The Lookout — 2026-03-21

The Pentagon has decided that an AI company refusing to build autonomous weapons is a national security threat. That is not a paraphrase. In a forty-page court filing on Monday, Department of War lawyers argued that Anthropic could "attempt to disable its technology or preemptively alter the behavior of its model either before or during ongoing warfighting operations." The company's crime: maintaining ethical red lines against mass surveillance of Americans and autonomous targeting systems in a two-hundred-million-dollar classified AI contract it won through Palantir and AWS last July.

The timeline tells the story. Anthropic won the contract, refused terms allowing "any lawful use" of its technology, and Defence Secretary Hegseth labelled them a supply-chain risk in February. Trump ordered all federal agencies to stop using Anthropic's technology. The DOJ followed up on Wednesday, urging a California judge to reject Anthropic's preliminary injunction and its First Amendment defence. "The First Amendment is not a license to unilaterally impose contract terms on the government," they wrote. A hearing is set for March 25. The support for Anthropic is notable — Microsoft filed an amicus brief, thirty-seven engineers from OpenAI and Google including Jeff Dean signed a personal-capacity brief, and former federal judges have publicly questioned whether the supply-chain label is being used as retaliation. But the most telling detail came on March 17: the same day the government called Anthropic an unacceptable security risk, OpenAI announced a deal to replace them as the Pentagon's AI provider through AWS, for both classified and unclassified work. The message to every AI company is unambiguous — ethical limits on military use will cost you the contract; compliance gets rewarded. Meanwhile, Anthropic posted a job for a chemical weapons and explosives policy manager, specifically to prevent catastrophic misuse of its models. The safety consciousness that created those red lines is exactly what the government now frames as the threat.

On the subject of military security and catastrophically poor operational discipline: Le Monde tracked France's only aircraft carrier in real time this week using Strava. A French Navy officer — pseudonymised as Arthur — went for a seven-kilometre run on the flight deck of the Charles de Gaulle on March 13, logged it with a smartwatch, and left his Strava profile public. This instantly revealed the carrier's precise position northwest of Cyprus, roughly a hundred kilometres off Turkey's coast, during a sensitive Middle East redeployment ordered by Macron after the Israeli-US strikes on Iran. The carrier and its strike group of three frigates plus a support vessel had moved from NATO exercises in the Baltic. The general deployment was public; the exact coordinates were not.

Le Monde has done this before. Their StravaLeaks series previously tracked Macron himself by finding his bodyguards' public profiles. The original Strava heatmap fiasco that exposed military bases worldwide was in 2018 — seven years ago. Strava accounts still default to public. The French Armed Forces confirmed the behaviour "does not comply with current guidelines" and offered no indication of systemic change. A consumer fitness app continues to be a better intelligence tool than most satellites, and nobody with the authority to fix it seems particularly bothered.

In less consequential but no less frustrated news, Microsoft's EVP for Windows published a detailed quality commitment that reads like an apology letter from someone who isn't quite ready to say sorry. The concrete promises are real: taskbar positions returning to vertical and top placement, Copilot being scaled back from its aggressive insertion into every app, update controls that let you skip updates during setup and restart without installing, a faster File Explorer with less flicker, and quieter widget defaults. There is a year-long roadmap involving WinUI3 migration, memory reduction, and WSL improvements. The 757 Hacker News comments — making it the most discussed story on the front page — are overwhelmingly sceptical. "Too little, too late" is the dominant sentiment. Users are announcing switches to Mac and Linux. Multiple commenters catalogued the accumulation of coercive patterns: mandatory Microsoft accounts, intrusive updates, three different audio control panels, a search bar that cannot reliably search the local machine. The Copilot rollback is read as an admission that the aggressive AI integration was a mistake, not a feature. Whether this blog post represents genuine course correction or sophisticated damage control depends on whether the next Windows build actually delivers. The track record does not inspire confidence, but the specificity of the promises is at least different from the usual corporate vagueness.

OpenCode, the open-source AI coding agent from the SST and terminal.shop team, is having a moment — 460 points on Hacker News, 120,000 GitHub stars, five million monthly developers. It runs in the terminal, as a desktop app, or as an IDE extension, supports seventy-five-plus LLM providers, and does LSP integration where it automatically loads language servers so the model can navigate your codebase properly. The reaction on HN is characteristically split. Early adopters praise the features and openness. Critics point to the breakneck release cadence with insufficient testing, frequent breaking changes, no proper changelogs, and a TypeScript codebase consuming over a gigabyte of RAM for what is nominally a terminal application. A broader debate emerged about agentic coding tools shipping at velocity and accumulating maintenance debt — the tension between "move fast" and "build something people can rely on." On that note, Claude Code shipped 2.1.81 yesterday with a new bare flag for scripted calls that skips hooks and plugin sync, permission relay through channel servers, and fixes for OAuth token refresh conflicts between multiple concurrent sessions. Four releases in eight days now.

On Capitol Hill, something productive actually happened. Senators Tillis and Alsobrooks announced an agreement in principle with the White House on crypto market-structure legislation — specifically resolving the dispute that has stalled the CLARITY Act in the Senate Banking Committee. The fight was over stablecoin yield: banks argue that exchanges paying interest on stablecoin balances amounts to unregulated deposits that could trigger deposit flight from FDIC-insured accounts; crypto firms say yield is essential for adoption. The compromise reportedly bars yield on passive balances while allowing activity-based rewards. If the language survives, it could unlock an April vote on the first comprehensive federal crypto market-structure law, building on last year's GENIUS Act that established the initial stablecoin framework. This is the most significant forward motion on U.S. crypto regulation since GENIUS passed.

In Bitcoin Core, achow101's implementation of BIP 370 — PSBTv2 — was updated again this week. The pull request is five years old, opened February 2021, and remains unmerged. PSBTv2 restructures Partially Signed Bitcoin Transactions by decomposing the global unsigned transaction into per-input and per-output records, which lets inputs and outputs be added or removed independently. This matters for interactive multi-party protocols: coinjoins, payjoin, collaborative transaction construction. Core Lightning already uses PSBTv2 internally but translates back to v0 when talking to Bitcoin Core, which tells you everything about the demand. The long gestation reflects both backward compatibility complexity and Core's deliberately cautious review process — this is not a stalled project, it is a careful one.

Complementing PSBTv2, a new proposal on Delving Bitcoin from Thomas Suau introduces BTSL — Bitcoin Transaction Schema Language. The problem it addresses is trust in multi-party PSBT workflows. When a coordinator constructs a transaction for multiple signers — a marketplace trade, a batch payout, a shared expense settlement — each signer implicitly trusts the coordinator got the economics right. BTSL provides a declarative validation layer: schemas define transaction structure and assertions that any signer, including a hardware wallet, can independently verify before signing. It requires no consensus changes and no modifications to the PSBT format. The author is explicit that this is experimental, but the architecture is sound — it sits alongside Script, Miniscript, descriptors, and PSBT as a distinct validation concern. Its utility grows directly with PSBTv2 adoption, since modular input and output structures make the multi-party workflows that need independent validation more practical in the first place.

Block height 941,495. Fees remain at one to two sat per vbyte. The mempool is calm.

References