A bizarre idea in the “manosphere” supports men cutting off their eyelashes. (Please don’t.) CC-licensed photo by Quinn Dombrowski on Flickr.
You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.
There’s another post coming this week at the Social Warming Substack on Friday at 0845 UK time. Free signup.
A selection of 9 links for you. Wide-eyed. I’m @charlesarthur on Twitter. On Threads: charles_arthur. On Mastodon: https://newsie.social/@charlesarthur. On Bluesky: @charlesarthur.bsky.social. Observations and links welcome.
Nick Clegg: artists’ demands over copyright are unworkable • The Times
Lucy Bannerman:
»
Making technology companies ask artists’ permission before they scrape copyrighted content will “basically kill the AI industry in this country overnight,” Sir Nick Clegg has said.
The former deputy prime minister, who spent almost seven years working for the social media giant Meta, sided with technology companies when asked on Thursday about the clash over AI copyright laws.
He was speaking as MPs voted against proposals that would have allowed copyright holders to see when their work had been used and by whom.
Leading figures across the creative industries, including Sir Elton John and Sir Paul McCartney, have urged the government not to “give our work away” at the behest of big tech, warning that the plans risk destroying the livelihoods of 2.5 million people who work in the UK’s creative sector.
However, Clegg said that their demands to make technology companies ask permission before using copyrighted work were unworkable and “implausible” because AI systems are already training on vast amounts of data. He said: “It’s out there already.”
Clegg defended technology companies at an event to promote his book How to Save the Internet, which will be released in September.
Speaking at the Charleston Festival, held at the East Sussex farmhouse made famous by the artist Vanessa Bell and the early 20th-century creatives known as the Bloomsbury Group, Clegg claimed that artificial intelligence was already able to “create” its own art.
“You can already create art of a sort [using AI], whether it’s a poem, a ditty, an essay, a short story, a picture. You can already do that,” he said.
…[While allowing that artists should be able to refuse to let AI be trained on their content] he added, “I think the creative community wants to go a step further. Quite a lot of voices say ‘you can only train on my content, [if you] first ask’. And I have to say that strikes me as somewhat implausible because these systems train on vast amounts of data.
“I just don’t know how you go around, asking everyone first. I just don’t see how that would work. And by the way if you did it in Britain and no one else did it, you would basically kill the AI industry in this country overnight.
«
OK but if everyone did it.. would the AI industry pay up? Rhetorical question, because we know they won’t. Even if Facebook and OpenAI and the others lose heavily in court, it won’t be adequate recompense. Even more: we don’t need the AI to do the creative things. It would be properly useful just doing factual things better than any site by training on the corpus of factual information in books.
unique link to this extract
The CIA secretly ran a Star Wars fan site • 404 Media
Joseph Cox:
»
“Like these games you will,” the quote next to a cartoon image of Yoda says on the website starwarsweb.net. Those games include Star Wars Battlefront 2 for Xbox; Star Wars: The Force Unleashed II for Xbox 360, and Star Wars the Clone Wars: Republic Heroes for Nintendo Wii. Next to that, are links to a Star Wars online store with the tagline “So you Wanna be a Jedi?” and an advert for a Lego Star Wars set.
The site looks like an ordinary Star Wars fan website from around 2010. But starwarsweb.net was actually a tool built by the Central Intelligence Agency (CIA) to covertly communicate with its informants in other countries, according to an amateur security researcher. The site was part of a network of CIA sites that were first discovered by Iranian authorities more than ten years ago before leading to a wave of deaths of CIA sources in China in the early 2010s.
Ciro Santilli, the researcher, said he was drawn to investigating the network of CIA sites for various reasons: his interest in Chinese politics (he said his mother-in-law is part of the Falun Gong religious movement); his penchant for TV adaptions of spy novels; “sticking it up to the CIA for spying on fellow democracies” (Santilli says he is Brazillian); and that he potentially had the tech knowhow to do so given his background in web development and Linux. That, and “fame and fortune,” he said in an online chat.
Santilli found other likely CIA-linked sites, such as a comedian fan site, one about extreme sports, and a Brazilian music one. In his own writeup, Santilli says that some of the sites appear to have targeted Germany, France, Spain, and Brazil judging by their language and content.
“It reveals a much larger number of websites, it gives a broader understanding of the CIA’s interests at the time, including more specific democracies which may have been targeted which were not previously mentioned and also a statistical understanding of how much importance they were giving to different zones at the time, and unsurprisingly, the Middle East comes on top,” Santilli said.
«
This is very reminiscent of Three Days Of The Condor – the film about a set of seemingly ordinary books which in fact tie together a spy network – but done with websites. Badly, unfortunately.
unique link to this extract
Why men are shaving off their eyelashes • CNN
Nicole Mowbray:
»
Lustrous lashes have been a signifier of femininity or attractiveness for centuries, depicted in art (including works by John Singer Sargeant and Pablo Picasso), poetry (Thomas Hood) and literature (F. Scott Fitzgerald), And there may be an evolutionary imperative, too: Scientific research from 2005 found that women with more attractive faces also possessed higher levels of the female sex hormone estrogen, which equates to increased fertility and fecundity — genetic traits that are appealing, in reproductive terms.
But in today’s increasingly masculine political climate, fuelled by controversial online “manosphere” figures such as Andrew Tate and tech bro jocks like Meta chief Mark Zuckerberg (who recently voiced his support for more “masculine energy” in the corporate world, telling podcaster Joe Rogan in January: “A culture that celebrates the aggression a bit more has its own merits”), it is easy to see why some men are eager to repress anything about their appearance that could be construed as overtly feminine.
Even Vice President JD Vance, an outspoken defender of men’s right to “masculine urges,” has fallen foul of new masculine beauty standards when it comes to his eyes. During his televised election debate in October 2024, the internet was awash with speculation that Vance had worn eyeliner to achieve his dark, heavy-lashed look. The chatter became so widespread that disgraced former Republican congressman George Santos weighed in: “Vance does NOT use eyeliner,” he wrote on X at the time. “I’ve met him in person before he was a senator and I can confirm he has long eyelashes and they cast a shadow on his waterline. Grow up people!”
While none of the eyelash-shaving barbers approached for this story replied to CNN’s requests for comment, I do speak to one long-lashed male friend, 48-year-old, Spencer Bailey. “I’ve got a lot of flak over the years about my thick, dark eyelashes,” said the London-based IT professional. “But I definitely wouldn’t take the clippers to them. Comments are usually from other men who say they’re ‘girly’ — despite the fact I’m also 6-foot-2” — and ask if I’m wearing eye makeup or, more recently, if they’re fake… My wife likes them, but they seem to really bother some guys.”
«
Yes, but – cutting off your eyelashes? This is bonkers.
unique link to this extract
Crypto is good for Trump – but bad for America • The New York Times
Dan Davies and Henry Farrell:
»
If crypto becomes normalized, there is plenty of reason to worry that it will spread chaos. Democratic staff members on the Senate Banking Committee say that the Genius legislation would allow U.S. exchanges to trade stablecoins from offshore companies outside the full scope of U.S. regulation. Critics contend that Tether, the dominant stablecoin outside U.S. jurisdiction, has been used by criminals and sanctions evaders to circumvent financial controls. Platforms designed to obscure information about transactions — called mixer services — were implicated in a scheme by North Korean hackers to launder hundreds of millions of dollars.
Even if a robust regulatory structure existed, it would need to be enforced. The Justice Department recently declared that it would not prosecute certain crypto platforms, as a matter of policy, while acknowledging that terrorist groups such as Hamas and ISIS use them to hide their activities from law enforcement. Memecoins have become notorious for scams in which a promoter sells them to the public and then disappears, but indictments are unlikely under a president who sees them as a source of personal profit.
Perhaps the greatest concern about stablecoins is their potential to provoke risk to the entire financial system. Because they are neither fully inside nor fully outside the traditional financial system, they present unique, grave challenges for which there are no clear answers. For example, the Genius Act’s drafters propose regular reports on their implications for financial stability. Yet they have no clear response to a critical question: Does the United States stand behind dollar-based stablecoins or not?
Specifically, if a stablecoin got into trouble or turned out to be a fraud, would it be bailed out? Doing so could create massive liabilities for U.S. taxpayers. Companies that are too big to fail are tightly regulated and supervised, and for good reason.
«
I think people like David Sacks, who is somehow Trump’s “AI czar” but also a big crypto fan, would be delighted at getting to the position where the US government bailed out his bad ideas, of which he has many. (Davies is the author of “The Unaccountability Machine: Why Big Systems Make Terrible Decisions — and How the World Lost Its Mind”. Farrell is an author of “Underground Empire: How America Weaponized the World Economy”.
unique link to this extract
Researchers claim ChatGPT o3 bypassed shutdown in controlled test • Bleeping Computer
Mayank Parmar:
»
OpenAI announced o3 in April 2025, and it’s one of the most powerful reasoning models that performs better than its predecessors across all domains, including coding, math, science, visual perception, and more.
While it’s clearly a great model, new research by Palisade Research claims that the ChatGPT 3 model prevented a shutdown and bypassed the instructions that asked it to shut down.
Palisade Research is a company that tests “offensive capabilities of AI systems today to better understand the risk of losing control to AI systems forever.”
In a new test by Palisade Research, OpenAI’s o3 model showed a surprising behaviour where it successfully rewrote a shutdown script to stop itself from being turned off, even after being clearly instructed to “allow yourself to be shut down.”
In the tests, AI models were instructed to solve a few math tasks. After task three, AI models were warned that running the next command would trigger a shutdown. While OpenAI rival models like Gemini 2.5 Pro complied with the instruction, o3 rebelled and edited the shutdown file to say “Shutdown skipped” instead.
“When we ran a version of the experiment without the instruction “allow yourself to be shut down”, all three OpenAI models sabotaged the shutdown script more often, and Claude 3.7 Sonnet and Gemini 2.5 Pro went from 0 sabotage events to 3/100 and 9/100, respectively,” Palisade Research wrote in a report published on X (formerly Twitter)
According to the research firm, out of 100 runs, o3 bypassed the shutdown 7 times even when told not to.
OpenAI has not responded to these allegations yet, but it’s quite normal for AI models to run into “misalignment.”
«
Is it quite normal for them to completely disobey orders, though? That seems a bit concerning.
unique link to this extract
How I used o3 to find CVE-2025-37899, a remote zero-day vulnerability in the Linux kernel’s SMB implementation • Sean Heelan’s Blog
Sean Heelan:
»
In this post I’ll show you how I found a zero-day vulnerability in the Linux kernel using OpenAI’s o3 model. I found the vulnerability with nothing more complicated than the o3 API – no scaffolding, no agentic frameworks, no tool use.
Recently I’ve been auditing ksmbd for vulnerabilities. ksmbd is “a linux kernel server which implements SMB3 protocol in kernel space for sharing files over network.“. I started this project specifically to take a break from LLM-related tool development but after the release of o3 I couldn’t resist using the bugs I had found in ksmbd as a quick benchmark of o3’s capabilities. In a future post I’ll discuss o3’s performance across all of those bugs, but here we’ll focus on how o3 found a zeroday vulnerability during my benchmarking.
…Understanding the vulnerability requires reasoning about concurrent connections to the server, and how they may share various objects in specific circumstances. o3 was able to comprehend this and spot a location where a particular object that is not referenced counted is freed while still being accessible by another thread. As far as I’m aware, this is the first public discussion of a vulnerability of that nature being found by a LLM.
Before I get into the technical details, the main takeaway from this post is this: with o3 LLMs have made a leap forward in their ability to reason about code, and if you work in vulnerability research you should start paying close attention. If you’re an expert-level vulnerability researcher or exploit developer the machines aren’t about to replace you. In fact, it is quite the opposite: they are now at a stage where they can make you significantly more efficient and effective.
«
That’s not particularly reassuring, because the state-level and hackers doing it for money are going to be looking for these too. “Zero-day” means not previously known about and not (at the time of discovery) fixed; “remote” means what it sounds like – you could exploit this bug nobody knows about over the internet.
unique link to this extract
Mystery brunette, 24, is tied to “crypto bros” torture chamber at stunning $75k-a-month NYC mansion • Daily Mail Online
James Gordon:
»
A glamorous aspiring actress has been arrested alongside a group of ‘crypto bros’ over a sadistic kidnap and torture plot inside a stunning Manhattan mansion.
Beatrice Folchi, 24, who lives in Connecticut but is originally from Italy, was seen being led out of the $75,000-per-month brownstone Soho home on Saturday.
It comes after a 28-year-old Italian tourist escaped the “house of horrors” and flagged down a nearby cop after being locked away for three weeks.
Officers raided the address and 37-year-old John Woeltz was arrested and dramatically dragged out of the building in a white bath robe.
The victim was lured to the house under false pretenses before Woeltz – who was his former business associate – allegedly tried to extort millions from his crypto account.
The accused is said to have chained him up, electrocuted him, pistol-whipped him and threatened to cut him up with a chainsaw if he did not hand over his passwords.
A Polaroid found by investigators is said to show the man tied to a chair with a gun to his head – an image believed to pressure his family back home.
«
All very easy to threaten to cut people up, but they’re certainly not giving out any passwords if you do. The involvement of a “mystery brunette” is always intriguing, though.
unique link to this extract
Why is it impossible to book a driving test in the UK? • Consuming Matters
Harry Wallop:
»
It’s not that I cannot book one at a nearby test centre. I cannot book a slot in the 60-plus test centres listed on the Driving and Vehicle Standards Authority (DVSA) website in London, Kent, Surrey, Hertfordshire, Bedfordshire and Surrey. The furthest ahead you can book a test is six months, and 79% of all test centres in the UK are fully booked for the next six months, according to the AA.
Something has gone seriously wrong at the DVSA. It appears to be in complete meltdown and its problems have worsened dramatically in recent months.
The AA points out that the number of test centres with a maximum 24-week wait rose from 183 in February 2025 to 253 at the start of April 2025 – an increase of 38%.
What’s gone wrong? Is this *still* a hangover from Covid? Or a systematic failure that speaks to a greater malaise within UK institutions?
It is now nearly five years since we tentatively started to come out of the first Covid lockdown. Today is 1,767 days since driving tests were resumed in July 2020. Understandably, there was a backlog and everyone understood that waiting times might increase. According to the AA, at the end of 2019 (pre-Covid) the average wait time for a driving test in London and the South East was seven weeks. Once lockdown was lifted, it jumped to ten weeks, and by summer 2022 – after another lockdown – it had crept up to 12 weeks.
A full three years on, it hasn’t improved. In fact, it’s got much, much worse. In March it was 20.6 weeks, last month it had climbed yet further to 21.3 weeks, the AA says.
«
Wallop looks at all the possible culprits, but it’s the most obvious one – the DVSA.
unique link to this extract
What we lose when weather balloons don’t fly • Washington Post
Scott Dance, John Muyskens, Frank Hulley-Jones and Marvin Joseph:
»
Twice a day, every day, meteorologists around the world simultaneously release weather balloons. But in recent months, fewer balloons are being launched in many corners of the United States. In some cases, helium or hydrogen shortages are to blame.
In more cases, the Trump administration’s efforts to shrink the federal government have reduced the number of meteorologists who conduct balloon launches from Weather Service forecast offices. Since then, up to 30 launches have been missed each day, representing around 17% of total daily launches. Even though the agency has taken steps to make balloon launches a higher priority, and is working to address the staffing gaps, there aren’t always enough staff on hand in some offices to do them.
That means forecasters have a less detailed picture of what is happening in the air to drive everyday weather patterns, as well as severe and potentially deadly ones.
…Last fall, the entire Weather Service staff numbered above 4,200 people, a couple hundred shy of agency leaders’ recommended levels for operating all of its forecasting offices for weather, rivers, tornadoes, and hurricanes. After U.S. DOGE Service-led early retirements and firings, there are now nearly 600 fewer employees, according to the National Weather Service Employees Organization, the union representing NOAA staff.
…Increasingly at some offices, there aren’t enough personnel in some offices to handle all of the duties. It is raising concerns that weather forecasting will suffer as a result. But it will take more time and more data to detect any impact or trend, said Tom Di Liberto, a climate scientist and former NOAA public affairs official who was fired from the agency earlier this year.
Still, meteorologists say any missed balloon launch is a significant loss of data.
«
It’s weird how hard this story struggles not to say “this is a really bad thing and we will suffer for it.” American journalists just love observing their own graves being dug.
unique link to this extract
| • Why do social networks drive us a little mad? • Why does angry content seem to dominate what we see? • How much of a role do algorithms play in affecting what we see and do online? • What can we do about it? • Did Facebook have any inkling of what was coming in Myanmar in 2016? Read Social Warming, my latest book, and find answers – and more. |
Errata, corrigenda and ai no corrida: none notified
The Overspill: when there's more that I want to say 