Plutonic Rainbows

The kiosk sat in the middle of the Tesco carpark like a planning mistake. Yellow signage, sloped roof, room enough for two staff and a counter. You handed over a film canister, took a paper envelope with a pre-printed number on it, and walked off to do the weekly shop. By the time you got back to the car, your photographs already belonged to a future you weren't part of yet.

Snappy Snaps opened its first store in 1983. Don Kennedy and Tim MacAndrews put a one-hour minilab inside a small shopfront and built a franchise on it. In August 1986 SupaSnaps was running a test market in sixty-one of its shops across Scotland and the North-East for a new service called PhotoVideo, which transferred your prints onto VHS tape. KLICK Photopoint shows up in the Cambridge Yellow Pages from 1995 through 1998, then disappears. The American precursor, Fotomat, peaked at over four thousand kiosks around 1980, distinctive pyramid roofs in gold paint, and was already in decline by the time most British versions launched. Minilab technology had collapsed the wait from a fortnight to an hour, which everyone said was the future, and which mostly meant the kiosk was no longer the kiosk for very long.

What I remember is the envelope. Manilla paper, bordered red and yellow, your name biroed onto a perforated stub. The negatives came back in a strip protector you were warned not to touch. Twenty-four exposures, sometimes thirty-six. Six or seven of them blurred. Two with a thumb in the corner. One where you had closed your eyes. The processing was a kind of judgement.

Before the minilab arrived in the carpark, the wait was longer. A week, sometimes two, and during that week the photographs lived in some intermediate state nobody could see. The trip itself was already in past tense by the time the prints came home. You held a Saturday in your hand on a Friday two weekends later. The smile in the print was a smile you no longer remembered making.

This, I think, is what the kiosk was actually for. Not the prints, but the wait. The deliberate space between making the picture and seeing it, into which other things could move.

The phone, now, gives you the photograph before you have finished taking it. The image arrives faster than the moment can settle. You see yourself reacting, and you correct, and the version that survives is the version that has already been edited by the act of seeing. There is no week in which the picture quietly becomes a different thing. There is no Friday on which you discover what last Saturday looked like. The intermediate state has been deleted.

The Rutherglen branch is long gone. Most of the British high-street kiosks are gone. The pyramid huts in American carparks have mostly been turned into drive-through coffee stalls. The infrastructure of the wait, all of it, has been recommissioned as the infrastructure of the immediate. Coffee instead of negatives. A six-minute queue instead of a six-day one.

Some of the kiosks themselves are still there, though, sitting empty between the parking bays. A small flat-roofed cabin, just big enough for two people and a counter, a window where the till used to be. They look exactly like what they are, which is the place you used to go to find out who you had been.

Almost every chat API exposes a slider called temperature. The default is usually 1.0, the floor is 0.0, the ceiling is 2.0, and the documentation says something vague about creativity. Most people drag it around and watch what happens. Almost nobody explains what the number is actually doing, which is unfortunate, because it is doing exactly one thing, and the thing is small enough to fit on a postcard.

Here is the postcard. When the model finishes a forward pass, it emits a vector of raw scores called logits, one per token in the vocabulary. Logits are not probabilities. They can be negative, they can be huge, and they do not sum to anything in particular. To turn them into probabilities you run them through softmax, which exponentiates each one and normalises by the total. That is the default. Temperature inserts itself one step earlier. It divides every logit by T before the exponential. So the formula becomes P(x_i) = exp(l_i / T) over the sum of exp(l_j / T) for the whole vocabulary. That is the whole intervention. One scalar, applied uniformly, before softmax.

What this does to the distribution is the only thing worth understanding. Dividing by a small T (say 0.2) makes the gaps between logits five times bigger. After softmax, the already- high-scoring token absorbs almost all of the probability mass and everything else goes to a rounding error. The model becomes boring and consistent. Dividing by a large T (say 1.5) does the opposite: it squashes the gaps, the exponential can no longer amplify the leader, and the unlikely tokens get a real chance. The model becomes noisier and less self-consistent. T=1 is the identity, the original distribution, no scaling at all. T=0 is a special case (the formula divides by zero), so the major APIs quietly swap in greedy decoding instead, always take the top-ranked token.

There is a tidy worked example in a MachineLearningMastery walk-through where the prompt is "Today's weather is so" and the top candidate is "nice". At T=0.1, T=0.5, T=1.0 the model picks "nice" every time. At T=3.0 it drifts to "wonderful". At T=10 it lands on "delicious" and the sentence stops meaning anything. The model is not getting more creative in any meaningful sense. It is getting noisier. Some of the noise looks like creativity because human readers reach for the closest interpretation, the same way we do when staring at a Rorschach blot.

This is also where the relationship to hallucination lives. Higher temperature does not invent facts the model didn't know. It promotes lower-probability continuations the model had already considered and ranked low. Sometimes the second-best guess is genuinely useful and sometimes it is the chemistry that launches a confident, fluent, completely wrong sentence. The underlying problem (no internal verification step) is the same either way; temperature just changes how often the model gets to roll for it.

The practical upshot is duller than the slider's mystique. For factual extraction, code generation, structured output: keep T low or zero, and rely on top-k or top-p to manage the long tail if you need diversity at all. For brainstorming, fiction, playful prose: edge it up to 0.8 or 1.0, but expect to throw away more output. Above 1.5 the model is mostly rolling dice weighted by a distribution it no longer respects, and the returns are sharply diminishing.

The interesting thing about temperature is what it isn't. It is not a personality knob, not a politeness dial, not a "make the answer better" control. It is a single scalar that reshapes how much weight the model gives to its own confidence before sampling. Everything that feels like vibes (creativity, caution, weirdness) is a downstream artefact of that one division.

Elon Musk took the stand in Oakland on Thursday and was asked, under oath, whether xAI had distilled OpenAI's models to train Grok. His first move was to widen the question. "Generally all the AI companies" do this, he said. Pressed for a yes, he settled on "partly." Then he framed it as standard practice, the kind of thing you do to validate your own system.

That answer matters because of who has been making the loudest noise in the other direction. Anthropic spent the better part of this year naming DeepSeek, Moonshot, and MiniMax for distilling its models. OpenAI has been pursuing the same thread on DeepSeek. Google has called the practice intellectual property theft and built mitigations into its API tier. The trade press has carried the story almost entirely as a US-versus-China problem, with the labs as wronged parties and the offshore copyists as the violators.

The thing the Verge, TechCrunch, and Gizmodo all surfaced from the courtroom is that the labs themselves do not actually believe that frame. The internal assumption, the one tech workers have quietly held for two years, is that everyone with a serious model distills everyone else's. The Frontier Model Forum's distillation working group is, on paper, defensive. In practice the same companies sitting in that room have engineers on the other side of the firewall running the queries. Musk just said the quiet part on a witness stand because he had to.

The legal landscape under all this is thinner than the rhetoric suggests. A Fenwick analysis from earlier this year laid out the core picture: copyright is unlikely to apply, because the teacher's weights are not actually copied and model outputs sit outside the usual zone of protected expression. After Van Buren, the Computer Fraud and Abuse Act also struggles to bite, since the user was initially authorised to query the API. What is left is a contractual breach. Industry write-ups note that enforcement to date has consisted mostly of cease-and-desist letters and account terminations rather than litigation.

So when OpenAI sends its strongly worded letter about DeepSeek, or Anthropic publishes its blog post about MiniMax, the implicit threat is mostly atmospheric. Everyone in the room knows the case law would not survive contact with a federal docket, and everyone in the room also knows that filing the suit would mean discovery, which would mean every internal Slack channel about the rival lab's outputs becoming evidence. Mutual exposure is the actual restraint, not the contract.

Musk's "partly" is interesting partly because it is honest and partly because it punctures his own legal strategy. He is suing OpenAI for abandoning a founding mission to keep AI safe and nonprofit. The same week he is making that argument, he is admitting that his other AI company has been training on the defendant's outputs. The judge, Yvonne Gonzalez Rogers, told him on Thursday to stop with the Terminator references. The distillation question got a longer answer than the apocalypse question did.

The interesting thing is what happens to the rhetoric now. The "China is distilling our models" complaint has been a useful narrative for the labs because it justified policy asks, including export-control extensions and government enforcement proposals. It is harder to sustain that frame when an OpenAI co-founder confirms, on the record, that domestic distillation is the industry norm. Either the practice is genuinely a problem worth a federal response, in which case xAI is on the hook alongside DeepSeek, or it isn't, in which case the China framing was always partly about lobbying and partly about something else, and the word that keeps doing the work in both readings is the same one Musk reached for on the stand.

On 30 September 2025, AOL switched off the dial-up service it had run for thirty-four years. The shutdown was barely news. Most people assumed AOL had stopped offering dial-up sometime around Friends going off the air. The handshake sound, though, did not go quiet with it. It already lived somewhere else.

The sound itself is a brief negotiation between two pieces of hardware deciding, in audible form, how fast they can talk to each other. Dial tone, the digits in DTMF, then a back-and-forth of carrier tones, capability advertisements, and an echo cancellation phase. The Finnish engineer Oona Räisänen mapped the whole thing into a colour-coded waveform in 2012, labelling each tone with the V-series ITU recommendation it belonged to: V.8, V.8bis, V.34, the answer-tone reversal that still gives me a small shiver when I hear it cold.

What Räisänen made visible, Alexis Madrigal had written about a few months earlier in The Atlantic, in a piece I think about roughly once a year. His argument was that the modem sound was not a side-effect. It was the data being transferred. The two machines were already exchanging information, and the exchange happened to be loud enough for the room to hear. Anyone who heard it was eavesdropping on a private negotiation. Most of us did not know that at the time.

The sound persists now in places that have nothing to do with networking. It is a stock SFX cue for "computer" in television documentaries about the 1990s. It plays under voiceovers in broadband adverts that want to flatter the viewer for having upgraded. It is a ringtone. It is a meme format. It opens You've Got Mail, where Tom Hanks dialling AOL is the inciting incident of the entire romantic plot. The film is itself now twenty-eight years old, and the sound it captured was, by then, already a few years from obsolescence.

There is something specific about why this sound, of all the discontinued sounds of the late twentieth century, retained its legibility. Most obsolete machinery dies twice: once when nobody makes it, and again when nobody can identify a recording of it. The shipping forecast survives because it is still broadcast. The modem handshake survives because it was indexical. It was the exact sound of a binary state transition, offline to online, a threshold crossing that mattered enough that millions of people learned to recognise its rhythm without ever being taught.

I think this is the part that is genuinely hauntological. The sound is not nostalgic for a faster connection. It is nostalgic for a connection you had to wait for, and could fail to make, and could lose if your sister picked up the phone in the hallway. The waiting was part of the meaning. Broadband solved the waiting and threw the meaning out with it.

Packets to a Silent Modem makes the point in fictional form: the modem as a doorway whose absence reorganises everything around it. AOL closing the line in September is the inverse, the doorway shut on a building nobody had been inside in years. The sound walked out years earlier. It is still in circulation. It just has nowhere left to dial.

A Hermès carré that landed in shops in spring 1992 was first sketched, in life size, on a 90 by 90 centimetre card, sometime in the autumn of 1990. That gap is the part of the object nobody sees. The square of silk you can drape over a handbag handle has already been waiting eighteen months by the time it reaches the counter. Half its life is gone before anyone has touched it.

Robert Dumas drew the first one in 1937. The design was called Jeu des Omnibus et Dames Blanches, and it was lifted from an antique parlour game in the Hermès family collection, with the horsedrawn omnibuses of nineteenth-century Paris turning back into print. By the early 1990s the house had produced hundreds of follow-on designs, each obeying the same brief, ninety centimetres on a side, hand-rolled hem, somewhere between fifteen and forty colours, a story you can read while you fold it.

The slow part is the engraving. An artist, often a freelancer working from a kitchen table somewhere in France, hands over a finished painting on card. Hermès engravers in Lyon then translate it into films, one transparent sheet per colour, traced by hand under a light box. A relatively simple thirty-colour design needs four hundred to six hundred hours of this. A complicated one can demand two thousand. Then those films become silk-screens, one per colour, and the scarf is printed on a hundred-metre table, lightest ink first, darkest ink last. Wash, set, iron, cut. The hem alone is forty minutes of stitching by one woman with one needle, and there is no machine that can do it without leaving the kind of edge a Hermès customer would notice.

Brazilian silk, oddly. The yarn comes from mulberry moth cocoons on farms the house keeps in Brazil, and the weaving in Lyon takes about three months on its own. A single 90cm scarf weighs sixty- five grams and consumes the silk of around 250 cocoons. The fineness is graded 6A, which means almost nothing to a customer and everything to a colourist trying to land thirty separate inks on a substrate that has to stay flat, take dye cleanly, and survive being knotted at the throat for fifty years.

What I find interesting about the early-90s carré program is that it ran on a clock the rest of fashion had already abandoned. Ready-to-wear in 1992 was operating on a six-month cycle and visibly straining. Magazines published trend reports in February about what people would supposedly want by April. The silk-scarf desk at Hermès was working two collections per year of roughly twelve designs each, every one of them already two years deep in production by the time the season turned. The decision about what your spring 1992 carré looked like was effectively made in the autumn of 1990, and nothing about Madonna's Blond Ambition tour, or the early signs of grunge in Seattle, or the Gulf War ending, or any of the other things that supposedly steered taste that year, could touch it.

Which is one of the things a Birkin shares with a carré, come to think of it. Both of them are objects whose internal time runs slower than the time around them. You cannot rush either, and that turns out to be most of the value.

There is a particular kind of cinder-block bus shelter that you only really see on rural A-roads and county B-roads in England, sat at a passing place rather than a village proper, with a metal-frame bench bolted to a concrete floor and a sloped asphalt roof gone green at the edges. The timetable behind the perspex is from 2009. The route number on it served somewhere twice a day, once in the morning toward the market town and once back in the late afternoon, and that route has not run since the council pulled support during one of the cycles of funding cuts that have been rolling through county transport budgets since the 1985 Transport Act first handed the question of who runs which bus to the open market.

The shelter is still there. That is the part I cannot get past. The bench is still bolted down, the roof still keeps most of the rain off, and on the inside walls there is graffiti that has weathered into the concrete the way lichen does. Someone in 2003 wrote a name and a year. Someone later scratched it out. Nobody has been waiting here for a bus in any meaningful sense for over a decade, and yet the structure is maintained well enough that it has not been demolished, because demolishing it would cost money the parish does not have, and there is a small and stubborn possibility that the route might come back, which in practice it almost certainly will not.

I find these shelters reassuring and unbearable in roughly equal measure. Reassuring because they record a moment when the state believed that a person standing at a passing place, two miles from the nearest village, deserved a roof and a bench while they waited for a bus that the council had paid an operator to run at a loss because the route mattered to the people who used it. Unbearable because the building has outlived the belief that put it there, and now stands in the landscape as a kind of physical fossil of an idea about what the public was owed.

Bus deregulation outside London began with the 1985 Act, which abolished road service licensing and let any operator run more or less any route they wanted to, and removed the local authority's power to set fares, frequencies, or routes for profitable services. The pitch was that competition would revive a sector that had been declining for two decades. In the cities and on inter-urban routes that more or less worked, by some measures. In rural areas it did not. Tribune's reporting on the post-deregulation arc puts the loss at more than one in four county and rural routes vanishing over the last decade alone, with much of the damage compounded by the 2012 cut to the Bus Service Operators Grant, which fell harder on rural mileage than on urban density.

What is left is the architecture. The 1970s and 1980s civic imagination put cinder-block shelters at every passing place that had any plausible claim to a stop, because at the time the question was not whether anyone would be there, but whether the network would reach them when they were. The buildings cost almost nothing to put up and almost nothing to leave standing. The route was the expensive thing, and the route is what got withdrawn.

I think about the world before the index when I pass these shelters, because they belong to the same order of fact. Once a thing existed in the world, was funded by a shared agreement, and produced a small printed sheet pinned behind perspex saying when the next service would arrive. Pull the funding and the printed sheet stays where it was, the perspex yellows, the bench still takes a person's weight. The withdrawal is administrative; the building is concrete.

Drive past the same shelter often enough and you start to notice the way local memory holds it. People still call it the stop, even though nothing stops there. Hikers use it for shelter in bad weather. Council contractors strim the verge around it twice a year on a schedule that nobody can quite explain. It is not abandoned, exactly. It is post-functional, kept warm by the small possibility that someone in some future budget cycle will decide a passing place on a B-road deserves two buses a day again. I do not think they will. The shelters do not seem to mind.

The Bloomberg note landed late on Wednesday and CNBC confirmed it within the hour. Anthropic is in talks to raise around $50 billion at a valuation between $850 and $900 billion, with the board meeting expected to settle the round in May. If the high end holds, that puts the company past OpenAI, which closed its last round at $852 billion in late March.

The arithmetic on this is the part that should make anyone reading it pause. In February, Anthropic raised $30 billion at a $380 billion valuation. Less than three months later, the company is fielding preemptive offers at more than double that figure. Two and a half times in eleven weeks. The previous round had not fully closed in the public mind before the next one started forming around it.

What is doing the work, by all accounts, is Claude Code. Anthropic disclosed earlier this month that annualised revenue had crossed $30 billion, driven heavily by the coding product. The framing of Anthropic as a research lab playing commercial catch-up is no longer operating. The new framing is that Anthropic is the inference company that found a real enterprise wedge, and OpenAI is the consumer brand still trying to make consumer behaviour pay at the same scale.

The IPO talk is the other surprise. Bloomberg's sources put a possible filing window as early as October. That is aggressive for a company that closed its previous private round in February, and it implies Dario Amodei's circle thinks the next several months of revenue growth will support a public-market story without needing another private round to bridge it. Reporting earlier this month suggested that some of OpenAI's existing backers were already showing buyer's remorse as Anthropic kept pulling enterprise revenue quietly across the table. The October timing suggests Anthropic wants its filing on the tape before that sentiment becomes permanent.

There is the question of where $50 billion actually comes from. Google and Amazon are already in for tens of billions in performance-based commitments, and sovereign funds, Middle Eastern in particular, will pick up most of the rest. Whether any of this is genuinely being priced as equity, or whether the structure is closer to a forward purchase commitment for compute dressed as one, is the question nobody at the table wants asked too loudly. That distinction is roughly what the Microsoft and OpenAI restructuring admitted out loud on Sunday. Money goes in, compute spend comes back out the other side, and the headline valuation is the part that ends up on the chart.

What I keep returning to is the velocity. $380 billion to $900 billion, in private negotiations, with no term sheet signed and no event yet to mark the change. The market has already decided what Anthropic is worth. The board meeting in May is now a forcing function on a number that has already moved without it.

Anthropic wants to take its most capable model, Claude Mythos, from a controlled set of about 50 organisations to roughly 120, adding names like Amazon, Google and JPMorgan under a programme the company is calling Project Glasswing. The White House, according to reporting today in the New York Post and CNN, has told Anthropic it is against the expansion. The objection is not about competition or pricing. It is about the model itself.

Mythos is the system Anthropic itself characterised, in internal analysis later summarised by reporters, as capable of exploiting electric grids, power plants and hospitals if it fell to the wrong operator. Dark Reading's piece this week, written from panic in the Japanese banking sector, describes Mythos finding previously unknown vulnerabilities in every browser and operating system tested against it, including one defect that had sat undisturbed for twenty-seven years. Finance minister Satsuki Katayama called the model's mere existence a crisis already upon us. A Japanese banking executive, quoted in the same piece, said that in the event of a customer-data leak the institution might have no choice but to shut its systems and conduct all transactions in cash. Those are not the sentences a regulator chooses lightly.

What makes the Glasswing fight strange is the Pentagon backdrop. Earlier this year, after Anthropic refused to grant the Department of Defense unrestricted use of its models for surveillance and weaponry, Pete Hegseth's office declared the company a supply-chain risk to national security, the kind of classification usually reserved for foreign adversaries. NBC covered the timeline. A long thread of mine on what Anthropic was trying to keep off the table is in Defenders First. And yet, days later, CNN was reporting that the same administration was looking for ways around its own restriction so that selected agencies, including the NSA, could keep testing Mythos against Microsoft systems and other domestic targets. Bloomberg confirmed the NSA work this morning.

So the position the White House has taken on Glasswing is, more or less, that a tool the federal government cannot resist using itself is too dangerous for JPMorgan to license. That argument has internal logic, the bank does not have a clearance pipeline, and credentialled access is an entirely different posture from a private SLA, but it is still an argument the administration has to make in public while quietly running the model against adversary infrastructure. The contradiction is the news.

It also, awkwardly, is not the first time Mythos has been somewhere it should not be. Three weeks ago a contractor with incidental access guessed an endpoint from leaked naming conventions, the episode I wrote up in A Contractor Had Mythos. Dark Reading nods at the same incident in its Tokyo piece. The inner circle was already porous before any expansion happened. Glasswing, by enlarging the circle from 50 to 120, multiplies the attack surface for exactly that kind of perimeter leak, and Anthropic's own threat modelling is the strongest argument against doing it.

There is a version of this story where the White House wins, the rollout pauses, the 70 candidate firms wait six months, and Anthropic spends the time tightening operational security around the Mythos endpoints it already operates. There is another version where the company decides the commercial pressure from Amazon and Google outweighs the political cost and pushes Glasswing live anyway. The interesting question is not which version we get. It is whether the precedent here, a sitting administration trying to gate a private firm's customer list on national-security grounds without naming a statute, survives the next change of party. That is the part nobody is writing about yet.

The click was always a recoil. The Zip drive's heads would extract themselves from the cartridge, retract into the body of the drive, then return, then extract again, in a small mechanical loop that produced the characteristic metallic clack roughly twice a second. Each click was the drive trying to reset its head positioning after failing to read whatever it had just been asked to find. From outside the case it sounded vaguely like a bird trapped in a wall.

Iomega launched the Zip drive at COMDEX in 1994 and shipped it the following year. A hundred megabytes for two hundred dollars, in a cartridge slightly thicker than a 3.5-inch floppy, at a moment when the standard floppy still topped out at 1.44 MB. For three or four years it was the obvious answer to the question of how to move a graphic-design project, an undergraduate thesis, or a corporate quarterly between machines. The drives appeared in offices, in studios, in bedrooms running early DTP software. Then the clicking started.

In January 1998 the phrase "click of death" appeared in print, attached to Iomega's drives, and by September that year a class action had been filed in Delaware under the state's Consumer Fraud Act. Iomega's public response was a number: fewer than half of one per cent of users were affected. The figure was repeated in interviews, on the company's website, in the boilerplate that Macworld used when it covered the dispute. The implication was containment.

What the number left out was the contagion. A Zip cartridge that had been written to by a damaged drive carried the misalignment forward, in the form of corrupted servo data that the next clean drive would then attempt to follow. The clean drive would mis-track. The miscalibration would propagate. A single sick unit could pass the failure to a chain of replacements, which is why people in the late 1990s began keeping their healthy drives away from disks of unknown provenance the way librarians keep moths away from textile collections. Steve Gibson at GRC kept a public FAQ documenting the mechanism, and the term spread far enough that within a few years it had stopped meaning Zip drives specifically and started meaning any disk failure that announced itself audibly.

The lawsuit eventually settled around a packaging disclaimer. Sales fell as CD-R undercut the cost-per-megabyte. By 2003 Iomega had stopped selling Zips in any meaningful quantity. The company tried a CD-burner brand using the Zip name and a tiny sub-floppy called Clik!, neither survived. PC World later listed the Zip drive as both the fifteenth worst technology product of all time and, in a different list, the twenty-third best, which is the only honest summary anyone produced.

The strange afterlife is in aviation. Jeppesen distributed navigation database updates on Zip disks into 2014. Universal Avionics took TAWS uploads from them at the same date. Pilots in regional fleets were carrying 100 MB cartridges into cockpits twenty years after the click of death entered print, because the certification cost of changing a flight-management input is high enough to outlast a generation of consumer storage.

The haunting, though, sits with the people who lost a project to one. They learned, before their twenties were out, that physical removable media could betray you silently, and could spread the betrayal to whatever you tried to use as a backup. A whole cohort now treats anything that is not duplicated to a second cloud as already lost. The cloud-first reflex has many causes. One of them clicks twice a second, in a beige plastic case, somewhere in the second half of the 1990s.