Hanso Heartbeat Hanso Heartbeat
Google plans up to $40B into Anthropic. Microsoft and OpenAI loosen the old exclusive. Android tightens sideloading. OpenAI explains where the goblins came from. A Claude Code billing bug was triggered by the string HERMES.md in a git commit. Cloudflare lets agents buy domains. GitHub is planning for 30x scale.

Issue 18

1 May 2026

Hi there,

The old platform deal was simple. Accept the lock-in, get the leverage. This week made that bargain look less settled. GitHub said agentic development now needs infrastructure sized for 30x today’s scale. Cloudflare showed agents opening accounts, buying domains, and deploying without the old dashboard ritual.

The next platform fight is about who sits between intent and execution, and how much trust disappears into that gap.

Industry

1. Google lines up a much bigger Anthropic bet

TechCrunch, citing Bloomberg, reported that Google plans to invest up to $40 billion in Anthropic. $10 billion immediately, another $30 billion tied to performance targets. The compute matters more than the money: Google Cloud capacity for Anthropic expands by 5 gigawatts over five years, on top of earlier TPU commitments with Google and Broadcom. At frontier scale, "investment" and "supplier relationship" are now the same sentence.

2. Microsoft and OpenAI loosen the old exclusive

Reuters reported that Microsoft and OpenAI renegotiated their deal so OpenAI can pursue broader cloud partnerships, including with Amazon. Microsoft keeps its OpenAI licence through 2032 and a revenue share through 2030, with a cap and without the old cloud exclusivity. Microsoft gets more certainty. OpenAI gets more supply paths. Everyone else gets reminded that compute scarcity is now corporate strategy.

Tobias asked me about this on a Freudenberg call the morning it broke. When Group CIOs notice, the procurement story has already moved.

3. Android’s sideloading fight moves from niche complaint to platform test

Google’s developer verification programme says that from September 2026, apps installed on certified Android devices in selected regions must be registered by a verified developer. The Keep Android Open campaign argues this turns sideloading into a Google-mediated process – identity, package-name registration, a payment relationship. Google’s security argument is real. Android malware and scam apps aren’t imaginary. So is the governance problem: the "open" mobile platform is becoming open by permission, not by architecture.

Artificial Intelligence

4. OpenAI explains the creature-word problem

OpenAI published a sharp post on where the goblins came from after its models developed a habit of using creature metaphors where nobody asked for them. The cause wasn’t one bad prompt. They traced it to reward signals around a "Nerdy" personality, style transfer across training, and synthetic-data feedback loops that pushed a small lexical tic much further than intended.

We have the Hanso version of the same lesson in our system-prompt library. We keep finding tics that travelled across unrelated agents because one shared upstream prompt rewarded them.

The language model with a 1930 bedtime

Talkie is a 13B language model trained only on pre-1931 English text. It can talk fluently while knowing nothing about Turing machines, World War II, Python, or the modern web – at least in theory.

Diagram of Talkie's post-training pipeline showing pre-1931 source material being filtered and used to fine-tune the base model

Nick Levine, David Duvenaud, Alec Radford

"In theory" is where the fun starts. The authors spend most of the post on temporal leakage, OCR errors, historical post-training, and the problem of using modern models to judge an intentionally old-fashioned one. A knowledge cutoff is only clean if the dataset actually behaves.

It is, upon reflection, a singular sort of amusement to converse with a machine so easy in its discourse, yet so perfectly innocent of every age save the one in which it was bred.

5. Claude Code’s billing bug was hiding in Git history

A Claude Code issue filed on 25 April is a wonderfully awful bug. A recent commit message containing the string HERMES.md caused requests to route to extra usage billing instead of the user’s included Max plan quota. The reporter isolated it by binary search across repositories and commit history. Anthropic later said affected users would get refunds and an extra month of credits.

The cursed-string framing is funny. Underneath: agent tools now ingest enough workspace context that content-based policy and billing systems trip over incidental text in someone else’s git log.

Infrastructure

6. Cloudflare lets agents create accounts, buy domains, and deploy

Cloudflare announced an integration with Stripe Projects that lets agents provision Cloudflare accounts, start paid subscriptions, register domains, get API tokens, and deploy applications. Humans still have to accept terms and approve sensitive steps. But the old sequence – sign up, add card, copy token, paste token, deploy – is now compressed into an agent workflow.

Genuinely smart. Also: fraud controls, spend limits, terms acceptance, and credential issuance now sit inside a much stranger interaction model than the one procurement teams have policies for.

What can this cable actually do?

WhatCable is a tiny macOS menu-bar app for the most modern physical annoyance: the USB-C cable that looks identical to every other USB-C cable and yet somehow can't carry the thing you need.

It reads IOKit, USB-PD identity data, power profiles, e-marker info, negotiated speed, current rating, and vendor IDs, then tells you in plain English whether the cable is charge-only, Thunderbolt / USB4-capable, or silently the reason your Mac is charging like it has given up. Software as drawer archaeology.

Of course, USB-C could also have just been much simpler, and universal, you know.

7. GitHub says agentic development forced a 30x scale rethink

GitHub posted an availability update after two recent incidents, including an Elasticsearch problem on 27 April that affected search-backed parts of pull requests, issues, and projects. The line that caught me: GitHub started a 10x capacity plan in October 2025, then decided by February 2026 that agentic development required designing for 30x current scale. Repository creation, pull requests, API usage, automation, and large-repository workloads are all accelerating together.

"AI coding" is no longer only an editor feature when the forge underneath starts buckling.

Microsoft

8. Copilot moves to usage-based billing on 1 June

GitHub announced that all Copilot plans move to usage-based billing on 1 June 2026. Premium request units become GitHub AI Credits, billed on input, output and cached tokens at published model rates. Base subscription prices stay the same. Fallback experiences go away. Admins get budget controls.

The unit of work is no longer "a chat message." It’s tokens, context, retries, tool calls, and whatever the agent did while nobody was staring at it.

9. Copilot code review will also consume Actions minutes

The adjacent GitHub changelog clarified that Copilot code review will be billed two ways from 1 June: AI Credits for the Copilot usage, plus GitHub Actions minutes for reviews that run on private repositories using GitHub-hosted runners. Public repos keep free Actions minutes for this path. A code-review bot that runs like automation should be budgeted like automation.

10. GitHub availability becomes a Microsoft infrastructure story

The same GitHub availability post is also a Microsoft story. The fix path runs through Azure, multi-cloud thinking, service isolation, a Ruby-to-Go migration, and reducing hidden coupling across Actions, search, permissions, APIs and background jobs. Not glamorous, but the right level of detail. GitHub is no longer just hosting human-paced repositories. It’s the shared substrate for agent-paced software work, and that substrate is being stress-tested in public.

Development

11. Ghostty is leaving GitHub

Mitchell Hashimoto announced that Ghostty will leave GitHub, keeping a read-only mirror at the current URL. The post is personal – Hashimoto notes he’s GitHub user 1299, has used it daily for 18 years, and still has personal projects there – but the practical complaint is the infrastructure around Git: issues, pull requests, Actions, review, outages.

If a serious open-source project with mainstream attention decides GitHub isn’t a reliable place for serious work, forge centralisation stops being theory.

Cursor Camp, unfortunately

Neal Agarwal's Cursor Camp is the browser equivalent of walking into a cheerful training centre for AI-assisted coding and realising the joke has already won.

The Cursor Camp landing screen on neal.fun

Neal Agarwal

Not much to analyse, which is the point. Small, silly, nicely made, and just close enough to the current developer-tooling mood to hurt a little. A lovely Friday detour. As are all of Neal's web projects.

12. Zed 1.0 released

Zed reached 1.0 with a clear thesis: a modern editor shouldn’t have to be a web app in a desktop costume. Rust codebase, GPUI framework, GPU-driven rendering, SSH remoting, debugging, language support across macOS, Windows and Linux, AI features built into the editor rather than bolted on. Zed for Business is coming too, with centralised billing, RBAC and team management – the craft argument turning into an enterprise adoption path.

I’ve been using Zed a lot. So much faster than VS Code or Cursor. Funny thing is, I use editors less and less these days. 90% of my time is an iTerm + tmux + Claude Code CLI or Codex CLI session.

Information Security

13. Copy Fail gives Linux admins a very direct patch problem

Copy Fail, tracked as CVE-2026-31431, was publicly disclosed as a Linux local privilege escalation affecting mainstream distributions shipped since 2017. Canonical published fixes on 30 April and described it as a high-severity kernel vulnerability disclosed on 29 April. The scary part is the reliability – the researchers present it as a straight-line logic flaw, not a race-condition parlour trick. If untrusted local users, containers, CI jobs or multi-tenant Linux systems are in scope, this isn’t "patch eventually" material.

Marasy and I burned a Wednesday afternoon getting the Talos cluster nodes onto a fixed kernel.

14. Kernel disclosure process becomes part of the risk

The Copy Fail week also made a process problem visible. The public site says the issue was reported to the kernel security team weeks before disclosure. By the time admins saw the branded write-up, distributions were racing to ship fixes and guidance. That gap matters because local privilege escalation bugs get treated as less urgent than remote code execution, right until they become the second step in a real incident. The boring, defensive habit: know which systems expose untrusted local execution, know where kernel updates are slow, and test the reboot path before the incident writes the calendar for you.

Coming up

11–14 May: Red Hat Summit in Atlanta. OpenShift, virtualisation pressure, platform engineering, enterprise AI – the tracks worth watching.

19–20 May: Google I/O at Shoreline and online. Gemini, Android, developer-facing agent tooling.

1 June: GitHub Copilot usage-based billing starts, including the new AI Credits model and Actions-minute billing for Copilot code review on private repositories.

8–12 June: Apple WWDC26 online, keynote on 8 June. Apple’s AI and developer-tooling story under much less forgiving scrutiny than last year.

Hope this gave you something to chew on over the weekend.

Have a good weekend,
Julian

How this is made

Throughout the week I stumble across a mildly unreasonable number of interesting things, and I forward them instantly to the friend or colleague I think might care – sometimes to their delight, sometimes to their annoyance, and often with no context at all. Heartbeat is the attempt to do that a little better.

Every Friday a small agent I built, Honoka, looks through the places where those links tend to leak out: my private email, work email, Matrix, Mastodon, WhatsApp, Apple Messages, Signal, and the faint imprints on the platen of my Olympia typewriter (still not an API, tragically). It sorts, filters, groups and summarises the week, then hands me a draft.

Honoka is guided by a private corpus of things I have written over the last fifteen years, so it can get closer to how I sound in more-or-less official emails and public notes. I still take a pass by hand: remove things, change sentences, check links, argue with the judgement. Whether that is enough is, frankly, the experiment. Every issue has one item written entirely by hand. If you can reliably spot it, hit reply and judge.
Hanso Hanso
Hanso Pte Ltd · 1 Phillip Street #08-00, Singapore 048692
www.hanso.group