StreetComplete is a really fun and accessible way to contribute to OpenStreetMap from an Android device - walk around in your local neighbourhood (or anywhere really) and solve 'quests' by answering questions about the things around you!

You don't need to learn anything about mapping conventions, or infrastructure, or about the more complex mapping tools that exist for OpenStreetMap. The app will explain everything to you that you need to know, when you need to know it, and ask easily understandable questions with reference pictures for the answers.

The only setup needed is to make an OSM account and log into it from the app, so that it can upload your answers - and you can also do that at any later time, after trying out the app without an account for a while first. You can just install it and go outside right away!

The app doesn't need any cellular internet connection; it can work offline and synchronize your answers once you reach a place with eg. WiFi. It's also quite performant, and should run well even on lower-end phones. There is also a 'multiplayer' option that lets you split up in teams and each tackle different quests in the area.

https://streetcomplete.app/

#StreetComplete #OpenStreetMap

We have been trying to replace coders with some technology since at least COBOL.

https://www.commitstrip.com/en/2016/08/25/a-very-comprehensive-and-precise-spec/

#Code #Coding

Nextcloud will invest 250 million euros until 2030 in sovereign Open Source solutions and we expand our channel partner program. Interesting times ahead.
https://nextcloud.com/blog/nextcloud-community-sovereignty-for-everyone/

Anyone interested in #ReverseEngineering a pointlessly #NDA'd "bus" system that makes it harder for no valid reason to resurrect some otherwise still functional #SATCOM gear?

https://www.beamcommunications.com/document/9-manual-9522b-l-band-transceiver/file page 15

#DPLbus #DPL #Iridium #9522B #handset

...last offset, I gave you my heart...

Having spent the last couple of nights reversing data types I'm all in for UNION busting!

#ReverseEngineering #capitalism

I've just upgraded Turbo Intruder with a shiny new algorithm called HTTP Anomaly Rank, which automatically finds the most unusual responses in your attack! Here's a quick demo, full details in the writeup below: https://youtu.be/z92GobdN40Y

TIL when you recursively search for source files, .ccls-cache can ruin your day because it contains very similar file names to the originals :P

free as in use-after

Friendly reminder from @buherator about your thoughts on reshare and r4ghidra projects: #poll

r4ghidra-r2web - https://mbbkepfl.formester.com/f/GfJNIHusN
r4ghidra-REPL - https://mbbkepfl.formester.com/f/invMupinF
REshare - https://mbbkepfl.formester.com/f/rLvls916S

https://apnews.com/article/japan-softbank-son-nvidia-ai-chips-d8a10172850628c317a214280a4d94c9

You install PSP on your operator workstation and the vendor starts spying on you.

https://www.huntress.com/blog/rare-look-inside-attacker-operation

#opsec

@uint8_t A man of culture ;)

This article highlights how much control endpoint security vendors have over customer machines, and transitively over companies and maybe even nations:

https://www.huntress.com/blog/rare-look-inside-attacker-operation

You only install this stuff, because you trust the vendor (and their government, etc.). Or not, see Kaspersky vs. US.

#AntiVirus #EDR #HackBack

That's … special. Scientists in the field of artifical intelligence telling von der Leyen to stop AGI buzzwording.

https://www.iccl.ie/wp-content/uploads/2025/11/20251110_Scientists-letter-to-the-President-AI-Hype.pdf

@keepassxc I think you misunderstood the “plausible-looking generation” criticism. The issue is not that the LLM is created to purposefully slip changes past reviewers, that would indeed be quite silly. It is trained by optimizing for plausible looking output – in essence the LLM “tries” to generate code that looks plausibly correct and such code is correct only inasmuch as code being correct is correlated with code looking correct. In contract humans when coding are trying to create correct code, and correctness there is related to how well a given human can generate correct code. The worry is that when a human makes a mistake it has a much higher chance of looking like a mistake, while LLMs are more likely to create correct-looking mistakes, because they are optimized for creating correct-looking output in general. This is what people mean when they say that LLMs will “sneak” mistakes past reviewers, and perhaps a reason to at least have different approaches to reviewing these two kinds of code.

I’m not sure what to think about the change in general, given what I know about LLMs your approach still makes me quite uneasy, but probably not enough to switch to a different password manager. Anyway, just wanted to explain the apparent confusion about this specific argument.

Oh, and since I’m writing to you already – thanks a lot for maintaining KeePassXC, it’s on the short list of software that works exactly as I like and I really have no complaints about.

[RSS] How I got Domain Admin via Citrix FAS through ESC3

https://scribe.rip/@Debugger/how-i-got-domain-admin-via-citrix-fas-through-esc3-40c6b86d7ae1

From vendor to ESC1

https://scribe.rip/@Debugger/from-vendor-to-esc1-ed32281b7ea7

Awesome blog post explaining why ~all enterprise domains could be pwned via ADCS lately: vendors prescribe insecure configuration to integrate their stuff!

(AFAICT I couldn't post this from my RSS reader, but if you see this for the fifth time, I'm sorry!)

@algernon You are joking but https://www.itjungle.com/2025/11/10/fresche-taps-ai-for-new-rpg-to-java-conversion-tool/