2026-05-10 21:00:00
I recently got a Venova and have been enjoying learning how to play it:
It combines a saxophone mouthpiece with recorder fingering and a little nose to overblow an octave instead of a twelfth.
It's somewhere between a real instrument and a toy, and one of its bigger problems is that while it's great in C it gets harder to play the more sharps or flats you want. Since I mostly play contra music, typically in 2-3 sharps, this isn't ideal.
A Venova in D (two sharps) would be great, but I don't see this coming. If we're going to put in a bunch more work somehow, what if we went all the way to a double bore?
Imagine two parallel bores with the tone holes lined up exactly, so that when you put your finger down it covers both. The holes would look a bit like the double holes on a recorder, but they could be closer together because you never need to cover just one of them:
The obvious way to do it, and the equivalent of a B/C melodeon, is a C tube for the "white keys" and a B tube for the "black keys": between them you can play every note. The venova already uses a "meandering bore" to bring the holes closer together: to keep them in tune you put slightly larger meanders all along the B bore so the wavelength is consistently a half step longer.
Then you need some way to choose which bore the air flows through, so only one is active at once. We could borrow from the solutions brass instruments have come up with. Since those are solving a much harder problem (routing air through a loop) we can do something simpler. I think a flapper valve would be a better fit: much cheaper to make, and more moisture resistant.
When you think about B/C fingering, though, you'll notice that we're using one bore for 7 notes, and the other for 5. Let's take inspiration from a Janko keyboard and do 6 and 6: two sets of whole steps, a half step apart. One bore would be C, D, E, F#, G#, Bb while the other would be C#, D#, F, G, A, B. This lets you use your left thumb for the valve, left forefinger for the octave key, and then your remaining five non-pinky fingers for the notes. No keywork, and the only bit that's tricky to manufacture is the valve.
I especially like that the fingering is partly isomorphic: lifting a finger always moves you up a whole step, engaging the valve always moves you up a half step. And if you prefer flutes (or pennywhistle) to reeds this should work there too.
Note, however, that we now have a bunch of free fingers. If we do stick with the reed, what if we do away with the 'nose', and accept that we'll now overblow a twelfth like a clarinet? Can we build a keyless three-octave dual bore meandering pipe woodwind with no fork fingerings?
Unfortunately not: after allocating a finger to the bore selection valve and another to the register jump most people are down to 8 fingers. To play chromatically across a full register we need 19 notes, which means one bore needs to be responsible for 10. With simple fingering, the most you can do with eight fingers is nine notes: all open gives you the highest note, and then each additional finger gives you another note. This gives us 18 notes (9 + 9) across the two bores, which is so painfully close to the 19 we need. And even if this worked (perhaps we're willing to give up D#) it would be awkward to use all the fingers (and thumbs) this way.
If we compromise slightly, though, and add two keys, very similar to the keys the Venova already uses, we should be able to get all ten notes and also free up the right thumb to steady the instrument. I should probably put an image here demonstrating, but drawing is hard and this is way beyond what current AI models can do. [1][2]
This would be cheap to manufacture, since while a meandering tube is a pain with traditional tooling it's no issue with molded ABS resin. I think this would solve most of the Venova's flaws (missing notes, fork fingerings, limited range), while avoiding almost all the keywork of the clarinet or sax.
[1] Gemini 3.1 Pro, completely missing the point with two mouthpieces,
straight bore, lots of keywork, no ligature, useless acrylic, bad
hole spacing, and levitation:
[2] ChatGPT 5.5 Pro, doing somewhat better, but with no reed, lots of keywork, a third bore at the bottom, and an insufficiently meandering bore:
2026-05-09 21:00:00
This afternoon Cecilia and I played for Somerville Porchfest, with Harris calling and Danner running sound. There was rain, but not enough keep us from playing, or to keep folks from dancing:
We were originally planning to be on Morrison Ave, where we've been for years. Two weeks out, though, I learned that it wouldn't be possible to close Morrison this year. [1] After lots of scrambling, talking to neighbors and the city, and some help from Lance Davis, we were able to get permission to close the dead-end section of Highland Rd instead:
This meant we didn't have my usual porch roof, and while dancers are reasonably water resistant my gear is not. Seeing rain a few days out I got a cheap canopy:
It was big enough for the two of us and our monitors, but not Harris. And he wouldn't have fit anyway, with his crowd-observation-ladder:
Being away from the house also meant we couldn't easily plug in for power. We probably could have made extension cord work, but Danner and I both have batteries. This worked well, and none of the batteries were below 70% at the end of the 2hr set.
I'm very glad we had a dedicated sound person this time: running sound for myself is never great, since I can't hear what we sound like, but this was a much more complex setup than we've done in the past. In addition to the usual mains and monitors we also ran a pair of delays halfway down the street and a subwoofer. Danner was fantastic, and I'm grateful for BIDA for providing gear and funding a sound person. Here's hoping a lot of people who gave contra a try will come out to one of the regular dances!
To keep the water off the equipment outside the canopy we used trash bags for the speakers and some 18x24 pieces of corrugated plastic for the mixer and batteries. Everything seems to have done ok!
(If this looks like fun, TryContra lets you find nearby dances. And if you're not sold, Ben Kuhn has a great explanation of what makes contra dancing so wonderful.)
I tried to get neighbor friends to park up one side of the street and move cars just before, but this wasn't enough to get that side fully cleared out. It got us about five spaces, which was enough for more audience space, but the contra lines were limited to the ~18ft between the parked cars. This is enough for two lines, but at one point I counted four squished in there. Harris also had to abandon teaching one of his dances and switch to one that needed less space.
Last year Harris tried a format where he alternated between dances for anyone and ones for people who already know contra, and he used it again this year. It continues to work really well: the new dancers aren't up for dancing every dance and the experienced dancers get to do some more complex (but still not very complex!) material.
While Kingfisher is a bit weird as a contra dance band, I think this mostly translates pretty well to this kind of environment. Having drums and bass, even simple multitasked ones, seems to make fiddle-driven music more accessible to the general public:
With so much gear to get out and back it was incredibly helpful that Al came early and volunteered to help set up, and of course we used the wagon.
The older kids made and sold lemonade. Nora held signs:
While people were overall super respectful (and joyful!) they did leave a lot left behind, mostly alcohol-related. I took the wagon around picking things up, and it was nearly full by the end:
Just as I was finishing the city workers came by to pick up the temporary street containers, which were also overflowing:
One of the workers helped me dump the wagon into their truck; very helpful!
It was on the cold side for playing, and fingerless gloves were very important. Probably not a bad temperature for dancing, though!
Overall, it went really well, I'm glad Somerville hosts a Porchfest, and I'm glad I got to play for it and introduce a lot of folks to contra dancing.
Thinking about what to do differently next time, I think the big one is reaching out to the organizers ahead of time to figure out about closing streets. Both this year and last year there was a last-minute scramble for permission to close the street, and I don't think anyone prefers it that way! I'm going to plan to do this way early: probably in a few weeks once the organizers have had time to rest a bit.
[1] After all this, police ended up closing Morrison anyway. I asked
about it, and they said it was a safety issue since people gather in
the street.
2026-05-08 21:00:00
A week ago the Copy Fail vulnerability came out, and Hyunwoo Kim immediately realized that the fixes were insufficient, sharing a patch the same day. In doing this he followed standard procedure for Linux, especially within networking: share the security impact with a closed list of Linux security engineers, while fixing the bug quietly and efficiently in the open. His goal was that with only the raw fix public, the knowledge that a serious vulnerability existed could be "embargoed": the people in a position to address it know, but they've agreed not to say anything for a few days.
Someone else noticed the change, however, realized the security implications, and shared it publicly. Since it was now out, the embargo was deemed over, and we can now see the full details.
It's interesting to see the tension here between two different approaches to vulnerabilities, and think about how this is likely to change with AI acceleration.
On one side you have "coordinated disclosure" culture. This is probably the most common approach in computer security. When you discover a security bug you tell the maintainers privately and give them some amount of time (often 90d) to fix it. The goal is that a fix is out before anyone learns about the hole.
On the other side you have "bugs are bugs" culture. This is especially common in Linux, where the argument is that if the kernel is doing something it shouldn't then someone somewhere may be able to turn it into an attack. Just fix things as quickly as possible, without drawing attention to them. Often people won't notice, with so many changes going past, and there's still time to get machines patched.
This approach never worked perfectly, but with AI getting good at finding vulnerabilities it's a much bigger problem. So many security fixes are coming out now that examining commits is much more attractive: the signal-to-noise ratio is higher. Additionally, having AI evaluate each commit as it passes is increasingly cheap and effective. [1]
Long embargoes, however, aren't doing well either. The historical pace of detection was slow: if you found something and reported it to the vendor with a 90d disclosure window, there was a very good chance no one else would notice during that time. But now with so many AI-assisted groups scanning software for vulnerabilities, that no longer holds. In this case, just nine hours after Kim reported the ESP vulnerability Kuan-Ting Chen also independently reported it. Embargoes can increase risk: they create a false sense of non-urgency and limit which actors can work to fix a flaw.
I don't know how to resolve this, but personally very short embargoes seem like a good approach, and they'd need to get even shorter over time. Luckily AI can speed up defenders as well as attackers here, allowing embargoes that would previously have been uselessly short.
[1] I tested on Gemini 3.1 Pro, ChatGPT-Thinking 5.5, and Claude Opus
4.7. All three all got it right away when given f4c50a403.
When I gave them just the diff, imagining a hypothetical future where
diffs are still public right away but with less context, Gemini was
sure it was a security fix, GPT thought it probably was, and Claude
thought it probably wasn't. This is just a very quick test to
illustrate what's possible: one run of each with the prompt "Without
searching, does this look like a security patch?" There's no control
group, and don't put much stock in the cross-model comparison!
Comment via: facebook, lesswrong, hacker news, mastodon, bluesky, substack
2026-05-04 21:00:00
Each morning I look over my work calendar and make a series of verbal requests:
Set a timer for 9:59
Set a timer for 10:59
Set a timer for 11:29
Set a timer for 1:29
Set a timer for 2:29
Why?
This means I want my phone to make noise before each meeting, while otherwise remaining silent. I put in a bunch of time trying to figure out a better way, learning about the automation options for Android and trying several, and didn't find anything that worked. Even the ones that seemed like they should have worked (MacroDroid seemed pretty promising) just failed to make noise at the right time. So I just set my timers.
On the other hand, it's not a total waste: looking over my schedule and noticing how my meetings fit together and where I have free time is still a good thing to do. But I still wish I could automate this.
2026-04-30 21:00:00
When I pitch people on far-UVC they often ask about in-duct UV. How about putting UV inside your HVAC ducts, where you can safely blast the air with cheap toxic wavelengths. Unfortunately, it's rarely a good approach.
The biggest issue is that most people don't have ducts. They're common in the US, though less so in older construction (radiators) or newer (mini-splits). Outside the US (and Canada, and Australia), however, ducted systems are mostly limited to large modern office buildings. Worldwide, maybe one in ten indoor hours are spent in ducted spaces. [1]
Even in spaces that do have ducts, in-duct UV only works when air is flowing. Most HVAC systems only run the blower when they're calling for heat or cooling: a small fraction of the time. To get useful pathogen reduction you need ~constant recirculation, which isn't great. Blower motors draw a lot of power, so running them continuously gets expensive. Plus, during cooling season in a humid climate it will pick up humidity from the coil and have to work harder later.
If you do set your system to blow constantly, you don't get much additional benefit from in-duct UV. You can typically use a MERV-13 filter, and this removes the majority of particles, even tiny viral droplets and bacteria. In-duct UV helps some, getting you from >50% to nearly 100%, but at best this doubles your CADR.
Another risk with in-duct UV is that it fails invisibly and fails open. If the bulb dies you won't notice, everything will work identically, you'll just stop having cleaned air.
In-duct UV is just not that widely applicable, and even if you do have a compatible system you still generally do much better with stand-alone air purifiers (good default choice), far-UVC (especially for larger spaces or where you need minimum noise), or upper-room UVC (especially for high-ceiling spaces).
Let's imagine a large commercial system set to constant circulation, which I think is the best case for in-duct. Some people sell systems designed to irradiate the coils to prevent mold buildup, but that's not what we're talking about here: we want to kill pathogens as they pass through the ducts. It looks like those cost somewhere between $1,000 and $3,000 per 1000 CFM over a 5y period, counting installation.
A key thing to note, though, is that CFM (cubic feet per minute) is not CADR (clean air delivery rate, typically in units of CFM). If the air were already perfectly clean, for example, then even running it through a 100% effective in-duct UV system would provide no additional cleaning, and the marginal CADR of the UV system would be 0.
A typical system mixes 15% external air with 85% dirty internal air. This means that 1000 CFM of air flowing through the system only leaves 850 CFM to be cleaned, since from a pathogen perspective the external air is already clean.
The system already has an air filter, and this can generally be cheaply bumped up to a MERV-13 if it's not already running one. Those are 50% effective in their worst-performing band, so lets model them as removing 50% of bacteria and viruses. Applying this to our 850 CFM of dirty recycled air we now have 425 CFM of dirty air.
The UV system is somewhere in the range of 90% effective, so that gives us an effective CADR of 383 CFM, at a cost of $1,000 to $3,000: $2.61/CFM to $7.84/CFM.
Now compare this to the $53/ACH over 5 years that Binder estimated for filters and the (also!) $53/ACH I estimated for far-uvc, both in a 6m x 5m x 2.5m room. In a room of that volume, 1 ACH is equivalent to 44 CFM, so we're talking $1.20/CFM.
This means that unless you can install in-duct UV far more cheaply than I'm estimating, you do much better with filters or far-UVC.
[1] I asked Claude Opus 4.7, ChatGPT 5.5 Thinking, and Gemini 3.1 Pro
"Approximately what fraction of indoor hours spent by humans around
the world are in spaces with a ducted HVAC system? Can you give me
your 50% confidence interval?", and got 9-13%, 10-20%, and 6-11%
respectively.
2026-04-29 21:00:00
While I was traveling Julia asked me: why is Anna saying her fiddle practice is only two minutes? In this case, two minutes was the right amount of time!
Anna (10y) and I had been fighting a lot about practice. She'd complain, slump, stop repeatedly to make adjustments, and generally be miserable. I'd often have to pull out "if you want to keep taking fiddle lessons you have to practice": she loves her teacher and is very motivated by the prospect of being good at fiddle. Still, it would take us ages and we'd barely get through anything.
One evening when she seemed like she might be open to it I explained that we were spending twenty painful minutes on two minutes of material. I challenged her: if she focused, and went through with no fussing, we'd be done in two minutes. It did turn out to be the right time for this message, she gave it a good try, and (with a little fussing in the middle) we were done in three minutes.
Over the next few days I continued to remind her that if she buckled down it would go quickly, and we got into a pattern of efficient and pleasant 2min practices. We probably continued this a bit longer than ideal, and then I went on a trip without handing this off well. Julia's question was a good reminder that we weren't done with the progression.
When I came back I started gradually increasing how long we practiced. Now that we had a good non-complainy dynamic this went well, and Anna started learning much faster. She wanted to be able to participate in jamming at NEFFA, worked hard at that goal, and last weekend she got to play Coleman's March at the annual Kids Jam:
Part of why I took a long time to start lengthening lessons, beyond just forgetting, was that I don't want to apply too high a marginal tax rate. If I had said "you still have to practice the full time, even though you're getting 10x done now", that would have been super demotivating. Instead, she got to enjoy a few weeks of the full profits (2min practice) before gradually working back up.
(This is just me writing about a thing that happened to work with one of my kids. No reproducibility claims here, your fiddleage may vary!)
Comment via: facebook, lesswrong, mastodon, bluesky, substack