-heart connection that regulates blood pressure
Recent research published in Circulation Research provides evidence that a specific molecule produced by gut bacteria can protect the heart from stiffness and dysfunction by communicating directly with the brain. The study suggests that restoring this bacterial by-product might offer a new way to approach high blood pressure and related heart conditions.
Hypertension and related cardiovascular conditions involve a complex interaction among the digestive, nervous, and cardiovascular systems. High blood pressure tends to force the heart muscle to become stiff and lose its ability to relax properly between beats, a condition known as diastolic dysfunction. This stiffness represents a major physiological cause of heart failure, but the biological signals that initiate this structural change remain poorly understood.
To understand this process, researchers aimed to identify the chemical messengers that link these physiological systems. “Hypertension is a systemic condition driven by complex interactions between the gut, brain, kidneys, and cardiovascular system,” said study author Suphansa Sawamiphak, a principal investigator at the Max Delbrück Center for Molecular Medicine in the Helmholtz Association in Berlin, Germany.
“While we knew that high blood pressure is associated with gut dysbiosis and often compromises the heart’s ability to relax, the precise molecular signals linking these systems were missing. We wanted to bridge this gap and identify the specific microbial metabolites that mediate this interorgan communication during hypertensive stress.”
To study this biological connection, the scientists used a specialized zebrafish model. Zebrafish larvae are largely transparent, allowing researchers to observe their beating hearts and circulating blood in real time using high-speed microscopes. The team induced high blood pressure in the larvae by rearing them in water with progressively lower salt concentrations over five days. This low-ion environment forced the fish to activate internal hormonal mechanisms to retain sodium, which in turn increased their blood pressure and caused their heart muscles to stiffen.
The researchers first analyzed the gut bacteria of the zebrafish after the five-day hypertensive challenge. By sequencing the genetic material of the bacteria in the digestive tracts of ten treated groups and eleven control groups, they found a marked decrease in overall bacterial diversity. The stressed fish lost specific bacteria responsible for breaking down tryptophan, an amino acid found in food, into indole molecules.
The team then tested whether the presence of gut bacteria was necessary to protect the heart. They raised groups of eight to twelve germ-free zebrafish, meaning the fish completely lacked any gut microbes. When exposed to the same low-salt stress, these germ-free fish exhibited more severe blood pressure spikes and worsened heart stiffness compared to fish with normal gut bacteria. This finding provides evidence that a healthy microbial community helps shield the cardiovascular system from damage.
Next, the researchers examined the specific chemical by-products produced by the gut bacteria. Using mass spectrometry, a specialized laboratory technique that measures the mass and concentration of different molecules, they analyzed the intestines of the fish. They found that the stressed fish had significantly lower levels of indole-3 acetic acid, a specific byproduct of tryptophan metabolism, compared to healthy fish.
This depletion of beneficial molecules has a cascading effect on the body’s stress response. “Our gut microbiome actively protects the heart during hypertensive challenges by producing specific molecules, notably Indole-3 Acetic Acid (IAA), derived from dietary tryptophan,” Sawamiphak explained. “When high blood pressure disrupts the microbiome, the resulting loss of IAA removes a brake on the brain’s stress signaling, specifically within hypocretin-producing neurons. This missing brake leads to sympathetic overdrive, compromising the heart muscle’s ability to properly relax between beats (diastolic dysfunction).”
To see if replacing this missing molecule could help, the scientists administered indole-3 acetic acid directly into the digestive tracts of the fish. Fish that received this supplement maintained normal blood pressure and healthy heart function, even when exposed to the low-salt stress. The treatment prevented the individual heart muscle cells from enlarging and kept the main pumping chambers of the heart relaxing normally between beats.
The researchers then looked at the brain to understand how a gut molecule could protect the heart. They focused on hypocretin neurons, a specialized group of brain cells in the hypothalamus that help regulate involuntary functions like heart rate and blood vessel constriction. Using special fluorescent markers that light up when neurons are active, they observed that the hypocretin neurons became highly overactive during the hypertensive stress. Giving the fish indole-3 acetic acid quieted these brain cells back to normal baseline levels.
Further experiments revealed exactly how the molecule influenced the brain. The scientists found that hypocretin neurons possess a specific chemical sensor called the aryl hydrocarbon receptor. When they injected indole-3 acetic acid directly into the brain cavities of the fish, it activated this receptor and protected the heart from stiffening. If they blocked the receptor with a chemical inhibitor, the protective effects completely disappeared.
By preventing the hypocretin neurons from becoming overactive, the indole-3 acetic acid stopped an excessive cascade of nervous system signals from reaching the heart. Using a technique called calcium imaging to monitor nerve activity in live fish, the team saw that the treatment calmed the sympathetic nervous system, which is the network responsible for the body’s physical responses to stress. The treatment also lowered the systemic levels of hormones that constrict blood vessels, acting on multiple fronts to protect the cardiovascular system.
To determine if these findings translate to humans, the researchers analyzed blood samples from a cohort of 194 individuals under the age of fifty. This group included 97 patients with high blood pressure and 97 healthy individuals, matched for age, sex, and body mass index. The scientists found that the patients with hypertension had significantly lower levels of indole-3 acetic acid in their blood.
This clinical data strongly mirrored the physiological changes observed in the animal models. “We were struck by how potently a single microbial metabolite, IAA, could act centrally in the brain to simultaneously prevent both neurogenic (sympathetic overdrive) and hormonal (renin-angiotensin system) drivers of hypertension,” Sawamiphak said. “Furthermore, finding that this specific depletion of circulating IAA is strongly conserved in a human hypertensive cohort, with a particularly pronounced sex-specific reduction in female patients, was a remarkable validation of our zebrafish model.”
While the study provides substantial evidence for a gut-brain-heart connection, it has some limitations. Zebrafish models offer a simplified view of biology and do not capture the full complexity of human aging or metabolic diseases that often accompany heart problems. The human data used in the study is observational, meaning it shows a link between low indole-3 acetic acid and high blood pressure but does not prove that one causes the other in people.
The authors caution against viewing these results as an immediate clinical treatment. “It is important not to misinterpret these findings as evidence that simply taking an over-the-counter IAA or tryptophan supplement is a standalone cure for high blood pressure,” Sawamiphak noted. “While we established a direct cause-and-effect mechanism in our animal models, the human data we analyzed is currently correlational. Hypertension is a highly complex, multifactorial disease, and IAA deficiency represents one component of a much broader systemic dysregulation.”
Future studies are needed to determine if restoring this molecule can safely and effectively treat or prevent heart disease in human patients. “Our immediate next step is to understand exactly how microbial metabolites like IAA regulate neuronal activity at a molecular level,” Sawamiphak said. “Beyond IAA, we are also examining a broader range of microbial metabolites that shift during disease states, particularly those known to regulate the immune system.”
The long-term objective is to map out these complex biological interactions to pave the way for medical advancements. “Ultimately, our overarching goal is to decode this complex, system-wide communication network between the gut, the brain, the immune system, and the heart,” Sawamiphak explained.
“While our laboratory focuses on fundamental biological discovery rather than conducting human clinical trials, pinpointing these precise disease mechanisms and molecular targets provides the essential foundation. It allows clinical researchers to eventually develop targeted therapies, such as postbiotics that deliver the exact missing beneficial molecules, to restore balance in cardiovascular and metabolic diseases.”
The study, “Indole-3 Acetate Limits Dysbiosis-Driven Diastolic Failure via Hcrt Neurons,” was authored by Bhakti I. Zakarauskas-Seth, Giovanni Forcari, Harithaa Anandakumar, Ilan Kotlar-Goldaper, Clara M. Barraud, Nina Jovanovic, Ulrike Brüning, Jennifer A. Kirwan, Nicola Wilck, Sofia K. Forslund, Dominik N. Müller, Alessandro Filosa, and Suphansa Sawamiphak.
-------------------------------------------------
DAILY EMAIL DIGEST: Email [email protected] -- no subject or message needed.
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Unofficial Psychology Today Xitter to toot feed at Psych Today Unofficial Bot @PTUnofficialBot
NYU Information for Practice puts out 400-500 good quality health-related research posts per week but its too much for many people, so that bot is limited to just subscribers. You can read it or subscribe at @PsychResearchBot
Since 1991 The National Psychologist has focused on keeping practicing psychologists current with news, information and items of interest. Check them out for more free articles, resources, and subscription information: https://www.nationalpsychologist.com
EMAIL DAILY DIGEST OF RSS FEEDS -- SUBSCRIBE: http://subscribe-article-digests.clinicians-exchange.org
READ ONLINE: http://read-the-rss-mega-archive.clinicians-exchange.org
It's primitive... but it works... mostly...
-------------------------------------------------
#psychology #counseling #socialwork #psychotherapy @psychotherapist @psychotherapists @psychology @socialpsych @socialwork @psychiatry #mentalhealth #psychiatry #healthcare #depression #psychotherapist #GutBrainHeart #Indole3AceticAcid #IAA #HypertensionResearch #DiastolicDysfunction #GutMicrobiome #HeartHealth #Hypocretin #GutBrainAxis #Postbiotics
-
How Salesforce Will Secure Your Org Against Hackers
Security and convenience are almost always inversely correlated. Making something more secure inherently makes it harder to access, which creates real friction for everyday users. This tension is nothing new. Hackers have always sought unauthorized access to systems, but historically, the barriers were high: computers were expensive and internet access was scarce. This is no longer true.
This battle front has always favored attackers. Security teams must successfully defend against every single intrusion attempt, while hackers only need to succeed once. A single breach can cause significant damage.
What’s changed is the scale and speed of attacks. AI has dramatically lowered the barrier to entry, enabling hackers to probe far more systems, far more frequently than ever before.
Recently, several Salesforce customers experienced significant system breaches involving their Salesforce instances, most notably those tied to the ShinyHunters cybercriminal group. What made these incidents particularly damaging was that the compromised accounts belonged to users with elevated access, including admins and developers. Salesforce denied responsibility and took limited action, largely confining its response to informing and educating the ecosystem about the risks of phishing and vishing attacks.
It seems like that is about to change. Big time.
Salesforce decided to enforce multiple security controls starting June-August 2026 to prevent credential theft, data exfiltration, and account takeovers. IP range restrictions originally planned are no longer being mandated, but MFA for all employee users, phishing-resistant MFA for admins, auto-containment for high-risk connections, and step-up authentication for reports will be enforced.
This means your life is about to get more difficult, especially if you have elevated access typically used by admins, developers and architects.
The New Security Direction by Salesforce
- MFA exemption permission restricted: The “Waive Multifactor Authentication for Exempt Users” permission will be removed except for justified cases (automation/testing users) requiring support approval.
- New permission set required: “Modify Transaction Security Policy” permission set introduced. Users need both the new “Modify Transaction Security Policy” permission AND the existing “Customize Application” permission to manage TSPs. Users with only the Customize Application permission will be downgraded to read-only access for TSPs.
- IP range restriction enforcement removed: The requirement to use IP ranges on profiles and the “enforce login ranges on every request” setting will not be mandated, though strongly recommended for customers who can implement them.
- Staggered rollout approach: Enforcement timelines extended and staggered by instance to minimize customer disruption.
Security Controls Being Enforced
Auto-Containment Measures
High-risk IP blocking was expanded April 24th to include all connected app and API traffic from anonymizing VPNs, proxies, and high-risk IP addresses; users are contained automatically with admin notifications. Extended login anomaly containment applies to all internal user login behavior (excluding external/community users) and focuses on detecting suspicious login patterns. There is no allow-list override, meaning even allow-listed IP addresses will be contained if classified as high-risk at connection time. There are also AWS integration issues under active investigation, with some AWS IP addresses being incorrectly flagged and the issue currently being resolved.
MFA Requirements
All Employee Users:
MFA is required for all employee license users, excluding Experience Cloud and external users. Enforcement is handled via locked settings, so admins cannot disable it. API-only logins are exempt, as the requirement applies exclusively to UI logins. For SSO, providers must pass AMR/ACR signals indicating strong or phishing-resistant MFA.
Timeline: Sandboxes June 22-29; Production July 20-August 17
Admins and Privileged Users:
Phishing-resistant MFA is required for users with elevated privileges, specifically those on the default Sys Admin profile or holding Modify All Data, View All Data, Customize Application, or Author Apex permissions. This standard is stricter than standard MFA, and mobile authenticator apps do not meet the threshold. Only security keys and built-in authenticators or passkeys qualify.
Timeline: Sandboxes June 22-29; Production July 1-27
Email Domain Verification
DKIM or authorized email domain verification is required for all email sending domains (this was previously announced). Enforcement is being rolled out on a staggered timeline; check the timeline knowledge article for the latest dates. A tool is also available to verify compliance status.
Step-Up Authentication for Reports
Time-Based Session Policy:
- Additional authentication required when users spend considerable time on reports.
- Admins can configure the “Require step-up authentication within cool-down period” session-level policy to an exact cadence between 2 and 120 minutes (with 120 minutes being the default); logging in with MFA does not reset timer.
- Verification methods: Users can use any supported MFA method, including Passkeys, Security Keys, Salesforce Authenticator, and third-party TOTP apps. The email and SMS One-Time Password (OTP) options are specifically fallback challenges for Single Sign-On (SSO) users who do not have a Salesforce MFA method registered.
- Report access blocked if authentication fails (UI only, not API).
- Timeline: Available May 27 (sandbox/production); Enforced June 3 (sandbox), June 10-July 4 (production).
Anomalous Behavior Detection:
- ML-based detection triggers authentication when unusual report viewing/downloading behavior detected.
- Users must configure at least one verification method (authenticator app, phone, email) or report access blocked.
- Timeline: Enforced June 22 (sandbox), July 13 (production).
Transaction Security Policy Enhancements (Shield/Event Monitoring customers only):
- Step-up authentication required when downloading >10,000 records from reports.
- Required for any create/update/delete/enable/disable operations on transaction security policies.
- Timeline: Available June 1 (sandbox), June 15 (production); Enforced June 22 (sandbox), July 13 (production).
Additional Considerations
Mobile SDK Lockout Risk for Admins: Warning for admins using the Salesforce Mobile App or custom Mobile SDK apps. Mobile SDK version 13.2.0 and earlier does not support phishing-resistant MFA. Admins using these older versions will be blocked from logging in unless their org pre-configures advanced authentication in My Domain, or until they utilize the new “Login for Admins” browser-based flow arriving in Mobile SDK 13.2.1
Impact on “Waive MFA” Permission: Please note the exact behavior of the “Waive Multi-Factor Authentication for Exempt Users” permission. After enforcement, this permission will no longer automatically waive the MFA requirement; users with this permission will actually be prompted to enroll in MFA in the UI. To restore this exemption for valid testing/automation tools, admins must proactively contact Salesforce Support for approval.
Passwordless Login Recommendation: Please note the best-practice recommendation of enabling “Allow passwordless login with passkeys”. This allows users (especially privileged admins) to meet the strict phishing-resistant MFA requirement by simply logging in with their username and a biometric passkey or security key, bypassing the need for a password and streamlining their experience.
Trial Org Grace Period: Note that Trial Orgs converted to a paid subscription will no longer receive a 30-day grace period to comply with the MFA requirement.
MFA Edge Cases and Exceptions
Experience Cloud and Community users are completely exempt from this specific MFA login mandate. API-only users with the API-only permission assigned are exempt from MFA, as the requirement applies exclusively to UI logins. For Windows SSO, check the AMR field in login history for OIDC, or use the SAML Validator tool for SAML; ignore the strong/weak classification and only verify that the signal is present. Free scratch orgs are not in scope, as MFA enforcement applies only to paid sandbox orgs. When it comes to device activation, MFA takes precedence, and completing MFA exempts users from device activation prompts. Finally, custom IDPs must follow SAML/OIDC industry standards for passing AMR/ACR signals; contact your account team or support for provider-specific nuances.
Customer Communication Plan
Knowledge articles were published, you will find the links in this post. System administrators and security contacts received email notifications on the 6th of May, 2026. Product managers will be hosting webinars on Wednesday, May 13th, with both early and late US time slots available. For the early webinar time, click here. For the later time, click here.
Action Items
- Partners: Review client orgs for current VPN usage and MFA exemption permission assignments; prepare clients for June-August enforcement timelines.
- Admins: Test MFA configurations in sandboxes starting June 22; ensure users have at least one verification method configured (email/SMS/authenticator).
- SSO administrators: Verify AMR/ACR signals are being passed correctly using login history (OIDC) or SAML Validator tool (SAML).
- Shield customers: Review transaction security policies and prepare for step-up authentication on report downloads >10,000 records and policy modifications.
- All customers: Set up DKIM keys or authorized email domains; use in-app verification tool to check compliance.
Don’t Wait for Enforcement to Find Your Gaps
Salesforce’s upcoming security enforcement represents a meaningful shift in how the platform approaches user protection. For years, the responsibility fell almost entirely on customers to configure and maintain their own security posture. That’s changing. Whether you’re an admin, developer, architect, or partner, the June through August enforcement windows are closer than they appear. Audit your orgs, test your configurations in sandbox, and make sure your users are set up with the right verification methods before enforcement kicks in. The friction is real, but so is the risk it’s designed to address. See the official Salesforce documentation here.
Explore related content:
Setup with Agentforce: What Salesforce Admins Need to Know
The Salesforce DKIM Sandbox Problem, and How to Fix It
Clean Data, Smart Flows: Automating Data Cleanup in Salesforce Nonprofit Cloud
Salesforce Is Tightening Security Across Every Org
#DomainVerification #MFA #Salesforce #SalesforceTutorial #Secutiry #Tutorial -
library ieee; use ieee.std_logic_1164.all; use ieee.numeric_std.all; entity my_code is generic( WIDTH : integer := 640; HEIGHT : integer := 480; CONSOLE_COLUMNS : integer := WIDTH / 8; CONSOLE_ROWS : integer := HEIGHT / 8 ); port( clk : in std_logic; rst : in std_logic; px : in integer range 0 to WIDTH - 1; py : in integer range 0 to HEIGHT - 1; hsync : in std_logic; vsync : in std_logic; col : in integer range 0 to CONSOLE_COLUMNS - 1; row : in integer range 0 to CONSOLE_ROWS - 1; char : out integer range 0 to 127 := 0; foreground_color : out std_logic_vector(23 downto 0) := (others => '0'); background_color : out std_logic_vector(23 downto 0) := (others => '1') ); end my_code; architecture rtl of my_code is -- STATE MACHINE DEFINITIONS type demo_state_t is (CALM_TUNNEL, DATA_STORM, RETRO_WAVE); signal current_state : demo_state_t := CALM_TUNNEL; -- SIGNALS signal frame_counter : unsigned(31 downto 0) := (others => '0'); signal lfsr : unsigned(15 downto 0) := x"ACE1"; -- Linear Feedback Shift Register (Randomness) -- COLOR OUTPUT BUFFERS signal r_out, g_out, b_out : unsigned(7 downto 0); constant MSG_1 : string := " INITIATING NEURAL LINK... "; constant MSG_2 : string := " WARNING: DATA CORRUPTION DETECTED "; begin ---------------------------------------------------------------------------- -- 1. MASTER TIMING & STATE CONTROL ---------------------------------------------------------------------------- process(clk) variable old_vsync : std_logic := '0'; begin if rising_edge(clk) then if rst = '1' then frame_counter <= (others => '0'); current_state <= CALM_TUNNEL; lfsr <= x"ACE1"; -- Non-zero seed else -- LFSR: Generate pseudo-random noise every clock cycle -- Taps: 16, 14, 13, 11 (Standard 16-bit LFSR polynomial) lfsr <= lfsr(14 downto 0) & (lfsr(15) xor lfsr(13) xor lfsr(12) xor lfsr(10)); if vsync = '0' and old_vsync = '1' then frame_counter <= frame_counter + 1; -- Cycle states every 128 frames (~2 seconds) if frame_counter(6 downto 0) = 127 then case current_state is when CALM_TUNNEL => current_state <= DATA_STORM; when DATA_STORM => current_state <= RETRO_WAVE; when RETRO_WAVE => current_state <= CALM_TUNNEL; end case; end if; end if; old_vsync := vsync; end if; end if; end process; ---------------------------------------------------------------------------- -- 2. TEXT OVERLAY LOGIC ---------------------------------------------------------------------------- process(col, row, current_state) variable str_idx : integer; begin char <= 0; foreground_color <= (others => '0'); -- Center the text row if row = CONSOLE_ROWS / 2 then -- Simple centering logic str_idx := col - (CONSOLE_COLUMNS/2 - 15); if current_state = DATA_STORM then -- In Data Storm mode, show warning if str_idx >= 0 and str_idx < MSG_2'length then char <= character'pos(MSG_2(str_idx + 1)); foreground_color <= x"FF0000"; -- Red Alert end if; else -- Otherwise show status if str_idx >= 0 and str_idx < MSG_1'length then char <= character'pos(MSG_1(str_idx + 1)); foreground_color <= x"00FFFF"; -- Cyan end if; end if; end if; end process; ---------------------------------------------------------------------------- -- 3. PIXEL SHADER ARCHITECTURE (Latch-Free) ---------------------------------------------------------------------------- process(px, py, frame_counter, lfsr, current_state) -- Variables for coordinate math variable dx, dy : integer; variable dist_man : unsigned(9 downto 0); -- Manhattan Distance variable time_val : unsigned(7 downto 0); variable noise_pixel: std_logic; variable scan_line : integer; begin -- 3a. DEFAULT ASSIGNMENTS (Crucial to prevent latches) r_out <= (others => '0'); g_out <= (others => '0'); b_out <= (others => '0'); -- 3b. MATH PRE-CALCULATION -- Calculate distance from center (WIDTH/2 = 320, HEIGHT/2 = 240) if px > 320 then dx := px - 320; else dx := 320 - px; end if; if py > 240 then dy := py - 240; else dy := 240 - py; end if; -- Manhattan distance (Diamond shape) |x| + |y| -- We clamp it to 10 bits to prevent overflow issues dist_man := to_unsigned(dx + dy, 10); time_val := resize(frame_counter(7 downto 0), 8); -- 3c. VISUAL GENERATION case current_state is when CALM_TUNNEL => -- Effect: A smooth purple/blue diamond tunnel zooming inward -- Logic: (Distance - Time) creates inward movement r_out <= dist_man(7 downto 0) - time_val; g_out <= (others => '0'); b_out <= dist_man(7 downto 0) + time_val; when DATA_STORM => -- Effect: The tunnel turns green/matrix and gets noisy -- We use the LSFR bit 0 to randomly turn pixels bright white if lfsr(0) = '1' and lfsr(4) = '1' then r_out <= x"FF"; g_out <= x"FF"; b_out <= x"FF"; -- Sparkle else r_out <= (others => '0'); g_out <= dist_man(7 downto 0) xor time_val; -- Matrix Green XOR pattern b_out <= (others => '0'); end if; when RETRO_WAVE => -- Effect: Synthwave style horizontal scanlines -- We use modulo on Y + Time to create scrolling bars scan_line := (py + to_integer(time_val)*2) mod 32; if scan_line < 4 then -- Bright Grid Line r_out <= x"FF"; g_out <= x"00"; b_out <= x"80"; -- Hot Pink else -- Background Gradient r_out <= to_unsigned(py / 2, 8); -- Vertical Red Gradient g_out <= (others => '0'); b_out <= to_unsigned(px / 3, 8); -- Horizontal Blue Gradient end if; end case; end process; -- MAP OUTPUTS background_color <= std_logic_vector(r_out) & std_logic_vector(g_out) & std_logic_vector(b_out); end architecture;
Sucess!
UtilizationCellUsedAvailableUsageDCCA2563.6%EHXPLLL1250%TRELLIS_COMB1402242885.8%TRELLIS_FF162242880.7%TRELLIS_IO101975.1%
TimingClockAchievedConstraint$glbnet$clkp39.94 MHz25 MHz$glbnet$clkt303.67 MHz250 MHz
#FPGA #Icepi-Zero #HDL #VHDL -
@Walker notable comment, i mean obligatory comment - likely based on wireguard which is a lot faster than openvpn last time i looked. This could be for better security stance and attribution #lez zepplin #source wsj #fair use #elo is ranking #intelligence per gigabyte quotient #sumdensity moved #ai pagerank
per ai itself these are stats - may or may not be accurate - these things are on edge of being smarter than us, maybe that is what that article is intimating (doh)
As of early 2026, the best large language model (LLM) AI models are performing within the
120 to 140+ IQ range (genius level) based on specialized, adapted cognitive benchmarks.
The top-performing models in early 2026, such as OpenAI's o3 and Claude 4.5, have demonstrated capabilities far exceeding the average human IQ (90–110), with some estimates suggesting frontier models are reaching an "human IQ-equivalent" of 150-160, according to data from Tracking AI and analyses by experts.
Based on data from 2025–2026 and benchmarks that adapt Mensa-style tests for LLMs, the estimated IQ scores of top AI models are:OpenAI o3/o3-mini: ~135–136 (Genius Range)
Anthropic Claude 4.5/4 Sonnet: ~127–130
Google Gemini 2.0/2.5 Pro: ~124–130
Grok-3/4: ~112–126
DeepSeek R1: ~106–110Key trends include:
Rapid Progression: Top AI models increased from an estimated 96 IQ to over 135 IQ in one year (2024–2025).
-
Last week, we went over some basics of Artificial Intelligence (AI) using Ollama, Llama3, and some custom code. Artificial intelligence (AI) encompasses a broad range of technologies designed to enable machines to perform tasks that typically require human intelligence. These tasks include understanding spoken or written language, recognizing visual patterns, making decisions, and providing recommendations. Machine learning (ML) is a specialized subset of AI that focuses on developing systems that improve their performance over time without being explicitly programmed. Instead, ML algorithms analyze and learn from large datasets to identify patterns and make decisions based on these insights. This learning process allows ML models to make increasingly accurate predictions or decisions as they are exposed to more data.
A few months ago, I added Liner to the resource page of my website. It allows you to easily train an ML model so that you can do image, text, audio, or video classification, object detection, image segmentation, or pose classification. I created “Is this Joe or Not Joe?” using that tool. TensorFlow.js is running client-side with a model that is trained on a half dozen examples of photos that are Joe and a half dozen examples of photos that are not Joe. You can supply a photo and get a prediction if Joe is in the image or not. You can always retrain the existing model with more examples. That is an example of machine learning.
So, you can think of ML as a subset of AI and Deep Learning (DL) as a subset of ML.
Have any questions, comments, etc? Please feel free to drop a comment, below.
-
Last week, we went over some basics of Artificial Intelligence (AI) using Ollama, Llama3, and some custom code. Artificial intelligence (AI) encompasses a broad range of technologies designed to enable machines to perform tasks that typically require human intelligence. These tasks include understanding spoken or written language, recognizing visual patterns, making decisions, and providing recommendations. Machine learning (ML) is a specialized subset of AI that focuses on developing systems that improve their performance over time without being explicitly programmed. Instead, ML algorithms analyze and learn from large datasets to identify patterns and make decisions based on these insights. This learning process allows ML models to make increasingly accurate predictions or decisions as they are exposed to more data.
A few months ago, I added Liner to the resource page of my website. It allows you to easily train an ML model so that you can do image, text, audio, or video classification, object detection, image segmentation, or pose classification. I created “Is this Joe or Not Joe?” using that tool. TensorFlow.js is running client-side with a model that is trained on a half dozen examples of photos that are Joe and a half dozen examples of photos that are not Joe. You can supply a photo and get a prediction if Joe is in the image or not. You can always retrain the existing model with more examples. That is an example of machine learning.
So, you can think of ML as a subset of AI and Deep Learning (DL) as a subset of ML.
Have any questions, comments, etc? Please feel free to drop a comment, below.
-
Did you know there is an online forum for tabletop role-playing games that has been around since the late 70s, and which still is active and operating?
Admittedly in a much diminished state than at it’s heyday.
I don’t know if you ever heard the term Usenet before, and even if you did, if you don’t just connect it with data piracy. Because that’s what it is mostly used for nowadays.
What it started out as were discussion forums.
Back in the late 70s, after ARPANET had been created and email had been invented, a few programmers came up with an idea for an electronic bulletin board that could be read asynchronously. This was the time when computers still were only in big institutions like universities, big companies, and the military, and the whole idea was to create “a poor man’s ARPANET”. Connections between computers were rare and expensive , but possible. So these “news” started as a way to propagate articles and messages along servers that were not constantly connected to the internet. Some of the servers involved would only connect once a day to the network to transfer messages in and out (often at night because charges were lower then). A message might travel for multiple days before it reached all nodes in the network, and some of the earliest were messages about a nascent hobby popular among the people using this network: fantasy role-playing.
From what I can see the first two messages on the brand new group net.games.frp were sent out on the 12th of January 1982.
To give you an idea just how early this was: it was before the abbreviation RPG became common, people were still talking about Fantasy RolePlaying instead, so even today the group-names use the abbreviation FRP.
It’s quite a fascinating system that over time has become ever more complex and popular, before the ascent of html, hyperlinks, and the world wide web pushed it into the seedy corners of the ‘net.
Instead of having websites, Usenet is organized in newsgroups, and those groups are organized in hierarchies. There are the so called Big Eight that have a certain standard for group creation and posting (e.g. rec. for recreational topics, and comp. for topics concerning computers), and there are others, organized in one way or another (famously alt. which had lower standards for the creation of new groups).
Messages are sent to one or more groups (crossposted), distributed around the network, and people respond to these posts. Interesting discussions and arguments ensue, people get angry, flame wars ensue, other people learn something new, weird in-jokes develop, stuff happens.
All that can be read via archives, the biggest of which is Google Groups, which both is a boon and downfall of the service: Google purchased the old newsgroup archives of DejaNews back in the 90s, and integrated it in it’s Google Groups service. In a picture-perfect example of Embrace, Extend, Extinguish the users of Groups had a web interface that allowed them access to their old newsgroups, access to new groups that only existed on Google, but also allowed spammers to flood the connected newsgroups with loads of unmoderated spam. Spam that recently was quoted by them as a reason to cut the connection with Usenet, bringing this phase of the network to an end.
But Usenet still is running, and most likely will be running as long as there are people willing to run servers for it. But the biggest Usenet servers nowadays are piracy servers that keep the text-part of the Usenet as more of an afterthought. At one point someone came up with a way to use the text-only format of Usenet in a way to distribute data that was binary, i.e. not purely text. And this took over most of the system.
But I am not really interested in that and never was. What I am interested in are the fantasy roleplaying parts of that network.
rec.games.frp.*
I said that the forum has been running since the late 70s, but that’s not quite correct. The original structure of Usenet grew organically from the beginning. People were creating new groups when it suited them and it seemed logical. Which soon caused some hierarchies (specifically the net. hierarchy) to swell with groups that could barely be maintained. In a great upheaval in 1987 all the groups were renamed and restructured.
Some old hands are still angry about it and will bitch about it for days. That also is Usenet.
One can argue that the fantasy roleplaying group has existed since before that time. One also could argue that it only exists since 1987. Which still is older than the World Wide Web.
Usenet is divided into hierarchies, and the frp-hierarchy is part of the rec. (recreation-hierarchy) and .games. sub-hierarchy.
There are currently 11 .frp. groups in that hierarchy:
rec.games.frp.dndof course… it’s the hierarchy for Dungeons and Dragons. Always one of the biggest topics of the whole FRP forums this one got it’s own group.rec.games.frp.miscfor basically all other kinds of discussions about roleplaying gamesrec.games.frp.cyberfor cyberpunk systems (e.g. Cyberpunk 2020 or Shadowrun). rec.games.frp.super-heroes for superhero gamesrec.games.frp.live-actionanything LARP goes here.rec.games.frp.announce announcements and news about products go hererec.games.frp.industryfor all kinds of discussions about the rpg industryrec.games.frp.storyteller yes, this was created when the World of Darkness was big enough to demand it’s own forumrec.games.frp.gurpsFor GURPS, this part was created because while never the most popular game, it’s fans flooded the main group with so many messages about builds that it was decided to give them their own place.rec.games.frp.advocacyall kinds of discussions about roleplaying games as such and how they work. This is where the Forge came from back in the dayrec.games.frp.marketI guess this is for selling stuff. I have literally never seen a message in there.Most of these lay fallow right now, with me and a few others being the only ones posting there every once in a while. I do have to admit part of it is because I don’t want to lose the that part of ttrpg history to a random deletion request for non-use.
Other TTRPG groups
The main hierarchies are not the only ones. Most normal Usenet servers carry at least the Big Eight, but most also carry others. The big other hierarchy is alt. (…definitely not named for Anarchists, Lunatics, and Terrorists, all evidence to the contrary…), which makes it easier to create groups. This means there are a few other groups here that might be of interest, if they ever would get someone to post in them. Their structure though is not as organized as the ones in the Big 8.
alt.games.frp.adnd-utilabout utilities for playing ADnD. I would say, a general groups for RPG utilities.alt.games.adndfor ADnD. I am not sure why this exists, maybe because the main one was too stodgy, or it was created because someone thought ADnD was sufficiently different than DnD to warrant it’s own groupalt.games.earthdawn for Earthdawn. Remember Earthdawn?alt.games.x-files.rpg For the X-Files RPG. Remember that?alt.games.whitewolfI guess a group for White Wolf games, which is also already covered in rec.games.frp.storytelleralt.games.tolkien.rpga group about playing in Tolkien’s Middle-EarthThere are also local and language dependent groups around. Many languages and regions have their own hierarchies for exchanges between locals and/or in other languages.
uk.games.roleplaygroup for roleplaying in the UKde.rec.spiele.rpg.miscgeneral group for discussions of RPGs in German z-netz.freizeit.rollenspiele.dsa originally this was an Echo in a mailbox network, by now z-netz. is a small alternative German Usenet hierarchy. This particular one about Das Schwarze Auge/The Dark Eyepl.rec.gry.rpgPolish-language group es.rec.juegos.rolSpanish-language groupse.spel.rollspelSwedish-language groupdk.fritid.rollespilDanish-language group fr.rec.jeux.jdfFrench-language groupit.hobby.giochi.gdrItalian-language grouphr.rec.igre.rpgHungarian-language groupaus.games.roleplayAustralian groupThere are more, some of which I might not even find that easy because they are not on the servers I frequent (not all servers carry all groups) or are so specialized they might not be of interest to anyone but locals (e.g. saar.rec.rollenspiele exists, but I doubt many people in Saarland (the smallest of Germany’s federal states) still know Usenet exists)
Ok, ok, but how do you actually ACCESS this Usenet thingy?
That’s a bit more difficult, but not much. It used to be ISPs were all running their own news servers, this was actually the REASON you might want internet access as a private person, but that isn’t the case anymore. Google Groups is also going away, so that’s not a real option.
An easy way to check out what is being talked about on the FRP-hierarchy is campaignwiki.org/news. This server makes it possible to read and post on his own small server via a web-interface. The server is only running roleplaying-related groups, including the global FRP-hierarchy, and a few local ones that do not get carried in many other places.
Another way to access it via web browser is via web gateways. There are a few around, e.g. NovaBBS. There are a few of those around, but they might not carry all the groups (NovaBBS e.g. only rec.games.frp.dnd and .misc, because those are the ones with most activity).
The proper way to use it is of course by getting an account on a news server and adding it to your feed reader of choice. True hardcore users use terminal-based readers like tin or Gnus, but many Email programs like Mozilla Thunderbird allow you to subscribe to newsgroups.
But where do you get a news server?
Well, there are multiple free options (these are all technically text-only, although a few have some basic binary groups that allow pictures):
campaignwiki.org/news(Switzerland) very small server, focused on ttrpg groups, also has simple web-portalEternal September(Germany) popular free access server with wide range of groupsI2PN2simple text serverNovaBBStext server, as mentioned above also has web-portalSolani(Germany) serverdotsrc(Denmark) focused on Danish usersAgency News(New Zealand) serverChmurka(Poland) basic server focused on Polish usersCSIPHbasic serverOpen News Network(Germany) focused on German usersGegeweb(France) focused on French usersHispagatos(Spain) focused on Spanish usersPasdenom(France) focused on French usersNNTP4(Germany) basic serverMost of these have instructions on how to connect on their websites.
Note: This is a redo of an article I wrote 13 years ago. Originally I thought I could just let that one stand like that, but just briefly reading through it I noticed things had changed dramatically in some areas. So I rewrote the whole thing from scratch.
Rate this:
https://gmkeros.wordpress.com/2024/01/12/the-oldest-ttrpg-forum-on-the-net/
#dnd #dsa #newsgroup #newsserver #RolePlayingGame #Roleplaying #rpg #thunderbird #ttrpg #Usenet
-
Null Results in Physiotherapy Trial for Functional Motor Disorder
By David Tuller, DrPH
*This is a crowdfunding month at University of California, Berkeley. If you appreciate my work and would like to make a donation (tax-deductible to US taxpayers) to the university in support of my position, here’s the link: https://crowdfund.berkeley.edu/project/46120
It must be tough for investigators when a major study seeking to assess the effectiveness of an intervention for a challenging condition yields null results. That’s what happened in 2019 with a trial of rituximab for ME/CFS, published in Annals of Internal Medicine. Findings from earlier research had suggested that rituximab, a drug used to treat autoimmune diseases, might have an impact on ME/CFS. However, the trial results did not support the hypothesis, forcing the investigators to revisit their notions about the mechanisms driving the disease.
Last year, a large trial for functional motor disorder (FMD), a subcategory of functional neurological disorder (FND), reported similarly disappointing news. In a paper in The Lancet Neurology, published in July, the investigators of the trial, nicknamed Physio4FMD, reported null results for specialized physiotherapy on the primary outcome–self-reported physical function at 12 months. While those who received the Physio4FMD intervention had slightly better scores on this measure than those who received treatment as usual (TAU), the results were neither statistically nor clinically significant.
(The lead author posted a thread about the findings here.)
In such cases, investigators are often in the somewhat thankless position of having to publish further analyses, trying to find some silver linings even though their intervention has already failed its most important test. Since last month, the Physio4FMD team has published two additional papers: a look at factors predicting outcomes, and a cost-effectiveness analysis. (I might get around to looking at those in a subsequent post.)
FND, formerly called conversion disorder, is the current term for a category of neurological symptoms that do not fall within established disease categories. The sub-group of functional motor disorder includes arm or leg weakness and paralysis, gait disorders, and the like. These conditions, whatever their cause, can be chronic, seriously disabling, and resistant to treatment. In the past, they were generally viewed as psychiatric conditions. In recent years, FND experts have categorized them as “brain network” disorders. In reality, their etiology remains unknown.
This is the second time in recent years that a high-profile FND treatment trial produced null results for its primary outcome. In 2020, the CODES trial for psychogenic non-epileptic or “dissociative” seizures, another subcategory of FND, reported that cognitive behavior therapy was no more effective than standard care in leading to seizure reduction at 12 months. In that case, FND experts argued after-the-fact that seizure reduction was the wrong primary outcome and that “quality-of-life” measures were more important.
Just as CODES was the largest trial of dissociative seizures, this new FND study–“Specialist physiotherapy for functional motor disorder in England and Scotland (Physio4FMD): a pragmatic, multicentre, phase 3 randomised controlled trial”–represented a first for the field. Noted the paper: “To the best of our knowledge, Physio4FMD is the first fully powered randomised controlled trial of a physical therapy-based intervention for functional motor disorder and is the largest randomised study of people with functional motor disorder published to date.”
The trial’s primary analysis included 241 participants from 11 hospitals in Scotland and England, with 138 assigned to the Physio4FMD intervention and 103 to TAU. The latter consisted of whatever treatment the participants received, or didn’t receive, after referral to the local National Health Service (NHS) neurological physiotherapy service. The intervention included nine sessions over three weeks, with a final session three months later. (Recruitment began in 2018 but was interrupted by the COVID-19 pandemic. The paper goes to substantial lengths to explain how the team addressed these challenging circumstances, including in the statistical analyses.)
As described in the paper, the Physio4FMD intervention sought to focus on the factors presumed to be driving the symptoms, such as paying excessive attention to symptoms, and had three broad goals: “to help patients understand their symptoms; to retrain movement with redirection of attention away from focusing on their body; and to develop self-management skills.” The approach had undergone extensive development in the years before the trial. As noted, “the protocol builds on expert consensus recommendations for physiotherapy for functional motor disorder and was tested with promising outcomes in a prospective cohort study and a randomised feasibility study.”
The trial was unblinded and relied on subjective outcomes—a study design that generates an unknown amount of bias, for any number of reasons. In such cases, modestly positive findings are as likely to reflect the bias inherent in the design as any genuine impact of the intervention.
**********
Poor results on the primary outcome
In any event, the intervention did not produce the expected results. The primary outcome, the SF-36, is a frequently used measure for self-reported physical function. As described in the paper, it “includes ten questions for participants to self-rate their degree of limitation when attempting vigorous activities (eg, running or lifting heavy objects), moderate activities (eg, moving a table or pushing a vacuum cleaner), carrying groceries, climbing stairs, walking various distances, washing, and dressing.”
Scores on the SF-36 range from 0 to 100. Higher scores represent better physical function. A score of 65 or below, for example, was considered disabled enough to be able to enter the PACE trial, which purported to prove that psycho-behavioral interventions could cure ME/CFS. In the Physio4FMD trial, the average scores at baseline were 26 and 31, respectively, for the intervention and TAU groups. That is very, very disabled. At 12 months, both groups averaged just over 37—still very, very disabled.
Besides not being statistically significant, the mean difference between the two groups at 12 months on the SF-36 was also, at 3.5 points, below the threshold considered clinically significant. On the SF-36, the threshold for a difference to be considered clinically significant is 10 points.
Among the many secondary outcomes, the Physio4FMD intervention arm scored better than the TAU arm on an overall rating of symptom improvement and on treatment satisfaction. But many other secondary measures had null results. As the investigators noted in the limitations section, given the number of secondary outcomes, some might have been found to be statistically significant by chance, and the analysis did not include the extra tests designed to minimize this possibility.
The rating of symptom improvement, called the clinical global impression of improvement scale (CGI-I), is much briefer than the SF-36. In the CGI-I, as the study explained, “participants rate their perception of improvement in answer to the question, ‘After physiotherapy, the problem with my movement is…’ with the responses either ‘much improved,’ ‘improved,’ ‘no change,’ ‘worse,’ or ‘much worse.’” The answers thus provide no indication of the respondent’s level of disability in relation to others—just in relation to their own prior subjective state.
Like the CGI-I, the SF-36 is self-reported and therefore subject to biases related to that status. Unlike the CGI-I, it covers a range of specific activities and requires the respondent to consider each one separately. With its 100-point scoring, the SF-36 allows for easy comparison of results with other populations. In the Physio4FMD study, no matter what participants reported on the CGI-I, they remained severely disabled overall, according to the primary outcome.
In summing up, the investigators concluded that,“taken together, the subjective improvements in symptom ratings along with the very high levels of satisfaction with treatment, suggest that specialist physiotherapy could be a valued and safe treatment option for some people with functional motor disorder.”
Suggesting that a treatment “could be” an option for “some” patients is not saying much. As for the reports on symptom improvement and treatment satisfaction, it shouldn’t be surprising that patients who receive care from compassionate clinicians are more likely to answer questionnaires positively than patients who don’t receive the same level of care. These responses should not therefore be interpreted to mean the intervention is effective–especially given the poor results for the more comprehensive and thorough assessment provided by the SF-36, the primary outcome.
The bottom line, per the SF-36 data, is that the patients in this trial remained extremely debilitated, whether they received the Physio4FMD intervention or physiotherapy at a local NHS service. That’s the take-home message here.
-
PDS – the Programmers Development System
I was directed towards this recently – it is a means of developing for 8-bit computers using early PCs or an Atari ST developed by Andy Glaister. Information about it seems quite sparse online, the main references seem to be:
- https://www.cpcwiki.eu/index.php/PDS_development_system
- https://www.worldofsam.org/products/pds-development-system (largely a repeat of the above)
- https://trastero.speccy.org/cosas/JL/PDS/Introduccion.html (link via Internet Archive)
- https://lemmings.info/pds-programmers-development-system/ and https://lemmings.info/pds-recreating-the-system/
- It is also talked about and demonstrated here: https://youtu.be/S6DlSfEj0as?si=gEOmOA53eiqXRWc_&t=589
As far as I can tell the original system was developed in the 1980s and there have been two attempts at recreating it since, as listed above.
The original reimplementation is from the Spanish site and provides a schematic and Eagle files. The next link was an attempt at using these design files by importing into KiCAD and getting Gerber files built which seemed to be pretty successful.
I must admit that when I first heard about it, I wondered if it was the same one that Dean Belfield was using with his Tatung Einstein at the 2025 RetroFest, but having read a bit more about it, there are definitely similarities, but I’m not sure its the same. Details of Dean’s setup here:
- http://www.breakintoprogram.co.uk/computers/recreating-my-80s-dev-system-part-1
- https://github.com/breakintoprogram/einstein-ide
It uses a similar principle to the PDS, in that development is performed on the Tatung and then code is transferred across to the target system using a combination of hardware and code running on both sides.
Basic Operation
As I understand things, with the PDS there was an interface card for the PC which linked via a 16-wire IDC cable to another interface card for the target computer. There were versions for the ZX Spectrum, Amstrad CPC, C64 and MSX (and possibly others). I’m only really interested in the ZX Spectrum version.
The PC card is based around the Intel 8255 parallel IO chip sitting on an 8-bit ISA bus. The target interface is usually based around the Z80 PIO (Z84C20) interfacing to the bus of the host system. The PC card supports two target interfaces and both cards include some logic chips to handle addressing and the IO interface.
Details of the 16-way IO link seem very sparse and will probably have to be worked through and inferred from the source code that has been uncovered.
From what I can tell, most of the protocol handling is done in the code and the interfaces are essentially IO “passthroughs”. The target has to run some monitor code to react to PDS commands and interface with the memory as required, setting, reading, updating, and so on.
The CPC wiki seems to be the most complete source of information so far, and includes photos of the remade boards and schematics for the PC card and ZX Spectrum interface.
The PDS Link
The PDS link itself is via a 16-way IDC ribbon cable and 2×8 IDC connectors. Unfortunately I’ve not found a pin-out anywhere so far, but from various sources, this is what I know so far.
GND12DATA 0PC to Target Clock34DATA 1Target to PC Clock/Ack56DATA 2Unknown78DATA 3Not used910DATA 4Not used1112DATA 5Not used1314DATA 6Not used1516DATA 7This is using the pin numbering from the ZX Spectrum schematic.
Unfortunately the schematic labelling of the two PDS sockets for the PC card is backwards compared to the ZX Spectrum card. Pin 16 for the PC version is GND, but that is pin 1 for the ZX Spectrum version. It would also appear that the socket shroud is also reversed. This means that D0 is pin 15 for the PC and pin 2 for the Spectrum.
The CPC wiki has a photo of the cable used, showing how pins 1-16 are wired to pins 16-1:
The PC Card
The schematic for the PC card can be found on the CPC wiki here: https://www.cpcwiki.eu/index.php/PDS_development_system
Main Components required:
- Intel 8255 Programmable Peripheral Interface (PPI).
- 74LS138 – 3 to 8 line decoder (for the addressing).
- 3x 74LS244 – 8 channel non-inverting buffers.
- 74LS04 – Hex Inverter (only one inverter is used).
It probably goes without saying for this era technology, but everything is 5V TTL levels.
The Intel 8255 PPI
The Intel 8255 Programmable Peripheral Interface (PPI) device provides access to 3 bidirectional 8-bit IO ports. There is a good summary here.
From https://en.wikipedia.org/wiki/Intel_8255:
The 8255 gives a CPU or digital system access to programmable parallel I/O. The 8255 has 24 input/output pins. These are divided into three 8-bit ports (A, B, C). Port A and port B can be used as 8-bit input/output ports. Port C can be used as an 8-bit input/output port or as two 4-bit input/output ports or to produce handshake signals for ports A and B.
The three ports are further grouped as follows:
- Group A consisting of port A and upper part of port C.
- Group B consisting of port B and lower part of port C.
There are two address lines that are used to select one of four registers as follows:
A1A0Register00Port A01Port B10Port C11Control RegisterThe device is selected on the bus when CS is active. It also uses RD and WR to know if it is reading from or writing to the registers.
Things get a bit complicated pretty quickly, but there is a good summary of the various modes of operation on the Wikipedia page, and of course, a comprehensive datasheet.
PC PDS Interface
According to the schematic, this is how the three 8255 IO ports map onto the two PDS connections:
8255 IO PortPDS Connection74LS244 UsedEnabled byPORT A 0-3Link 2: Data 0-3IC 3B/PC2PORT A 4-7Link 1: Data 0-3IC 4B/PC2PORT B 0-3Link 1: Data 4-7IC 3APC2PORT B 4-7Link 2: Data 4-7IC 4APC2PORT C 0-3Link 1 and 2: ControlIC 5AAlways OnPORT C 4-7Link 1 and 2: ControlIC 5BAlways OnIt is also worth noting that the three 74LS244 buffers are enabled in different ways according to the state of PC2. Also, as the enable is active LOW, the inverter on PC2 generates a “NOT PC2” signal, which itself must be LOW to activate IC3A/IC4A – i.e. it is a “active on NOT NOT PC2” signal. PC2 appears to be used to decide which nibble of the data port should be active. It is also passed through to the link control pins (see below).
The 8 control lines map onto the two links in an interesting way. Note this is using “PC interface” pin numbering which as previously mentioned is different to the ZX Spectrum side.
Link 1 PinsLink 2 PinsPC0144PC1414PC266PC388PC4122PC5212PC610N/CPC7N/C10So we can see that PC2 and PC3 are common; that PC0/PC1, PC4/PC5 are swapped; and that PC6 is link 1 only; and PC7 is link 2 only. Recall PC2 appears to select which nibble is active.
When mapped onto the ZX Spectrum card, anything on pins 2,4,6,8 are mapped onto unused pins.
I must say I’m struggling to make sense of this. This seems to be implying that when data is written to one of the PPI IO PORTs, it is striped across both link 1 and 2. Surely it would make more sense to select one or the other and write all 8 data values in one go?
I did wonder if this was related to the different IO modes of the 8255, but on re-reading how the modes work, this still doesn’t make much sense to me.
Unfortunately there doesn’t appear to be any source code for the PC end of things to see what it is doing.
Ok, so finding a print of the traces for the PCB and overlaying them on a light box gives me the following:
I’ve highlighted the connection for D0. We can clearly see that on the PCB D0 for both links is connected, and not only that, it is connected to both input side 2A1 and output side 1Y4 on the /same/ IC. This would make sense for a bi-directional bus, but it is quite a long way from the schematic.
At this point I have to conclude that the schematic is just plain wrong so I’m leaving the PC card for now.
The ZX Spectrum Card
The spectrum side is based on the Z80 PIO (Z8420/Z84C20). There is also a schematic and PCB for that on the CPC wki, but after the experiences with the PC card, I’m now treating it with a little skepticism…
Z80 PIO
There is a lot of information about using the Z80 PIO around. Key references:
- Z80 PIO Users Guide: http://www.z80.info/zip/z80piomn.pdf
- Spectrum Hardware Guide Chapter 15: https://worldofspectrum.net/item/2000357/
Key features:
- Two fully bidirectional 8-bit IO ports.
- Handshaking (not used for the PDS).
- Close compatibility with Z80 control signals (most not used for the PDS).
- Four modes of operation:
- Byte output
- Byte input
- Byte bidirectional (port A only)
- Bit control
- Six registers addressable via 4 IO ports in the Z80 IO map.
The signals involved in address decoding are:
ZX BusPIOFunctionA5PORTSELSelects PORT A or PORT BA6CONTSELSelects DATA or CONTROLA7/CEEnables the device/M1/M1Z80 control signal/IORQ/IORQIO access in progress/RD/RDRead in progressCLOCKCLKZ80 clockThe use of A5-A7 means that any IO address (IORQ must be active) with A7 clear (CE is active LOW) will be received by the PIO and then A5 and A6 determine the type of access. This gives an IO address of the following:
b000x xxxx$xx0x or $xx1xPORT A DATAb001x xxxx$xx2x or $xx3xPORT B DATAb010x xxxx$xx4x or $xx5xPORT A CONTROLb011x xxxx$xx6x or $xx7xPORT B CONTROLThis equates to some pretty lazy IO address decoding, in that there are many, many equivalent IO addresses that would be decoded by the PIO.
Note that the CPC wiki lists port addresses in the range 0xFBEC-0xFBEF. These are the addresses used with the Amstrad CPC not the ZX Spectrum.
Looking at the provided source code for the ZX Spectrum, it appears to be using IO instructions (OUT, IN) using ports 31 ($1F), 63 ($3F), 95 ($5F), and 127 ($7F).
The schematic shows that /IORQ from the PIO is connected to /IORQ from the Z80 via a SPDT switch which allows selection between Z80 /IORQ and fixed pulled HIGH. This allows the PIO to be inhibited by stopping it responding to /IORQ.
The interrupt control lines for the PIO are not used. INT and IEO are not connected and IEI is pulled HIGH. The hand-shake signals (ARDY, ASTB, BRDY, BSTB) are not used either.
ZX Spectrum PDS Interface
The ZX Spectrum side of the PDS interface has the following:
- PIO PORT A – goes via the 74LS245 octal buffer to the 8 data lines of the PDS link.
- PIO PORT B – goes via the 74LS04 for certain control signals from the PDS link, and the direction control for the 74LS245.
- Bit 0 – Pin 2 of the PDS interface
- Bit 1-4 – not used
- Bit 5 – Pin 7 of the PDS interface
- Bit 6 – 245 direction control
- Bit 7 – Pin 5 of the PDS interface
Note that half the PDS control signals are not used for the Spectrum interface. From the previous discussion we can interpret bits 2 and 7 to be the two clock/ack signals. Bit 5’s use is currently unknown. I’ll have to go to the code to see what is going on there.
ZX Spectrum PDS Monitor
I’ve not been able to find any source code for the PC side of things, some assembler has been issued for the target machines, which can be assembled into the run-time PDS monitor for that system.
The PDS Manual does have this to say:
“The software is designed to be machine independent, so the same protocols can be
used regardless of the target machines processor or make. All the communication is basically
the same, there are four major routines, SEND BYTE, GET BYTE and two direction
swapping routines.”There are three versions of the monitor code for the ZX Spectrum:
- DL0 – the most minimal implementation, providing assembling and downloading only.
- DL1 – the long downloader, providing support for everything apart from the “analyze” command, which requires interrupts.
- DL2 – the full interrupt driven downloader.
The PDS manual contains some information about the ZX Spectrum downloader. Section 6.2 details the three versions of the code and then goes on to describe the available commands.
To get a feel for how the monitor functions, and some insights into how the hardware works, I’m looking at some extracts of DL0.
Code initialisation
START DI
LD A,255
OUT (127),A ; $7F=CB=$FF Mode 3
OUT (63),A ; $3F=DB=$FF PORT B=$FF (B0-7=HIGH)
LD A,63
OUT (127),A ; $7F=CB=$3F B6/B7=OUTPUT B0-B5=INPUT
LD A,255
OUT (95),A ; $5F=CA=$FF Mode 3
OUT (95),A ; $5F=CA=$FF A0-A7=INPUTCTRL = $FF means all bits of the control register are set. The Z8020 datasheet lists the control register as follows:
76543210M1M0xx1111Where M1/M0 signify which of the four modes is to be used. In this case both PORTs are set to Mode 3, which allows for either IN or OUT on a per bit basis. I am guessing the writing of $FF to DB (PORT B DATA) happens to ensure that when then ports are configured as 2 OUT and 6 IN, the OUT lines are already HIGH, giving a known starting point.
Note: Setting B6 to HIGH means that the direction control for the 74LS245 will be LOW as it goes through an inverter. This sets the 74LS245 to work in the direction “B to A” which would correspond to when PORT A is set to all INPUTs later in the code.
GETBYTE
This is the lowest level function and it retrieves a single byte of data from over the PDS interface. This is used during the main protocol handling to both obtain commands over PDS and then receive data.
The essential function is as follows:
- Ensure PORT A setup for INPUT
- WAIT for a change in the PC->TARGET CLOCK
- Read the data from PORT A
- WRITE the TARGET->PC CLOCK/ACK
- Toggle the two CLOCK signals ready for next time
- Return
;On first entry D=64=b0100 0000
GETBYTE IN A,(63) ;Read DB - control values
XOR D ;Toggle FLAGS
RRCA ;Pushes B0->Carry
JC GETBYTE ;Wait for B0 to have changed
IN A,(31) ;Read data from DA
LD E,A ;And store in E
LD A,D ;Reload FLAGS
OUT (63),A ;And write them out ie write B7
XOR 129 ;Toggle B0+B7 (129, $81) for next time
LD D,A ;And store back in D
RETSo I think the key features for this are:
- Control FLAGS are stored in the D register. Only B0, B6, B7 are significant. B0 is what we’re looking for on reception; B7 is what we will send in acknowledgement; B6 is the DIRection and is preset to INPUT for this.
- FLAGS are initialised to 64 i.e. B0=B7=0; B6=1.
- Every pass through the GETBYTE function toggles B0 and B7 between b0xxxxxx0 and b1xxxxxx1.
- Read data is stored in the E register.
- RRCA is used to take the read in control value and shift B0 into the carry flag so it can be checked with JC (JP C).
- Nothing else in the code works with the D register so it will always reflect the required status of the required PORT B CTRL word flags.
So this shows how the flags change through several passes of the function:
D=64 D=0100 0000 ($40)
CALL GETBYTE D=1100 0001 ($C1)
CALL GETBYTE D=0100 0000 ($40)
CALL GETBYTE D=1100 0001 ($C1)The PDS Manual describes the protocol as follows:
“Note that the protocol does not set the control lines directly, but toggles the lines to
communicate. All the protocols are designed so one computer can never get ahead of the
other, even if there is a big speed difference. There are no error checking protocols, as the
interfaces are very reliable, and error checking will slow down processes, and no real action
can be taken, even if an error was detected.”Main Loop
The main loop essentially reads a byte from the interface and treats it as a control command. It will keep doing this until it finds a command it can process.
MAINLOOP CALL GETBYTE ;Get 'command byte'
LD A,E
CP 180 ;Download code into aabb, len=ccdd
JZ DLOAD
CP 183 ;Select bank aa
JZ SBANK
CP 181 ;Execute code from aabb?
JNZ MAINLOOP ;Not recognised - keep looping.The comments are the original comments. There is a not a function for command 181, as this relies on “fall through”. It is the next function in the code.
The commands have values 180-187 as follows:
- 180: Download code
- 181: Jump to an address
- 182: Upload memory
- 183: Select bank
- 184: Send all registers to the main computer
- 185: Get registers from the main computer
- 186: Trace code buffer
- 187: Return analyze address
The various functions and message protocol layer are described in the PDS manual, so I won’t go into them in detail here, but by way of example, here is the description for 181:
The corresponding code is as follows:
;
; Function 181, Execute code from aabb
;
CALL GETBYTE
LD H,E ;Get address of routine
CALL GETBYTE
LD L,E
LD BC,MAINLOOP
PUSH BC ;Put return address on stack and jump to routine
JP (HL)It is interesting to note that in the PDS manual, some commands appear to start with a padding byte (179). Apparently this is to ensure that all command messages are an even number of bytes long.
Any variable length commands (e.g. download) include an expected length field.
To retrieve data from the target, the protocol has the concept of “reverse ports”. After receiving upload command, ports are reversed to allow the sending of the appropriate amount of data before being reversed once again to restore the original direction ready for the next command.
Uploading is not supported in the simple D0 downloader. That requires the more complete D1 or D2 implementations. I’ve not gone into more detail here.
Conclusion
I’m going to leave this here for now. I think I’ve got a reasonable grasp of what is going on and I’d like to see if I can recreate the interfaces used at some point.
The ZX Spectrum one should be relatively straight forward. To do something with the PC end though is going to require a lot of work as I just don’t believe I can rely on that schematic.
I have to question though whether it would be worth it though. Given that an Intel 8255 is no longer available I’ll be using reclaimed parts and I also don’t have a PC with ISA anymore. I must admit I am wondering if an alternative PC end would be possible using a microcontroller to implement the PDS protocol and connect to the PC over USB (for example).
In fact, with something like a Raspberry Pi Pico, it would be quite possible to implement the entire target interface through to emulating the Z80 PIO on the ZX Spectrum board and potentially have a replacement system that is “USB direct to Spectrum”.
At this point of course, this is not really the PDS anymore and I’m sure there are already many modern alternatives to getting code running on a ZX Spectrum from a modern system, so that too might be a little pointless. And that is before we get into emulation.
But for its time, this is a really interesting system and it is a shame that information about it seems to have slowly disappeared.
I am still quite keen to recreate it though, so I might be on the look out for an old PC with ISA…
Oh, and as always, if you know about the PDS and are able to confirm or refute anything I’ve said here, do let me know in the comments!
Kevin
#intel8255 #pds #programmersDevelopmentSystem #z80 #z80Pio #zxSpectrum -
Downloading midnightBSD
When the download progesses slowly as in log 1 just resume from a closer server as shown in log 2
log 2
curl --verbose -C - -L -o MidnightBSD-4.0.3--amd64-disc1.iso https://ns3.foolishgames.net/ftp/pub/MidnightBSD/releases/amd64/ISO-IMAGES/4.0.3/MidnightBSD-4.0.3--amd64-disc1.iso
** Resuming transfer from byte position 44871680
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:05 --:--:-- 0* Trying 52.1.67.188:443...- Connected to ns3.foolishgames.net (52.1.67.188) port 443 (#0)
- ALPN: offers h2,http/1.1} [5 bytes data]
- TLSv1.3 (OUT), TLS handshake, Client hello (1):} [512 bytes data]
- CAfile: /etc/ssl/certs/ca-certificates.crt
- CApath: /etc/ssl/certs{ [5 bytes data]
- TLSv1.3 (IN), TLS handshake, Server hello (2):{ [122 bytes data]
- TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):{ [25 bytes data]
- TLSv1.3 (IN), TLS handshake, Certificate (11):{ [2603 bytes data]
- TLSv1.3 (IN), TLS handshake, CERT verify (15):{ [264 bytes data]
- TLSv1.3 (IN), TLS handshake, Finished (20):{ [52 bytes data]
- TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):} [1 bytes data]
- TLSv1.3 (OUT), TLS handshake, Finished (20):} [52 bytes data]
- SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
- ALPN: server accepted http/1.1
- Server certificate:
- subject: CN=ns3.foolishgames.net
- start date: Dec 15 04:25:18 2025 GMT
- expire date: Mar 15 04:25:17 2026 GMT
- subjectAltName: host "ns3.foolishgames.net" matched cert's "ns3.foolishgames.net"
- issuer: C=US; O=Let's Encrypt; CN=R13
- SSL certificate verify ok.
- using HTTP/1.1} [5 bytes data]> GET /ftp/pub/MidnightBSD/releases/amd64/ISO-IMAGES/4.0.3/MidnightBSD-4.0.3--amd64-disc1.iso HTTP/1.1> Host: ns3.foolishgames.net> Range: bytes=44871680-> User-Agent: curl/7.88.1> Accept: /> { [5 bytes data]
- TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):{ [297 bytes data]
- TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):{ [297 bytes data]
- old SSL session ID is stale, removing{ [5 bytes data]< HTTP/1.1 206 Partial Content< Date: Wed, 11 Mar 2026 19:21:41 GMT< Server: Apache/2.4.66 (MidnightBSD) OpenSSL/3.0.18< Upgrade: h2c< Connection: Upgrade< Last-Modified: Fri, 06 Mar 2026 14:22:35 GMT< ETag: "3ecf2000-64c5bc8cf7da6"< Accept-Ranges: bytes< Content-Length: 1008889856< Content-Range: bytes 44871680-1053761535/1053761536< Content-Type: application/x-iso9660-image< { [7812 bytes data]100 962M 100 962M 0 0 1217k 0 0:13:29 0:13:29 --:--:-- 1507k
- Connection #0 to host ns3.foolishgames.net left intact
EOL2
log 1
curl --verbose -C - -L -o MidnightBSD-4.0.3--amd64-disc1.iso https://discovery.midnightbsd.org/ftp/releases/amd64/ISO-IMAGES/4.0.3/MidnightBSD-4.0.3--amd64-disc1.iso
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:07 --:--:-- 0* Trying 145.239.254.58:443...- Trying [2001:41d0:800:73a::1]:443...
- Immediate connect fail for 2001:41d0:800:73a::1: Network is unreachable
- Connected to discovery.midnightbsd.org (145.239.254.58) port 443 (#0)
- ALPN: offers h2,http/1.1} [5 bytes data]
- TLSv1.3 (OUT), TLS handshake, Client hello (1):} [512 bytes data]
- CAfile: /etc/ssl/certs/ca-certificates.crt
- CApath: /etc/ssl/certs{ [5 bytes data]
- TLSv1.3 (IN), TLS handshake, Server hello (2):{ [122 bytes data]
- TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):{ [25 bytes data]
- TLSv1.3 (IN), TLS handshake, Certificate (11):{ [2087 bytes data]
- TLSv1.3 (IN), TLS handshake, CERT verify (15):{ [79 bytes data]
- TLSv1.3 (IN), TLS handshake, Finished (20):{ [52 bytes data]
- TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):} [1 bytes data]
- TLSv1.3 (OUT), TLS handshake, Finished (20):} [52 bytes data]
- SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
- ALPN: server accepted http/1.1
- Server certificate:
- subject: CN=discovery.midnightbsd.org
- start date: Feb 21 03:25:55 2026 GMT
- expire date: May 22 03:25:54 2026 GMT
- subjectAltName: host "discovery.midnightbsd.org" matched cert's "discovery.midnightbsd.org"
- issuer: C=US; O=Let's Encrypt; CN=E7
- SSL certificate verify ok.
- using HTTP/1.1} [5 bytes data]> GET /ftp/releases/amd64/ISO-IMAGES/4.0.3/MidnightBSD-4.0.3--amd64-disc1.iso HTTP/1.1> Host: discovery.midnightbsd.org> User-Agent: curl/7.88.1> Accept: /> { [5 bytes data]
- TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):{ [297 bytes data]
- TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):{ [297 bytes data]
- old SSL session ID is stale, removing{ [5 bytes data]< HTTP/1.1 200 OK< Date: Wed, 11 Mar 2026 19:17:47 GMT< Server: Apache/2.4.66 (MidnightBSD) OpenSSL/1.1.1w-midnightbsd< Last-Modified: Fri, 06 Mar 2026 14:22:35 GMT< ETag: "3ecf2000-64c5bc8cf7da6"< Accept-Ranges: bytes< Content-Length: 1053761536< Content-Type: application/x-iso9660-image< { [7901 bytes data]2 1004M 2 30.1M 0 0 224k 0 1:16:25 0:02:17 1:14:08 246
Sources
https://midnightbsd.org/notes/
https://midnightbsd.org/download/
#UNIX #BSD #freeBSD #midnightBSD #ghostBSD #programming #distribution #technology #OpenSource
-
Recent reporting alleges multiple data exposures across Mexican government systems, affecting a broad range of public institutions.
If confirmed, the situation illustrates recurring challenges in public-sector security architecture, data segregation, and incident response coordination.
From an InfoSec perspective, this reinforces the need for layered defenses, regular audits, and breach containment planning.
Engage in the discussion and follow @technadu for sober, unbiased cybersecurity analysis.
Source: https://x.com/ivillasenor/status/2006058579703521737
#InfoSec #PublicSectorSecurity #DataProtection #CyberRisk #GovernmentIT #TechNadu
-
Recent reporting alleges multiple data exposures across Mexican government systems, affecting a broad range of public institutions.
If confirmed, the situation illustrates recurring challenges in public-sector security architecture, data segregation, and incident response coordination.
From an InfoSec perspective, this reinforces the need for layered defenses, regular audits, and breach containment planning.
Engage in the discussion and follow @technadu for sober, unbiased cybersecurity analysis.
#InfoSec #PublicSectorSecurity #DataProtection #CyberRisk #GovernmentIT #TechNadu
-
Recent reporting alleges multiple data exposures across Mexican government systems, affecting a broad range of public institutions.
If confirmed, the situation illustrates recurring challenges in public-sector security architecture, data segregation, and incident response coordination.
From an InfoSec perspective, this reinforces the need for layered defenses, regular audits, and breach containment planning.
Engage in the discussion and follow @technadu for sober, unbiased cybersecurity analysis.
Source: https://x.com/ivillasenor/status/2006058579703521737
#InfoSec #PublicSectorSecurity #DataProtection #CyberRisk #GovernmentIT #TechNadu
-
Recent reporting alleges multiple data exposures across Mexican government systems, affecting a broad range of public institutions.
If confirmed, the situation illustrates recurring challenges in public-sector security architecture, data segregation, and incident response coordination.
From an InfoSec perspective, this reinforces the need for layered defenses, regular audits, and breach containment planning.
Engage in the discussion and follow @technadu for sober, unbiased cybersecurity analysis.
Source: https://x.com/ivillasenor/status/2006058579703521737
#InfoSec #PublicSectorSecurity #DataProtection #CyberRisk #GovernmentIT #TechNadu
-
Recent reporting alleges multiple data exposures across Mexican government systems, affecting a broad range of public institutions.
If confirmed, the situation illustrates recurring challenges in public-sector security architecture, data segregation, and incident response coordination.
From an InfoSec perspective, this reinforces the need for layered defenses, regular audits, and breach containment planning.
Engage in the discussion and follow @technadu for sober, unbiased cybersecurity analysis.
Source: https://x.com/ivillasenor/status/2006058579703521737
#InfoSec #PublicSectorSecurity #DataProtection #CyberRisk #GovernmentIT #TechNadu
-
Leaked #TrumpMobile features
- Battery automatically powers down so as not to waste unnecessary energy.
- The people you call need to pay 100% of the cost of connection if they want to talk to you
- Comes in Gorgeous blonde or stunning Brunette chassis, but the CPU is very slow
- All your data is automatically uploaded to DOGE servers
- It only comes with two ringtones, Saudi Arabian and russian anthems
- Made in Chiiiina
- comes with a lifetime subscription to Donnie and hardwired DONATE button
- It has a SUMMON ICE button too
- The battery swells slowly during use expanding chassis
- The feet on the device are lifters 2inches high
- Instead of spell checker it's got word randomiser
- It auto skims any credit cards in the NFC range
-
The Broken Mesh: Why the Fight Between Meshtastic and MeshCore Matters
2,734 words, 14 minutes read time.
The fracture between the Meshtastic and MeshCore projects is a warning that you cannot ignore. For years, people thought a simple, off-grid data net was the answer for when the main lines go down. But now, the community is divided. This is not just a small fight over code. It is a total disagreement on how to handle communication when things get ugly. If you think you are ready just because you bought a cheap radio board and did not bother to learn how the software actually works, you are just a hobbyist playing with toys. The rift between Meshtastic and MeshCore shows how fragile these systems are and why you need to know your gear inside and out. A mesh net is only as good as its weakest link. If you do not master the tech, you are just a dead node in a silent town. We are seeing the growing pains of a decentralized technology that is outstripping the discipline of its users. You must choose your tools based on the reality of the physics, not the popularity of the app. Demand that your firmware be an efficient tool for data transmission, not a bloated social media platform for the 915 MHz band. If you do not take the time to understand the modulation, the packet structure, and the routing logic of the software you flash onto your hardware, you are just a child playing with a walkie-talkie while the grown-ups are trying to build a grid. Mastery of the radio spectrum is not an option; it is a requirement for anyone who claims to be prepared. This split is the first real test of whether civilian mesh can survive the chaos of its own success. You either learn to navigate the airwaves or you signal your own failure. Every packet you send without understanding the cost is a round wasted in a firefight. Stop treating your emergency comms like a smartphone app and start treating it like the life-support system it is. This technical mastery is the difference between a working link and a radio that does nothing but drain your battery in the dark.
Troubleshooting LoRa Mesh Protocol Inefficiency and Network Congestion
The fight between Meshtastic and MeshCore comes down to how they use the radio waves and the small chips that run them. Meshtastic has been the big name for a long time. It uses a flooding method where every radio repeats every message it hears. In the woods, that is fine. In a city with a hundred users, it is a train wreck. The air gets crowded, messages hit each other, and the whole system jams itself. MeshCore did not start because people wanted a new app. It started because the old way is inefficient. The core of the split is about the overhead—the extra data that hitches a ride on every message. Meshtastic adds a lot of features, but those features take up space. MeshCore wants to strip everything down to the bone so the network stays stable. When you have very little room to send data, every extra bit is a mistake. This is a battle between lots of features and it just has to work. If your software is fighting your hardware, you lose. The divergence between Meshtastic and MeshCore is rooted in the physics of the 900 MHz ISM band and the limitations of the ESP32 and nRF52 chipsets. As the node count grows, the airwaves become a chaotic mess of collisions and retransmissions, effectively jamming the very frequency the operators are trying to utilize. While Meshtastic has focused on a feature-rich user experience with a heavy reliance on a specific structure, MeshCore proponents argue for a leaner, more modular approach that prioritizes the stability of the underlying mesh over the bells and whistles of the interface. When you are operating on a low-bandwidth, high-latency medium like LoRa, every byte of overhead is a liability. You either master the protocol or you become a dead node. The math does not lie even if the marketing does. If your network protocol consumes more than ten percent of your bandwidth for heartbeats, your network is dying. Every extra feature in the code is another potential point of failure when the signal gets weak. You have to decide if you want a chat app or a survival tool. The flooding algorithm used by Meshtastic is a blunt instrument that was never meant for high-density urban deployment. It works by simply re-broadcasting every unique packet received until a hop limit is reached. In a sparse environment, this ensures the message gets through by any means necessary. But as the number of nodes increases, the probability of two nodes transmitting at the same time goes up. This leads to packet collisions where neither message is readable. MeshCore attempts to solve this by moving toward a more structured routing system. This means the software tries to figure out the best path for a message instead of just yelling it to everyone. This shift requires a level of technical discipline that many casual users find frustrating. It means the network is less plug-and-play and more of a precision tool. If you want a network that survives a real crisis, you have to move away from the chaos of flooding. You have to understand how the Media Access Control layer handles traffic. You have to know how to set your timing parameters so you are not stepping on your own neighbors. The split is a clear line in the sand between those who want ease of use and those who want engineering reliability. You cannot hide from the physics of the airwaves. Either your packets move or they die in the dirt. Stop assuming the software will fix your bad placement. Fix the engineering or get off the air.
Physics of LoRa Packet Collisions and Signal to Noise Ratio Analysis
To understand this split, you have to look at how these radios actually talk. They use a low-power system called LoRa. It is built for long range, but it is slow. There are strict rules on how long you can broadcast before you have to shut up and let others speak. Because Meshtastic repeats everything, adding more people makes the problem worse fast. This is not a glitch. It is physics. MeshCore was built to change how messages find their path through the net. Instead of everyone yelling at once, it wants a smarter way to move data that does not waste airtime. The split happened because one group likes the safety of repeating everything, while the other wants a clean, quiet network. If your radio is spending eighty percent of its power just saying I am here, you are not communicating—you are just making noise. The split proves that the current path is heading for a crash where no one can get a message through. LoRa is designed for long-range, low-power communication, but it is inherently limited by the Duty Cycle regulations of the FCC Part 15 and similar international bodies. Meshtastic’s current implementation of the flooding protocol means that as you add more users, the probability of packet storms increases exponentially. MeshCore was conceptualized to address the need for a more rigid, perhaps even more disciplined, routing logic that could potentially mitigate the hidden node problem and reduce the airtime usage per packet. The technical fallout between the two development paths stems from a disagreement on how to manage the limited airtime of the ISM band. One camp believes in the resilience of redundant flooding, while the other seeks a more surgical, routed approach to data delivery. This is a matter of Spectral Efficiency. If your mesh is using the majority of its available airtime just to say it exists, you have failed as an operator and an engineer. You are polluting the spectrum with digital noise. This noise prevents emergency traffic from getting through. It creates a false sense of security where people think they have a working link when they actually have a jammed one. You must look at the duty cycle of your own node. If you are transmitting more than one percent of the time in the 900 MHz band, you are likely part of the problem. MeshCore is an attempt to force the network into a more responsible state. It prioritizes the survival of the link over the convenience of the user. This is a hard truth that many do not want to hear. Physics does not care about your feelings or your user interface. It only cares about the signal-to-noise ratio. If your signal is lost in the noise of your own network, you have built nothing but a very expensive paperweight. Every packet sent is a risk. In a real-world scenario, a long transmission can be used to find your location. Flooding makes this risk much higher because your message is repeated over and over by every node in the area. A routed system like what MeshCore aims for reduces this risk by limiting the number of times a message is sent. This is not just about efficiency; it is about security. You have to understand that the airwaves are a shared resource. If you treat them like your own personal garbage dump, you will find yourself alone and unheard when the time comes to actually send a call for help. The split between Meshtastic and MeshCore is a debate over the very future of private, off-grid data. One side wants to make it accessible to everyone, while the other wants to make it work when nothing else does. You have to decide which side of that line you stand on. If you are not monitoring your packet loss and your noise floor, you are not an operator. You are just a passenger in a system that is bound to fail. Stop looking at the colorful screens and start looking at the spectrum. The truth is in the waterfall, not the icons. The physics of 915 MHz demand respect that a plug and play mindset cannot provide.
Off-Grid Communication Solutions and Technical Radio Discipline
The result of this fight is a mess where gear running one software will not talk to gear running the other. For you, that means your radio is a brick if your neighbor is on the other side of the fence. This is how a mesh net dies. A mesh needs everyone to speak the same language. When the builders split, the network breaks. This should wake up anyone who thinks they can just download a file and be safe. The hard truth is that we are seeing a new tech grow too fast for the people using it. You have to pick your tools based on facts, not what looks cool. Demand software that moves data fast and clean. If you do not know how your radio sends a packet or why some settings work better than others, you have no business relying on this in a pinch. The split between Meshtastic and MeshCore is a reminder that in the world of radio, there are no shortcuts. For the operator in the field, this means your gear might be useless if the person three blocks away is running a different branch of the protocol. This is the death of a mesh. A mesh requires a common language, a shared set of timing parameters, and a unified understanding of frequency hopping and spreading factors. When the developers split, the network breaks. This should serve as a wake-up call to anyone who thinks they can outsource their emergency communications to a GitHub repository they do not understand. The split between Meshtastic and MeshCore is a reminder that in the world of RF, there are no shortcuts. If you cannot explain the difference between a Spreading Factor of seven and twelve, or why a 125kHz bandwidth is preferable over 250kHz in a high-noise environment, you have no business relying on these tools. The hard truth is that we are witnessing the growing pains of a decentralized technology that is outstripping the discipline of its users. You must take personal responsibility for your station. This means testing your range with real-world obstacles. It means understanding how your antenna height and gain affect your local mesh. It means being able to re-flash your firmware in the dark while the rain is pouring down. If you cannot do these things, you are not prepared. You are just a collector of electronic gadgets. The discipline of the amateur radio spirit must be applied to these new digital modes. We are losing the technical edge that made the license worth having in the first place. The split is a chance to reset. It is a chance to move away from the appliance operator mindset and back toward the engineering mindset. You should be auditing your own mesh. Look at the traffic logs. See how many packets are being dropped. See how many of your traffic is just node discovery overhead. If you find that your network is inefficient, do not wait for a developer to fix it. Change your settings. Educate your neighbors. If the split leads to a better, more efficient protocol, then it was worth the friction. But if it just leads to two broken networks instead of one, then we have all lost. The practical application of this knowledge is simple: test everything. Do not assume your mesh will work because the light on the board is green. Prove it. Send data over the longest possible path. Monitor the battery drain. Watch the spectrum on an analyzer if you have one. If you do not have the tools to verify your network, you do not have a network. You have a hope. And hope is not a plan for communication. Secure your nodes, harden your protocol, and stop relying on software you have never bothered to read. The day is coming when the only thing between you and the void is the connection you built yourself. Don’t let it be a connection built on laziness. Clean up your messy node or accept that you will be silent when it matters.
Conclusion: The Future of Decentralized Mesh Networks and User Mastery
The discipline of the old-school radio operator has to be applied here or the whole thing will fail. The split between Meshtastic and MeshCore is a call to stop being a lazy user and start being a real operator. We do not have time for good enough when the grid is down. Check your gear, learn the rules of the airwaves, and be ready for a future where the channels are full and the software is broken. Build your setup expecting things to break. There is no room for being soft. Learn the math, understand your range, and make sure every message you send is worth the airtime. The grid is weak, the airwaves are crowded, and your own lack of knowledge is the only thing truly blocking your signal. Fix your gear, learn the system, and stop waiting for someone else to save you. The grid is fragile, the spectrum is finite, and your ignorance is the only thing standing between you and a total blackout. Fix your station, fix your protocol, and stop waiting for someone else to secure your link. The time for playing games with digital toys is over. Mastery is the only way forward. Master the code, master the RF, or stay off the air. This hobby demands engineers, not appliance operators. Be the asset the network needs, not the QRM that kills it. Finalize your build, test the link, and maintain the discipline required to keep the airwaves open for those who truly need them.
Call to Action
Join the Network and Master Your Comms Before the Grid Goes Dark. The split between Meshtastic and MeshCore is a wake-up call for every operator. You cannot afford to be a passive user when the lines of communication are at stake. Whether you choose the feature-rich path or the lean efficiency of the core, the responsibility for a working link lies with you. Don’t wait for a crisis to realize your nodes are misconfigured or your protocol is inefficient. Start auditing your setup today by getting out in the field to find your real-world limits, diving into the spreading factors to clear the noise, and educating your local mesh to ensure your neighborhood stays connected. The airwaves belong to those who master them. Secure your hardware, flash your firmware, and become a reliable node in the decentralized future. Join the conversation, build the grid, and stay off the silent list.
SUPPORTSUBSCRIBECONTACT MED. Bryan King
Sources
- FCC Part 15 Radio Frequency Devices – Federal Communications Commission
- SX1262 LoRa Transceiver Datasheet – Semtech
- Meshtastic Project Documentation – Meshtastic
- A Study of LoRa: Long Range and Low Power Networks for the Internet of Things – IEEE
- The ARRL Handbook for Radio Communications – ARRL
- Guide to Bluetooth Security (RF Protocol Standards) – NIST
- LoRaWAN 1.1 Specification – LoRa Alliance
- Do LoRa Low-Power Wide-Area Networks Scale? – IEEE
- ESP32 Series Datasheet – Espressif Systems
- nRF52840 Product Specification – Nordic Semiconductor
- Terminology for Constrained-Node Networks – IETF
- ITU Handbook on Land Mobile Communications – International Telecommunication Union
- Protocol Buffers Documentation – Google Developers
- Understanding the Basics of LoRa and LoRaWAN – DigiKey
- LoRa Technology: A Technical Overview – NXP Semiconductors
- LoRaWAN Documentation – The Things Network
- Guide to Bluetooth Security – NIST Special Publication
- LoRa Physical Layer Packet Structure – RF Wireless World
- LoRa Wireless Technology – Microchip Technology
- Understanding and Enhancing RF Link Budget – Analog Devices
- LoRaWAN Technology Overview – STMicroelectronics
- Analysis of the Capacity and Scalability of LoRaWAN – ResearchGate
- Fundamentals of the LoRa Physical Layer – EDN Network
- What is LoRa Technology? – everything RF
- Link Budget Basics – Microwaves101
- LoRa Long Range Technology Overview – Texas Instruments
- Scalability of LoRaWAN for Massive IoT Deployment – MDPI Sensors
- Detailed Study of LoRa Low Power Communications – PMC
- 11 Myths About LoRa and LoRaWAN – Electronic Design
- LoRa Modulation Basics – Microwave Journal
Disclaimer:
The views and opinions expressed in this post are solely those of the author. The information provided is based on personal research, experience, and understanding of the subject matter at the time of writing. Readers should consult relevant experts or authorities for specific guidance related to their unique situations.
Related Posts
Rate this:
#915MHz #airtimeOptimization #AmateurRadio #antennaGain #bandwidthManagement #communicationSecurity #communityMesh #constrainedNodes #dataTransmission #DecentralizedNetworks #digitalModes #DisasterRecovery #dutyCycle #emergencyComms #ESP32 #FCCPart15 #firmwareFlashing #floodingProtocol #gridDownComms #hiddenNodeProblem #IoTScalability #ISMBand #linkBudget #LoRa #LoRaWAN #meshNetworking #MeshCore #Meshtastic #networkCongestion #nodeDensity #nRF52840 #offGridCommunication #packetCollisions #packetLoss #protocolOverhead #radioDiscipline #radioFrequency #RFEngineering #RFInterference #routingLogic #signalPropagation #SignalToNoiseRatio #SNR #spectralEfficiency #spreadingFactor #survivalTech #SX1262 #TacticalComms #wirelessProtocols -
Can you guess what's hiding inside? 👀
It's the DL-LID — our laser distance sensor for LoRaWAN®, now available in a brand new weather protection housing and so easy to mount.
Up to 40 m range, 1 mm resolution, battery-powered — reporting back wirelessly through LoRaWAN.
Perfect for:
🔹 Snow level tracking
🔹 Water level & flood monitoring
🔹 Generic rangingSet it up. Walk away. Let it do the distance measurement and send data to you.
About DL-LID: https://buff.ly/XWcN4CH
-
A #Redditor Criticized #ICE. #Trump Is Trying to Unmask Them by Dragging the Company to a #SecretGrandJury.
An ICE summons to get the user’s identity failed. Advocates worry the move to a grand jury signals an escalation of the war on #dissent.
By Ryan Devereaux, April 10, 2026
"Social media giant #Reddit has been ordered to appear before a grand jury in Washington, D.C., as part of a federal effort to unmask anonymous online critics of the Trump administration’s immigration crackdown.
"According to a subpoena obtained by The Intercept, Reddit has until April 14 to provide a wide range of personal data on one of its users, whom U.S. Immigration and Customs Enforcement agents have been trying unsuccessfully to identify for more than a month.
"Attorneys for the Reddit user say their client’s posts and their anonymity are squarely protected under the #FirstAmendment and that ICE’s use of a grand jury marks a disturbing escalation for the agency after seeing its previous efforts to investigate political speech quashed in court. The subpoena was issued by federal prosecutors in the capital after ICE’s effort to identify the same user failed in a Northern California federal court. (The U.S. attorney’s office in Washington declined to comment on the case.)"
Read more:
https://theintercept.com/2026/04/10/reddit-ice-protest-grand-jury/Archived version:
https://archive.ph/ckM2Z -
Shortages, inflation and #Stagnation
The real issue now for the world #economy is the inevitable global shortages of essential commodities, not just oil, but oil products like air fuel and a whole range of raw materials needed to sustain agricultural and industrial production through this year. Already US oil inventory data show steep declines in crude and fuel stockpiles
-
Clean Data, Smart Flows: Automating Data Cleanup in Salesforce Nonprofit Cloud
I had the privilege of presenting at Nonprofit Dreamin, one of the most community-driven Salesforce events on the calendar. With a sold-out crowd of 300 participants, the energy in the room was exactly what you’d hope for when talking about technology that actually matters for mission-driven organizations. It was a great session, and the conversations that followed reminded me why this work matters. For everyone who attended, asked questions, or tracked me down afterward, thank you. Here’s a deeper look at everything we covered.
The Case for Clean Data in Nonprofit Cloud
Every Nonprofit wants to make decisions grounded in accurate, real-time data. But as any Salesforce professional knows, “accurate data” doesn’t just happen on its own. It requires deliberate architecture, thoughtful automation, and a clear understanding of which tools belong where.
In Salesforce Nonprofit Cloud (NPC), that challenge is multiplied. Built on the Salesforce Industries architecture, NPC introduces a purpose-built data model with Person Accounts, Gift Commitments, Gift Transactions, and volunteer management objects that all need to stay tightly synchronized. The good news? Salesforce Flow, especially with the addition of the Transform element, has become a powerful enough tool to handle both the data hygiene work and the complex calculations your fundraising and volunteer teams depend on, without touching your DPE credit limits.
This post covers two interconnected use cases: automating data sanitization for volunteer management and building advanced donor fulfillment calculations with Flow, including the new Transform element. Together, they demonstrate what’s possible when clean data and smart automation work in concert.
Why Clean Data Is the Non-Negotiable Starting Point
Before we get into calculations and check-in flows, let’s establish something foundational: none of this works without clean data.
In the Salesforce world, “clean data” means records that are accurate, consistent, and free of duplicates. For admins, this has always been best practice. But with the rise of AI Agents, autonomous programs that can execute real transactions inside your org, data quality has become a hard requirement. AI is only as good as what it’s grounded in. Garbage in, garbage out, and now that garbage can trigger a bad transaction at scale.
In NPC specifically, clean data is the backbone of reliable volunteer coordination, accurate donor reporting, and eventually, trustworthy AI-assisted fundraising. One of the most common, and most overlooked, data quality issues is mobile phone formatting.
Part 1: Automating Data Sanitization with Record-Triggered Flow
Volunteers check in using their last name and mobile phone number. That sounds simple until you realize that the same phone number can be stored dozens of different ways: (512) 555-0100, 512-555-0100, 5125550100, 512 555 0100. When a Get Records element tries to match on an exact value, any inconsistency breaks the lookup.
The fix is a record-triggered flow that strips all non-digit characters from the mobile phone field the moment a Person Account is created or updated.
Person Account
A person account is a Salesforce record type that combines Account and Contact into a single entity, allowing you to manage individuals like donors or volunteers without needing a separate business account record. NPC relies on Person Accounts as its primary constituent record.
The “Clean Mobile Phone” Flow
This flow runs when a Person Account is created, or when the mobile phone field is changed and is not blank. The sanitization logic uses a chained SUBSTITUTE formula that removes spaces, dashes, and parentheses in sequence, leaving only pure digits. The result: a consistent, matchable value in every record.
If you need flexibility, there are alternatives. Validation rules can reject improperly formatted entries at the point of save, preventing the problem before it’s created. Scheduled flows can run as a daily batch job to clean up any legacy data that snuck through before your automation was in place. For most organizations, a combination of all three provides the most airtight coverage.
Part 2: Reactive Screen Flows for Volunteer Check-In
Once your data is clean, you can build experiences that actually work. In NPC, volunteer management tracks jobs, positions, and shifts, and getting volunteers into the right slot quickly is a real operational challenge.
Rather than relying on a standard digital experience site, we built a custom screen flow that leverages reactive functionality: the ability for a screen to update dynamically based on user input without navigating to a new page.
Reactive Screen Flow
A reactive screen flow allows components on the same screen to communicate with each other in real time. A data table can update the moment a user types a search term or makes a selection, with no page reload.
How the Check-In Flow Works
The volunteer enters their last name and mobile phone number. Because we’ve already sanitized the phone field, the Get Records query finds an exact match reliably. If no match exists, a warning screen appears immediately.
From there, a data table displays available jobs, such as “Food Distribution.” Once the volunteer selects a job, a Screen Action triggers an auto-launched subflow in the background.
That subflow queries available shifts for that specific day and passes them back to a second data table on the same screen. The volunteer selects their shift and clicks Next, and the flow creates a Job Position Assignment record with a status of “Complete.” Clean, fast, no paper sign-in sheet required.
Part 3: Complex Donor Fulfillment Calculations with Flow and the Transform Element
With volunteers managed and data sanitized, let’s look at the other side of the NPC operation: donor management. Here, the goal is to give fundraising teams a real-time snapshot of donor health directly on the Account page.
Specifically, we want to calculate three things for each donor:
Current Year Gift Commitment: The donor’s pledge for the year. In NPC’s data model, this tracks promises rather than payments.
Current Year Paid Amount: The total actually received via Gift Transactions. A single commitment can have multiple transactions associated with it as the donor makes payments over time.
Fulfillment Rate and Membership Level: The percentage of the commitment that’s been paid, and a tiered classification (Gold, Silver, Bronze) based on actual payments.
Why Flow Instead of DPE?
NPC includes pre-built Data Processing Engine (DPE) calculations for Donor Gift Summary. Think of DPE as a mini-ETL tool built directly into Salesforce, designed to handle millions of records with joins, filters, and aggregations that would push a standard Flow to its governor limits. It’s powerful, but it comes with two significant constraints: a steep learning curve that many admins haven’t climbed yet, and a license-based DPE credit limit that can be exhausted quickly if calculations run in real time or too frequently.
Flow provides a low-code alternative that doesn’t count against those credits, making it the right choice for on-demand or daily updates across mid-sized datasets. The golden rule: always use the tool you already know if it fits the case at hand.
Step 1: The Auto-Launched Subflow
We start by building an Auto-Launched Flow to house all the calculation logic. Keeping the math in a subflow means the same logic can be triggered by a user button, a nightly schedule, or an automated event, without ever rebuilding it.
The flow takes three input variables: the Account ID we’re processing, a StartDate, and an EndDate. Formulas handle null inputs gracefully, defaulting to January 1st of the current year and today’s date respectively, so the flow still works if those values aren’t provided.
Two Get Records elements pull the data. The first retrieves Gift Commitments filtered by DonorId and EffectiveStartDate within the selected range. The second retrieves Gift Transactions for the same donor where Status is Paid and TransactionDate falls within range.
The Transform Element
This is where Flow Builder has meaningfully evolved. The Transform element allows you to map and aggregate data collections without the traditional Loop + Assignment pattern. Instead of iterating through every transaction record manually, we point the Transform element at the Gift Transactions collection, set the target to a currency variable, select Sum, and choose the Amount field. The element does the rest. Repeat the process for Gift Commitments.
This approach is bulkified by design and significantly easier to debug than a loop-based alternative.
Categorization via Formulas
A nested IF formula handles Membership Level assignment: Bronze for paid amounts under $50,000, Silver up to $100,000, and Gold above that. A separate formula calculates the Fulfillment Rate as a percentage. Both formulas include null checks to handle donors who have commitments but no transactions yet.
Step 2: The Screen Flow and Quick Action
The subflow handles all three rollups in a single execution: total paid amount, total commitment, and the derived fulfillment rate and membership tier. The Screen Flow itself grabs the Account ID from the page, passes it into the subflow, receives the calculated values back, and writes them to custom fields on the Account using an Update Records element. A Flow Message component displays a toast-style confirmation to the user when the calculation is complete.
Step 3: Nightly Automation via Scheduled Flow
A button is great for one-off checks. But data goes stale. The subflow architecture makes automation straightforward: a Schedule-Triggered Flow runs nightly at 8:00 PM, loops through all active donor Accounts, and calls the same subflow we built for the button. Every morning, the fundraising team logs in to dashboards and Account views that are already current.
Conclusion
Clean data and efficient automation are the engine of nonprofit effectiveness. Accurate volunteer check-ins mean accurate service records. Accurate service records mean accurate outcome data. And accurate outcome data is what allows organizations to apply for larger grants, deepen constituent relationships, and scale their mission year over year.
The same principle applies on the donor side. When gift fulfillment data is reliable and up to date, fundraising teams can have better conversations, identify at-risk donors earlier, and make the case for continued investment with confidence.
With NPC’s purpose-built data model and Flow’s growing capabilities, especially the Transform element, there has never been a better time to consolidate your automation strategy around tools your team already understands. The result is an org that’s not just manageable, but genuinely ready for whatever comes next, including AI.
Want to walk through these builds step by step? The Clean Data Playbook is available FREE on Flow Canvas Academy.
Explore related content:
Mastering Data Rollups in Nonprofit Cloud
What Nonprofits Taught Me About Building Salesforce for Humans, Not Just Systems
Salesforce NPSP vs Nonprofit Cloud Consultant Certifications
How the Salesforce Architecture Program Is Being Rebuilt with the Community
#Nonprofit #NonprofitCloud #NPC #NPSP #SalesforceAdmins #SalesforceDevelopers #SalesforceHowTo #SalesforceTutorials -
Alekhines Gun’s, ClarkKent’s and Owlswald’s Top Ten(ish) of 2025 By Steel DruhmAlekhines Gun
It’s genuinely surreal to be writing this article. This Gun found his whole life flipped upside down literally on New Year’s Eve, in a new town, a new state, unemployed, and with nothing to do but review. By God’s grace, I’ve managed to find an actual career in my new town, walking into a new industry with nothing on my resume but exuberance and enthusiasm.1 This blog, with its incredible set of writers who inspire me daily, and readership who prove endearing and exasperating in equal measure, has been a rare moment of consistency in a year filled with professional and personal uncertainty. I didn’t get to listen to nearly as many albums as I’d hoped to, thanks to this being such a transitional year for my life, and perhaps in years to come, I’ll look back on this list in annoyance. But for the moment, it stands as a monument of achievement; of personal growth and practical accomplishment, and I’m immensely grateful to every reader and commenter for being along with me on this journey.
My thanks to The Angry One for giving me a second chance in my n00b days when it became clear I didn’t understand the assignment; I hope you don’t regret your choice too much.2 Thanks to the main AMG staff for being so friendly and welcoming, especially Mystikus Hugebeard, Dear Hollow, Twelve, and Kenstrosity. My eternal fealty to Steel for enduring what I imagine was an unbearable amount of stupid questions and formatting issues as I got my sea legs under me, and continue to see how much I have yet to grow as a writer.
And lastly, all my love and an Eternal Hails to my Freezer Freak brethren – Tyme, Killjoy, Owlswald, and Clark Kent. You guys were the best n00b class a guy could ask to come up with, and it has been such a privilege to have been formally writing alongside the four of you this year and call you friends as well as colleagues. Cheers to many more.
#Ish: Phobocosm // Gateway – Late release or no, it only took one listen to know this was something I needed in my life. Unrelenting in its atmosphere and with a tone like being devoured by vampire bats, Gateway doesn’t want for a plethora of oppressive moments and maintains its bleakness with admirable consistency. With interludes that function more like proper instrumentals between the more heavy cuts, Phobocosm rotate between blunt force trauma and existential despair in equal measure, flattening brain marrow with kaiju-sized stomptastic riffs only to throw you haplessly into depressive and gloom-drenched melodies the next. The rare kind of death metal peak for a rainy day, open up the gate and let it take you on a journey you might not come back from.
#10: Ancient Death // Ego Dissolution – Ancient Death is a testimony to why you should always read our foul filter excavations. Boasting a styling of, dare I say, classier old school deathisms with a healthy dollop of melody and chuggathons for days, Ego Dissolution is a mighty slab indeed. Kenstrosity quite correctly heaped praise on this release for its rare tonal fusion of Death and The Chasm, and beyond that, it has excellently implemented clean vocals, subtle synth work to bolster doomier moments, and riffs which transition from bludgeoning to esoteric in a heartbeat. Solos are peak, as all good death requires, atmospheres are coated in muck and mire without being underproduced, and even the instrumental stands out as a solid step in the journey on offer. Ego Dissolution deserves better than being a footnote in the annals of filter history, representing a highbrow slab of quality in mood-setting while still offering up violence at every turn.
#9: Teitanblood // From the Visceral Abyss – These void-worshipers have crafted an album that straddles the line of black, death, and war metal so flawlessly that every trip to their abyss leaves me exhausted and battered, but utterly enthralled. A flawless fusion of riff and atmosphere in equal measure, every ingredient from the militant drumming to the cacophonous vocals is a means to an end, and whether you’re in it more for the former or the latter is entirely irrelevant. Few albums manage to transcend being a collection of tracks into being a completed whole body of work so smoothly, and From the Visceral Abyss does so with blackened bile pouring through pounding through its poisoned veins. Disconcerting in its antagonism yet enthralling in the exactness of its vision, Teitanblood remains an auditory scrying mirror into the deepest pits that we were never meant to gaze upon.
#8: Imperial Triumphant // Goldstar – Goldstar is exactly what I had hoped for after the excessively out-there of their previous release: A more riff-centric album, which only just scales down the weird to let the approachability shine through like bait on the unsuspecting listener. To be sure, the alien Gorguts and Voivodisms remain, but this album takes a flavor similar to Alphaville3 and it builds its progressivism on the bones of licks and riffs which don’t take twenty listens to decipher before their foundation is made clear. Virtuoso musicianship remains at a peak, but as the tagline “Nine Class ‘A’ Songs” suggests, Imperial Triumphant have opted less to overwhelm the listener as much as flex on them, with fantastic results. A great introduction if you’re new to the band, and an enthralling listen for the jazz enthusiast and avant-garde black metal fan alike.
#7: Kalaveraztekah // Nikan Axkan – I underrated this a bit during the initial rodeo. While my complaints about the treble-heavy lack of bottom end remain, this is a masterfully composed record which continues to reveal new moments of wonder with each spin. Riffs designed to evoke thematic atmosphere and crush skulls in equal measure abound (“Nikan Axkan”) while remembering to summon the native beauty of the Aztec backdrop (“Yowaltekuhtli”) with skill. Lurching into Morbid Angel flirtations laced with delightful indigenous beats one minute and having haunting clean vocals drenched with horror and ritualism the next, this album is a whirlwind of a listen, a journey through primal soundscapes and human history meshed with technical prowess and grace. Hopefully someone picks them up soon, as they are well deserving of a bigger spotlight, and if you missed our rodeo on this release (shame on you) then you owe it to yourself to give it a listen.
#6: Labryinthus Stellarum // Rift in Reality – When I was very young, trancecore was one of the first “heavy” sounds I cut my teeth on, and consequently, my earballs feel right at home in these rifts. Impossibly catchy without being so simple as to offend my intelligence, and featuring electronics that have as much diversity and life in them as any guitar tone, Rift in Reality is a testimony that you can make techno and metal work on albums not named The Key. The blackened production stands in sharp contrast to the piercing, cosmic-echo cleanliness of the electronics, which are always spearheading the melodies but never at the cost of the full band’s heft and power. Spreading their songwriting wings a bit from the last release in more intricate melodies, a smattering of breakdowns, and heavier use of cleans has afforded Labryinthus Stellarum more personality than gimmickries, and I can’t wait to see where they go from here.
#5: Oskoreien // Hollow Fangs – It’s been a decent year for the more raw elements of black metal, but these fangs poisoned all who stood in their way. Somehow catchy in its simplicity yet not devoid of moving melodies, Hollow Fangs isn’t as much an innovation of the thing as much as the thing done at peak quality and skill. The cold tones reinforce the melancholy on display in the chord progressions, while the occasional leads sound more introspective than meandering despite their lack of raw noodlage. While I agree with the spirit of Owlswald‘s criticisms, I cannot deny that I continue to be drawn to this record despite its warts. Hollow Fangs has managed to set itself apart this year while not doing much out of the ordinary, containing that X factor that finds me reaching out to it over and over again.
#4: Blut Aus Nord // Ethereal Horizons – Like all good Blut Aus Nord albums, I had to let this album come to me, but once it did, it shows no signs of letting up. Somehow sidestepping the melodic trappings of the Memoria Vetusta series into something far more hypnotic yet no less deep in scope, Ethereal Horizons places all its stock on triumphant hypnosis. With nods to several chapters towards the band’s era in composition and production alike, the French kings use the building blocks of their dissonant works and claustrophobic atmospheres to construct something liberating and uplifting, with even the momentary bouts of darkness more atmospheric than truly grueling. I suspect we will find Ethereal Horizons to be an important stepping stone for the next chapter of blackened adventure. For now, adjust expectations away from whatever sequel you were hoping for in their litany of journeys and accept the new horizons showing just past the dawn.
#3: Cryptopsy // An Insatiable Violence – I was an admitted latecomer to the Cryptopsy brand, stumbling upon their excellent Book of Suffering EPs some years ago. Consequently, I’ve been a staunch defender of their modern era even as I dove backward into the classics and peculiarities. An Insatiable Violence smacks with a validation of all my affections, keeping the technical might while continuing to grow in groovy, melodic directions. True, I should have been a tad harder on the production of the drum tones than I was in my initial review, but tough tiddlywinks. From the sky-piercing beauty of the solo in the opening track “The Nimis Adoration” to the bookending body blow of “Malignant Needs,” this album remains a quality offering of the most elite of brutal death. Succinct in length but with twice the riff-to-minute factor, Cryptopsy stands supreme at the top of the more violent end of the musical spectrum this year.
#2: Messa // The Spin – While part of me deeply misses the droning elements and slightly crustier tone of Belfry, there’s no denying the spiritual journey this album takes me on with each listen. The embodiment of a grower, what begins as a somewhat underwhelming (compared to previous efforts) listen slowly unfurls itself to be an excellently realized, meticulously composed release. Look no further than album highlight “The Dress” for riffs that border more on twangy than “crushing” and yet pack the spirit of the doomiest doom in each measure. Vocalist Sara continues to up her harmonization game with double and triple-tracked melodies that reach right into my soul. Though The Spin is relatively light in guitar tone, each listen reveals a weight and power hidden from track to track, and the fantastic album closer “Thicker Blood” instinctively has me reaching out to replay the album as soon as it ends. Truly gorgeous.
#1: Aran Angmar // Ordo Diabolicum – Since plucking this record at random with no prior knowledge or expectations from the pit, Aran Angmar has stuck with me through professional and personal challenges and victories, tragedies and triumphs, in a manner befitting the greatest of Greek black metal. The harmonized leads in “Chariots of Fire” still dwell rent-free in my head, and the wailing clean vocals of the kickoff track “Dungeons of the Damned” still get my blood pumping every time. Excellent for cleaning your impossibly filthy house, working on a long overdue job project, or slaughtering your enemies by the hundreds in equal measure, Ordo Diabolicum is the sound of perseverance rewarded, of effort given and blood shed for a higher purpose, and actually witnessing the payoff with your own eyes. Sidestepping the tropes of evil for something so supremely triumphant is a move that has paid big dividends for this outfit, and while blackened to its core, few soundtracks have encouraged me to keep on keepin’ on like this has. A monstrous record to declare war on whatever oppresses you.
Honorable Mentions:
- Mutagenic Host // The Diseased Machine – Designed to reduce one’s gluteus maximus into a shape far more concave, this is a youthful release wise beyond its years in bringing the pain and infecting all in its wake.
- Qrixkuor // The Womb of the World – Bringing in an actual symphonic performance has somehow rendered this cavernous sound even more daunting. At once engaging and uncomfortable, this is an album for those who find beauty in the most repulsive of darkened shrines.
ClarkKent
When I first discovered the Angry Metal Guy blog back in 2021,4 it was during a period of transition in my life, as COVID spurred a career transition out of teaching and, eventually, into data analytics. At the time, my metal tastes were limited to more well-known acts like Metallica and Iron Maiden, with forays into Opeth, Enslaved, and Ayreon. Boy, did this blog expand my horizon. Between taking online classes and staying home with my two kids, I devoured AMG reviews and dove into the vast ocean of metal acts that both the writers and commenters introduced me to. And then, when Angry Metal Guy put out the casting call later that year, I was out of a job and always wanted to be a writer, so I thought, Why not? Little did I know this decision would see me stored in a freezer for four long years. Thankfully, when I thawed out last year, it was with four great guys who all kept each other sane during our n00bship: Alekhines Gun, Tyme, Killjoy, and Owlswald. I’m happy to have had their camaraderie and friendship, and I’m stoked that all five of us were demoted to staff writers. I am also grateful to Steel Druhm and Angry Metal Guy for bringing me aboard, despite my horrid taste, and to Dolphin Whisperer and Maddog for their helpful tips and feedback on my drafts. As Steel would say, you guys were gentle, yet brutal, and in the best possible way. With 2025 proving a stressful year, largely due to increasing work demands, listening to promos and writing reviews has proven a helpful outlet. I’m looking forward to an awesome 2026.
#ish. Bloodletter // Leave the Light Behind — While staying true to their melothrash sound, Bloodletter continues to improve in their songwriting year after year. This is easily their best and my favorite thrash record of the year, in a year where not much thrash really stood out to me. The tight songwriting, the energy, and the melodic leads are all top-notch, and this one stands up even after repeated spins.
#10. Wings of Steel // Winds of Time — This was one of my favorite reviews to write in 2025. Not just because the album was big and fun, with big bombastic numbers like the opening song “Winds of Time,” or tight and speedy cuts like “Saints and Sinners,” or ballads like “Crying,” or my song of the year, “Flight of the Eagle.” It gave me the rare opportunity to write fart jokes and the even rarer chance to “steal” a promo from Steel. So many throwback classic metal bands sound like they belong in that older time, but Wings of Steel sound timeless—they could belong in the new and the then all at the same time.
#9. Besna // Krásno — While I’m not typically drawn to post-metal, Besna’s Krásno proves an exception. The harsh guitar tones and vocals provide an alluring contrast with the catchy melodic tremolos. Despite its brief length, this is a surprisingly progressive album. Each song reveals a beauty to Besna’s songwriting and musicianship, and that album art is gorgeous, to boot. I love everything Besna does here, and this proved to be just the beginning of what was a strong start to 2025.
#8. Green Carnation // A Dark Poem Part I: The Shores of Melancholia — I’m glad Doc Grier introduced Green Carnation to me when Leaves of Yesteryear topped his 2020 list. I love this band, and this record is no exception. It has six tracks of pure earworm and ends up being one of the catchiest albums of the year. These guys know how to write songs that make you feel good and want to dance and sing along to. What’s more exciting is that this is the first of a planned trilogy, so hopefully that means we don’t have to wait long for the next one.
#7. Phantom Spell // Heather and Hearth — Heather and Hearth is like a time machine, one taking you back to ’70s era prog. Man, it’s a lot of fun. It’s catchy and bright—a shining beacon amidst a horde of brutal, violent metal. This is packed to the gills with hooks, from spry riffs to feel-good synths to memorable choruses. Metal rarely puts a smile on your face without sounding like cheesy power metal à la Fellowship, but Phantom Spell does it here. Apparently, this kind of bright and cheery metal was just what I needed this year, and it proved a nice summer balm.
#6. Atlantic // Timeworn — When I first listened to this earlier in the year, I just assumed it was the work of an established, well-known band. So it was a surprise to learn Timeworn was actually the debut from a relative newcomer in Callan Hoy. Something about 2025 has drawn me towards these uplifting albums that burst with good feelings and catchy melodies. For the 34 minutes I spend with this, I just get lost in the currents of the tremolos and blast beats and, at least for a moment, live in a world of calm and bliss.
#5. In the Woods… // Otra — This sort of melodic, catchy metal is my kryptonite. In the Woods… plays the kind of songs that get lodged in my brain, and I start whistling them while doing my grocery shopping, drawing funny looks. I’d never heard of these guys until Grier’s review earlier this year, and now I’m thinking maybe I should dive into their back catalog. More worryingly, this is the second album on my list that Grier gave a glowing review for. That means either he actually has good taste, or my taste is just as bad as his.
#4. Oromet // The Sinking Isle — If I had a time machine, I’d go back and rate this one a little higher. This isn’t a “marathon” like some of Bell Witch’s records, nor a piece of crushing funeral doom, nor one that makes extensive use of silence. It is introspective, full of surprises, and melodic. It also came at a period in my life when work was particularly stressful. Playing this helped provide me with some solace and calm as I took in the beautiful compositions. These guys have a bright future ahead of them.
#3. Deafheaven // Lonely People with Power — After the misstep that was Infinite Granite, it’s nice to see Deafheaven back to form. I was ready to write them off, but thanks to Doom_et_Al’s impassioned words, I excitedly dove in. I’m glad I did. I now know their form of shoegaze-y black metal is divisive among metal fans (I was clueless about this fact when I first discovered them), but I don’t care, and I still love it. It’s just so easy to get lost in those lush guitar tones and harsh rasps. It’s tough to pick out any one tune as a standout because it’s the experience of the record as a whole that is so rewarding.
#2. In Mourning // The Immortal — This is a remarkable piece of melodic progressive death. I hadn’t heard of In Mourning until Kenstrosity and the other AMG staffers started talking them up ahead of this release. It seems I’ve really missed out and need to fix that. The Immortal is just about perfect. From song craft to musical performances, these guys nail it. From the beautiful guitar tones to the excellent combo of clean and harsh vox to the memorable melodies, The Immortal is an emotional tour de force that grows more majestic with each spin.
#1. Tómarúm // Beyond Obsidian Euphoria — When I first moved away from more mainstream metal acts, it was progressive death bands like Tómarúm that drew me in. Opeth, Between the Buried and Me, Enslaved, and Ayreon opened up my ears to the reward of listening to songs that reveal new layers and depth with repeated listening. Each year, one or two prog death records climb high in my rankings, and this year that mantle belongs to Tómarúm. This record is massive, and the more time I spend with it, the more depths I plumb, and I find that it contains never-ending riches. There are just so many surprises—the technicality, the speed, the melodies—even some flutes! As great as the debut was, these guys have only gotten better and have earned a spot as one of my current favorites in the genre, along with Iotunn and Dvne. This is the kind of album I love to get lost in—it’s pure bliss.
Honorable Mentions
- Empyrean Sanctum // Detachment from Reality — This passion project from Justin Kellerman may not have impressed my Rodeo-mates as much as me, but I strongly connected with it due to dynamic songwriting and inspired performances.
- Skaldr // Samsr — This was initially a lot higher on my list, but it didn’t hold up as well as it did back in January. Still, it’s a remarkable bit of melodic black metal and good enough to rank as among the best of 2025.
- Aephenamer // Utopie — Melodic and symphonic metal with superb songwriting? Sign me up. This latest from Aephenamer is just so dynamic and fun, and it’s another great effort from a reliably high-quality group. The last couple of songs are absolute beauties.
- An Abstract Illusion // The Sleeping City — This may not be as strong as their older stuff, but it’s still incredibly moving. The introduction of synths charts a new direction for the band, but they make it work with some gorgeous atmospherics.
Songs o’ the Year
1. Wings of Steel — “Flight of the Eagle” 2. Lord of the Lost — “One of Us Will Be Next” 3. In the Woods — “Let Me Sing” 4. Hanging Garden — “Morgan’s Trail” 5. Fer de Lance — “Fires on the Mountainside” 6. Tómarúm — “Shed this Erroneous Skin” 7. Green Carnation — “In Your Paradise” 8. Structure — “Will I Deserve It?” 9. Atlantic — “Voyages” 10. In Mourning — “Staghorn” 11. Dolven — “You’ve Chosen”
Owlswald
I’ve finally made it to the end of my first year on staff, culminating with my inaugural list. This time last year, I was deep in the throes of my n00bdom and watched from the dark confines of the dungeon as many of my Freezer Crew brethren shared their initial staff lists. And as stoked as I was for my mates, I couldn’t help but feel a bit jealous that I was still toiling with cleanup detail as an unnamed shadow. But the wheel of ascent turns for us all. After a few more months surviving on table scraps and standing water, our Managing Ape unlocked my cage, releasing me at last into the aviary and the promised start of my pledged service bound labor.
Though my escape from the rookery took longer, that extended time was not without its merits. Reviewing is a skill that must be honed like any other, and although metal—and music generally—has been an essential part of my life since I was young, it has admittedly taken longer for me to truly articulate the “why.” Anyone can declare an album “good” or “bad,” but developing and communicating the rationale is an entirely different discipline. A discipline that I believe I have improved over my first year as a writer here, and one that I look forward to developing further with more time in the seat.
My thanks go out, first and foremost, to Steel and AMG Himself for granting me the opportunity to contribute to this very special, longstanding community and for the monumental trust they have placed in me. Specifically, the trust that I wouldn’t utterly trash the place—a faith I’ve done my best to test (More on one attempt below). I must also thank my fellow writers—both old and new, including those now in the annals of AMG—who I’ve read for years and whose work continues to inspire me. And last, but certainly not least, I thank all of you who read, comment and visit the site regularly. The reality that my thoughts command even a sliver of your precious time remains utterly surreal. For that connection, I am truly honored.
Taking this good energy and running with it, let’s get to the list!
#ish. Harvested // Dysthymia – I wouldn’t have believed you if you’d told me at the start of the year that my first list would be kicked off by an unsigned band. But here we are, and Harvested’s self-released debut, Dysthymia, deserves the honor because it fucking rules. Operating in the sweet spot between Decapitated and Cattle Decapitation, the album boasts one of the best guitar tones of the year. These Canadians flaunt a songwriting maturity that many veteran groups twice their age still haven’t found—a sound that is as bone-crushingly heavy as it is technically brutal. I have been spinning Dysthymia regularly since its release, and highlight tracks like “Unending Madness” and “Gathered and Deluded” make primo Heavy Moves Heavy additions.
#10. Jade // Mysteries of a Flowery Dream – Some albums demand the right conditions and the listener’s utmost attention to enjoy fully, and Jade’s Mysteries of a Flowery Dream is such a record. Though it took a while for their sophomore effort to envelop me in its dark, murky, and oscillating guise, I’m glad I remained patient because the payoff was huge. This Barcelonian quartet has created a sensory-rich listening experience that is as immersive as it is complex and dynamic, featuring superb songwriting intertwined with recurrent themes and soaring leads that ensure the album’s 43 minutes feel unified and purposeful. Achieving this level of cohesive, complex dynamism is a feat that is incredibly hard to execute well, which makes Mysteries of a Flowery Dream all the more impressive.
#9. Pillars of Cacophony // Paralipomena – Each year, one tech-death record usually carves out a spot on my list. Last year, Apogean’s Cyberstrictive set an incredibly high bar, taking album of the year honors with its near-perfect blend of hook-laden guitar maneuvers and groove-focused rhythms. While tech-death won’t be repeating as champion in 2025, Pillars of Cacophony are nonetheless representing the genre in a major way with Paralipomena. The album showcases multi-instrumentalist Dominik’s talents in crafting unsettling, unpredictable soundscapes filled with propulsive fretwork, dissonant phrases, and kinetic rhythmic patterns. Drawing directly from Dominik’s own research as a bioscientist, Paralipomena coils science with the aural might of death metal to create a record that is as conceptually authentic as it is musically captivating.
#8. King Witch // III – Doom—and more specifically stoner—has always been hit-or-miss to these ears. But on III, Scotland’s King Witch grabbed the best parts of the genre and compressed them into a Seattle-made mold of hard rock and grunge that immediately won me over. The album is the culmination of the group’s artistic evolution, combining the strong songwriting of their debut with the dynamic shifts of their follow-up. Guitarist Jamie Gilchrist and bassist Rory Lee assemble a sophisticated foundation of earthmoving, genre-bending riffs that perfectly augment the star power of vocalist Laura Donnelly, whose Chris Cornell-like range and Janis Joplin grit give the material undeniable power and command. The result is a sound that elevates III far beyond typical doom boundaries into one of the year’s best records.
#7. Agriculture // The Spiritual Sound – I initially missed Agriculture’s self-titled debut and follow-up EP, so The Spiritual Sound was my first introduction to this Californian black metal outfit. But after months of having this record on constant rotation—and seeing their live show—I can confidently conclude they are one of the most innovative and unique black metal groups operating right now. Self-dubbed as “ecstatic black metal,” Agriculture shatters convention by challenging the dark extremity of the genre with a patchwork of math rock, shoegaze, noise, and folk influences. Powered by Leah Levinson’s manic, shifting vocals and inventive guitar work from Dan Meyer and Richard Chowenhill, The Spiritual Sound is a genre-defying record that is both unpredictable and intensely authentic.
#6. Cryptopsy // An Insatiable Violence – Outside of my admiration for fellow drummer extraordinaire Flo Mounier, I have to admit that I had more or less forgotten about Cryptopsy after 2012’s self-titled album. Thanks to my fellow Freezer Crew brother Alekhines Gun, I gave them another go, and An Insatiable Violence hit me like a ton of bricks, forcing me to quickly figure out how to start begging these Canadians for forgiveness. From Matt McGachy’s unique, manic screams to Mounier’s pummeling gravity blasts and double-bass to Christian Donaldson’s “waltz-rooted chuggathons” and fret noises, every aspect of An Insatiable Violence is crystal clear, full of groove and hits like a fucking tank. Needless to say, I won’t be making the same mistake twice, and these death metal legends now have my full attention again.
#5. …and Oceans // The Regeneration Itinerary – Being a longtime fan of these multifarious Finns, I rejoiced when they returned from an extended hiatus in 2020 with Cosmic World Mother. Yet, as strong as that album—and follow-up As in Gardens, So in Tombs—was, it didn’t have the same symphonic and eclectic oomph as The Dynamic Gallery of Thoughts or The Symmetry of I – The Circle of O. Much to my pleasure, The Regeneration Itinerary is a riveting return to form for …and Oceans, returning to their symphonic, frenetic and blackened sound of yore while maintaining the incisiveness of their modern form. This album is peppered with their classic trademarks, and “Prophetical Mercury Implement” is the best song the group has written in decades. After taking a couple of albums to get their groove back, The Regeneration Itinerary is evidence that …and Oceans has found it again.
#4. Messa // The Spin – Messa’s fourth full-length marks the second doom record on my list (and the second led by a badass frontwoman). On The Spin, Messa continues to evolve their progressive identity, imbuing their sound with flavors of 80’s dark post-punk and gothic rock that evoke the haunting architecture of early Killing Joke. While Sara’s vocals may not possess the same boisterous power as Laura Donnelly’s, her spellbinding presence and seductive delivery make The Spin simply irresistible. Guitarist Alberto complements Sara’s bewitching and buttery croons with sparkling arpeggios and overdriven solos steeped heavily in the classic occult groups of the ’70s. It’s clear Messa is operating on a completely different level than their peers, and I can’t get enough of The Spin.
#3. Buried Realm // The Dormant Darkness – You always remember your first. Buried Realm’s The Dormant Darkness was my first full review on staff, a record that I am forever grateful Twelve decided to waive his seniority over and allow my newly-clipped wings to review because it ended up surprising the hell out of me. Josh Dummer’s technical melodeath project came out firing on all cylinders with its third album, upping the virtuosity with a slew of new guests. It is full of highlights, memorable hooks, and technically impressive solos and is a non-stop blast. In fact, I loved The Dormant Darkness so much that I committed the cardinal sin of breaking the score counter immediately—an action that can quickly get one thrown into the woodchipper of despair. Luckily, I am still here to tell the tale, and now I have my love of The Dormant Darkness to show for it.
#2. Tómarúm // Beyond Obsidian Euphoria – If there was ever a year for me to look for a #1A/#1B scenario, this would have been it, as I floundered back and forth between this album and my #1 pick. Chalk it up to indecision or whatever you must, but ultimately, one can’t go wrong with either in this instance. In short, Tómarúm’s Beyond Obsidian Euphoria is long-form progressive death metal greatness. Razor-sharp technicality, sparkling melodicism, and excellent songwriting form a weighty spirit that counterbalances crushing heft with airy refrains that move and flow seamlessly across its rewarding 70-minute runtime. There isn’t much more I can say here that Sponge-fren Ken‘s aptly penned review didn’t capture already, outside of stating that Tómarúm‘s opus is as close to perfect in both structure and execution as one can get. To put it simply, it’s a triumph.
#1. In Mourning // The Immortal – Speaking of perfection, In Mourning have achieved such a standard with their latest melodeath offering, The Immortal. After our Almighty Overlord listened to The Immortal following the flurry of votes the record received for August’s Record O’ the Month, he responded with a few choice words that captured my thoughts about the album succinctly: “Damn…” he said. “They nailed this. Well, that’s easy.” But I think that is even an understatement for how incredibly awesome this album is, and, doing one better, I don’t think many have grasped it yet, either. With their seventh album, these Swedes have found the perfect combination of their patented Opethian death metal chuggery, sadboi melodies, and creative dynamism, resulting in a sound rich in emotional depth with more digestible hooks than one can handle. I’m talking hooks—both riffs and vocal melodies—that dig deep into your psyche and never let go. They connect on a different level—a telltale sign we’re dealing with a classic. A decade from now, when In Mourning has hopefully amassed an even deeper discography, should the question arise—”What is the most essential melodeath album of the last ten years?”—I’m willing to bet The Immortal will be the resounding answer.
Honorable Mentions
- Mutagenic Host // The Diseased Machine – I miss Edge of Sanity with a passion, but Mutagenic Host’s The Diseased Machine is helping stem my longing—at least temporarily. These newcomers kicked off 2025 with an absolutely filthy dose of death metal that hasn’t stopped invading my playlist.
- Abigail Williams // A Void Within Existence – While 2019’s Walk Beyond the Dark was one hell of a record, A Void Within Existence may very well surpass it. Drummer Mike Heller codifies the attack, as Ken Sorceron and company unleash an all-out assault of crushing weight and unrelenting groove.
- Bianca // Bianca – Despite its late arrival hindering its consideration for a higher ranking, these Italians clearly have something special brewing with their self-titled debut. An enchanting mix of ethereality and chilling blackened soundscapes that is worth hearing immediately.
- Ambush // Evil in All Dimensions – Heavy metal group Ambush lived up to their name when they absolutely ambushed my ears and eyes with their nostalgic blend of 80’s Maiden, Priest, and Helloween, replete with their oh-so-tight fashion. Vocalist Oskar Jacobsson is poised to be the genre’s next colossal talent. Remember—you heard it here first.
- Fallujah // Xenotaph – Following the heavily criticized 2019 effort, Undying Light, it took six years for these tech-death masters to regroup and recalibrate. But Fallujah delivered a massive surprise with Xenotaph, easily one of their strongest—and best sounding—records to date. Here’s to hoping this reinvigorated momentum holds true.
Song o’ the Year
Ambush // “Bending the Steel” – This surprise pick eventually knocked …and Oceans’ “Prophetical Mercury Implement” from the top spot. It’s a brilliant piece of songwriting that would have immediately launched this act to superstardom had it only been released four decades earlier. 100% nostalgia and cold, hard steel.
#AndOceans #2025 #AbigailWilliams #Aephenamer #Agriculture #AlekhinesGunS #Ambush #AnAbstractIllusion #AncientDeath #AranAngmar #Atlantic #Besna #Bianca #BlogLists #Bloodletter #BlutAusNord #BuriedRealm #ClarkKentSAndOwlswaldSTopTenIshOf2025 #Cryptopsy #Deafheaven #EmpyreanSanctum #Fallujah #GreenCarnation #Harvested #ImperialTriumphant #InMourning #InTheWoods #Jade #Kalaveraztekah #KingWitch #LabryinthusStellarum #Lists #Messa #MutagenicHost #Oromet #Oskoreien #PhantomSpell #Phobocosm #PillarsOfCacophony #Skaldr #Teitanblood #Tómarúm #WingsOfSteel -
The Silent Breach: Why Your Security Gateway Can’t See the Malware in Your Images
3,217 words, 17 minutes read time.
The Invisible Threat: Why Modern Cybersecurity Cannot Afford to Ignore Digital Steganography
In the current era of high-frequency cyber warfare, the most effective weapon is not necessarily the one with the highest encryption standard, but the one that remains entirely undetected until the moment of execution. While the industry spends billions of dollars perfecting cryptographic defenses to ensure that intercepted data cannot be read, a more insidious technique is resurfacing in the arsenals of advanced persistent threats: steganography. Unlike encryption, which transforms a message into an unreadable cipher—essentially waving a red flag that says “this is a secret”—steganography focuses on concealing the very existence of the communication. By embedding malicious payloads, configuration files, or stolen credentials within seemingly mundane carriers like a digital photograph of a corporate headquarters or a standard text readme file, attackers are successfully bypassing traditional security perimeters. Analyzing recent threat actor behaviors reveals that this is no longer a niche academic curiosity but a foundational component of modern malware delivery and data exfiltration strategies.
The primary danger of digital steganography lies in its exploitation of trust and the inherent limitations of automated scanning tools. Most Security Operations Centers (SOCs) are tuned to identify known malicious file signatures, suspicious executable behavior, or anomalies in encrypted traffic. However, a JPEG or PNG file is generally viewed as benign, often passing through email gateways and firewalls with minimal scrutiny beyond a basic virus scan. When a hacker hides data inside these files, they are leveraging the “noise” of the digital world to mask their signal. This methodology allows for a level of persistence that is difficult to combat, as the malicious content does not reside in a separate file that can be easily quarantined, but is woven into the fabric of legitimate business assets. As we move further into a landscape defined by zero-trust architectures, understanding the technical mechanics of how these hidden channels operate is a prerequisite for any robust defense strategy.
The Mechanics of Deception: How Least Significant Bit (LSB) Encoding Exploits Image Data
To understand how a hacker compromises a digital image, one must first understand the underlying structure of digital color representation. Most common image formats, such as $24$-bit BMP or PNG, represent pixels using three color channels: Red, Green, and Blue (RGB). Each of these channels is typically allocated $8$ bits, allowing for a value range from $0$ to $255$. When an attacker utilizes Least Significant Bit (LSB) encoding, they are targeting the rightmost bit in that $8$-bit sequence. Because this bit represents the smallest incremental value in the color intensity, changing it from a $0$ to a $1$ (or vice versa) results in a color shift so infinitesimal that it is mathematically and visually indistinguishable to the human eye. For instance, a pixel with a Red value of $255$ ($11111111$ in binary) that is changed to $254$ ($11111110$) remains, for all practical purposes, the same shade of red to any casual observer or standard display monitor.
By systematically replacing these least significant bits across thousands of pixels, an attacker can embed an entire secondary file—such as a PowerShell script or a Cobalt Strike beacon—within the “carrier” image. The process begins by converting the malicious payload into a binary stream and then iterating through the pixel array of the target image, swapping the LSB of each color channel with a bit from the payload. A standard $1080\text{p}$ image contains over two million pixels, which provides ample “real estate” to hide significant amounts of data without causing the type of visual artifacts or “noise” that would trigger a manual review. Furthermore, because the overall file structure and headers of the image remain intact, the file continues to function perfectly as an image, successfully deceiving both the end-user and many signature-based detection systems that only verify if a file matches its declared extension.
The technical sophistication of LSB encoding can be further heightened through the use of pseudo-random number generators (PRNGs). Instead of embedding the data in a linear fashion from the first pixel to the last—which creates a detectable statistical pattern—the attacker can use a secret key to seed a PRNG that determines a non-linear path through the pixel map. This effectively scatters the hidden bits throughout the image in a way that appears as natural “entropy” or sensor noise to basic statistical analysis tools. Consequently, without the specific algorithm and the corresponding key used to embed the data, extracting the payload becomes a significant cryptographic challenge. This layer of complexity ensures that even if a file is suspected of harboring a payload, proving its existence and retrieving the contents requires specialized steganalysis techniques that are often outside the scope of standard incident response.
Beyond Pixels: Hiding Payloads in Image Metadata and Headers
While LSB encoding focuses on the visual data of an image, a more straightforward and increasingly common method involves the exploitation of non-visual data segments, specifically headers and metadata fields. Every modern image file contains a variety of metadata, such as Exchangeable Image File Format (EXIF) data, which stores information about the camera settings, GPS coordinates, and timestamps. Attackers have recognized that these fields, intended for descriptive text, are essentially unregulated storage bins that can hold malicious strings. By injecting base64-encoded commands or encrypted URLs into the “Artist,” “Software,” or “Copyright” tags of an image, a threat actor can provide instructions to a piece of malware already residing on a victim’s machine. The malware simply “phones home” by downloading a benign-looking image from a public site like Imgur or GitHub and then parses the EXIF data to find its next set of instructions.
This technique is particularly effective for maintaining Command and Control (C2) infrastructure because it mimics legitimate web traffic. A firewall is unlikely to block an internal workstation from reaching a common image-hosting domain, and the payload itself is never “executed” in the traditional sense; it is merely read as a string by a separate process. Beyond standard metadata, hackers also target the internal structure of the file format itself, such as the “Comment” segments in JPEGs or the “chunks” in a PNG file. PNG files are organized into discrete blocks of data—such as IHDR for header information and IDAT for the actual image data—but the specification also allows for “ancillary chunks” (like tEXt or zTXt) which are ignored by most image viewers. An attacker can create custom, non-critical chunks that contain large volumes of data, effectively turning a simple icon into a delivery vehicle for a multi-stage malware dropper.
One of the most dangerous manifestations of this header manipulation is the creation of “polyglot” files. A polyglot is a file that is valid under two different file formats simultaneously. For example, a skilled attacker can craft a file that begins with the “Magic Bytes” of a GIF file (e.g.,
47 49 46 38), ensuring that any image viewer or web browser treats it as a graphic, but also contains a valid Java Archive (JAR) or a web-based script further down in its structure. When this file is handled by a browser, it displays as an image, but if it is passed to a script interpreter or a specific application vulnerability, it executes as code. This dual-identity approach creates a massive blind spot for security products that rely on file-type identification to apply security policies. By blending the executable logic with the static data of an image, hackers have successfully created “stealth” files that are nearly impossible to categorize correctly without deep, byte-level inspection of the entire file body.Text-Based Subversion: Linguistic Steganography and Zero-Width Characters
While the manipulation of high-entropy image files provides a vast playground for hiding data, hackers often prefer the simplicity and ubiquity of text files to evade modern detection engines. Text-based steganography is particularly dangerous because it exploits the very foundation of digital communication: the way we render characters on a screen. One of the most sophisticated methods involves the use of Unicode zero-width characters. These are non-printing characters, such as the Zero-Width Joiner (U+200D) or the Zero-Width Space (U+200B), which are designed to handle complex ligatures or invisible word breaks. Because these characters have no visual width, they are completely invisible to a human reading a text file or an administrator viewing a configuration script. However, to a computer, they are distinct pieces of data. An attacker can map these invisible characters to binary values—for instance, using a Zero-Width Joiner to represent a ‘1’ and a Zero-Width Non-Joiner to represent a ‘0’—allowing them to embed an entire encoded script inside a perfectly normal-looking README.txt file or even a social media post.
Beyond the use of “invisible” characters, hackers frequently leverage whitespace steganography, a technique that hides information in the trailing spaces and tabs of a document. In environments where source code is frequently moved between developers, a file containing extra spaces at the end of lines is rarely viewed with suspicion; it is usually dismissed as poor formatting or a byproduct of different text editors. Tools like “Snow” have long been used to conceal messages in this manner, effectively turning the “empty” space of a document into a covert storage medium. This is particularly effective in bypassing Data Loss Prevention (DLP) systems that are programmed to look for specific keywords or patterns of sensitive data like credit card numbers. By breaking a sensitive string into binary and hiding it as a series of tabs and spaces within a large corporate policy document, the data can be exfiltrated without triggering any signature-based alarms, as the document’s visible content remains entirely benign and policy-compliant.
Linguistic steganography represents the peak of this deceptive art, shifting the focus from bit-level manipulation to the nuances of human language itself. Rather than relying on technical “glitches” or hidden characters, this method involves altering the structure of sentences to carry a hidden message. By using a pre-defined dictionary and specific grammatical variations, an attacker can construct sentences that appear natural but encode specific data points based on word choice or sentence length. For example, a seemingly innocent email about a lunch meeting could, through a specific arrangement of adjectives and nouns, encode the IP address of a new Command and Control server. This form of “mimicry” is incredibly difficult for automated systems to detect because it does not involve any unusual file properties or illegal characters. It relies on the semantic flexibility of language, making it one of the most resilient forms of covert communication available to sophisticated threat actors who need to maintain long-term, low-profile access to a target network.
Real-World Weaponization: Case Studies in Malware and Data Exfiltration
The transition of steganography from a theoretical concept to a primary weapon in the wild is best illustrated by the evolution of exploit kits and state-sponsored campaigns. One of the most notorious examples is the Stegano exploit kit, which gained notoriety for hiding its malicious logic within the alpha channel of PNG images used in banner advertisements. The alpha channel, which controls the transparency of pixels, provides a perfect hiding spot because small variations in transparency are virtually impossible for a human to see against a standard web background. By embedding encrypted code in these advertisements, the attackers were able to redirect users to malicious landing pages without the users ever clicking a link or the ad-networks ever detecting the payload. This “malvertising” campaign demonstrated that steganography could be scaled to target millions of users simultaneously, turning the visual infrastructure of the internet into a delivery system for ransomware and banking trojans.
Advanced Persistent Threat (APT) groups, such as the North Korean-linked Lazarus Group, have refined these techniques to maintain persistence within highly secured environments. In several documented campaigns, Lazarus utilized BMP (bitmap) files to deliver second-stage malware. These images, often disguised as legitimate documents or icons, contained encrypted DLL files hidden within their pixel data. Once the initial dropper was executed on a victim’s machine, it would download the BMP file, extract the hidden bytes from the image data, and load the malicious DLL directly into memory. This “fileless” approach is a nightmare for traditional antivirus solutions because the malicious code never exists as a standalone file on the disk; it is only reconstructed at runtime from the components hidden within the benign image. This method effectively neutralizes most perimeter defenses that rely on file-scanning, as the image file itself is technically valid and non-executable.
The use of steganography is not limited to the delivery of malware; it is equally effective for the silent exfiltration of sensitive data. During a major breach of a global financial institution, investigators discovered that insiders were using high-resolution digital photographs to smuggle proprietary trading algorithms out of the network. By using LSB encoding to hide the source code within the photos of “office pets” and “company outings,” the attackers were able to bypass DLP systems that were specifically tuned to block the transmission of code-like text or large archives. Because the files remained valid JPEGs, they were permitted to be uploaded to personal cloud storage and social media accounts. This highlights a critical flaw in many modern security architectures: the assumption that if a file looks like an image and acts like an image, it is nothing more than an image. These real-world cases prove that steganography is the ultimate tool for bypassing the “secure” perimeters that organizations rely on.
Detection and Defiance: The Technical Challenges of Steganalysis
Detecting the presence of hidden data within a carrier file, a field known as steganalysis, is a game of statistical probability rather than binary certainty. Unlike traditional virus detection, which relies on matching a file’s hash or signature against a database of known threats, steganalysis must look for anomalies in the file’s expected data distribution. One of the most common technical approaches is the use of Chi-squared ($\chi^2$) tests, which analyze the distribution of pixel values in an image. In a natural, unmodified image, the frequency of adjacent color values tends to follow a predictable pattern. However, when an attacker injects a binary payload into the Least Significant Bits, they introduce a level of artificial entropy that flattens this distribution. This statistical “signature” of randomness is often the only clue that an image has been tampered with. Specialized tools can scan directories of images, flagging those with an unusually high degree of LSB entropy for further investigation by forensic analysts.
Despite the power of statistical analysis, defenders face a significant hurdle known as the “Clean Image” problem. Steganalysis is exponentially more accurate when the analyst has access to the original, unmodified version of the file for comparison. Without this baseline, it is remarkably difficult to prove that a slight color variation or a specific metadata string is a malicious injection rather than a byproduct of the camera’s sensor noise or a specific compression algorithm. Furthermore, as attackers shift toward more sophisticated embedding methods—such as spread-spectrum steganography, which distributes the payload across many different frequencies within the image data—traditional statistical tests often fail. These techniques mimic the natural noise of the medium so closely that the signal-to-noise ratio becomes nearly impossible to decipher without the original key. This mathematical reality means that for many organizations, detection is not a scalable solution; instead, the focus must shift toward proactive neutralization.
Proactive defense, or “active warden” strategies, involve the automated sanitization of all incoming media files to ensure that any potential hidden channels are destroyed. Rather than trying to detect if a file is “guilty,” security gateways can be configured to “clean” every file by default. For images, this might involve re-compressing a JPEG, which slightly alters pixel values and effectively wipes out LSB-embedded data. For text files, a “sanitizer” can strip out all non-printing Unicode characters and normalize whitespace, effectively neutralizing zero-width character attacks. In high-security environments, some organizations go as far as “image flattening,” where an image is rendered into a canvas and then re-captured as a completely new file, ensuring that only the visual information survives and any hidden binary logic in the headers or metadata is discarded. This “zero-trust” approach to media handling is the only way to reliably defeat an adversary that specializes in hiding in plain sight.
Conclusion: The Future of Covert Channels in an AI-Driven World
The arms race between steganographers and security researchers is entering a new, more volatile phase driven by the rise of generative artificial intelligence. We are moving beyond the era of simply “hiding” data in existing files toward the era of “generative steganography,” where AI models can create entirely new, high-fidelity images or text blocks specifically designed to house a hidden payload from their very inception. These AI-generated carriers can be engineered to be statistically perfect, matching the expected entropy of a natural file so precisely that traditional steganalysis tools are rendered obsolete. As attackers begin to use Large Language Models (LLMs) to generate “innocent” emails that encode complex command-and-control instructions within the very flow of the prose, the challenge for defenders will shift from technical detection to semantic analysis. The “invisible” threat is becoming smarter, more adaptive, and more integrated into the standard tools of digital communication.
Ultimately, the resurgence of steganography serves as a critical reminder that cybersecurity is as much about psychology and subversion as it is about bits and bytes. By focusing exclusively on the “gates” of our networks—the firewalls, the encryptions, and the passwords—we have left the “windows” of our daily digital interactions wide open. A JPEG is rarely just a JPEG, and a text file is rarely just text. As long as there is a medium for communication, there will be a way to subvert it for covert purposes. For the modern security professional, the lesson is clear: true security requires a healthy skepticism of even the most benign-looking assets. Implementing deep-file inspection, automated media sanitization, and a rigorous zero-trust policy for all file types is no longer an optional luxury; it is a fundamental necessity in a world where the most dangerous threats are the ones you can’t see.
Call to Action
If this breakdown helped you think a little clearer about the threats out there, don’t just click away. Subscribe for more no-nonsense security insights, drop a comment with your thoughts or questions, or reach out if there’s a topic you want me to tackle next. Stay sharp out there.
D. Bryan King
Sources
NIST SP 800-101 Rev. 1: Guidelines on Mobile Device Forensics (Steganography Overview)
MITRE ATT&CK: Steganography (T1027.003)
CISA Analysis Report (AR21-013A): Malicious Steganography in SolarWinds Aftermath
Verizon 2024 Data Breach Investigations Report (DBIR)
Kaspersky: Steganography in Contemporary Cyberattacks
Mandiant: Sophisticated Steganography in Targeted Attacks
SentinelOne: Digital Steganography and Malware Persistence
Krebs on Security: Malware Hides in Plain Sight via Steganography
Palo Alto Unit 42: Steganography in the Wild
McAfee Labs: The Art of Hiding Data Within Data
SANS Institute: Steganography – Hiding Data Within Data
Dark Reading: Why Steganography is the Next Frontier
Center for Internet Security (CIS): The Basics of Steganography
IEEE Xplore: A Review on Image Steganography TechniquesDisclaimer:
The views and opinions expressed in this post are solely those of the author. The information provided is based on personal research, experience, and understanding of the subject matter at the time of writing. Readers should consult relevant experts or authorities for specific guidance related to their unique situations.
Related Posts
Rate this:
#APTTechniques #binaryEncoding #C2Channels #chiSquaredTest #CISAReports #commandAndControl #covertCommunication #cyberDefense #cyberThreats #cyberWarfare #cybersecurity #dataExfiltration #dataLossPrevention #digitalForensics #digitalWatermarking #DLPBypass #encryptionVsSteganography #entropyAnalysis #EXIFData #exploitKits #fileSanitization #filelessMalware #forensicAnalysis #GIFAR #hiddenPayloads #hiddenScripts #imageSteganography #informationHiding #LazarusGroup #leastSignificantBit #linguisticSteganography #LSBEncoding #maliciousImages #malwareDetection #malwarePersistence #memoryInjection #metadataExploitation #MITREATTCK #networkSecurity #NISTSP800101 #obfuscation #payloadDelivery #pixelManipulation #polyglotFiles #RGBPixelData #securityResearch #SOCAnalyst #statisticalAnalysis #steganalysis #SteganoExploitKit #steganography #technicalDeepDive #textSteganography #threatHunting #UnicodeExploits #whitespaceSteganography #zeroTrust #zeroWidthCharacters