Using a Pixel with GrapheneOS that features Inactivity Reboot, MTE, and more? — You must be a drug dealer. 🚨

Using an iPhone 17, which now also ships with EMTE, Inactivity Reboot, SPTM, TXM, Conclaves, ...? — Oh, just the average Apple fangirl/boy who gets a new device every year due to camera improvements. ✅

GrapheneOS released some innovative mitigations prior to Apple. Yet, it needs Big Tech to apply such ideas and make phones more secure at scale.

https://www.golem.de/news/grapheneos-verlaesst-ovh-frankreich-ist-kein-sicheres-land-fuer-privacy-projekte-2511-202570.html

Abstract verbalizations about personal liberty, freedom of the press, and so on, will not be convincing in most parts of the world.

Has anyone ever heard of a phono jack connection detection that works in windows with headphones and a sound system, but only works in linux in the headphones?

This issue breaks my understanding of how phono detection works. How the operating system would have any way to distinguish between the two. And it sounds like some physical weirdness.

Anyone else seen anything like this? Please boost.

#Fedora #Linux #Foss #Audio #Sound

All human-authored art, regardless of quality, is vastly superior to soulless AI remixes.

Using AI art just sends a message that filling a space with *anything* is all that matters. How can you expect people to care about anything else you have to offer once they know that?

[RSS] BGGP6: REVIVING RDOFF PART 1

https://n0.lol/bggp6-rdoff/

Hello from Düsseldorf. I am at German OWASP day and you can follow along too. There’s a live stream on https://media.ccc.de/.
Full program at https://god.owasp.de/2025/

Talks are about all sorts of appsec things, from langsec over pdf to passkeys and so on. All talks will be recorded :)

Came across this striking art piece in Bourke St Mall, #melbourne called Paid Attention by Huei Yin Wong. It’s designed to comment on the way the advertising industry profits from constantly taking our attention at no benefit to us. If you sit making unbroken eye contact with the messages about our attention choices on the screen, it pays out the equivalent of minimum wage for the time watched. Sitting there conspicuously staring at something silly in public for even less than 2 minutes was weirdly unsettling even though we’re constantly looking at silly stuff on screens

We made a new tool, QuicDraw(H3), because HTTP/3 race condition testing is currently trash. https://www.cyberark.com/resources/threat-research-blog/racing-and-fuzzing-http-3-open-sourcing-quicdraw

@caspicat yeah that too - google even has a special "wont tell you why we dont index this" code on search console. But I'm also talking about docs where you get like 3 examples but no API docs.

@pancake umm, that's weird, seems to have disappeared from the blog too?

You can now pull Ghidra databases straight into your workflow in Binary Ninja 5.2! Open a .gbf on its own, import Ghidra data into an existing session, or bring parts of a full project into a Binary Ninja project on Commercial and above. Mixed tool workflows get a lot easier and this update sets the stage for future export support. https://binary.ninja/2025/11/13/binary-ninja-5.2-io.html#ghidra-import

Re: "AI chat is a better search experience than traditional search engines"
https://come-from.mad-scientist.club/@algernon/statuses/01KAYE52M0RCVN6G3TWCYVS1SG

Lately I have the impression that not only are search engines worse and websites contaminated with slop, but significant amount of content - technical docs, mostly for modern SW - *is simply not there, because no one ever wrote it*!

Am I alone with this?

AI chat is a better search experience than traditional search engines

Weeelll.... only because traditional search engines are full of ads and scam, and the slop machines filled the internet with garbage, which these search engines keep pumping up.

Traditional search engines became crap the moment advertisement found its way there, and the moment they became generic and all-encompassing.

I've been using my own search engine (a YaCy instance) for the past few years, and it continues to work remarkably well, thank you very much. Better than any slop machine, better than any traditional search engine.

If you look past the shitstained windows of BigTech's walled garden, there's a whole world of beautiful, working internet out there. Free of advertisement, free of dark patterns, free of the slop machines.

The trick is to not believe their lies.

[RSS] Why does XAML break down when I have an element that is half a billion pixels tall?

https://devblogs.microsoft.com/oldnewthing/20251124-00/?p=111811

[RSS] The apocryphal origins of the Hot Dog Stand color scheme

https://devblogs.microsoft.com/oldnewthing/20251125-00/?p=111813

woo-hoo! @mwl is writing "OpenZFS Mastery" ​

More filesystems! More disks! More Zthings!

You too can sponsor his madness at https://sponsor.mwl.io/

(This was not paid by @mwl, I just happen to sponsor his books because I'm addicted to books).

[RSS] Constant-time support lands in LLVM: Protecting cryptographic code at the compiler level

https://blog.trailofbits.com/2025/11/25/constant-time-support-lands-in-llvm-protecting-cryptographic-code-at-the-compiler-level/

@tess

Some helpful advice for all you software devs:

- you can cause social problems with code
- you can degrade the system if you don't understand how or why it works
- you can produce obstructions for someone else without understanding how they work or what they are doing.

Sometimes I think it’s going to be the librarians who will save us all.

I just went to request a feature in #KDE on #Linux and saw that the feature had been requested 10 years ago. I added a comment to bump it and see if it was still under consideration when I got a ding on my phone.

Turns out I had commented on the same bug, under an old email address, seven years ago.