This is great news not in the least for our American friends where the weather service is being sabotaged. Weather models are oddly enough always global - you can't predict the weather in Berlin a week ahead without also predicting the weather in Austin, Texas. ECMWF has excellent hurricane forecasts also for the US for that reason, and these are also being used in the US already. Wonderful stuff: https://www.ecmwf.int/en/about/media-centre/news/2025/ecmwf-achieve-fully-open-data-status-2025

I guess vulnerability research means job security now.

Also: none of this will happen.

“There is something deeply wrong when a law passed with cross-party consensus & endorsed by Britain’s most trusted charities has made it impossible to run an internet forum for hamster owners”
https://alecmuffett.com/article/112832
#OnlineSafetyAct #hamsters #ofcom

Please stop externalizing your costs directly into my face

https://drewdevault.com/2025/03/17/2025-03-17-Stop-externalizing-your-costs-on-me.html

"Whether it’s cryptocurrency scammers mining with FOSS compute resources or Google engineers too lazy to design their software properly or Silicon Valley ripping off all the data they can get their hands on at everyone else’s expense… I am sick and tired of having all of these costs externalized directly into my fucking face. Do something productive for society or get the hell away from my servers"

layerone cfp is open
https://www.layerone.org/call-for-papers/

Massive result in Dutch parliament just now. They passed 10 separate motions to enhance digital resilience, run more of our own servers & reduce dependency on US cloud technology.
https://www.reuters.com/world/europe/dutch-parliament-calls-end-reliance-us-software-2025-03-18/

Today, March 18, in 1982, Seattle high schooler David Lightman teaches his friend Jennifer Mack about war dialing, hacking, phreaking, and the importance of infosec (WarGames, 1983)

#Movies #Film #Cinemastodon #Letterboxd #WarGames #TheOnlyWinningMoveIsNotToPlay

This is wild.. also, honeypots totally work..

https://bird.makeup/@parkerconrad/1901615179718406276

[RSS] Why didn't Windows 95 setup use a miniature version of Windows 95 as its fallback GUI?

https://devblogs.microsoft.com/oldnewthing/20250318-00/?p=110975

CVE-2024-9956 - PassKey Account Takeover in All Mobile Browsers

https://mastersplinter.work/research/passkey/

I’m looking for resources — of any kind — in the intersections of green computing, permacomputing, free software, and circular economy. I have the chance to help a project developed by my state that’s fixing and reconditioning old electronics, and I feel like I could really make a difference there—so I’d appreciate your boosts and recommendations.

[RSS] SAML roulette: the hacker always wins

https://portswigger.net/research/saml-roulette-the-hacker-always-wins

GitLab CVE-2025-25291 + CVE-2025-25292

Dropkick Murphys kicks ass as always:

https://www.youtube.com/watch?v=Tl4ggwyWEMI

#uspol #punk

“Wired is going to stop paywalling articles that are primarily based on public records obtained through the Freedom of Information Act”

https://freedom.press/issues/wired-is-dropping-paywalls-for-foia-based-reporting-others-should-follow/

🥳The latest !exploitable is here! We're sharing all the joy that comes with exploiting an arbitrary file write in GitLab, while cruising the Mediterranean. 🚢 Everything from onerous configurations to spotty internet! Enjoy!
#doyensec #appsec #security

https://blog.doyensec.com/2025/03/18/exploitable-gitlab.html

🧠 glibc has a noreturn function returning an int 🧠

https://github.com/bminor/glibc/blob/8c6fee9f7f4c09bf96766942fdd430f8beb638b0/csu/libc-start.c#L209-L220

shellify allows generating shell.nix from ad-hoc #Nix environments:

https://github.com/danielrolls/shellify

Why isn't this a core feature??

We are testing Ghost's ActivityPub beta integration for 404 Media! We're really excited about the future of the decentralized internet, we're stoked that Ghost is leading the way, and we're proud to be one of its first adopters.

You can follow us @index

Right now things seem pretty buggy but it's obviously very early. Looking forward to messing around with it and making the product better. Eventually as it gets better that will probably become our main account but for now we'll crosspost

CEF Debugger Enabled in Google Web Designer | Google Bug Hunters https://bughunters.google.com/reports/vrp/qMhY4nw9i

I found 2 use-after-free bugs in libxslt with Jackalope, let's find more together! The harness is now included in examples (link below). This also serves as a demo for two not very commonly used modes in Jackalope: grammar mutational fuzzing and sanitizer coverage.
https://github.com/googleprojectzero/Jackalope/tree/main/examples/libxslt