There is a good reason to use AES-256 instead of AES-128, whenever practical: you will never have to have an option for configuring this.

I believe most AWS outside of TLS load balancing unconditionally uses AES-256.

Does any vendor charge extra for AES-256 over AES-128 for terminating TLS? It would be interesting to see how much (little), if any, measurable performance difference there is, for commercial CDNs/load balancers.

It’d be good to see the mobile phone battery hit measurements.

The number of folks saying there's no way the name 'GIMP' ever stopped anyone from using or contributing to it is extraordinary.

I have *never* been in an office that has allowed me to install GIMP. Never. I have never even been able to get past the sniff of a pitch about GIMP.

Because of the name.

The level of disconnect people have with basic reality is refreshing. What is their world like?

Holy shit, look at this.

New renewables, installed in just the last year, met _all_ new demand for electricity globally. Battery costs dropped 20% in 2024 and another 45% in 2025. Fossil generation is dropping in China and India and that drop is not slowing down at all.

My god, look at these fucking graphs. Look at them.

We are still in this game.

https://ember-energy.org/app/uploads/2026/04/Global-Electricity-Review-2026.pdf

On the topic of software enshittification and AI upsell: I'm used to Chrome doing vile Google stuff, I'm used to stupid paid bookmarks in Firefox, but I'm scared by what Firefox has became. I run Debian-oldstable, OpenBSD and NetBSD, and in all of them Firefox has clickbait links in new tabs and "AI search" and the likes. The one shipped with Debian also spooked me with "Chat with this tab". How did we end up here 🥲

Edit: yes, by all means, use good forks, and encourage others to use good forks, but don't forget that most people won't use a fork, and thus it is important to keep pushing for upstream to be good and ethical

Does anyone need a 3.5" to 2.5" drive bay adaptor bracket? For incomprehensible supply chain reasons a two-pack was cheaper than just one. 8x mounting screws included.

Free to anyone who will use it. Will hand off at a mutually convenient public location in the Pittsburgh metro area, or mail to any address in the USA (overseas postage would cost me more than twice what I paid for the brackets in the first place).

If you market a machine that “cooks for you,” a chef will never buy it.

This is called identity threat, one of the four reasons why people resist adopting AI.

Reframed: The machine doesn't cook for you. It makes you a faster, more efficient chef.

Our CEO Dan Guido's full playbook on how we went from 95% resistance to 80-95% weekly Claude usage within a year: https://blog.trailofbits.com/2026/03/31/how-we-made-trail-of-bits-ai-native-so-far/