Here's the paywall-free version of today's insane must-read: The Atlantic's Jeffrey Goldberg was added to a Signal chat including SECDEF, VPOTUS, and others that discussed the Houthi strikes. In addition to being illegal, it's just dumb. A foreign adversary's dream come true

https://archive.is/JEYep

@4ttil4sz1a @andreyknvl (and also provided those fixes back to Canonical, though I haven't tracked what was done with them). Crazy that the Linux CNA is issuing CVEs for unsigned crafted kernel modules (which can execute arbitrary code, modify arbitrary data) but not for things that have real exploits.

@4ttil4sz1a @andreyknvl Was that the reason the CVE got issued by Canonical instead? Our system saw it come through Feb 14th and was flagged as having no upstream commit (while recognizing it affected upstream), we backported Canonical's fix that day and also fixed 10 memory leaks the fix introduced

What have we here!

https://www.internetarchive.eu/

@mcc I mostly take the behaviour of AI scrapers as evidence that this style of machine learning is a form of violation. Like, whether or not it's philosophically or legally theft, AI companies are behaving more like smash-and-run robbers than anyone who believe they have a legitimate claim to the data they take (and take, and take and take...)

current status: scrawling "FUN JIT COMPILER PROBLEM" in sharpie on a big cardboard box, then putting it on my front lawn and seeing who jumps into it

https://www.mattkeeter.com/projects/prospero/

DNA-Testing Firm 23andMe Files for Bankruptcy https://slashdot.org/story/25/03/24/0517231/dna-testing-firm-23andme-files-for-bankruptcy?utm_source=rss1.0mainlinkanon

If you are trying to delete your 23andMe data and get an obnoxious reply asking for ID, tell them no, that's what your password is for, and they will do it. And if they then send you an obnoxious reply saying they will delete everything except the stuff they are required to keep by law, check out this article by actual lawyer @AugustB

https://bourniquelaw.com/2024/10/09/data-23-and-me/

#23andMe

TIL that because the FFmpeg project has gained so much experience in hand-writing assembly code to provide huge speedups, they now are putting together a series of lessons for learning assembly:

Vibe coding is fun and all, but this is probably a better use of time!

https://github.com/FFmpeg/asm-lessons

We’re adding a new section to @elastic’s HackerOne Bounty Program! Today, we’re opening our SIEM and EDR rules for testing. We’re excited to have another way to thank our community for their efforts on our #detectionengineering. Get more details here: https://go.es.io/4hdKQCI

Project: openssl-static-gcc-dwarf 3.4.0
File: openssl
Address: 0088b2e0

mallopt

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F0088b2e0.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F0088b2e0.json&colors=light