Library articles are longer, more complete treatments of a topic: explanations, analysis, technical specifications, or historical context. A library article is something you can return to months or years later. I often keep them updated.
See also Notes and Research, or browse by topic.
Digital freedom and law
The battles over who controls software, data, and communications have been running for thirty years and are not over. These articles cover the legal and policy terrain — patents, privacy law, data sovereignty — from the perspective of someone who has been involved in several of the fights directly.
- Samba — Co-founding Samba meant taking on Microsoft’s attempt to own all networked file storage. Nearly a billion users later, the project is still running.
- Copyright, patents, Samba and Microsoft — A timeline of the Ballmer-era IP battles and what they settled.
- Microsoft Patent Process — Ballmer Era — A practical guide to how Microsoft weaponised patents 1998–2014, from direct experience.
- Software Patents, TPMs and Paracopyright — How the battleground shifted after the patent wars: technical protection measures and the Unitary Patent System.
- Origins of EU–US privacy battles — From Privacy Shield’s collapse in 2020 to the trade-war dimensions of 2026.
- Opportunity in GDPR Article 28 — The computer science buried in the GDPR’s legalese, and the business case it creates.
- Data Mobility in the Trumpian Post-Brexit Era — What UK and EU organisations need to decide now, and why it is harder than it looks.
- Security Standards and Certifications — ISO27001, GDPR, NIS and related standards demystified for practitioners.
Software you can trust
A recurring theme in my work is that software fragility is underestimated and under-addressed. These projects and articles approach that problem from different angles — data integrity, reproducibility, reversibility, and version control.
- LumoSQL — Modifying SQLite to give device owners genuine control over their own data, without breaking compatibility.
- Reversible Execution — Rewinding and replaying software to find bugs and security problems. Still the biggest advance in debugging since source-level debuggers.
- Logical and Thermodynamic Reversibility — How reversibility connects to the energy crisis in AI infrastructure.
- Not Before Time — Time-locking information using existing tools and tried mathematics.
- Not Forking — Automating change management across source trees in ways version control systems cannot.
- Fossil — The only realistic alternative to Git, with stronger cryptographic and reproducibility guarantees.
- How to Replace Windows NT with Linux — Written at Linuxcare in 1999. Historical, but part of the Samba story.
AI safety and agentic systems
Current AI safety efforts focus on making individual models better-behaved. My work on the Perseverance Composition Engine takes a different approach: structure the system so that misbehaviour is caught before it causes harm, the way human institutions have worked for centuries. These articles develop that argument and its technical context.
- Addressing the Biggest Problems in using AI — The case for structural AI safety over constitutional AI safety.
- Slow LLMs and MCPs are Hiding Problems — What happens to agentic AI concurrency when the systems stop being slow.
- Logical and Thermodynamic Reversibility — The physics of computation and why it matters for AI energy use.
Practice and teaching
- Security Standards and Certifications — How the major standards work in practice, and why their bad reputation is mostly undeserved.
- Teaching Exercises — Exercises in cybersecurity and computer science I have used over many years of mentoring.
- Code of Conduct — A concise code of conduct for open source projects, compressed from the Mozilla Participation Guidelines.
- BibLaTeX, eras and scripts — Managing references across non-Latin scripts, ancient sources, and non-English languages in LaTeX.