@wolf480pl "We were in the jungle. There were too many of us. We had access to too much money, too much equipment, and little by little, we went insane."

Very important post by @kagihq (feel free to ignore the AI CEO-speak at the beginnig):

Waiting for dawn in search: Search index, Google rulings and impact on Kagi

https://blog.kagi.com/waiting-dawn-search

Feels like Sun spot activity is wild today...

@froge In theory maybe, in practice these updates introduce breaking changes (see my mention of QA).

@pancake I don't even remember when I last posted on LinkedIn but based on my e-mail notifications that last one will echo in the eternity!

As developing a decent QA process for Linux distros seems to be impossible I don't get how enabling automatic updates by default seemed like a reasonable thing to do...

@floyd I used this thing for my first hacks in school <3

This is wild, there have been changes on the Cain&Able repository lately (yes that tool you used in your first IT security hands-on class 20 years ago) https://github.com/xchwarze/Cain #itsecurity #hacking

County Pays $600,000 To Pentesters It Arrested For Assessing Courthouse Security https://it.slashdot.org/story/26/01/29/2147207/county-pays-600000-to-pentesters-it-arrested-for-assessing-courthouse-security?utm_source=rss1.0mainlinkanon

Cable modem died, yaay...

RE: https://tech.lgbt/@ShadowJonathan/115979646528496303

Give me Universal Basic Income and watch me obsessively plant fruit and nut trees in the entire city.

rustc be like

RE: https://mas.to/@pooh/115980278517566505

Hey Hey, People.

Just updated my book-in-progress - Suricata: An Operator's guide.

This update finally closes out chapter 7, a scenarios/exercises chapter to help readers grasp the concepts of threat research and data pivoting, and how the data acquired gets turned into Suricata rules.

There are three scenario exercises in total:

Scenario 1: PolarEdge Botnet
Scenario 2: Myth Stealer
Scenario 3: Oyster backdoor

As always, the book is available for free, and I'm not expecting anyone to pay for my half-finished work. Download a copy here:

https://leanpub.com/suri_operator

the exercises chapter is made much more fun for readers, if they can follow along, so I've updated the github supplementaries repo with pcaps for both the second and third exercise. You can find that repo here:

https://github.com/da667/Suricata-An-Operators-Guide-Supplementaries

Future plans:

Chapter 8 is going to be another somewhat hands-on chapter, where readers learn how to "throw" and capture pcaps of proof-of-concept exploits, and/or forge their own pcaps based on threat research write-ups. I'm not 100% sure which CVEs/vulns I'll be picking on here, but I'll be doing three of them, just for some variety.

As a former K-12 technology educator, let me break this down for you. If a "toy" comes with an app, it isn't a toy; it's a data collection mechanism, and likely a brand loyalty engine.

Kids don't need these things. In fact, they're much, much better off without them.

https://www.wired.com/story/an-ai-toy-exposed-50000-logs-of-its-chats-with-kids-to-anyone-with-a-gmail-account/

@IanHill I think this is a relevant answer, just different abstraction layers: https://blog.trailofbits.com/2025/12/19/can-chatbots-craft-correct-code/

[RSS] How to bisect Linux Kernel build and boot failures with TuxMake and TuxRun

https://www.linaro.org/blog/how-to-bisect-linux-kernel-build-and-boot-failures-with-tuxmake-and-tuxrun/

Comodo has some newer MDM products they cannot, surprise-surprise, adequately protect from abuse.

*.itsm-us1.comodo[.]com (US)
*.cmdm.comodo[.]com (EU)
*.mdmsupport.comodo[.]com (legacy)

https://russianpanda.com/The-Abuse-of-ITarian-RMM-by-Dolphin-Loader

#rmm

"A common fallacy is to assume authors of incomprehensible code will somehow be able to express themselves lucidly and clearly in comments."
– @kevlin

"... or prompts." I would like to add.

NoFX pops out of retirement to say #fuckICE 🤘:

https://www.youtube.com/watch?v=sU6s6VEJxrU

Today's software signatures may not survive tomorrow's quantum computers.
Over the past two years, we collaborated with the Sigstore community to build controlled cryptographic agility into the ecosystem with a centralized algorithm registry, configurable restrictions, and Go implementations of post-quantum algorithms LMS and ML-DSA to prove it's future-ready. https://blog.trailofbits.com/2026/01/29/building-cryptographic-agility-into-sigstore/