@lcamtuf @rationaldoge @inthehands

"- Fry, you're wasting your life sitting in front of that TV. You need to get out and see the real world.
- But this is HDTV. It's got better resolution than the real world!"

My own eyes never produced such a good image of the yellowish, semi-transparent material of a home-made PCB as the AC-DC converter slop :P

They don't exist to meet demand; they exist to game the engagement systems we put in place. I think that's true for a lot of other AI content on the internet too.

3/3

When Google restricted AlphaFold 3's commercial use, three MIT PhD students rebuilt the protein folding model in four months. Their open-source version, Boltz-1, now has $28M in funding and a Pfizer partnership. The move highlights tensions between proprietary AI research and scientific openness in drug discovery infrastructure. #OpenScience #ProteinFolding #AIResearch https://www.implicator.ai/when-google-locked-the-door-three-mit-students-picked-the-lock/

If Seatbelt Guidance Worked Like Cybersecurity Guidance

https://scribe.rip/@boblord/if-seatbelt-guidance-worked-like-cybersecurity-guidance-01dbe8b88c96

The original one did quote:

So while chatting with a colleague this week about putting base64 images into email, I jokingly said

“you know though, i wonder if i can craft an image which turns into readable LLM prompts when encoded as base64 🤔”

Well. Turns out I can

https://drewmayo.com/1000-words/

It is a long-standing tradition for Microsoft to use a runtime copy of Windows as a part of Windows Setup. But the copy is so stripped-down, it cannot run anything but the setup program (winsetup.bin).

OR IS IT?

A mini-challenge for myself: create a semi-working desktop only based on runtime Windows 3.10 shipped with Windows 95 installer but not using any other Microsoft products.

Lots of nostalgic and weird screenshots in this 🧵 thread

"The media has largely let [tech companies] set the terms of the debate, right down to the terminology used in any discussion of these systems."

From Nanna Inie and me in Tech Policy Press on how to spot and resist anthropomorphizing language in the discourse about so-called "AI".

https://www.techpolicy.press/we-need-to-talk-about-how-we-talk-about-ai/

@babe If they really don't verify if a given phone number opts-in to their spam you most definitely shouldn't write a script that just sends in all possible phone numbers and then you absolutely should not buy a bag of popcorn to watch how they handle the PR fallout when all of the country is bombarded with their shit, while they spend a fortune on carrier costs.

@babe I agree with @alex, your phone number is your personal data that Sainsbury is handling without your consent. I don't know what the situation is in the UK, but sending an e-mail mentioning "GDPR" usually does the trick on the continent.

@EUCommission

Hello internet, I am actively looking for speaking opportunities in central Europe (e.g., a train-ride from Berlin) to talk about Web security, XSS, `innerHTML` and the Sanitizer API. Ideally to an audience of web developers, framework engineers and the like :)

InputPlumber: Lack of D-Bus Authorization and Input Verification allows UI Input Injection and Denial-of-Service (CVE-2025-66005, CVE-2025-14338)

https://security.opensuse.org/2026/01/09/inputplumber-lack-of-dbus-auth.html

If Andrew "bunnie" Huang didn't exist, I'd swear he was a character out of a(n extraordinarily technologically well-informed) cyberpunk novel. Every time I interact with this legendary hardware hacker, he blows my mind with some project or insight that permanently alters how I think about tech.

-

If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

https://pluralistic.net/2026/01/09/quantity-break/#so-many-chips

1/

Now this is how you exit a "smart" tech business. Bose is open-sourcing the API for SmartTouch speakers, moving as much functionality as possible to an app, and extending support.

https://www.theverge.com/news/858501/bose-soundtouch-smart-speakers-open-source

[RSS] Breaking Down the Attack Surface of the Kenwood DNR1007XR - Part Two

https://www.thezdi.com/blog/2026/1/8/breaking-down-the-attack-surface-of-the-kenwood-dnr1007xr-part-two

SmarterTools CCO: "the steps for replication were rather intricate"
Narrator: It was "../"

This thread shows how 90s security mindset is alive and kicking in 2026.

RE: https://bird.makeup/users/watchtowrcyber/statuses/2009445270019620901

M