internet comment etiquette with erik just got off YT probation / timeout from when YouTube’s moderation AI flagged a decade old video for having russian parkour.

He celebrated by posting the below under a pipebomb video.

Hey, this is my son. Stop making fun of his school project. At least he worked hard on it. unlike all you little fucks using AI to write essays about books you don’t know how to read. So you can go use AI to get ahead in the workforce until your AI manager fires you for sexually harassing the AI secretary. And then your AI health insurance gets cut off so you die sick and alone in the arms of your AI fuck butler who then immediately cremates you and compresses your ashes into bricks to build more AI data centers. The only way anyone will ever know you existed will be the dozens of AI Studio Ghibli photos you’ve made of yourself in a vain attempt to be included. But all you’ve accomplished is making the price of my RAM go up for a year. You know, just because something is inevitable doesn’t mean it can’t be molded by insults and mockery. And if you depend on AI and its current state for things like moderation, well then fuck you. Also, hey, nice pipe bomb, bro.

@sassdawe And Azure probably has more Linux boxes than Windows, so I guess that's OK :)

@pojntfx @mdione Really weird choice indeed. Their FAQ says: "The electronic boards will be purchasable through our distributors." so maybe they plan to provide exceptions for select companies? Can they do that?

Oh the Technical Specifications on the vendor page lists HP cartridges and something called Inkit (maybe https://inkit.se ?) for ink:

https://www.opentools.studio/

Maybe @rayckeith can clarify?

Open Printer

https://www.crowdsupply.com/open-tools/open-printer

I've been looking for something like this for a long time! Unfortunately I don't yet see how ink could be supplied, and as @pojntfx points out, the chosen CC license would make establishing a sustainable ecosystem difficult...

the AI slop in security reports have developed slightly over time. Less mind-numbingly stupid reports now, but instead almost *everyone* writes their reports with AI so they still get overly long and complicated to plow through. And every follow-up question is another minor essay discussing pros and cons with bullet points and references to multiple specifications.

Exhausting nonetheless.

For the Berlin peeps:

I’ll be playing some tunes tonight together with the amazing poco1oco, don’t miss out https://www.eschschloraque.de/vinyltrottel-02012026

[RSS] The Story of a Perfect Exploit Chain: Six Bugs That Looked Harmless Until They Became Pre-Auth RCE in a Security Appliance

https://mehmetince.net/the-story-of-a-perfect-exploit-chain-six-bugs-that-looked-harmless-until-they-became-pre-auth-rce-in-a-security-appliance/

@oaklandprivacy Has any state made serious efforts towards outlawing the data broker industry outright?

As in, rather than forcing individual residents to opt out of data collection, mandate that as soon as you become aware someone is a California resident they implicitly treat that as a deletion request.

And banning the operation of data brokers within state lines (even if not handling CA resident data) including employing CA residents, selling data to CA companies, etc.

New Project Zero issue:

Samsung: libimagecodec.quram.so buffer overflow in WINKJ_YcbcrWriteOutput1to1_YUV422_H1V2_toRGBA8888 during JPEG decoding

https://project-zero.issues.chromium.org/issues/450884207

CVE-2025-58480

California residents now have a real tool against the data broker industry.

The state has launched DROP, a single portal to demand deletion of your personal data from 500+ registered data brokers in one request, for free.

To start: https://consumer.drop.privacy.ca.gov/

#ca #drop #privacy #consumer
1/2

@sassdawe Wow congrats!

@addison It's obvious you have a lot to say :) I think the presentation was also very good (using sokoban as a model is spot on!), it's just that internalizing new perspectives takes time, and I think we were better off getting multiple highlights of ideas instead of working through any one of them during the time given - we have the recording, slides, etc. to dig deeper as we like.

@addison Thanks for the great talk, definitely the most thought provoking one for me from this CCC! Have to watch it like 3 more times to get all the details though 😅

“Move fast and break kings.” I love @pluralistic and his rallying cry: https://pluralistic.net/2026/01/01/39c3/

Bonne année 2026 à tout le monde !

N'oubliez pas que l'appel à soumission est en ligne et que la date limite pour envoyer vos articles est le 18 janvier.

https://www.sstic.org/2026/cfp/

#sstic #sstic2026

@hanno As another datapoint, MOTW bypasses worth CVE's at MS (e.g. CVE-2025-24061). It's not the same ofc. as an automatic control is bypassed in such cases, but at the same time users could choose to bypass the control after a warning (which the CVE also bypasses).

@murb @bert_hubert @signalapp Great, that can be a checkbox then! I'm also sure that support/M.W. didn't have to deal with as many angry Europeans if the us-east-1 only affected users over the pond :)

@filippo @freddy @hanno I'll save this thread under "even your vendor doesn't approve CVSS" for future reference

@embedding_shapes @rickoooooo nix-shell works though, leaving you with tasks that are too complex for that but don't justify a container. Now I'm sure that can be a deal-breaker too, but it's worth keeping in mind that there is room for ad-hoc tasks.