important update: they fixed the toilet

RE: https://mastodon.social/@invadersil/116324993175863094

TWO THINGS:

1. it’s shocking how well written this terms of service document is. #Microslop uses plain language and proper emphatic formatting to identify what’s important.

2. this was updated on October 24, 2025. since then NOT ONE TECH JOURNALIST has read it; because, not one tech "journalist" has reported that #Copilot IS MEANT AS #ENTERTAINMENT.

Fourth Estate my ass.

Satya Nadella gifted Sam Altman a billion of Windoze money for a lap dance?

c’mon #tech #journalism. DO YOUR JOBS!

Probably going to get a viral blog out of this experience, I'm trying to report a 4tb exposed cloud bucket to a company using their responsible disclosure programme... but they replaced the people with a GenAI ticket system that refuses to discuss the case as it thinks exploring open buckets is unethical and against its rules.

Thanks everyone for liking and sharing the #RC2014 Mini II Picasso toot yesterday.

To answer some of your questions - Yes, it really is a real kit. There's no camera trickery, or photoshopping and definitely no AI slop. And, yes, the discount code was also real as a few of you found out. Some kits shipped yesterday, the others will go out today.

@jcoglan The general view is that most code doesn't have to be good at all, it just needs to be written.

the idea that I, a pretty capable computer programmer, should pay *four years of my life* to people who make 10x as much money as me to ship the worst dreck I have ever laid eyes on, is just profoundly insulting, on top of all the other harm this shit causes

"static detection often fails" - the problem with the AV industry is that this is still a headline in 2026...

RE: https://infosec.exchange/@VirusBulletin/116334126813393639

Blog post about my #bsidessf talk on using SSH certificates for git signing: https://codon.org.uk/~mjg59/blog/p/ssh-certificates-and-git-signing/

This Claude code leak is giving me whatever the opposite of impostor syndrome is

I see on HN that John Bradley, the creator of xv, has died:

https://news.ycombinator.com/item?id=47534086

The real announcements, alas, come from sources that I am unwilling to link to.

Xv, an image viewer/editor, is one of those tools that hit a peak of usability that really hasn't been matched since. It supports a wide range of image-manipulation functions, and has an interface that gets the job done quickly. I've sort of moved away from it over the years, but I still keep it around.

RIP, John, you made something good.

tinfoil.sh provides confidential computing GPUs to run open LLM models.

I just received some really great support too, recommended!

[RSS] Securing the open source supply chain across GitHub

https://github.blog/security/supply-chain-security/securing-the-open-source-supply-chain-across-github/

[RSS] CHECK Removed, Context Confused, Checkmate Achieved

https://starlabs.sg/blog/2026/04-check-removed-context-confused-checkmate-achieved/

CVE-2026-0899

[RSS] Patch Gap to Mobile Renderer RCE: Pwning Samsung Internet's V8 on the Galaxy S25

https://osec.io/blog/2026-04-01-patch-gap-to-mobile-renderer-rce

New blog post: Comparing text documents in Collabora Online: improved UI https://vmiklos.hu/blog/cool-doc-compare2.html

#3227 - Creation

I love this ❤️ kagi.com @kagihq home page today.
It took me straight back to 1996 when I first started using the internet. Netscape Navigator, Yahoo directory to find sites of interest.
I especially loved the slow loading images.

CVE ID: CVE-2026-5281
Vendor: Google
Product: Dawn
Date Added: 2026-04-01
Notes: This vulnerability affects an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html ; https://nvd.nist.gov/vuln/detail/CVE-2026-5281
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-5281

so anthropic's coding thing leaked, and they are using DMCA to get it taken down.

but if it is all vibecoded and everything generated by LLM is not copyrightable...

AI company once again fails to understand how the Internet works

RE: https://mastodon.cloud/@slashdot/116330548519902234