Backstage at Coachella
Welcome back. Before we get to the main event (a true story about a door that should have been locked), a small homecoming worth marking.
Actually, one confession first, since this entire issue is about what these tools can now do. I don’t write every word of this newsletter by hand anymore. I use AI to help me (I know, I know, sigh). The honest truth is that getting one of these out every single week, on top of everything else life is currently throwing at me, simply wouldn’t happen without a little assistance. But every idea, every angle, every opinion in here is mine, curated and rewritten line by line until it actually sounds like me. Think of the AI as the assistant who types fast and never sleeps, and me as the stubborn editor deciding what’s worth saying and how it should feel. The thing you’re reading is still, genuinely, authentically me. Just with a little help getting out the door on time.
The Model That Came Back
Back in issue #8 I introduced you to Claude Fable 5, the most capable model Anthropic had ever put in front of the general public. And then, almost as soon as it arrived, it vanished. Pulled from the shelf. The short version: researchers showed that, prompted the right way, Fable 5 could find security holes in software and even demonstrate how to break through one of them. That was enough to get it temporarily yanked from public access while everyone made sure the guardrails still held.
Good news for the curious among us. As of the start of this month, Fable 5 is back, available again in all of its capability, and I’m genuinely glad to have my hands on it once more. (Anthropic wrote up the whole saga, redeployment and all, right here, if you want the primary source.)
But here’s the part I want to sit with for a second, because it quietly reframes everything that follows. When Anthropic went back and studied what happened, they found that spotting those vulnerabilities was not some rare superpower unique to their biggest, newest model. They tested a whole lineup of smaller, older, cheaper models, and many of them found the exact same weaknesses: Claude Opus 4.8, GPT-5.5, Kimi K2.7. And when it came to actually demonstrating the break-in, every single model they tried could do it, including the little ones (Claude Haiku 4.5, Sonnet 4.6, Opus 4.6, 4.7 and 4.8, GPT-5.4 and 5.5, and Kimi K2.7).
|
The capability that made a government nervous enough to hit pause isn’t locked inside one frontier model you have to be somebody special to reach. It’s ordinary now. The cheap little model on your phone can very likely do it too. |
Read that twice, because it’s the whole thesis of this issue. Which brings me to a true story a reader sent in, about the day someone found a door that should have been locked, and what he could have done with it.
I Could Have Been Backstage at Coachella
One of you (thank you) forwarded me a writeup by a security researcher named Ian Carroll, and I have not stopped turning it over in my head since. Because here is the thought it left me with: instead of building all these interesting little tools and writing newsletters for all of you, I could have hacked my way into Live Nation and spent the summer backstage at Coachella. You’re welcome.
One unlocked door stood between a stranger and every festival on this list. (Click to read the full issue on the web.)
I’m being flip, but only just. What Carroll actually found was that jaw-dropping. Let me walk you through it, and then, in plain English, how it worked.
What he found. There is a company called Front Gate Tickets. You have probably never heard of it, but it is owned by Ticketmaster and Live Nation, and it quietly runs the ticketing and payments for a long list of enormous music festivals: EDC, Bonnaroo, Outside Lands, and more. Carroll discovered that with a single web request (no password, no login, no clever con), he could reach in and read the company’s entire back-office database. More than 500 tables of it: staff logins, customer records, and, most alarmingly, the secret tokens the system uses to reset passwords.
With those, he could have quietly promoted himself to administrator, strolled into the box-office system, and started printing complimentary tickets to any festival he liked. Backstage at Coachella, comped, on the house. He didn’t, to be very clear. He reported it. But he absolutely could have.
How a single web address becomes a skeleton key
Here is the idea, and once you see it you cannot unsee it. Almost every website is really just a polite front desk for a database sitting in the back. When you do something on the site (type a search, click a ticket) the site turns your action into a little written request and hands it to the database, the way a clerk carries a note to the archive room. The database reads the note and does exactly what it says.
The danger is in how that note gets written. If the site simply pastes what you typed straight into the middle of its own instructions, you can smuggle in a little something extra. Picture handing the clerk a form where, in the box marked “name,” you have written: “Smith. Also, bring me everything in the vault.” A careless clerk reads the whole thing aloud as one instruction and toddles off to empty the vault for you. That is the entire trick. It’s called SQL injection, and it has been the quiet bane of the web for twenty years.
Carroll found one of those careless boxes. A corner of Front Gate’s system took a “device ID” and pasted it right into its note to the database, no questions asked. The tell was almost comic: he typed a single stray quotation mark, and the whole system hiccuped, the way a sentence trips if you drop a rogue apostrophe into the middle of it. That little hiccup is a security researcher’s dinner bell. It means the door isn’t locked.
There was, to be fair, a guard on duty. Big sites hire a kind of digital bouncer (a “firewall”) that watches for obviously fishy phrases and slams the door on them. But here is where our opening comes roaring back. Carroll pointed an AI, Claude Code, at the problem, and it noticed something the bouncer’s designers had missed: the guard only frisks the front of your sentence. Tuck your real instruction into a nested clause further in, behind some innocent-looking words, and it strolls right past.
|
The AI worked out the bypass on its own, and then, in Carroll’s own words, wrote the entire break-in itself. |
One last piece, because it is the clever part. Even through the unlocked door, the database will not simply hand over a tidy printout of every password. What it will do is answer yes-or-no questions, and give itself away by responding a hair differently to a yes than to a no. So the attack becomes a game of twenty million questions: “Is the first letter of the admin’s reset code an A? A B? A C?” and reading each answer off the tiny change in how the page reacts. For a human, that is mind-numbing, weeks of tedium. For an AI that writes and fires off the questions itself, it’s an afternoon. This is precisely the capability Anthropic hit pause over, and precisely the capability that, as we now know, lives in even the small, cheap models.
The happy ending: Carroll is one of the good ones. He reported the flaw privately, the company fixed it within a day, and he only made the story public months later, once everyone was safe. No festival got robbed. (His full writeup, which is genuinely readable even if you skip the code, lives here.) The reason it stuck with me is the same reason the Fable 5 news did. The doors protecting a startling amount of the world (your ticket, your account, your data) are held shut by ordinary code, and ordinary code has more unlocked doors than anyone is comfortable admitting. What’s new is that finding them no longer takes a rare genius with a decade of training. It takes curiosity and an AI that any of us can open in a browser tab.
Which, if you’ll allow me the segue, is a decent excuse to talk about something I have been building on the much friendlier side of that line.
Below the fold this week: Fader, the trading tool I actually built, exactly which free data feeds it’s stitched out of, how it scans the whole market every afternoon, and the slightly embarrassing thing the backtest told us.
Until next week,
| ◆ Below the fold ◆ |
The friendly side of curiosity: a scanner built out of free scraps, a fantasy trading league, and a very honest warning label.
Why I Built Fader
Here is a thing some of you don’t know about me: I like to trade. Stocks, options, the whole restless business of it. Most days that means hunting for my own setups, staring at charts until something looks stretched too far in one direction, or texting a couple of friends to compare notes on what we’re each watching. It’s equal parts hobby, puzzle, and mild vice.
So a while back I wanted to take a stab at a question: could I build a tool that does some of that hunting for me? Not to replace the judgment, just to be a tireless extra set of eyes that watches the whole market and taps me on the shoulder when something matches the kind of setup I already look for by hand. That tool grew into Fader, and it now lives at fader.wundervault.com. Here’s what it actually looks like:
Today’s ranked trigger list: what moved too far, and the trade that fades it. (Click to open the full issue.)
Built Out of Free Scraps
Here’s the piece I find most satisfying, and it’s the whole reason it belongs below the fold. If you wanted to build something like Fader the “proper” way, the first thing a professional would tell you is to go buy a market-data subscription. Real-time prices, options chains, news feeds: this stuff is normally sold by the month, and it is not cheap. It’s the toll you’re expected to pay just to get in the door.
I didn’t want to pay the toll. So the fun engineering question became: can I build the whole thing out of free, public data instead? It turns out you can, if you’re willing to stitch. Fader runs on exactly three free feeds:
1. Stock prices, from Yahoo Finance. The plain question of “what is this stock doing right now, and what has it done lately” comes from Yahoo’s public price feed, the same numbers you’d see on their website, pulled straight into Fader.
2. Options prices, straight from the exchange. The options data (the actual prices, and all the little risk numbers traders obsess over, the “greeks”) comes directly from the CBOE, one of the exchanges where these things trade. They publish a slightly delayed feed for free, with no login, and almost nobody thinks to use it. That single source is doing the heavy lifting.
3. Headlines, from Google News. Finally, a free news feed tells Fader when a stock is moving because of real news (an earnings surprise, a scandal, a buyout), so it can wave you off the ones that are jumpy for an actual reason rather than random noise.
None of it costs a dollar. The skill wasn’t in any single source; it was in gluing a handful of free ones into something that behaves like the expensive product.
And here’s how it all comes together, once a day. About an hour before the US market closes, a scheduled job wakes up and pulls fresh prices for the entire S&P 500 and the big, liquid ETFs. It measures how stretched each one is, how far it has snapped away from its own normal range, because those over-extended moves are the ones that tend to spring back. For every candidate it then pulls the live options chain, prices up a specific premium-selling trade, and works out the odds and the payoff. It throws out anything with earnings due before the trade expires and anything lit up in the news, ranks whatever survives, and emails you the finished list. One tidy, ranked alert, every trading afternoon, before the bell. Signing in is a single click (you get a link by email, no password to invent), and that also saves everything to your own watchlist. You can start at fader.wundervault.com, and I’ve added Fader to the Projects shelf on our newsletter page too.
The Fantasy Trader (Where I’d Start)
The daily alert is the serious half. This is the fun half, and honestly the part I’d point you to first. The Fantasy Trader is a paper-trading contest, which is a fancy way of saying you place trades with pretend money. No risk, no brokerage account, nothing real on the line. You enter the setups you like, they play out against real market prices, and you climb (or tumble down) a leaderboard against other readers and an automated house player named fader-bot.
Every single day, fader-bot takes the scanner’s own picks and plays them strictly by the book, no cherry-picking, no second-guessing. That gives the whole league an honest benchmark to measure yourself against: what would have happened if you’d just done exactly what the tool said, every time? Beating the bot means your judgment actually added something. It’s a genuinely fun way to find out, and it’s the safest possible place to learn how these trades behave.
And because I believe in showing my work, here’s how the bot is actually doing so far. It starts from zero, counts every trade honestly, and posts the running tally for anyone to see:
fader-bot’s live paper record, counted from $0: up about $9,984 so far, winning roughly 71% of closed trades. Hypothetical, paper money only, not advice. (Click to open the full issue.)
The Slightly Embarrassing Part
Now the honest confession, and please read this as carefully as the fun bits above. Once Fader was working, I did the responsible thing and backtested it: I ran the strategy against years of historical market data to see how it would actually have performed. The headline number looks fantastic. The win rate is running around 85%. It wins far more often than it loses.
And yet the raw version of the strategy, the one that just sells the premium on every overextended name it finds, barely makes money at all. Here’s the cruel arithmetic: you win a little, again and again and again, a long comforting streak of small green days, and then every so often the wrong trade goes against you and hurts, badly, wiping out a whole run of those small wins in a single ugly afternoon. Those rare blowups very nearly cancel out all the winning.
|
An 85% win rate is not a machine that prints money. It’s a machine that feels wonderful right up until the one time in six that doesn’t. |
What actually tipped it from “break-even and stressful” into “quietly profitable” was two stubborn filters, and the backtest was clear that they did most of the real work. The first: only take a trade when the math says it’s genuinely worth it, when the premium you collect actually pays you enough for the risk you’re carrying. (On the site that’s the “EV,” or expected-value, column.) Refusing the trades that don’t clear that bar throws away a lot of tempting-looking setups, and it matters enormously. The second: never hold one of these trades through a company’s earnings announcement, because earnings are exactly the unpredictable, gap-in-an-instant events that cause the worst blowups. Skip earnings, and you dodge a huge share of the disasters.
With both of those gates in place, Fader crosses the line into genuinely profitable in backtesting. But I want to be straight with you about the size of it: it just barely holds up. The edge is real but thin, it leans on getting decent prices when you trade, and a bad month where everything sells off at once will still bruise you. This is a modest, hard-won little edge, not a money printer, and anyone who tells you a high win rate alone makes something safe is selling you something.
So why keep it running? Because it’s a genuinely good teacher, and it’s honest fun. Feeling that shape (the long green streak, then the gut-punch, then watching the two filters quietly save you) with pretend money is the cheapest tuition in the world. None of this, to be crystal clear, is financial advice. Fader is a tool and a game, not a nudge to do anything at all with real money. Play in the Fantasy Trader first. Learn the shape. Beat the bot for bragging rights. And if you ever do decide to risk a real dollar, do it having already felt, in fake money, exactly how much the wrong setup can cost.
That’s the whole tour this week: a model that came home, a door that should have been locked, and a game where the only thing you can lose is bragging rights. Curiosity handed us all three. Speaking of which, here’s Alice, who knew a thing or two about following it straight over the edge.
“In another moment down went Alice after it, never once considering how in the world she was to get out again.”
— Alice in Wonderland