PSA: the CfP of eth0 is open, please submit a talk and/or workshop!

And yes, your thing is interesting! Especially if you've never done a talk before, eth0 is a great place to start :)

You can add it to the wiki or mail your proposal to info@eth0.nl

https://wiki.eth0.nl/index.php/Eth0:2025_Autumn_Talks_%26_Activities

General Devices for Lowering Morale and Creating Confusion

I released version 0.2.4 of Typage, the TypeScript implementation of age for Node/Deno/Bun and browsers.

encrypt and decrypt now accept and return ReadableStreams to encrypt/decrypt large files on the fly. The returned object also has an additional method to compute the expected output size from the input size.

https://github.com/FiloSottile/typage/releases/tag/v0.2.4

Okay, let's say for shits and giggles that you're major manufacturer Phillips.

You want everyone to use your smart home stuff via the Phillips Hue bridge.

Why would you use NTP from China?

First it was people sharing slide decks instead of writing an article or a blog post. Then it was people writing long threads on twitter etc. instead of writing an article or a blogpost. Then it was people posting overproduced video clips instead of writing an article or a blog post. Then we had reaction videos of people discussing an overproduced video by someone else instead of writing an article or a blogpost. Now we have AI trying to summarise that.

Just write an article or blogpost, folx!

@cynicalsecurity Somewhat related anecdote:

The gothub.org domain used to host patrick's private git repository server with gotd/gotwebd. Months ago the domain was transferred to me and has since been hosting a static web site, invalidating all of the former links towards this domain.

Yet the vast majority of requests received by the web server is still of the form:

GET /?action=blame&commit=aa6...

(Your typical LLM bot hungry for source code in all possible variations.)

Since openbsd httpd has no means of matching query parameters, this looks like a GET request sent to the root directory, which now serves our crisp and fresh index html rather than blame command output with source code.

In DDG search results I've seen such gotwebd links show up which now contain text from gothub's index.html in the summary description ​ The other search engines/LLMs are probably just as stupid, though I haven't bothered to check.

Things aren't looking well with the world, but treat yourself to this AWESOME list of accepted talks over at @why2025camp - just SO much goodness! (and two talks from me, which I will be doing my utmost to also make awesome). This will also be streamed live for the world: https://vote.why2025.org/why2025

My Unix Archive mirror was slaughtered by LLMs overnight, it is on a 10G link, they were taking over 1Gbps in requests to the same files over and over again.

I have Geo-blocked the whole of the US to stop them (with PF).

This is ridiculous.

watt-hours per memory corruption bug

Building Linux kernel on macOS natively

https://seiya.me/blog/building-linux-on-macos-natively

Spotted a reverse engineering boutique at Zurich main station

In programming the hard part isn't solving problems, but deciding what problems to solve.

— Paul Graham

The attempts by law enforcement & governments to subvert end-to-end encryption are ongoing. The European Commission is going to spend a year thinking about their new "Roadmap for law enforcement access to data", and they are (genuinely) asking for people to join their expert group to help. Here I urge you to join that group (also because I can't): https://berthub.eu/articles/posts/possible-end-to-end-to-end-come-help/

#campplusplus this year is, again, fabulous. Highly recommended to attend.

Are we bleeding out? Enjoy our analysis of CitrixBleed 2, aka CVE-2025-5777 - the "new" Citrix NetScaler Memory Leak vulnerability.

We've been using this mechanism to identify vulnerable systems, and hope it helps the teams that need it.. enjoy!

https://labs.watchtowr.com/how-much-more-must-we-bleed-citrix-netscaler-memory-disclosure-citrixbleed-2-cve-2025-5777

Misroute materials.

Hello you fine Internet folks,

Today's article is on Nvidia's RTX PRO 6000 Blackwell and diving into the Blackwell architecture generally and more specifically into the GB202 GPU die in the RTX PRO 6000.

Hope y'all enjoy!

https://chipsandcheese.com/p/blackwell-nvidias-massive-gpu

https://old.chipsandcheese.com/2025/06/28/blackwell-nvidias-massive-gpu/

First, solve the problem. Then, write the code.

— John Johnson