Anyone can write software, you can't stop them. What we can gatekeep is the building, distribution, installation, and running of software that affects critical systems, like one of the most popular OSes.
The XZ backdoor affected millions of computers, with the potential to effect hundreds of millions of computers, many of which had the capacity to affect billions of people. From one completely unregulated software library.
Even if the human involved had good motives / is innocent, The Lethal Trifecta means any normal user can have their digital life taken over by prompt injection, and it can be used to wage attacks on systems without their knowledge.
I don't think some people understand how money works. If you say you're going to have $3.4T in revenue, someone has to have that money, and give it to you. So where is the money? Who has it? Are they spending it somewhere else right now, and will decide to instead spend it on SpaceX later? Or is the money just sitting in savings accounts, strangely not being spent or invested?
And why would they put their money into SpaceX anyway? What has SpaceX said the $3.4T will be based on?
1. Space-based AI datacenters. Yes, they actually said that. Anyone who knows anything about space and datacenters knows this is insane.
2. Starlink. They're saying they're going to make $3.4T by... running an ISP. In space.
3. Starship. They are betting that so many people want to send junk into space that it'll make them $3.4T.
4. Possible Tesla merger. This would definitely bump up the numbers. But Tesla's future depends on cars, AI and robotics. The US's electric car market is in decline (Thanks, Trump!) and BYD is producing cheaper electric cars faster (though US buyers won't buy BYD's, the US electric car market isn't as big as the global market, and is smaller since removing tax rebates). It's clearly not a real AI competitor, if they just rented out their AI datacenters to the competition. And China is churning out robots constantly that actually work and are cheap.
As you can see from other analyses (https://fortune.com/2026/05/31/spacex-tesla-odds-of-merging-...), their cash flow is actually much lower than they claim. The valuations are crazily high. SpaceX/Tesla's claims of how they're going to make money verges on snake oil.
Yep a space anti ballistic missile system (aka Golden Dome and before that Brilliant Pebbles) is likely coming if SpaceX figures out starship and China figures out their Starship clone. Plus maybe a “rods from god” type offensive system if these countries can’t make a deal to avoid space weapons.
If they ever start actually hurling massive objects to the orbit then these will be weapons. The data center functionality will be imitated remotely, if necessary.
See "Starlink is a way to give internet to whales" and "Pokémon is a fun little game" maybe "to train delivery robots as a surprise by-product nobody foresaw" and other such stories.
> how a handful of companies (like Costco[..]) have successfully been structured to resist gravity
"I came to (Jim Sinegal) once and I said, ‘Jim, we can’t sell this hot dog for a buck fifty," Jelineck recalled[..]. "We are losing our rear ends.’ And he said, ‘If you raise the effing hot dog, I will kill you."
That's not structure, that's leadership. They were about to change the price, but one guy at the top with authority and an opinion said no. You could say "it's structure" that there was one guy at the top with authority, but it still depends on him having the right opinion. You need both a good structure and an unwaveringly idealistic (and correct) leader.
I love that you asked this question, although, of course, you didn't actually phrase it as a question, because this quote is literally in the book. I addressed this particular misconception as it relates specifically to Costco, because I myself once fell victim to the same misconception.
If you think Costco has endured only because of leadership, because of its strong ethos and its immense size, because you think it's just too big for Wall Street to mess with, you are not correct. My friend, nothing is too big for Wall Street to mess with. Wall Street has tried many times to dismantle Costco's ethos, and every time the unique structure of Costco is what has allowed them to resist.
The parent comment didn’t say anything about size or wall street. It said leadership is what has preserved it.
Which it doesn’t seem you have refuted in any meaningful way. You just restated what the parent comment is responding to with no further reasoning as to why leadership doesn’t account for it.
I honestly don't understand your comment, so let me try and recapitulate what I think you're saying and what I think I was saying, and then you can tell me where I missed the mark.
What I hear you saying is that the original comment simply said that leadership by itself is enough to preserve the Costco ethos. It didn't say anything about size or Wall Street or anything else. Is that right?
The reason I responded the way that I did is that the claim that something by itself is enough has to explain why most companies are able to be destroyed, even though they have really good leadership. I think the common answer when people ask about Costco is that the reason why, for them, leadership was enough when it hasn't been for other people, is something like they're so large. Does that make sense?
Either way, in order to say that leadership by itself is sufficient, we have to figure out why Costco has been able to endure as a gigantic public company when, for most companies, the larger they become, the more valuable they become as a target. Meaning that Wall Street or other financial forces will intervene to change their values.
And the answer, which I lay out in the book (not in my original comment), is that Costco is protected by a very distinctive thing I call a "governance fortress." This fortress (and not merely their leadership) is the reason why they have been able to endure for forty years.
In fact, the predecessor company of Costco, spiritually speaking, was a company called FedMart that had the leadership and ethos but did not have the fortress. I'll leave it to you to read to find out what happened to them.
> the claim that something by itself is enough has to explain why most companies are able to be destroyed, even though they have really good leadership
I think most of us are happy to believe that most companies simply have bad leadership, that leadership quality really is the axis on which Costco differs from others. If you want us to believe that other (destroyed) companies' leadership is just as good as Costco's, you need to make that case.
> Costco is protected by a very distinctive thing I call a "governance fortress." This fortress (and not merely their leadership) is the reason why they have been able to endure for forty years.
Can you sketch out your actual argument here (I think doing so would help rather than hinder your book sales, though of course that's a biased judgement)? What is this "governance fortress", and why should we believe that that, rather than the personal qualities of this one guy, is the reason they kept the hot dog?
Sure, happy to. This is a very common source of confusion, so definitely worth clarifying. We agree that Costco's difference is due to its superior leadership. The question is why has the company been able to maintain this leadership advantage over multiple generations of managers, when other companies have not.
In the book, I give dozens of examples of companies that were well-lead and then suddenly destroyed, often by outside actors who found a way to profit from their destruction. This often happened at the governance layer, while leadership watched helplessly from the sidelines.
So why hasn't this happened to Costco? I don't think it's a coincidence that Costco has a variety of "bad governance" provisions, such as a super-majority (of all shares, not just votes) provision threshold for shareholder votes, as just one example. When activists, analysts and other Wall Street actors have tried over the years to force Costco to change, its leadership has been insulated from this pressure. I think that is a structural factor that is important.
Again, structure does not _cause_ ethos. It protects it. My argument in the book is you need both.
> ... Costco has a variety of "bad governance" provisions, such as a super-majority (of all shares, not just votes) provision threshold for shareholder votes
Do you believe there's a fundamental tradeoff between structural constraints (i.e. the 'democratic' model, where dispersed shareholders and markets have a voice) vs. insulated leadership (i.e. the 'benevolent dictator' model, where competent leaders are shielded from short-term shareholder pressure)?
Thanks for responding, I do think you interpreted my comment correctly.
I see size as negatively correlated (maybe as a semi-direct cause) with preserving company mission. Hence why I was confused by you addressing it. It would never cross my mind to argue that size has protected Costco.
I haven’t read your book, just skimmed the post so I don’t know if it’s convincing. But I’d like to argue that those companies failing their mission is proof that they did not have good leadership. however, that makes the argument a little circular.
I’m aware of FedMart (Acquired podcast on Costco is very entertaining). I think Sol Price was a bad leader and selling out to Hugo Mann was putting profit above other things.
Interesting in that I wonder whether government organizations and in particular the highly qualified government members and their functions can be protected in a similar manner from political leaders elected in a democracy.
I read the comment as arguing that leadership is necessary, not that it is sufficient. That is, that no amount of governance could have prevented the change in the price of the hot dog; only the leader could.
This reply genuinely reads like AI and I don't mean to insult you. Perhaps large language models have been trained too much on your books. Your first 2 to 3ish paragraph (explanation and rephrasing) is very characteristic of an AI when they're pressed (e.g. on why they recently hallucinated).
I think it's kind of counterproductive to call out "this comment sounds like AI."
If you're right and it is AI, the comment only points out what many of us can already see. If you're wrong and it isn't AI, then the commenter you're responding to can either argue with you about how it's not AI or just say nothing because there's nothing of substance to say.
> That's not structure, that's leadership. [...] one guy at the top [...] said no.
Yeah, there's no rule structure that can't be skirted and subverted by new owners with different objectives. The most resilient way to preserve your values is to:
Only take care, and keep your soul diligently,
lest you forget the things your eyes have seen,
and lest they depart from your heart all the days of your life.
Teach them to your children and to your children's children.
Your successors don't need to be your literal children, but if you turn your company over to "strangers with money" you can't be surprised when they do what they want with their new possession.
It is true that most companies fail the test of succession. Even in the comment that you've made here, we've left unanswered the question of who will decide who should be chosen as the successor? That is something that can be influenced, but only at the institutional or structural level of an organization. Obviously, more details in the book.
And leadership that respects and "gets" it's customer base. Customers that feel respected and who genuinely feel like the company they are supporting is in their corner are the most rabidly loyal. If you build a customer base like that, and keep respecting them, the problem solves itself.
So many businesspeople can’t tell the difference between a value-add and a profit centre.
It isn’t about being idealistic, it’s just about understanding what makes people tick, and how to best get them to part with their money - and understanding that a business is not one dimensional.
I'd be more likely to assume that it's a really great one, where folks like and trust each other enough that they can give each other crap like this and everyone understands and appreciates it, like good friends trash-talking each other on the basketball court. I've thought for years that the way you can tell acquaintances have become friends is if they start insulting each other.
Or, as you say, it could be a really horrible environment - but I don't think you can tell from one anecdote.
Considering how many people love telling this story, both within and outside of Costco, I think it's more the former than the latter. One way you can tell is that the COO, who was cursed at in this story, later succeeded Sinegal as the CEO and, in fact, has gone on record defending that hot dog price many times.
And a lot more tokens, and slower speed. Yes you can get more accuracy if you suck tons more data into context.
But compare this to more advanced code agent methods like Tree Sitter, PageRank, LSP, that build semantic maps to provide more relevant context. Grep alone can't do that
Anyone know why you would use this instead of QEMU+Lima+Colima+Docker/containerd? The latter works on multiple OSes, has a very large ecosystem of tools, images, documentation, and lets you replace pieces as needed
From a layman's POV ("I just want to run my containers I need for dev work"), there's no point in switching to this for now. It's just cool that Apple cares enough about containers and might come up with an Apple-like built-in solution some day, this is the groundwork.
I'd stick to Colima, or Orbstack if you trust them enough to not do a rug-pull once their users are reliant on them enough to pay any amount.
Yeah I was gonna say I use Colima with Apple’s virtualization framework (it’s not the default for some reason but it’s a single command line flag), and found it works better than QEMU (better performance and resolved some bugs I was running into with the Supabase docker stack)
Nothing a large fine-tune on infosec research with an average model couldn't also achieve. It's not like they have secret security knowledge or something, they're just generating large infosec datasets and then training on it.
In 6 months, every piece of software in the world will be getting probed by a script kiddie with some GPUs and a fine-tuned local model. Don't think for a second every cyber gang out there isn't working on this now.
Traditional app development is cooked. We have to accept that, and start changing how software is made and used, today. We can't keep churning out crappy CRUD apps with random libraries and hoping nobody pentests our stacks. Redteaming needs to become part of the SDLC, as well as certified-secure releases of libraries. Because if you don't do it, the hackers definitely will.
The value of AI companies is speculative just like the railroads were. Railroads also have real value. But you have to have everything ready to use those railroads to make money, or they're just steel bars in the dirt and a big loud heavy thing that moves along the horizon. Too much speculative investment in the railroads (in part) led to the panic of 1873, because just having a promise of a return isn't the same thing as having the return.
The XZ backdoor affected millions of computers, with the potential to effect hundreds of millions of computers, many of which had the capacity to affect billions of people. From one completely unregulated software library.
reply