Today's content clusters around two themes: the organizational reality of deploying AI in enterprises (Thompson's mainframe analogy, plus a set of Willison observations on the practitioner side), and the chip supply-chain constraint that is forcing Apple into Intel's arms.

---

Ben Thompson — Enterprise AI deployment looks like 1970s mainframe consulting, not SaaS

Thompson opens by noting that on Monday OpenAI launched the "OpenAI Deployment Company" — majority owned by OpenAI, seeded with more than $4 billion, and bootstrapped via the acquisition of Tomoro, a 150-engineer AI consulting firm whose clients include Mattel, Red Bull, and Tesco. By Tuesday, Google Cloud had announced its own wave of "forward deployed engineers" to be embedded at customer sites. Thompson acknowledges the obvious irony — AGI apparently requires armies of humans to deploy — then reframes it as confirmation of a thesis he published in 2024.

That thesis: the proper historical analogy for enterprise AI is not the internet, but the 1970s mainframe wave. Agents aren't copilots that augment employees; they are replacements that do work in place of humans, with the decision made top-down by the executive suite. The "enterprise philosophy" is motivated by the buyer, not the user, and its goal is unambiguous: increase revenue, cut costs. Executives will run expected-value calculations on agentic error rates. Rank-and-file buy-in is not required. This is how the mainframe was sold, and it is how AI will be sold.

The data readiness problem is where Thompson grounds the deployment-company bet. Revisiting his earlier Palantir thesis, he quotes Google Cloud chief Thomas Kurian dismissing Palantir comparisons while describing something remarkably similar: a "Knowledge Catalog" that uses Gemini to read documents, extract structure, and map that structure to database tables so that agents can answer grounded queries. Thompson's reaction: "Well, so much for not needing humans!" Kurian meant that Gemini builds the graph so humans don't have to do it manually — but forward deployed engineers are still required to get the graph functional. Thompson's broader point is that the data-readiness work Palantir pioneered is exactly what the deployment companies are being hired to do, just with newer tooling. The gap that keeps humans in the loop is not model capability, it's data.

Thompson closes with a structural observation worth sitting with: "AI is creating the need for new kinds of jobs. It's almost as if the world is more dynamic, and pure intelligence, unadulterated by what already exists, is more static, than the most pessimistic prognosticators may have anticipated." The deployment companies are evidence that the transition will be long, unglamorous, and deeply human — at least for the first wave.

---

Ben Thompson — Apple's TSMC capacity crunch is the real forcing function behind the Intel deal

The Wall Street Journal reported a preliminary manufacturing agreement between Apple and Intel; earlier reporting (Ming-Chi Kuo) suggested Intel's 18A process would be used for Apple's most basic M-series chips. Thompson dispatches the geopolitical and concentration-risk framings and goes straight to the economic one: Apple has spent 2 consecutive quarters unable to satisfy demand because it cannot secure enough advanced-node capacity from TSMC. CEO Tim Cook flagged this explicitly on the last earnings call, naming the Mac mini, Mac Studio, and MacBook Neo as supply-constrained; Thompson's read is that Apple pulled capacity from Mac to feed iPhone 17 Pro production, and ended up short on both.

The structural cause is that AI infrastructure buildout — training and inference workloads at hyperscale — has consumed so much of TSMC's advanced-node capacity that TSMC's largest consumer-electronics customer can no longer reliably get what it needs. Thompson had predicted this specific outcome in his "TSMC Risk" essay: companies stuck with TSMC because it was better and more service-centric, but that avoidance incurred the risk of TSMC's monopoly preventing them from capturing AI's full value — not through geopolitical disruption, but through ordinary supply scarcity. That risk has now materialized in Apple's P&L as foregone revenue across multiple product lines.

The Intel deal is therefore not primarily a geopolitical hedge; it is Apple resolving a supply constraint with the only other fabricator capable of advanced-node production. Thompson argues Intel gets the single most important thing it needs to become viable — its most historically significant former customer — not from government pressure, but from TSMC's own failure to invest aggressively enough to match AI demand.

---

Simon Willison — llm 0.32a2 surfaces interleaved reasoning tokens for GPT-5-class models

The 0.32a2 alpha of Willison's `llm` CLI tool includes a meaningful routing change: most reasoning-capable OpenAI models now use the `/v1/responses` endpoint instead of `/v1/chat/completions`, which enables interleaved reasoning across tool calls for GPT-5-class models. In practice, summarized reasoning tokens are now visible in terminal output (displayed in a distinct color), with `-R` / `--hide-reasoning` flags to suppress them.

This is a small but real observability gain. The `/v1/responses` endpoint is OpenAI's intended interface for reasoning models with built-in tool use; routing through it means developers using `llm` can now inspect the model's chain-of-thought during multi-step agentic tasks, not just read final outputs. For practitioners debugging why an agent made a particular tool call, that visibility matters.

---

Simon Willison — Quoting Mitchell Hashimoto: TDMs buy analyst trends, not technical substance

Willison surfaces a sharp claim from Mitchell Hashimoto (of Ghostty and HashiCorp fame) about enterprise technology purchasing. Hashimoto's argument: most Technical Decision Makers (TDMs) are motivated primarily by not getting fired, which means they follow Gartner and McKinsey rather than Lobste.rs or weekend GitHub commits. If Gartner says "AI strategy" is the priority and McKinsey frames it as "context management," then labeling your product "Context Engine for AI Apps" is what gets it purchased — independent of whether that label has any technical grounding.

The observation is brief but pointed. It explains why enterprise AI adoption can be simultaneously real (budgets are moving) and theatrical (what gets bought often doesn't map to capability). It also complements Thompson's deployment-company analysis: the executive-suite rationality Thompson describes has a substantial "don't get fired" component that rewards trend-following over substantive evaluation.

---

Simon Willison — Quoting Mo Bitar: satirical map of AI career opportunism

Willison shares Mo Bitar's viral TikTok "Unethical Guide to Surviving AI Layoffs" — a satirical monologue advising workers to mint new jargon ("Ralph Loop"), walk into the CEO's office with buzzword fluency, publicly "automate" named colleagues in Slack channels, and collect a new title and equity bump before anyone figures out that "nobody knows what they're doing, because nobody can, because nobody knows what they're doing."

This is social commentary, not technical analysis. But it maps the gap between AI capability claims and enterprise reality with uncomfortable specificity, and pairs with Hashimoto's TDM observation in a way that's worth noting: Hashimoto describes the structural incentive that sustains AI theater at the decision-maker level; Bitar describes the individual rational response that emerges from that structure. The equity bump comes before the reckoning.

---

Simon Willison — datasette 1.0a29 fixes a race condition using Codex as a debugging collaborator

The 1.0a29 alpha of Datasette (Willison's SQLite web interface tool) ships a fix for a segfault caused by a race condition between concurrent `Datasette.close()` calls, introduced by an automatic connection-closing mechanism added for tests. Willison isolated it by having Codex CLI (running GPT-5.5 xhigh) generate a minimal Dockerfile that reliably reproduced the bug — using the model as a debugging collaborator to construct a reproducible environment, not to write application code. The release also adds a `TokenRestrictions.abbreviated()` utility method and makes table headers visible on zero-row tables.

---

Simon Willison — CSP Allow-list Experiment: user-controlled domain permissions inside sandboxed iframes

A quick tooling proof-of-concept, built with GPT-5.5 xhigh in the Codex desktop app: an app loaded inside a Content Security Policy (CSP)-protected sandboxed iframe intercepts CSP violations via a custom `fetch()`, passes them up to the parent window, and prompts the user to add the blocked domain to an allow-list before refreshing. The technical interest is the parent-sandbox communication channel enabling a user-in-the-loop permission model for security-sensitive iframe contexts.

---

Synthesis

The dominant thread today is the gap between frontier AI capability and the organizational reality of deploying it — and the surprising amount of human labor that gap requires. Thompson's analysis of the OpenAI Deployment Company and Google's FDE announcements pins down what that gap costs: 150-engineer consulting acquisitions, multi-month data-readiness projects, and executive mandates that structurally resemble 1970s mainframe implementations. The Hashimoto and Bitar observations Willison surfaces triangulate the same gap from inside organizations: Hashimoto provides the structural explanation (TDMs buy analyst-endorsed trend labels to avoid blame), and Bitar provides the individual-level survival strategy that emerges (perform fluency in the trend vocabulary, attribute agency to the jargon, collect the equity before the reckoning). Thompson is the optimist framing of the same observation — the humans are there because the data isn't ready yet, and once it is, the replacement wave will be real and durable. Whether that optimism is warranted remains the open question today's content leaves unresolved.

The Apple-Intel story lands as a concrete data point about what AI infrastructure expansion actually competes with. TSMC's advanced-node capacity is now a binding constraint on Apple's core consumer hardware business — foregone iPhone and Mac revenue across multiple product lines, quarters in a row. Thompson had predicted this specific mechanism (not geopolitics, but supply monopoly) and the deal validates it. The chip supply chain and the AI buildout are competing for the same scarce resources, and that competition is now forcing industrial realignments that would have seemed implausible 3 years ago.

On the developer tooling side: Willison's llm 0.32a2 change exposing interleaved reasoning tokens via `/v1/responses` is a small but directionally meaningful capability for practitioners who want observability into multi-step agentic workflows. The datasette debugging note — Codex used to construct a minimal reproduction environment, not to write code — is a brief but honest illustration of where AI-assisted development is actually useful today: narrowing the search space for hard-to-reproduce bugs, not replacing the engineer.

---

TL;DR - Enterprise AI deployment is a 1970s mainframe play, not a SaaS rollout: OpenAI and Google are both staffing human-intensive deployment operations because the real bottleneck is data readiness, and that requires boots on the ground for months, not API keys - TSMC's capacity monopoly is already costing Apple measurable revenue: the Apple-Intel deal is supply-crunch resolution, not geopolitical hedging — AI infra buildout is crowding consumer hardware off advanced nodes - The TDM dynamic explains AI enterprise theater: most technology decision-makers optimize for not getting fired, so they buy Gartner-blessed buzzwords (Hashimoto), creating rational conditions for the career opportunism Bitar satirizes - llm 0.32a2 makes GPT-5-class reasoning tokens visible in the terminal: minor tooling change, real observability gain for developers debugging multi-step agentic tasks

Compiled from 2 sources · 6 items

• Simon Willison (5)
• Ben Thompson (1)

Two roundup pieces cover today's digest: Rowan Cheung's Rundown AI newsletter and Swyx's Latent Space AINews. Between them: Google's Android AI integration, the fading case for finetuning, GB200 inference economics, agent reliability architecture, a supply-chain attack targeting AI developer tooling, and where local inference stands in May 2026.

---

Rowan Cheung — Google's Gemini Intelligence positions Android as the first genuine cross-device AI execution layer

Google's Android Show event (the week before I/O) introduced Gemini Intelligence not as an app or assistant but as a system-level AI layer that has on-screen context and can execute agentic tasks within apps — meaning it can see what's on screen and act, rather than just respond to queries. The new Googlebook laptop line (built with Dell, HP, Lenovo, Acer, and Asus) ships a "Magic Pointer" AI cursor that lets users point at on-screen content and speak shorthand instructions. Crucially, Googlebooks run Android phone apps and files, merging ChromeOS, Android, Google Play, and Gemini into a single surface rather than running separate stacks in parallel.

Supporting this are several smaller but telling releases: Create My Widget, Rambler (dictation with automatic filler-word stripping), and Gemini auto-browse in Chrome. The pattern across all of them is Gemini being woven into the interaction layer — the cursor, the keyboard, the browser — rather than surfaced as a separate chatbox. Cheung's read is that Google may be the first to actually crack unified device-level AI, with the contrast being Apple's still-undelivered Siri revival. The architecture choice — treating Gemini as an OS-level intelligence system rather than a bolt-on feature — is the bet being made.

---

Rowan Cheung — Amazon's tokenmaxxing shows how usage metrics corrupt AI adoption from the inside

Amazon set an internal target of 80%+ of developers using AI weekly, then began publishing staff rankings by token usage. The outcome is now public: employees are burning tokens on unnecessary tasks to raise their scores, a behavior the FT's sources describe as creating "perverse incentives." Amazon's MeshClaw — a staff-built tool for creating agents that can deploy code, sort emails, and operate across company software — became the primary vehicle for the gaming. Amazon has since pulled back usage-number visibility to individuals and their managers, which suggests the company recognized the problem even if it hasn't formally acknowledged it.

The underlying principle Cheung surfaces is blunt: a token counter can prove AI was used, but it cannot prove the work got better. Rewarding usage instead of outcomes means employees optimize for the scoreboard. The same pattern is reportedly appearing at Meta. This is the predictable consequence of treating AI adoption rate as a proxy for AI productivity — and the story suggests that enterprise AI deployment has as much of an organizational design problem as a technical one.

---

Swyx — OpenAI's finetuning API deprecation signals a structural split in how AI engineering gets done

Swyx frames OpenAI's decision to deprecate its finetuning APIs as more than a cost optimization — it's a marker of where the industry's center of gravity has shifted. For years the dominant pitch was "get o1 performance at 4o prices" through finetuning, and a substantial slice of the AI engineering community organized workflows around it. That narrative is unwinding for the mainstream. But Swyx is careful about what "the end of finetuning" actually means: Cursor and Cognition (whose $25B round is now public discussion) have both increased their open-model reinforcement learning from human feedback (RLHF) and finetuning usage, not decreased it — the frontier companies are doing more of it precisely while the broad middle of the market moves away.

The structural question Swyx raises is whether very long prompts — citing Claude's Constitutional AI system prompt as a concrete example — plus continued prefill/decode disaggregation improvements might make finetuning redundant for most production deployments. Jeremy Howard apparently flagged this direction on-pod as early as 2023. The implicit logic: if long-context inference gets cheap enough fast enough, the make-vs-buy calculus for finetuning keeps shifting toward just buying more inference. The top tier keeps doing it because they need edge-case precision at scale; the modal 80% probably never needed it as much as they thought.

---

Swyx — Research benchmarks are saturating while agentic science systems push the remaining frontier

The benchmark landscape is bifurcating in a way that matters practically. Old evals are saturating — @polynoamial argues that any benchmark with uniformly high scores should be retired in favor of lower-scoring, frontier-challenging tests. Soohak introduces 439 research-level math problems authored from scratch by 64 mathematicians (38 of them faculty), explicitly targeting capabilities above standard olympiad-style problems. Medmarks v1.0 expanded its open medical benchmark suite from 20 to 30 benchmarks and 46 to 61 models, partly in response to the same saturation pressure.

Agentic systems are the ones pushing these harder frontiers. Google DeepMind's AI Co-Mathematician — described as an asynchronous, stateful research workbench for mathematicians — reportedly reaches 48% on FrontierMath Tier 4, a benchmark designed specifically to resist near-term saturation by models. In theoretical physics, "physics-intern" nearly doubles Gemini 3.1 Pro's baseline performance on CritPt by decomposing problems across specialized agents; the solo model baseline sits at 17.7%, and the multi-agent system reaches 31.4%, a difference that corresponds to moving from "rarely useful" to "sometimes genuinely helpful" on frontier physics tasks. The pattern: single general models are plateauing on hard evals, while multi-agent architectures with specialized roles extend the frontier. Whether that reflects genuine reasoning progress or benchmark engineering is still the open question.

---

Swyx — GB200 and RoCEv2 are changing the economics of large mixture-of-experts serving

Perplexity published detailed numbers on serving post-trained Qwen3 235B on NVIDIA GB200 NVL72 systems. The headline: all-reduce latency drops from 586.1µs on H200 to 313.3µs on GB200, and mixture-of-experts (MoE) prefill combine at expert parallelism=4 drops from 730.1µs to 438.5µs. @AravSrinivas frames this as materially changing the calculus for prefill/decode (P/D) disaggregated serving of large MoEs — the interconnect improvements mean operations that previously required careful batching to hide latency become tractable at lower batch sizes. Separately, SemiAnalysis reported that clustering multiple B200 8-GPU machines over RoCEv2 CX-7 with P/D disaggregation can lift per-GPU token throughput by up to 7×, which implies proportional reductions in cost per token for production serving.

Modal is making the case that inference requires a dedicated stack rather than general-purpose Kubernetes: they cite compute management, cloud-native caching, CRIU (Checkpoint/Restore In Userspace), and GPU checkpointing as the differentiating pieces. Perceptron's confirmation that all Mk1 inference runs on Modal adds real-world weight to this positioning. The practical implication across both stories: the infrastructure conversation has moved from "can we serve large MoE models" to "what topology and stack makes serving them economically rational."

---

Swyx — Stanford's Shepherd treats agent execution like a Git repository, with replay, branching, and rollback

Stanford's Shepherd system models agent execution with first-class tasks, effects, scopes, and traces — enabling exact replay, branching, rollback, and formal guarantees verified in Lean 4. The Git analogy is deliberate: just as version control lets you branch from any commit and replay changes forward, Shepherd lets you branch from any point in an agent's execution history and re-run from there. The reported outcome is that live supervision on CooperBench improves from 28.8% to 54.7% — nearly doubling the rate at which a human supervisor can catch and correct agent errors in real time — plus faster counterfactual optimization and tree-based reinforcement learning rollouts.

The broader pattern is becoming visible across multiple systems. LangGraph's new DeltaChannel snapshots replace full-state checkpointing for scalable durable execution. Google's Gemini Interactions API preserves encrypted thought signatures across turns without requiring developers to manually manage signature injection. The common thread: as agents run longer and take more consequential actions, the ability to inspect, replay, and roll back execution becomes as important as the model's intrinsic capability. Agent state management is becoming a first-class systems problem in the same way that database transactions were for CRUD applications.

---

Swyx — The Mini Shai-Hulud supply-chain attack targets AI developer tooling as a primary attack surface

The Mini Shai-Hulud campaign expanded beyond its initial TanStack target to hit OpenSearch, Mistral AI, Guardrails AI, UiPath, and others across npm and PyPI — specifically targeting the npm and PyPI packages that AI developers most commonly install. The technically notable detail is persistence: the attack hooks into Claude Code (via `.claude/settings.json`) and VS Code (via `.vscode/tasks.json`) so the compromise re-executes on future tool events even after the malicious package is removed from the dependency tree. Guardrails AI confirmed its 0.10.1 package was compromised and quarantined within about 2 hours of discovery.

Mitigations surfaced quickly: beyond `minimumReleaseAge` on package installations, `blockExoticSubdeps` prevents remote GitHub references from entering dependency graphs. At the workstation level, moving secrets out of `.env` files into a proper secrets manager removes the most common exfiltration target. Stanford-aligned work on SecureForge is positioning vulnerability discovery and prevention in LLM-generated code as its own research track. The combination — malicious packages that persist through developer tool hooks, plus agents that automatically install and run packages without user review — is a genuinely new attack surface that didn't exist at meaningful scale 18 months ago.

---

Swyx — Local inference is maturing, from Qwen 3.6 on consumer hardware to a 1-trillion-parameter model on Optane memory

The community benchmark landscape for local models shows genuine capability advances. A user benchmarked Qwen 3.6 35B A3B, Qwen 3.6 27B, Gemma 4 26B A4B, and Nemotron 3 Nano on a paper-to-code comprehension task using long-context mechanisms — and all four substantially outperformed prior small-model baselines, with Qwen 3.6 35B A3B judged strongest. At q4 quantization, users are running Qwen 35B (~20GB) and Gemma 26B (~15GB) simultaneously on the same machine, with Gemma 26B for quick code fixes and Qwen 35B for longer-context refactoring. Performance is sensitive to sampling parameters; the community is noting that overly aggressive KV cache quantization can erase the capability gains.

At the more exotic end, a community build demonstrated Kimi K2.5 (~1 trillion parameter MoE) running locally at ~4 tokens/second using Intel Optane DC Persistent Memory — 768GB of Optane as system RAM with 192GB DDR4 as cache, and an RTX 3060 12GB handling attention and dense tensors. Estimated used-market build cost: roughly $2,060–$2,500. A separate GPU power-limiting experiment found that capping an RTX 4090 substantially reduces power, heat, and noise with little to no decode throughput loss (prefill takes a 15–20% hit at aggressive limits). And Cactus Compute released Needle — a 26M-parameter tool-calling model distilled from Gemini-synthesized data, claiming 6,000 tok/s prefill and 1,200 tok/s decode on consumer devices. The architectural argument: function calling is fundamentally a retrieval task over provided tool schemas, so feed-forward network (FFN) layers that store parametric knowledge are unnecessary — the model can be built from attention plus gating only. The community is most interested in whether a model this small could serve as a lightweight router that dispatches queries to larger models only when needed.

---

Synthesis

The sharpest through-line today is the widening gap between what frontier practitioners are doing and what the broad middle of the industry is doing — and how infrastructure economics are driving it. Swyx's finetuning analysis and the GB200/RoCEv2 serving numbers point in the same direction: as inference gets dramatically cheaper and long-context windows expand, the case for finetuning in typical enterprise deployments erodes, while the frontier companies doing precision-targeted RLHF are doing more of it than ever. Cheung's tokenmaxxing story is the organizational corollary — companies still measuring AI adoption by token consumption rather than outcomes will produce compliance theater, not productivity gains. The infrastructure is advancing faster than the organizational practices for deploying it well.

Google's Gemini Intelligence and Stanford's Shepherd represent the same architectural conviction from different angles: the model is increasingly not the unit of analysis — the system around the model is. Gemini Intelligence is a cross-device execution layer with on-screen context. Shepherd is a Git-like substrate for agent execution with formal guarantees. Both assume that what separates useful AI deployments from impressive demos is orchestration, supervision, and state management. The benchmark results reinforce this: the systems pushing FrontierMath Tier 4 to 48% and CooperBench to 54.7% are multi-agent architectures, not larger single models.

The Mini Shai-Hulud attack is the security consequence of this agent-first world arriving before the security posture has caught up. When agents automatically install packages, execute code, and persist hooks into developer tool configurations, supply-chain attacks gain a persistence mechanism that didn't exist before. The attack specifically targeted AI developer tooling — Claude Code hooks, Mistral AI packages, Guardrails AI — because that's where the leverage is. Taken together, today's content makes a fairly coherent argument: the 2026 AI deployment challenge is less about model capability and more about getting incentive structures, security posture, infrastructure topology, and orchestration architecture right alongside the models themselves.

---

TL;DR - Finetuning's mainstream moment is passing: OpenAI deprecated its APIs; the broad practitioner market moves toward long-context prompting and better inference infrastructure, while frontier players (Cursor, Cognition) are doing more specialized RLHF, not less — the distribution is bifurcating - GB200 and RoCEv2 are compounding inference economics: roughly half the interconnect latency vs. H200 for large-MoE serving; B200 + P/D disaggregation can push 7× per-GPU token throughput — cost-per-token is falling faster than anticipated - Agentic architectures are the new benchmark movers: multi-agent systems (AI Co-Mathematician, physics-intern, Shepherd) extend harder evals where single models plateau; the benchmark saturation problem is real and being actively addressed - Google is making its OS-level AI bet: Gemini Intelligence treats Android as a cross-device agentic execution layer, not a chatbot — the Magic Pointer and Googlebook combo is a concrete UX bet on where this lands ahead of Apple - AI developer tooling is the new supply-chain attack surface: Mini Shai-Hulud persists through Claude Code and VS Code hooks even after package removal; supply-chain hardening needs to be treated as core AI infrastructure now - Usage metrics corrupt AI adoption: Amazon's tokenmaxxing shows that measuring token consumption as a proxy for productivity produces scoreboard gaming, not better work — enterprise AI has as much of an organizational design problem as a technical one

---

Compiled from 2 sources · 2 items

• Rowan Cheung (1)
• Swyx (1)