This BBC article makes my head hurt:

https://www.bbc.com/news/articles/czd3mey1ej2o

- The main news is about Meta's consent or pay model makes users "choose between paying for a monthly subscription or letting Meta *combine data it has collected on Facebook and Instagram*", and how EU ruled this non-compliant with #DMA.
- It then links to another article about a model where where you can pay for *ad-free* Facebook. Ad-free is not the same as combining data from different platforms!
- There is no link to the EU source, but we get a full section about Meta's plans with AI, that has *nothing* to do with the original topic.
- In the middle of this mess we get a totally out of context paragraph explaining what Meta is?!

Was this all written by an LLM?

Does anyone happen to know what this regulation is actually about?

#EU #DMA #Meta #privacy #journalism

my colleague @DarkaMaul has put out a new post on the @trailofbits blog on how we worked with @pypi's maintainers to slash PyPI test run times from ~160s to ~30s despite overall test counts growing by 17% (3900 to 4700+):

https://blog.trailofbits.com/2025/05/01/making-pypis-test-suite-81-faster/

this is some of my favorite kind of work: faster test suites means that developers run tests locally more often, and are less hesitant to add new tests (especially parametric ones). another great example of security and performance/reliability engineering dovetailing.

#opensource #security #python

The sheer arrogance and idiocy of Apple acting in bad faith, thinking they'll get away with it.

https://federated.saagarjha.com/notice/AteBzOuJJxwFZbjlzs

Utterly incredible.

https://www.pcworld.com/article/2651749/office-is-too-slow-so-microsoft-is-making-it-load-at-windows-startup.html

Get in losers, we’re reading Judge Gonzalez’s ruling

(Note: you can get the zingers elsewhere, I am going to assume you read those already. If you haven’t, you should, they are *really* funny.)

Making a Lua Bytecode parser in Python

https://openpunk.com/pages/lua-bytecode-parser/

This came very handy today, and the whole blog looks pretty nice, although it wasn't updated for a while.

Shoutout to the marketing ‘expert’ who mailed a large, battery-powered, LCD-equipped video greeting card to our CEO to demonstrate their innovative approach to ignoring the #ewaste crisis. Bold strategy.

We’ll be sure to reach out if we need help shipping steaks and leather handbags to PETA.

New breach: Hungarian education office website TehetségKapu had almost 55k records breached in March. Data included email address, name and username. 32% were already in @haveibeenpwned. Read more: https://444.hu/2025/03/27/55-ezer-szemelyes-adat-magyar-diakok-tanarok-es-az-oktatasi-hivatal-dolgozoinak-informacioi-szivaroghattak-ki

via @ncweaver

Hey Apple. Sort your fucking house out. I just got a notification summary that ‘Dad had another stroke’ when he hadn’t (he’s had a stroke before so there was a small reference in the message).
Naturally I shit my pants and tapped on the message straight away so wasn’t able to get a screen grab.

If you are interested in the multiple moving parts needed to get #mte support for #qemu's #gdbstub you might find my colleges blog post interesting: https://www.linaro.org/blog/adding-support-for-mte-debugging-to-qemu/ - fortunately #linaro's #upstream first development policy is well suited to tackling these sort of integrations.

This meeting could have been a Signal leak

Doctors personally liable if mandatory NHS AI transcriber gets it wrong

https://pivot-to-ai.com/2025/04/30/doctors-personally-liable-if-mandatory-nhs-ai-transcriber-gets-it-wrong/ - text
https://www.youtube.com/watch?v=9RWdZml54eg&list=UU9rJrMVgcXTfa8xuMnbhAEA - video

@buherator not just mazdas, nissans too! And others , that sort of prompted me to dig into mine and resulted in https://github.com/ea/bosch_headunit_root
https://noc.social/@todayilearned/114425467000309539

30 April 1945 | As Soviet forces neared his command bunker in Berlin Adolf Hitler shot himself.

Hitler's Thousand Year Reich lasted twelve years, four months & eight days.

We need to commemorate all the victims & remember where ideologies of hatred may lead humanity to.

"Microsoft CEO says up to 30% of the company’s code was written by AI."

It can't be 30% by plain math. Just replacing 30% of existing code with new code takes (many) years, and then we include all produced code. If they ONLY used AI to write all code for the last few years, and they wrote it at a high pace, it could *perhaps* be done.

We all know that AI can't write code that good. But sure "up to 30%" could also mean "2%".

Of all *new* code perhaps? Still feels high.

https://techcrunch.com/2025/04/29/microsoft-ceo-says-up-to-30-of-the-companys-code-was-written-by-ai/

🚨 New advisory was just published! 🚨

MagicINFO exposes an endpoint with several flaws that, when combined, allow an unauthenticated attacker to upload a JSP file and execute arbitrary server-side code:
https://ssd-disclosure.com/ssd-advisory-samsung-magicinfo-unauthenticated-rce/

[RSS] Protecting Windows users from Janet Jackson's Rhythm Nation

https://devblogs.microsoft.com/oldnewthing/20250429-42/?p=111127

#NoCVE

#Mozilla: Multiple Vulnerabilities in Mozilla Products (Firefox, Firefox Updater, Thunderbird) Could Allow for Arbitrary Code Execution:
CVE-2025-2817, CVE-2025-4082, CVE-2025-4083:
👇
https://www.mozilla.org/en-US/security/advisories/mfsa2025-28/