The Canvas Ransomware Attack: Paint Us Insecure

  

Anyone even a little familiar with how higher education is done these days has dealt with what are called "learning management systems" (LMS for short).  Basically, an LMS is what has replaced paper homework, paper gradebooks, and in many cases, paper exams that used to be shuffled back and forth between students, graders, and faculty members. 

 

Like many other universities around the world, several years ago my university switched from the LMS they were using to something called Canvas.  Once I learned its ins and outs, it has proved to be a useful, flexible, and mostly easy-to-use tool.  I can send out emails to everyone in a particular class, I can record grades that instantly show up on students' phones, and while I don't personally use the test-administering feature, many professors do. 

 

Canvas is so good, in fact, that its parent company, a privately-held outfit called Instructure, now has a plurality of all LMS customers in the world, serving over 8,000 institutions in dozens of countries. 

 

A lot of confidential data is stored in Canvas.  For example, it turns out to be a violation of a Federal law for me to post a list of grades on my door, even if I anonymized them with Social Security numbers.  So if anybody other than the student concerned manages to find out what a person's grade is, a whole lot of people can be in trouble.

 

Last month, these facts plus a fairly behind-the-times security posture made Instructure a prime target for the loosely-organized but highly effective ransomware ring known as ShinyHunters.  These criminals are thought to be concentrated in Canada and France, and are known to have committed numerous ransomware attacks on organizations whose wide-ranging databases make them particularly juicy targets, such as Ticketmaster and AT&T.

 

According to a report on thenextweb.com and the Wikipedia website "2026 Canvas security incident," on April 30, ShinyHunters breached Instructure's security and posted a ransom note on May 3.  On May 6, Instructure, which had publicly acknowledged the breach on May 1, notified its users that everything was back to normal.

 

But according to ShinyHunters, Instructure ignored their ransom demand and simply doubled down on security measures.  In retaliation, ShinyHunters put their ransom notice on every user's webpage, prompting Instructure to pull most of the system down and replace it with an "under maintenance" notice on 8 PM May 7 Eastern Standard Time.

 

Unfortunately, this was just when a lot of schools were relying heavily on Canvas for exams, grading, and other end-of-semester activities.  I was fortunate to have my last necessary interaction of the semester with Canvas just a few hours before it crashed, but a lot of other professors and students weren't so fortunate.  Our provost sent out a notice during the outage asking toleration and understanding on the part of both students and faculty members.

 

According to Hacker News, Instructure eventually reached a ransom agreement with ShinyHunters on May 11, averting release of some 3.6 terabytes of stolen data.  Since then, Canvas has apparently been running normally, although after this experience one wonders how reliable it will be in the future.

 

The days when universities developed their own custom software for large-scale applications such as LMS are long past.  But farming out important tasks to vendors places the responsibility for security squarely on the vendor's shoulders.  And bigness, however attractive it is profit-wise, attracts the attention of hackers as well.  So we shouldn't be too surprised that an outfit like ShinyHunters picked Canvas for their next target.

 

Ransomware hackers are the modern pirates of the Internet.  During the heroic age of global exploration and trade from the 1200s AD onward to 1800 and later, the ocean became a network of trade routes over which the world's valuables flowed.  The prospect of siphoning off some of those valuables for their own purposes, or of extorting money to allow their uninhibited flow, attracted pirates such as the ones based on the Barbary Coast region of North Africa in the years leading up to and following the American Revolution.  In what was the United States' first major foreign military action, President Thomas Jefferson decided he was through with paying off the pirates, and sent the Marines in a series of expeditions that ultimately broke the stranglehold they held on U. S. maritime trade in regions they controlled.

 

Jefferson had the advantage that the pirates sailed physical ships and could be tracked back to specific ports, where plans could be made to attack them.  The power that the internet gives to put the world at your Ethernet port also makes it possible for criminals to hide literally anywhere there is an internet connection, which these days means pretty much anywhere.  Tracking them down is a costly, slow, and uncertain enterprise at best.  And as soon as some bad actors are rounded up and thrown in jail, their uncaught associates rise up to take their place.

 

It's hard to imagine a modern-day Jefferson scaring ransomware hackers enough for them to lay off an entire country.  As the ShinyHunters' actions showed, national borders mean little to them.  They were attracted to Instructure because it formed one of the largest data-holders on the planet, not because it was a particularly large or rich country. 

 

The only thing that may lead to something like what Jefferson did to the pirates of 1800 is if a particular organization goes after the hackers with determination and even a kind of vengeance.  Perhaps something along the lines of a trade organization of large data-holders could fund a multinational policing effort that would make every ransomware hacker sorry they ever messed with a company that is a member of the organization.

 

That may require international and inter-company cooperation that simply doesn't exist today.  But if the problem gets bad enough, maybe firms will overcome their reluctance to put their money and efforts together and do something truly effective.  Until then, however, outfits like Instructure can look forward to more attacks, and users will just have to deal with it. 

 

Sources:  I referred to reports at https://thenextweb.com/news/the-largest-education-data-breach-in-history-was-not-an-attack-on-a-school-it-was-an-attack-on-a-vendor, https://thehackernews.com/2026/05/instructure-reaches-ransom-agreement.html, and the Wikipedia article "2026 Canvas security incident." 

Technology in the Strait of Hormuz Closure

  

As I write, Iran continues its effective blockade of the Strait of Hormuz, through which a quarter to a third of the world's petroleum traffic normally passes.  Though opposed by most other countries including the U. S., Iran has succeeded both in surprising the rest of the world with its blockade and in maintaining it in the face of fierce though intermittent opposition.  Modern technologies play a not insignificant role in this blockade, and examining that role can tell us something about how technological advances have affected modern warfare.

 

As an oil-industry newsletter pointed out, Iran has had the capability of blockading the Strait for decades.  Their navy includes numerous small attack boats and thousands of mines, both of which would probably be enough to shut off the Strait to commercial traffic.  In the early stages of the war, Iran announced the Strait's closure on Mar. 4, and proceeded to make good its decision with numerous attacks on tankers and other ships.  Wikipedia lists 40 ships that Iran has attacked, six of which were abandoned with some loss of life. 

 

No commercial insurer is going to let a ship go anywhere near a place where things like that happen.  So within a few days, traffic of ships that were not deemed by Iran "friendly" to the regime crashed to zero. 

 

In addition to the traditional means of attack boats and mines, Iran has also used shore-launched missiles, drones, and electronic warfare in the shape of jamming GPS and satellite signals in the Strait.  In a crowded sea lane, loss of electronic navigational ability can be just as dangerous as a minefield or a drone attack.  So even if GPS spoofing was the only thing Iran was doing, the blockade would be effective in terms of creating hazards that are unacceptable to insurers.

 

Iran has truck-mounted missiles that can be launched from virtually any location accessible by truck.  That makes it very easy for them to attack ships, and very hard for anyone trying to defend the ships.  The same goes for drones, which are turning out to be a true game-changer in recent conflicts.  As Ukraine has shown with its homegrown drone industry, inexpensive drones costing anywhere from a few thousand dollars up to $50,000 or so (the cost of Iran's most frequently used drones) can be effective countermeasures that work as well in some cases as U. S. stealth missiles costing millions of dollars. 

 

Mines are a particularly nasty thing to deploy in a commercial shipping lane.  As the oil-industry newsletter pointed out, after the Persian Gulf War it took the U. S. 51 days to find and disable 907 mines off the coast of Kuwait.  So even if Iran was neutralized somehow and agreed to cease hostile activity tomorrow, it would still take more than a month to clear the Strait of mines, assuming the U. S. has retained its former minesweeping ability, which is not clear.

 

In the long story of technology applied to warfare, progress is measured by victory.  And victory doesn't always go to the good guys, while "good" often depends on whose side you are on.  One of the unstated assumptions of engineering ethics is a background of peacetime.  When such a background is no longer the case, things can get murky quickly. 

 

Judging the ethics of war is way beyond the scope of a single article, and I'm not going to try to do that here.  One can question the justice of the way the current conflict started, with pre-emptive strikes by the U. S. and Israel.  From Iran's point of view, closing the Strait of Hormuz in response was probably one of the smartest and most effective things they could do.  In retaliation, the U. S. has announced a blockade of oil shipments from Iran, which depend largely on ports to the east of the Strait.  Whether this retaliatory blockade has the desired effect of making Iran back down from its own blockade is unclear at this point.

 

One problem to avoid with every advance in military technology is that a country finds itself preparing for the last war, not for the next one.  This problem has become obvious for the U. S., whose military procurement process has become hidebound and overly complex, with the result that it mainly served to enrich defense contractors rather than producing the kind of inexpensive but effective weaponry that Ukraine is currently making. 

 

Could the U. S. or allied countries come up with something clever and cheap to end the Strait blockade?  I'm sure people a lot smarter than I am are working on that right now.  But considering the mixture of traditional and novel technologies that Iran is bringing to bear on the blockade, it's hard to imagine how such technologies would work. 

 

If all restrictions on U. S. military actions were lifted and the President ordered his generals and admirals to open the Strait by any means, I'm sure it could happen.  But that would almost certainly involve a land invasion of the regions of Iran closest to the Strait.  And that would be opposed by a contingent of the 190,000 or so troops in Iran, leading straight to a bad old-fashioned land war with significant casualties on both sides. 

 

The last time a Middle Eastern country tried to take over an internationally important waterway, the U. S. took the side of the country against the then-global powers that wanted to oppose it.  The 1959 Suez crisis found President Eisenhower exerting financial pressure on England to let go of the Suez Canal, when Nasser of Egypt tried to take it over.  Eisenhower knew war inside and out, and while he employed lots of diplomacy and jawboning in foreign affairs, he managed to keep the U. S. out of actual fighting wars almost completely during his tenure from 1952 to 1960.

 

The world was a very different place then, and the current U. S. leader has no personal experience with war.  Perhaps the old-fashioned approach of blockading Iran's ports will have the desired effect without leading to further bloodshed.  If the U. S. had some undreamed-of technology that would end the crisis, I suspect we would have used it by now.  But I might be wrong.  It's happened before.

 

Sources:  I referred to the online newsletter https://oilprice.com/Energy/Energy-General/Why-Military-Force-May-Not-Be-Enough-to-Reopen-the-Strait-of-Hormuz.html and the Wikipedia article "2026 Strait of Hormuz Crisis." 

California Ends Free Ride for Robotaxi Ticketing

  

For good or ill, many things that start in California spread to the rest of the U. S. sooner or later, from Hollywood movies to the Hula Hoop.  So when California's Assembly Bill No. 1777 takes effect this July, companies such as Waymo that operate robotaxis across the country may feel its effects outside just California.

 

The bill, and its implementation by the California Department of Motor Vehicles (DMV), closes a loophole in California law that has up to now allowed driverless vehicles to escape being ticketed for traffic violations.  Previous laws assumed there would always be a driver behind the wheel to cite for illegal U-turns or other roadway malfeasance.  However, existing California law made no provision for ticketing driverless vehicles.

 

That will all change come July 1.  After that, the corporation operating the vehicle will be the designated legal recipient of any citations concerning vehicles under its control.  The ticket takes the form of a "notice of noncompliance," but the effect is the same.  To allow the DMV to track robotaxi company violations, the company must report any citations to the DMV within 72 hours of receipt.  In case a collision was involved, the window shrinks to 24 hours.  If a firm receives too many citations, the DMV is empowered to take drastic action such as limiting the firm's fleet size or even suspending its operating license. 

 

The new law also addresses the problem of how first responders can deal with driverless vehicles that get in the way at a fire or accident scene, for example.  It mandates that the operating companies must respond to calls from first responders within 30 seconds, and requires that companies observe geofencing rules that clear a designated area within two minutes.  Apparently, autonomous vehicles have obstructed the operation of fire and emergency vehicles in the past, and these new laws address that issue.

 

In the modern world, technological developments generally outpace the social infrastructure of laws and customs.  That is why robotaxis in California have been escaping traffic tickets until now, because lawyers and legislators are not prophets, and they can't expect to anticipate every possible new technological development so that the laws are waiting to be used when the technology finally comes along.

 

Most consumer technology is at least intended to have benign effects, but the good of taking people and goods from one place to another is accompanied by problems such as traffic violations.  Getting a traffic ticket is often the only interaction most law-abiding citizens have with law enforcement, but it is a little galling that robotaxis were effectively exempt from such experiences until this year in California. 

 

It's part of the normal progress of technological development for new laws to arise that deal with unexpected problems such as the ones the California bill addresses.  The issue of clearing an area for emergency operations couldn't even happen until there were enough robotaxis around that one of them got caught in such a situation, and led to frustrations and hazards that, while probably not costing a life, made enough trouble for first responders that they reported it to the appropriate authorities.  And while many uncomplimentary things can be said about the California legislature, in this case they seem to have done a good thing in mandating effective communications and actions whenever a driverless vehicle is impeding the work of first responders.

 

It's fair to say that there probably wasn't a popular groundswell of grassroots opinion demanding that robotaxis be able to receive traffic tickets.  The issue is not one to get the average Joe Public's juices going.  Contrast this matter to another technological fault line that is currently the subject of much (mostly local) legislation and discussion:  the construction of data centers around the country. 

 

As an editorial by Charles C. W. Cooke points out, data centers are not new.  In some form we've had them around for decades, and currently there are about 5,000 of them in the U. S. already, with the largest concentration in the liberal state of Virginia. 

 

Yet, to listen to discussions at city council meetings around the country or to see the "No Data Centers" signs popping up in yards, one would think that each data center is a direct portal to Dante's Inferno.  Why are people so upset at data centers, while robotaxis being immune from tickets was never a big deal?

 

Fear has something to do with it—fear of the known unknown.  For most people, robotaxi immunity from ticketing was an unknown unknown.  I didn't even know it was an issue until California fixed it with their new law.  But the publicity about data centers, and their notorious connections with the mysterious and frightening acronym AI, are well known enough, though what the consequences will be in terms of water and energy depletion or increased cost is largely unknown.  After all, if something's not built yet, you can't say exactly what will happen if you build it.

 

Opponents have rushed into that gap of ignorance with highly inflated predictions of disasters that will hit you in your pocketbook:  higher power and water prices, water shortages, and even loss of jobs as AI takes over what you and twenty of your friends do, and does it better and cheaper.  Nobody is threatened in that manner by the fact that robotaxis couldn't get traffic tickets.  Injustice somewhere else never matters as much as injustice to my bank account. 

 

So while even the California legislature can take effective action about a matter that few people knew or cared about, it's not clear that laws slowing down the construction of data centers are going to make anything better.  Saying "not in my back yard" doesn't stop construction as long as back yards don't cover the entire U. S., and that won't happen for a while.  But unless the public understands the issues well enough to make an informed decision, there is not much chance that legislation about data centers that is driven by public opinion will do much good.

 

Sources:  I referred to several articles on California Assembly Bill No. 1777, including https://driveteslacanada.ca/news/california-makes-big-changes-to-autonomous-vehicle-legislation/, https://finance.yahoo.com/economy/policy/articles/robotaxis-driverless-vehicles-now-ticketed-150019014.html, and https://www.carscoops.com/2026/04/california-robotaxi-citation-rules/.  Charles C. W. Cooke's article "Hatred of Data Centers Is Irrational and Self-Defeating" is at https://www.nationalreview.com/2026/04/hatred-of-data-centers-is-irrational-and-self-defeating/. 

Driverless Cars: Not as Autonomous As We Thought

  

As part of an investigation by U. S. Sen. Edward Markey (D-Mass.), autonomous-vehicle operators Tesla, Waymo, and others have made public some details about how their supposedly driverless cars can be remotely assisted or controlled under certain circumstances.  In a report published on Apr. 8, Andrea Guzman of the Austin American-Statesman described how the companies reluctantly shared some but not all the information Sen. Markey requested.  Specifically, they refused to say how often such interventions take place.

 

It was a surprise to me, though it probably shouldn't have been, that autonomous-vehicle firms have staffs of remote operators ready to take control of a car or truck that gets into trouble.  It's a given that every such vehicle is in continuous wireless communication with "headquarters," whatever that amounts to.  And when the onboard systems determine that the situation the vehicle is facing is beyond its capabilities, it's reasonable that it sends an alert to headquarters to flag a human being to take a look and decide what ought to be done.  But in at least a few situations, the human-assisted decisions haven't been all they should be. 

 

For example, an investigation by a safety agency found that a remotely-operated Waymo vehicle illegally passed a school bus where children were boarding.  Apparently, the Waymo remote assistance operators do not take direct control of the vehicle, but merely guide it in making its own decisions.

 

Tesla's process of remote assistance seems to be more assertive.  In responding to Sen. Markey's inquiry, Tesla revealed that in rare cases, their remote assistance operators can take direct control of the vehicle, but its speed is limited to either 2 or 10 MPH, depending on whether the internal automated system grants direct control to the human controller.

 

That makes it sound like the final decision is up to the machine, not the human.  Whatever the details, the fact that human remote assistants are sometimes involved in driverless car control adds another layer to the already complex mixture of responsibilities involved. 

 

Both Tesla and Waymo emphasized that the remote assistants do not sit there watching each car passively.  For one thing, there are too many cars to monitor.  Waymo revealed that by spreading the work among staff in the U. S. and the Philippines, they can maintain about 70 remote assistance operators on duty at any given time.  Tesla's operators are all in the U. S., and presumably work day and night shifts.  They all have valid U. S. driver licenses for at least three years prior to employment, for what that is worth. 

 

The information that all companies queried refused to reveal was how often it happens that remote-assistance operators intervene in a vehicle's operation.  Perhaps justifiably, they claim that is a trade secret that might compromise their competitive position.  My guess is that they have a pretty good idea of what the competition is doing, but they don't want the competition to know that.  Until it becomes an issue in a court case, then, we'll just have to guess at whether the driverless vehicle you see cruising down the street is truly on its own, or is being supervised from Palo Alto or Manila.

 

The mixing of autonomous and human control is going to become more urgent in the future as more and more systems become capable of running themselves.  Less than two weeks ago, on Apr. 14, Ukrainian President Volodymyr Zelenskyy announced that for the first time, his soldiers captured an enemy position using only remotely-controlled equipment, namely unmanned drones and "ground robotic systems," meaning armed robots. 

 

This historic achievement speaks volumes for the progress that Ukraine has made in developing agile, cost-effective military technology that augments their strength in human troop numbers.  After four years of war against a numerically superior foe, the Ukrainians have become world leaders in such technology, motivated by one of the strongest reasons around:  survival.  It is a truism in the history of technology that wars advance technical developments faster than peace does, and the Ukrainians have shown its validity once again.

 

For years, much ink has been spilled in engineering ethics journals about the dangers of autonomous warfare.  While this may not seem to have much to do with remote assistance for Waymo and Tesla, the two cases are extremes on a continuum.  In the case of peacetime vehicles, you want the machinery to do what it's supposed to do benignly without hurting anybody, but in cases where there is potential danger, you want the human backup person to intervene.  In the case of autonomous warfare, you want to damage and destroy the enemy and its resources, but you don't want the autonomous systems going haywire and attacking your own troops. 

 

Getting back to remotely-assisted civilian vehicles, it appears that the operating companies have found a comfortable medium between the extremes of completely autonomous operation—no humans involved anywhere along the line—and what would amount to a remote-control cabdriver, namely one remote assistant dedicated to each vehicle full-time.  Their comfort zone appears to be a mix of mostly automated control, but some manual control in emergencies. 

 

While it would be nice to know more details, in a free market it's up to the firms themselves to decide the optimum mix, and they seem to want to keep the details to themselves.  Until there's a major lawsuit in which the remote-assistant issue becomes a critical factor, we may not learn a lot more about it. 

 

The question of responsibility is fundamental in engineering ethics.  With the rise of all sorts of autonomous systems that are not quite autonomous, the question gets complicated.  The best we can do is to learn as much as we can about how things are actually done, so when problems arise the public and regulatory agencies are not kept in the dark about where responsibility may really lie. 

 

And whether it's a Waymo car or an armed robot capturing an enemy soldier, it's a little comforting to know that humans are still at the top of the command structure, however remotely.  Unless I'm the soldier—then it may not matter.

 

Sources:  Andrea Guzman's article "Self-driving cars still rely on humans—but how often remains unclear" appeared in the Austin American-Statesman on Apr. 8, 2026 at https://www.statesman.com/business/article/tesla-waymo-remote-operators-self-driving-cars-22192151.php.  I also referred to an article describing the Ukrainian remote-controlled capture of a Russian position at https://www.politico.eu/article/volodymyr-zelenskyy-robotic-systems-russia-army-positions-ukraine/. 

Getting to the Truth about AI Water Use

   

It might have been Mark Twain who said, or at least repeated, that a lie will get halfway around the world while the truth is still putting on its pants.  And that expression finds no better example than the way water usage by data centers has been portrayed over the last couple of years.

 

I live in Texas, which has seen some of the most rapid growth of data centers in the U. S.  There has even been a local controversy here in San Marcos, with citizen groups organizing rallies and protests against the construction of new data centers.  Every day when I go on my bike-exercise route, I pass two or three signs saying "No Data Centers" showing a big faucet with a single drop of water coming out.  Unfortunately, that sign represents about the typical level of discourse that prevails in discussions about the environmental concerns raised by data centers, specifically their water use. 

 

Last May, a book by Karen Hao, Empire of AI, hit the market and received a wildly enthusiastic reception.  Amazon currently ranks it the No. 1 best seller in International Economics and No. 3 in General Technology and Reference, a very broad category.  It won the National Book Critics Circle Award in 2025. 

 

And yet it contains numerous factual errors, many of which blogger Andy Masley pointed out in detail in his Substack blog over a period of months.  In discussing plans Google had for a data center in a town in Chile, Hao wrote that the data center would use 1,000 times more water than the city of 88,000 used. 

 

Masley, a close reader of the technical stuff in such a book, thought this looked strange, although it is not out of line with similar claims by others for the vast quantities of water that data centers will supposedly use.  So he looked into the problem.

 

When he took the number that Hao said was the city's total water usage and divided it by the population of 88,000, he got the result that each citizen was using less than a half-cup of water (0.2 liters) per day.  That is nonsense, of course.  When he found the original data, it turned out that the city's consumption was stated in cubic meters, not liters.  As later confirmed by Hao, someone on her staff of assistants mistook the cubic-meter consumption for liter consumption. 

 

As every student of the metric system knows, one cubic meter contains 1,000 liters, hence the error by a factor of 1,000. 

 

What Masley then wanted to know was how such an egregious error made it past the fact-checkers acknowledged in Hao's book, and the more than 1,000 reviews on Amazon, the adulatory comments in prominent media outlets such as the New York Times and The New Yorker, and the people who decide on the National Book Critics Circle award.

 

The only answer he could come up with is that the people writing the reviews don't give a flip about numbers.  And the people who care about numbers don't write book reviews, except for him, evidently.

 

Hao has since admitted that the error happened in the manner Masley suspected.  But that's a little bit like apologizing for not wiping your feet on the welcome mat after you burn your host's house down.  Masley has spent what amounts to a fulltime job calling out and correcting this and innumerable other errors in the vast outpouring of what may well be called propaganda opposing the construction of new data centers.  His words are finally gaining some traction in the media, which is why I now know about his work.

 

But something is way out of whack with public discourse if one side of a controversy can put out tons of material that is chock-full of factual errors, and these errors can go unchallenged for months or years before one person with the willingness to do the math and find and expose the errors gets enough attention to be heard from.

 

This story reveals laziness and groupthink among those who control prominent media outlets, plus something that could be called math avoidance.  You would think that at a time when mathematics has never been as vital an underpinning to civilization as it is now, that most people would be at least somewhat used to doing math when some issue that vitally involves math comes up.

 

But this story about liters and cubic meters shows that a lot of people who should do their math homework before blatting the glories of a book, or taking sides in a controversy, simply don't.  They find an expert whose vibes agree with their own and enthusiastically fall in line without the slightest regard for accuracy or healthy skepticism. 

 

I don't know what the future of data centers holds.  Their wild growth is starting to look to me like some sort of bubble, much as we had a wild growth of fiber-cable capacity in the early days of fiber-optics, and for years the industry contended with the problem of "dark fiber"—too much capacity.  Dark fiber cables don't use water or power—they just lie there.  But data centers need both, and it's possible that we may find ourselves awash in surplus data-center capacity and the boom will become a bust. 

 

But so far, there seems to be no limit to the appetite for "compute," as the experts call it, that AI wizards have.  The only limit at this point will be economic.  If the people who build the capacity can't figure out how to make money with it, they'll eventually quit adding capacity.  But as long as the public and corporations are willing to get more AI results—and so far, they are—the demand will drive the supply and more data centers will be built.

 

That is, unless people keep on believing the nonsensical claims of the more extreme opposition to data centers, and do something like getting a nationwide ban on new construction passed.  Then we'll get to see what a data-center shortage looks like, and it might be worse than you think.

 

Sources:  Numerous news outlets have covered Andy Masley's debunking efforts directed at correcting errors in the claims of data-center opponents.  The details of the particular Empire of AI error described herein can be found at his Substack post https://blog.andymasley.com/p/empire-of-ai-is-wildly-misleading. 

Whither the U. S. Postal Service?

  

We don't usually think of mail as a technology.  But if we define a technology broadly as any system engineered for the accomplishment of a practical purpose, the U. S. Postal Service is not only a technology, but a vital one.  Like any technology that doesn't go extinct, it has to change with circumstances or die.  And those two alternatives are becoming more obvious by the day as competition from electronic media bring intense pressures on so-called "snail mail" services, not only in the U. S. but worldwide. 

 

This column is brought on by an incident which nonetheless may be symptomatic of wider problems in the system.  Ever since my father taught me how to use a checkbook, I have paid for many monthly bills by mailing checks.  Until last month, this was a reliable way to pay things like utility bills.  But in February and March of this year, four checks I mailed simply disappeared, including the payment for the electric, water, and sewer bill. 

 

These incidents have forced me to join most of the rest of the world in switching to electronic payments for those bills.  But it also made me wonder how the U. S. Postal Service is doing in general, and the answer is:  not well.

 

At its inception under the guidance of the first U. S. postmaster—some dude named Benjamin Franklin—the Post Office, as it was known then, became a powerful nation-binding force as it put even the most remote state or territory in contact with the rest of the country by both private letters and favorable rates for periodicals such as newspapers and magazines.  It was operated as a Cabinet-level department and not expected to show a profit.  That remained unchanged until thousands of postal workers struck in the largest wildcat (=unauthorized by union leadership) strike in U. S. history in 1970.  That led directly to the passing by Congress of the Postal Reorganization Act of 1970, which President Nixon signed as a way of giving the postal unions the right to collective bargaining, though it still made strikes illegal.

 

The Act did more than authorize unions, however.  It changed the name of the organization to the U. S. Postal Service and set it up as a quasi-independent corporation that was expected to be self-supporting without government subsidies.

 

In 1970, the highly-remunerative monopoly on first-class letter carrying enjoyed by the USPS was more than enough to allow it to make a profit.  But the era of electronic communications was just around the corner.  If you are old enough to remember all the things that used to be done by mail that are now done by means of the internet, that's a lot of mail that has simply disappeared, and most of it was first-class mail.  Bills, checks, legal documents, and the whole volume of commercial first-class mail that used to support the old Post Office—virtually all that has now turned into bits transmitted on fiber cables. 

 

Some analyses by Elena Patel of the research institute Brookings show that the declining volume of first-class mail has led to the USPS showing a deficit every year since 2007.  By law, it can borrow money only from the U. S. Treasury, and there is a cap on its total indebtedness, which it has already hit.  When it can't borrow any more, it has to rely on its cash reserves, and these days those are running out too.  So we face the near-term prospect of the U. S. Postal Service going bankrupt unless its governing laws are changed.

 

This would have happened even earlier if the volume of package deliveries had not increased in a way that has partly compensated for the huge loss of first-class mail, which the USPS had a monopoly on.  But in package delivery, the USPS faces stiff competition from fully private businesses such as FedEx and UPS that operate on slimmer margins than a quasi-government service like the postal system, which has built-in labor costs and obligations to serve every single post office in the U. S. 

 

I don't know if all these adverse circumstances are directly responsible for my checks getting lost, but they didn't help.

 

So what should be done?  This problem of electronic-media competition upsetting the fiscal status of mail service is worldwide, not just in the U. S., and different countries are dealing with it in various ways.  In some places, the national government simply absorbs the losses and regards the mail service as a necessary part of national infrastructure.  That's the way our old Post Office began—as a nation-binding service that was simply paid for out of government funds—but by law the current USPS can't operate that way. 

 

Some might feel that the practice of laboriously carrying little pieces of paper around and physically delivering them is an outmoded practice that should be allowed to die a natural death.  But one of the Brookings studies shows that postal services form an important part of the economy of certain areas of the country, especially where population is sparse but people can still operate businesses with nationwide clientele through the postal service.

 

I don't have any brilliant solution to these problems.  But it's clear that things can't go on the way they're going, with the laws governing the USPS assuming economic conditions that simply no longer exist.  The first-class-mail monopoly that formerly subsidized everything else the USPS did has vanished as a source of profit.  And unless the federal government recognizes that what the postal system does is important enough to pay for with taxes, we will sooner or later hit a crisis resembling what recently struck the Transportation Security Administration, which wasn't funded in the latest Congressional budget.  This caused snarled air transportation as TSA workers increasingly showed a reluctance to go to work without being paid. 

 

Maybe a lot of young people wouldn't miss the postman (post-person, these days).  But one way to find out the significance of a technology is to imagine that tomorrow you woke up and all of it has vanished into thin air.  If the USPS doesn't get its finances straightened out by Congress soon, we may find out what that thought experiment looks like in reality.  And the results won't be good.

 

Sources:  I referred to two Brookings studies by Elena Patel on postal systems at https://www.brookings.edu/articles/postal-systems-worldwide-confront-the-same-financial-pressures/ and https://www.brookings.edu/articles/the-us-postal-services-fiscal-crisis/,

and the Wikipedia articles "1970 United States postal strike" and "Postal Reorganization Act."

 

US Fears AI, Uses It Anyway

  

A recent report in National Review summarized opinion polls about what U. S. residents think of artificial intelligence (AI) and how much they are using it.  Paradoxically, the more people use AI, the more they fear it.

 

A poll by NBC News showed that 46% of those queried had a negative opinion of AI versus only 26% positive.  Other polls show that citizens expect mostly or entirely negative effects on society from the widespread use of AI, and believe it will lead to serious job losses.  Over half the Americans polled by Democratic research firm Blue Rose feared that AI will lose them their job or a relative's job. 

 

At the same time, polls asking about AI use show that most people queried have used an AI tool in the past month, and a fourth say they use it every day.  So the old saying "familiarity breeds contempt" may be a guiding principle in how AI is viewed by the general public.

 

In a way, none of this matters.  If a new technology gets widely used and the companies providing it make money, who cares what people think about it?  Another technology that spread rapidly in only a few years, and also had profound effects on society, was television.  In 1950, only 9% of households had a TV, but by 1955 over half did.  And while there may have been a few voices raised in opposition to its growth, I think it's fair to say that the only groups that looked on the spread of TV with disfavor were industries threatened by it:  Hollywood, for instance.  And Hollywood has long ago made peace with the advent of television.  Your average person in the early 1950s was just waiting to see when TV sets got affordable enough to buy, and any negative consequences of TV use were not noted much in public before the 1960s.

 

One difference between the advent of TV and the advent of AI is that TV didn't threaten jobs like AI does.  And one job sector that is already seeing big effects from AI is computer science and computer programming.  The thing about public perception, regardless of whether it's accurate or not, is that it can easily become reality.  I work at a university, and I have heard in the last week that enrollment in computer-science programs is dropping across the board, after years of steady growth.  The reasons for this are not entirely clear, but one factor may well be that students fear spending four or more years getting a degree and then finding that all the entry-level positions are now being done by a few senior people writing AI prompts. 

 

On the other hand, one of the most enthusiastic proponents of AI I know is an 80-plus professor of biology who has been using ChatGPT in his research for the last year or two.  He says it helps him write papers more clearly and to organize his thoughts, and claims it's the greatest thing that's happened to him research-wise in a long time. 

 

Many of the polls mentioned were commissioned by political interests with a view toward forming policies about AI.  Currently, the Trump administration favors few if any regulations on the technology, and wants to keep states from enacting a patchwork of legislation that would encumber the field.  Historically, this approach has worked well for computer- and network-intensive industries themselves, allowing them to create vast new economies and profit mightily therefrom.  But it has also led to a number of real and lasting problems, ranging from the maleficent effects on politics of social media and the quantified and well-known harms to children and teenagers whose lives are distorted by the use of smartphones. 

 

The crystal ball of predicting how technologies will affect society is always more or less cloudy, and I will not venture to say what the future effects of AI's negative polling will be.  Even if AI were universally detested, it's not clear that Washington could get its act together enough to pass meaningful regulatory legislation, especially when Big Tech and the federal government sometimes seem to blur into each other.  On the state level, if the feds don't stop them, some states may pass laws attempting to regulate AI, but it's a little bit like trying to nail Jell-O to the wall.  When the thing you are trying to regulate is so protean and shape-changing, it's hard to decide what regulations to pass, let alone to figure out if they've been violated.

 

Some of the anxiety the public feels about AI is simply due to the breathtaking speed with which it has advanced and improved.  Arthur C. Clarke's principle that any sufficiently advanced technology is indistinguishable from magic applies here.  Real magic is scary if it happens, and I still feel a kind of queasiness when I type commands into a chat box and the program comes back with "I did this and that."  It's understandable that millions of teenagers use AI chatbots as a substitute friend, and it's also very creepy.

 

Going to extremes, a few people believe AI will engender the end of civilization as we know it.  Other hyper-tech-optimists such as Ray Kurzweil look forward to being uploaded to an eternal cloud and think it will be heaven on earth.  The truth probably lies somewhere in between.  What we can do as individuals is to keep reminding ourselves that AI systems are not human beings, and that human beings are not machines.  But both of those truths may become harder to keep in mind as time goes on. 

 

Sources:  The National Review website carried James Lynch's article "The More Americans Use AI, the More They Fear It" on Mar. 25, 2026 at https://www.nationalreview.com/news/the-more-americans-use-ai-the-more-they-fear-it/.