LLMs are just a tool, just like airplanes or hammers. An airplane is very expensive, but better at going really far distances than humans can on foot. A hammer is cheaper than a human, but by itself is useless unless operated properly. Despite the tone of the outputs, LLMs should not be authoritative and human judgement shouldn’t be replaced with them.

Just on the security side of coding, highly skilled security engineers at Mozilla were able to use Claude Mythos to identify and address many issues to make Firefox more secure. Some if these issues were introduced over 10 years ago, and a human could have identified and fixed them but human speed of reading and finding will always be a bottleneck. Having highly skilled humans offload the slow task to go through the codebase and raise issues, allowed them to find and understand the nuanced problem, and work on a fix. The key here is giving the people with the skills the ability be enhanced with LLMs, not replace them with one.

Interesting bit from the court docs of how they traced it to him:

Based on cryptocurrency tracing analysis performed by FBI personnel, I have learned the following, among other things: on or about November 12, 2025, and November 13, 2025, in a total of approximately three transactions, Wallet-0xAf6 sent a total of approximately $149,980 of cryptocurrency to particular cryptocurrency swapping service (“Swapping Service- 1”).2,3 Based on documents from Swapping Service-1, I have learned that shortly after those three transactions, Swapping Service-1 sent approximately $149,980 of cryptocurrency to a particular cryptocurrency payment processor (“Payment Processor-1”). Based on documents from Payment Processor-1, I have learned that the November 12 and 13, 2025 transactions were received by account in the name of “Michele Spagnuolo,” and that an Italian Government identification card was used to open the account at Payment Processor-1. A copy of that identification card, which I have reviewed, appears to be a government identification card for MICHELE SPAGNUOLO, a/k/a “AlphaRaccoon,” the defendant.

Seems like whatever swapping service he used is what got him as he probably assumed that they wouldn’t comply with law enforcement or have detailed records.

Microsoft has been mum on any details about these matters, so it’s hard to tell if the situation is about an uncooperative researcher who doesn’t follow standard disclosure rules or a company being difficult about security reports. Regardless, the move to ban Eclipse’s GitHub account makes for poor optics, as it is being heavily criticized, and ultimately achieves nothing for security, since the code is out there anyway.

Classic Streisand effect. Just two years ago Satya Nadella publicly announced they’re prioritizing security above all else, but now have nothing to say about these exploits and are trying to silence the researcher? Viewing from the sidelines, it did seem a bit reckless how Eclipse was dropping these as zero days, but Microsoft’s actions speak louder than words and they probably didn’t pay for the bounties.

paw patrol is just so over stimulating with frequent cuts and it’s clearly designed to hook kids short attention spans / does not help develop longer attention spans. It’s a classic problem that kids don’t want to stop watching and have tantrums if you enforce screen time and turn it off. All of this to sell huge toys that kids think they want and will play with one time.

Also the stories are not really that great, and suck to watch as a parent. They always introduce an issue which is immediately resolved, triggering that instant gratification in your kids brain, without teaching them about conflict resolution or anything really useful. This isn’t even about the idea of Adventure Bay being a police state or promoting the privatization of communal services.

It’s an unfair comparison, but a show like Bluey has great storytelling and while not being purely educational, teaches kids how to emphasize with others and deal with conflict that isn’t easily solvable, even for adults. The music, illustrations, and stories are a work of art and a more valuable use of time than Paw Patrol.

This is a benign example, but I was talking with a fellow parent about our dislike of Paw Patrol and told them I had to remove that as an option in Netflix. They were shocked that was possible and I could see the gears turning in their head with that new info. Granted I’m not parenting a teenager yet, but it seems like most of the functionality in bigger platforms generally exists, people just don’t know it’s there and to set it.

The Verge’s Podcast has a reoccurring segment now called “Brendan Carr is a Dummy” with all these stupid moves on his part.

Gotta pump the bubble somehow and show “universal AI usage”. Facebook did something similar like 10 years ago with inflating views for video content to get publishers to pivot to video on Facebook’s platform by juicing the numbers.

We sent a SYN-ACK packet and YOU acknowledged it, confirming you are not spoofing YOUR IP address. Now WE share the same sequence number. Most sites do not tell you this is happening.

Doesn’t seem to be anything new here than what’s we already know:

• https://en.wikipedia.org/wiki/Device_fingerprint
• https://coveryourtracks.eff.org/

Just with a more ominous tone. Is it any wonder people are afraid of technology?

I always read it for the articles

FWIW, if you suspect your machine has been compromised, the binaries for common tools like ps and top shouldn’t be relied upon since those probably were tampered with to hide the malicious program from the output. At that point, you’d probably want to check each running process manually under /proc/.

My thoughts exactly, can’t weigh an opinion on the quality unless I see it for myself.

On the bright side, they’re unlikely to see a penny from it, and have incurred lawyer costs and time.

They don’t even bother to lie badly anymore. I suppose that’s the final humiliation.

that’s why I’m so fucking confused

lol this was a plot of a Futurama episode

Noto Sans Mono for me

Why would a 302 temporary redirects for engramma.dev → app.engramma.dev be classified as “Social engineering content”?

Another situation is multi-episode releases. I remember first encountering this with LOST where the 2h season finale would be listed as two separate episodes, which for a season finale wasn’t too annoying. More recently, later seasons of The Good Place would air two episodes at a time, and that always caused a mess as well that required manual intervention sometimes.

And if you comply with unjust laws, then it’s way harder to challenge them in the courts.