Plutonic Rainbows

Elon Musk took the stand in Oakland on Thursday and was asked, under oath, whether xAI had distilled OpenAI's models to train Grok. His first move was to widen the question. "Generally all the AI companies" do this, he said. Pressed for a yes, he settled on "partly." Then he framed it as standard practice, the kind of thing you do to validate your own system.

That answer matters because of who has been making the loudest noise in the other direction. Anthropic spent the better part of this year naming DeepSeek, Moonshot, and MiniMax for distilling its models. OpenAI has been pursuing the same thread on DeepSeek. Google has called the practice intellectual property theft and built mitigations into its API tier. The trade press has carried the story almost entirely as a US-versus-China problem, with the labs as wronged parties and the offshore copyists as the violators.

The thing the Verge, TechCrunch, and Gizmodo all surfaced from the courtroom is that the labs themselves do not actually believe that frame. The internal assumption, the one tech workers have quietly held for two years, is that everyone with a serious model distills everyone else's. The Frontier Model Forum's distillation working group is, on paper, defensive. In practice the same companies sitting in that room have engineers on the other side of the firewall running the queries. Musk just said the quiet part on a witness stand because he had to.

The legal landscape under all this is thinner than the rhetoric suggests. A Fenwick analysis from earlier this year laid out the core picture: copyright is unlikely to apply, because the teacher's weights are not actually copied and model outputs sit outside the usual zone of protected expression. After Van Buren, the Computer Fraud and Abuse Act also struggles to bite, since the user was initially authorised to query the API. What is left is a contractual breach. Industry write-ups note that enforcement to date has consisted mostly of cease-and-desist letters and account terminations rather than litigation.

So when OpenAI sends its strongly worded letter about DeepSeek, or Anthropic publishes its blog post about MiniMax, the implicit threat is mostly atmospheric. Everyone in the room knows the case law would not survive contact with a federal docket, and everyone in the room also knows that filing the suit would mean discovery, which would mean every internal Slack channel about the rival lab's outputs becoming evidence. Mutual exposure is the actual restraint, not the contract.

Musk's "partly" is interesting partly because it is honest and partly because it punctures his own legal strategy. He is suing OpenAI for abandoning a founding mission to keep AI safe and nonprofit. The same week he is making that argument, he is admitting that his other AI company has been training on the defendant's outputs. The judge, Yvonne Gonzalez Rogers, told him on Thursday to stop with the Terminator references. The distillation question got a longer answer than the apocalypse question did.

The interesting thing is what happens to the rhetoric now. The "China is distilling our models" complaint has been a useful narrative for the labs because it justified policy asks, including export-control extensions and government enforcement proposals. It is harder to sustain that frame when an OpenAI co-founder confirms, on the record, that domestic distillation is the industry norm. Either the practice is genuinely a problem worth a federal response, in which case xAI is on the hook alongside DeepSeek, or it isn't, in which case the China framing was always partly about lobbying and partly about something else, and the word that keeps doing the work in both readings is the same one Musk reached for on the stand.

On 30 September 2025, AOL switched off the dial-up service it had run for thirty-four years. The shutdown was barely news. Most people assumed AOL had stopped offering dial-up sometime around Friends going off the air. The handshake sound, though, did not go quiet with it. It already lived somewhere else.

The sound itself is a brief negotiation between two pieces of hardware deciding, in audible form, how fast they can talk to each other. Dial tone, the digits in DTMF, then a back-and-forth of carrier tones, capability advertisements, and an echo cancellation phase. The Finnish engineer Oona Räisänen mapped the whole thing into a colour-coded waveform in 2012, labelling each tone with the V-series ITU recommendation it belonged to: V.8, V.8bis, V.34, the answer-tone reversal that still gives me a small shiver when I hear it cold.

What Räisänen made visible, Alexis Madrigal had written about a few months earlier in The Atlantic, in a piece I think about roughly once a year. His argument was that the modem sound was not a side-effect. It was the data being transferred. The two machines were already exchanging information, and the exchange happened to be loud enough for the room to hear. Anyone who heard it was eavesdropping on a private negotiation. Most of us did not know that at the time.

The sound persists now in places that have nothing to do with networking. It is a stock SFX cue for "computer" in television documentaries about the 1990s. It plays under voiceovers in broadband adverts that want to flatter the viewer for having upgraded. It is a ringtone. It is a meme format. It opens You've Got Mail, where Tom Hanks dialling AOL is the inciting incident of the entire romantic plot. The film is itself now twenty-eight years old, and the sound it captured was, by then, already a few years from obsolescence.

There is something specific about why this sound, of all the discontinued sounds of the late twentieth century, retained its legibility. Most obsolete machinery dies twice: once when nobody makes it, and again when nobody can identify a recording of it. The shipping forecast survives because it is still broadcast. The modem handshake survives because it was indexical. It was the exact sound of a binary state transition, offline to online, a threshold crossing that mattered enough that millions of people learned to recognise its rhythm without ever being taught.

I think this is the part that is genuinely hauntological. The sound is not nostalgic for a faster connection. It is nostalgic for a connection you had to wait for, and could fail to make, and could lose if your sister picked up the phone in the hallway. The waiting was part of the meaning. Broadband solved the waiting and threw the meaning out with it.

Packets to a Silent Modem makes the point in fictional form: the modem as a doorway whose absence reorganises everything around it. AOL closing the line in September is the inverse, the doorway shut on a building nobody had been inside in years. The sound walked out years earlier. It is still in circulation. It just has nowhere left to dial.

A Hermès carré that landed in shops in spring 1992 was first sketched, in life size, on a 90 by 90 centimetre card, sometime in the autumn of 1990. That gap is the part of the object nobody sees. The square of silk you can drape over a handbag handle has already been waiting eighteen months by the time it reaches the counter. Half its life is gone before anyone has touched it.

Robert Dumas drew the first one in 1937. The design was called Jeu des Omnibus et Dames Blanches, and it was lifted from an antique parlour game in the Hermès family collection, with the horsedrawn omnibuses of nineteenth-century Paris turning back into print. By the early 1990s the house had produced hundreds of follow-on designs, each obeying the same brief, ninety centimetres on a side, hand-rolled hem, somewhere between fifteen and forty colours, a story you can read while you fold it.

The slow part is the engraving. An artist, often a freelancer working from a kitchen table somewhere in France, hands over a finished painting on card. Hermès engravers in Lyon then translate it into films, one transparent sheet per colour, traced by hand under a light box. A relatively simple thirty-colour design needs four hundred to six hundred hours of this. A complicated one can demand two thousand. Then those films become silk-screens, one per colour, and the scarf is printed on a hundred-metre table, lightest ink first, darkest ink last. Wash, set, iron, cut. The hem alone is forty minutes of stitching by one woman with one needle, and there is no machine that can do it without leaving the kind of edge a Hermès customer would notice.

Brazilian silk, oddly. The yarn comes from mulberry moth cocoons on farms the house keeps in Brazil, and the weaving in Lyon takes about three months on its own. A single 90cm scarf weighs sixty- five grams and consumes the silk of around 250 cocoons. The fineness is graded 6A, which means almost nothing to a customer and everything to a colourist trying to land thirty separate inks on a substrate that has to stay flat, take dye cleanly, and survive being knotted at the throat for fifty years.

What I find interesting about the early-90s carré program is that it ran on a clock the rest of fashion had already abandoned. Ready-to-wear in 1992 was operating on a six-month cycle and visibly straining. Magazines published trend reports in February about what people would supposedly want by April. The silk-scarf desk at Hermès was working two collections per year of roughly twelve designs each, every one of them already two years deep in production by the time the season turned. The decision about what your spring 1992 carré looked like was effectively made in the autumn of 1990, and nothing about Madonna's Blond Ambition tour, or the early signs of grunge in Seattle, or the Gulf War ending, or any of the other things that supposedly steered taste that year, could touch it.

Which is one of the things a Birkin shares with a carré, come to think of it. Both of them are objects whose internal time runs slower than the time around them. You cannot rush either, and that turns out to be most of the value.

There is a particular kind of cinder-block bus shelter that you only really see on rural A-roads and county B-roads in England, sat at a passing place rather than a village proper, with a metal-frame bench bolted to a concrete floor and a sloped asphalt roof gone green at the edges. The timetable behind the perspex is from 2009. The route number on it served somewhere twice a day, once in the morning toward the market town and once back in the late afternoon, and that route has not run since the council pulled support during one of the cycles of funding cuts that have been rolling through county transport budgets since the 1985 Transport Act first handed the question of who runs which bus to the open market.

The shelter is still there. That is the part I cannot get past. The bench is still bolted down, the roof still keeps most of the rain off, and on the inside walls there is graffiti that has weathered into the concrete the way lichen does. Someone in 2003 wrote a name and a year. Someone later scratched it out. Nobody has been waiting here for a bus in any meaningful sense for over a decade, and yet the structure is maintained well enough that it has not been demolished, because demolishing it would cost money the parish does not have, and there is a small and stubborn possibility that the route might come back, which in practice it almost certainly will not.

I find these shelters reassuring and unbearable in roughly equal measure. Reassuring because they record a moment when the state believed that a person standing at a passing place, two miles from the nearest village, deserved a roof and a bench while they waited for a bus that the council had paid an operator to run at a loss because the route mattered to the people who used it. Unbearable because the building has outlived the belief that put it there, and now stands in the landscape as a kind of physical fossil of an idea about what the public was owed.

Bus deregulation outside London began with the 1985 Act, which abolished road service licensing and let any operator run more or less any route they wanted to, and removed the local authority's power to set fares, frequencies, or routes for profitable services. The pitch was that competition would revive a sector that had been declining for two decades. In the cities and on inter-urban routes that more or less worked, by some measures. In rural areas it did not. Tribune's reporting on the post-deregulation arc puts the loss at more than one in four county and rural routes vanishing over the last decade alone, with much of the damage compounded by the 2012 cut to the Bus Service Operators Grant, which fell harder on rural mileage than on urban density.

What is left is the architecture. The 1970s and 1980s civic imagination put cinder-block shelters at every passing place that had any plausible claim to a stop, because at the time the question was not whether anyone would be there, but whether the network would reach them when they were. The buildings cost almost nothing to put up and almost nothing to leave standing. The route was the expensive thing, and the route is what got withdrawn.

I think about the world before the index when I pass these shelters, because they belong to the same order of fact. Once a thing existed in the world, was funded by a shared agreement, and produced a small printed sheet pinned behind perspex saying when the next service would arrive. Pull the funding and the printed sheet stays where it was, the perspex yellows, the bench still takes a person's weight. The withdrawal is administrative; the building is concrete.

Drive past the same shelter often enough and you start to notice the way local memory holds it. People still call it the stop, even though nothing stops there. Hikers use it for shelter in bad weather. Council contractors strim the verge around it twice a year on a schedule that nobody can quite explain. It is not abandoned, exactly. It is post-functional, kept warm by the small possibility that someone in some future budget cycle will decide a passing place on a B-road deserves two buses a day again. I do not think they will. The shelters do not seem to mind.

The Bloomberg note landed late on Wednesday and CNBC confirmed it within the hour. Anthropic is in talks to raise around $50 billion at a valuation between $850 and $900 billion, with the board meeting expected to settle the round in May. If the high end holds, that puts the company past OpenAI, which closed its last round at $852 billion in late March.

The arithmetic on this is the part that should make anyone reading it pause. In February, Anthropic raised $30 billion at a $380 billion valuation. Less than three months later, the company is fielding preemptive offers at more than double that figure. Two and a half times in eleven weeks. The previous round had not fully closed in the public mind before the next one started forming around it.

What is doing the work, by all accounts, is Claude Code. Anthropic disclosed earlier this month that annualised revenue had crossed $30 billion, driven heavily by the coding product. The framing of Anthropic as a research lab playing commercial catch-up is no longer operating. The new framing is that Anthropic is the inference company that found a real enterprise wedge, and OpenAI is the consumer brand still trying to make consumer behaviour pay at the same scale.

The IPO talk is the other surprise. Bloomberg's sources put a possible filing window as early as October. That is aggressive for a company that closed its previous private round in February, and it implies Dario Amodei's circle thinks the next several months of revenue growth will support a public-market story without needing another private round to bridge it. Reporting earlier this month suggested that some of OpenAI's existing backers were already showing buyer's remorse as Anthropic kept pulling enterprise revenue quietly across the table. The October timing suggests Anthropic wants its filing on the tape before that sentiment becomes permanent.

There is the question of where $50 billion actually comes from. Google and Amazon are already in for tens of billions in performance-based commitments, and sovereign funds, Middle Eastern in particular, will pick up most of the rest. Whether any of this is genuinely being priced as equity, or whether the structure is closer to a forward purchase commitment for compute dressed as one, is the question nobody at the table wants asked too loudly. That distinction is roughly what the Microsoft and OpenAI restructuring admitted out loud on Sunday. Money goes in, compute spend comes back out the other side, and the headline valuation is the part that ends up on the chart.

What I keep returning to is the velocity. $380 billion to $900 billion, in private negotiations, with no term sheet signed and no event yet to mark the change. The market has already decided what Anthropic is worth. The board meeting in May is now a forcing function on a number that has already moved without it.

Anthropic wants to take its most capable model, Claude Mythos, from a controlled set of about 50 organisations to roughly 120, adding names like Amazon, Google and JPMorgan under a programme the company is calling Project Glasswing. The White House, according to reporting today in the New York Post and CNN, has told Anthropic it is against the expansion. The objection is not about competition or pricing. It is about the model itself.

Mythos is the system Anthropic itself characterised, in internal analysis later summarised by reporters, as capable of exploiting electric grids, power plants and hospitals if it fell to the wrong operator. Dark Reading's piece this week, written from panic in the Japanese banking sector, describes Mythos finding previously unknown vulnerabilities in every browser and operating system tested against it, including one defect that had sat undisturbed for twenty-seven years. Finance minister Satsuki Katayama called the model's mere existence a crisis already upon us. A Japanese banking executive, quoted in the same piece, said that in the event of a customer-data leak the institution might have no choice but to shut its systems and conduct all transactions in cash. Those are not the sentences a regulator chooses lightly.

What makes the Glasswing fight strange is the Pentagon backdrop. Earlier this year, after Anthropic refused to grant the Department of Defense unrestricted use of its models for surveillance and weaponry, Pete Hegseth's office declared the company a supply-chain risk to national security, the kind of classification usually reserved for foreign adversaries. NBC covered the timeline. A long thread of mine on what Anthropic was trying to keep off the table is in Defenders First. And yet, days later, CNN was reporting that the same administration was looking for ways around its own restriction so that selected agencies, including the NSA, could keep testing Mythos against Microsoft systems and other domestic targets. Bloomberg confirmed the NSA work this morning.

So the position the White House has taken on Glasswing is, more or less, that a tool the federal government cannot resist using itself is too dangerous for JPMorgan to license. That argument has internal logic, the bank does not have a clearance pipeline, and credentialled access is an entirely different posture from a private SLA, but it is still an argument the administration has to make in public while quietly running the model against adversary infrastructure. The contradiction is the news.

It also, awkwardly, is not the first time Mythos has been somewhere it should not be. Three weeks ago a contractor with incidental access guessed an endpoint from leaked naming conventions, the episode I wrote up in A Contractor Had Mythos. Dark Reading nods at the same incident in its Tokyo piece. The inner circle was already porous before any expansion happened. Glasswing, by enlarging the circle from 50 to 120, multiplies the attack surface for exactly that kind of perimeter leak, and Anthropic's own threat modelling is the strongest argument against doing it.

There is a version of this story where the White House wins, the rollout pauses, the 70 candidate firms wait six months, and Anthropic spends the time tightening operational security around the Mythos endpoints it already operates. There is another version where the company decides the commercial pressure from Amazon and Google outweighs the political cost and pushes Glasswing live anyway. The interesting question is not which version we get. It is whether the precedent here, a sitting administration trying to gate a private firm's customer list on national-security grounds without naming a statute, survives the next change of party. That is the part nobody is writing about yet.

The click was always a recoil. The Zip drive's heads would extract themselves from the cartridge, retract into the body of the drive, then return, then extract again, in a small mechanical loop that produced the characteristic metallic clack roughly twice a second. Each click was the drive trying to reset its head positioning after failing to read whatever it had just been asked to find. From outside the case it sounded vaguely like a bird trapped in a wall.

Iomega launched the Zip drive at COMDEX in 1994 and shipped it the following year. A hundred megabytes for two hundred dollars, in a cartridge slightly thicker than a 3.5-inch floppy, at a moment when the standard floppy still topped out at 1.44 MB. For three or four years it was the obvious answer to the question of how to move a graphic-design project, an undergraduate thesis, or a corporate quarterly between machines. The drives appeared in offices, in studios, in bedrooms running early DTP software. Then the clicking started.

In January 1998 the phrase "click of death" appeared in print, attached to Iomega's drives, and by September that year a class action had been filed in Delaware under the state's Consumer Fraud Act. Iomega's public response was a number: fewer than half of one per cent of users were affected. The figure was repeated in interviews, on the company's website, in the boilerplate that Macworld used when it covered the dispute. The implication was containment.

What the number left out was the contagion. A Zip cartridge that had been written to by a damaged drive carried the misalignment forward, in the form of corrupted servo data that the next clean drive would then attempt to follow. The clean drive would mis-track. The miscalibration would propagate. A single sick unit could pass the failure to a chain of replacements, which is why people in the late 1990s began keeping their healthy drives away from disks of unknown provenance the way librarians keep moths away from textile collections. Steve Gibson at GRC kept a public FAQ documenting the mechanism, and the term spread far enough that within a few years it had stopped meaning Zip drives specifically and started meaning any disk failure that announced itself audibly.

The lawsuit eventually settled around a packaging disclaimer. Sales fell as CD-R undercut the cost-per-megabyte. By 2003 Iomega had stopped selling Zips in any meaningful quantity. The company tried a CD-burner brand using the Zip name and a tiny sub-floppy called Clik!, neither survived. PC World later listed the Zip drive as both the fifteenth worst technology product of all time and, in a different list, the twenty-third best, which is the only honest summary anyone produced.

The strange afterlife is in aviation. Jeppesen distributed navigation database updates on Zip disks into 2014. Universal Avionics took TAWS uploads from them at the same date. Pilots in regional fleets were carrying 100 MB cartridges into cockpits twenty years after the click of death entered print, because the certification cost of changing a flight-management input is high enough to outlast a generation of consumer storage.

The haunting, though, sits with the people who lost a project to one. They learned, before their twenties were out, that physical removable media could betray you silently, and could spread the betrayal to whatever you tried to use as a backup. A whole cohort now treats anything that is not duplicated to a second cloud as already lost. The cloud-first reflex has many causes. One of them clicks twice a second, in a beige plastic case, somewhere in the second half of the 1990s.

When fashion writes the Hermès story now, the modern chapter opens in 1997. Martin Margiela arrives, the cigarette shoulder hangs in a museum somewhere, the orange-and-white archive photographs against beige walls, quiet luxury becomes a phrase the resale market can charge for. Everything before that is flattened into "the saddlery years" and a Birkin anecdote on a Paris-London flight in 1984.

It is a tidy version of events, and it leaves out the man who actually ran the ready-to-wear for most of the 1980s and into the 1990s. Eric Bergère was hired by Jean-Louis Dumas in the early eighties, on the same brief Margiela would later inherit: modernise the apparel without scaring the saddlery. Bergère worked alongside Bernard Sanz. The pair did not produce a quiet, traceless Hermès. They produced python motorcycle jackets and ostrich-skin jeans, which Women's Wear Daily, in a description I keep coming back to, called "a snazzier version of what Hermès has been all along."

There is a Getty image from the Fall 1985 runway, slightly underexposed in that mid-eighties magazine way, where you can see what they were actually doing. Hermès was not behaving like Hermès. It was behaving like a Milan brand with a leather budget and a saddler's hand. The python and the ostrich were not novelty pieces, they were the argument: the house would treat exotic skin the way it treated calf, as a workable material, not as a shrine. You could put it through a sewing machine and call it a jacket, and the jacket could be slung over the back of a chair like any other.

The numbers underneath this are easy to miss. When Dumas took the company in 1978, annual sales were around fifty million dollars. By 1990 they were four hundred and sixty million. That is the period Bergère was designing through. The Birkin went on sale in 1984 and the Kelly stayed where it was, but neither of those bags can carry a near-tenfold sales jump on their own. Something else was working. The ready-to-wear was working.

What I think happened is that Margiela's reputation absorbed the whole story afterwards. He arrived as a celebrity-resistant deconstructionist at exactly the moment the rest of Paris was hiring superstars (Galliano at Dior, McQueen at Givenchy, Tom Ford taking Gucci into different territory entirely), and the press needed Hermès to fit the narrative. Margiela became the designer who modernised Hermès. The designer who had already modernised Hermès once, fifteen years earlier, became a Getty caption.

Bergère is still working. There is an Instagram post from a recent Arles vintage pop-up dated 09–14 February, "Eric Bergere Paris Vintage 1995/2001 Arles rue des Suisses," which is the sort of footnote that tells you the man kept a studio and a client list well after the official Hermès chapter closed. Whether the resale market eventually catches up to the work, the way it has caught up to Margiela's tenure, is another question. Resale follows narrative, and the narrative is set.

Sometimes a designer is the one the brand remembers. Sometimes the designer is the one the brand needed in order to become the thing the next designer got remembered for. The python jackets did the unglamorous version of that work, and the work did not get a name on it.

Twelve million people a year still dial 123. They are paying thirty-odd pence for a courtesy that every device in their pocket performs for free, with greater accuracy, without billing them, and without the small ritual of holding a handset to the ear. Yet the calls keep coming. They spike on Remembrance Day. They spike on New Year's Eve. They spike on the two Sundays a year when the clocks change, as if a watch needs absolution from a more authoritative source before it can be trusted again.

The British speaking clock launched on the 24th of July 1936. Its first voice was a London telephonist called Ethel Jane Cain, who won a General Post Office competition and ten guineas for the job. The original machine was the size of a small room, all motors and glass discs and photocells and valves, her voice etched optically onto the glass like a film soundtrack. To reach her you dialled TIM, which spelled itself as 846 on the alphabetical Director-system dials of London, Birmingham, Edinburgh, Glasgow, Liverpool and Manchester. Other parts of the country dialled 952, then 80, then 8081, and only in the early 1990s was the number flattened to 123 everywhere.

Cain was followed by Pat Simmons in 1963, then Brian Cobby in 1985 (the same Brian Cobby who counted in the Thunderbirds opening, which is the kind of fact that sounds invented), then Sara Mendes da Costa in 2007. Four voices in ninety years. Each one is still out there, archived on retired machines at the British Horological Institute in Nottinghamshire, the way a body is preserved at a state funeral that nobody attends.

What I find strange is not that the service exists. Public infrastructure outlasts its purpose all the time. The strange thing is that anyone is still using it. The phone in my hand keeps time to within milliseconds of an atomic clock. Big Ben itself is now synchronised to BT's service, which means the speaking clock and Big Ben are two outputs of the same hidden reference, performing the same fact in different theatres. The building tells one audience. The voice tells another.

I think part of the answer is that a digital readout never asks anything of you. It is just there, glanced at, gone. Dialling 123 is a small commitment. You decide the time matters enough to ring for it, you wait through the preamble, you listen for three beeps and align your watch to the third one. That ritual produces a different relationship to the second than a screen ever does. Younger people mostly do not know what 123 is for. They will glance at a phone and laugh, in the way people laugh at the inexplicable. The laugh is fine. It does not change the calls.

There is something specific about the word stroke as well. The clock does not say tone. It says stroke, which is the word a grandfather clock makes when it announces an hour, the word a public bell uses when the village still has one. The speaking clock kept the vocabulary of the church clock and the parlour mantel, and ported them into the copper wires of a telephone exchange in 1936, and from there into BT's millisecond-accurate reference oscillator in 2026. The technology has been replaced four times. The word has not.

That is the part I keep turning over. We have a service that does nothing a wristwatch cannot do. It charges thirty-one pence a call. It is voiced by a woman in Brighton who recorded her lines in 2007. And tomorrow morning, when the clocks have been changed an hour or so before anyone gets up, twelve million people across a year will pick up landlines they barely use for anything else, and listen politely until the third beep, and put the phone down satisfied. The line they rang is older than nearly all of them. The voice on it is going nowhere.