Instead of storing my data in the cloud, I just store it in the bush. It's the same thing, only palette-swapped. More accessible, too.

“We learn different lessons from finishing projects than we do from starting them. Starting teaches us about ideation and initial implementation. Finishing, on the other hand, teaches us about perseverance, attention to detail, and the art of knowing when to let go. These are invaluable skills that can only be honed through the act of completion.”

https://www.bytedrum.com/posts/art-of-finishing/

Why Simple Everyday Objects Are Impossible to Make

https://www.youtube.com/watch?v=pj0ze8GnBKA

there’s a bubble machine labelled nvidia 😭 #39c3

A post-American, enshittification-resistant internet

https://media.ccc.de/v/39c3-a-post-american-enshittification-resistant-internet

Damn this is a good talk! #39c3

Zero day… all those patches seem so far away… #gpgfail #39c3

For those being notified or first learning about the #WIRED #databreach:

On December 25, I broke the story of how I had been contacted in November by "Lovely," who claimed to have discovered a vulnerability. They asked for help getting Condé Nast to respond to them. They claimed they were not seeking any bounty or payment and had only downloaded a few profiles as proof.

They showed me my own data.

Trying to help, I reached out to Condé Nast corporate as well as to a contact at #WIRED.

Condé Nast never responded to me -- or to "Lovely" who eventually showed their true colors as someone trying to extort Condé Nast.

Do they have more data? Yes, it appears they do.

@troyhunt verified the data leak and #HIBP has been notifying its affected subscribers.

Read more details in my blog post at https://databreaches.net/2025/12/25/conde-nast-gets-hacked-and-databreaches-gets-played-christmas-lump-of-coal-edition/

@zackwhittaker @campuscodi @gcluley @euroinfosec @ValeryMarchive

#databreach #dataleak #infosec #cybersecurity #incidentresponse

TIL about Lockheed's System-User-Engineered minicomputer which seems like a pretty cool modular hardware system for purpose-built computers:

http://www.bitsavers.org/pdf/lockheed/sue/SUE_Computer_Handbook_Jul73.pdf

I still don't know what tinfo_t.is_sue() does though.

"Search advertising continues to be the largest form of internet advertising. Search revenue grew nearly 16% year on year."

$103B in search ad revenue (in U.S alone!) means results are ranked by who pays most, not what's most relevant.

This is the model Kagi Search rejects.

There's a new Fediverse music streaming service showing music videos by small independent artists with their permission. You can view the channel at:

➡️ https://tv.theindiebeat.fm

It's like the old-style MTV but for the Fediverse 🙂

You can follow the channel at:

➡️ @TIBtv

The service runs on @owncast and you can find out more about OwnCast at:

➡️ https://fedi.tips/owncast-live-streaming-and-chat-on-the-fediverse

#Music #OwnCast

Want to know how Apple's Low Latency WiFi works?

Today, 3:40pm CET, Hall 1, #39c3.

More details: https://events.ccc.de/congress/2025/hub/event/detail/cracking-open-what-makes-apple-s-low-latency-wifi-so-fast
Stream: https://streaming.media.ccc.de/39c3/one

I recently saw a lot of examples of using LLMs when you could get away e.g. with and API call, but now I think I found the perfect example of LLMs being more niche then even skeptics (like myself) think they are:

Even skeptics have to admit that LLMs are very good at natural language translation. @kagihq introduced a fast ("Standard") #LLM for its translation service that seems to fail miserably if you try to translate single words for less common languages:

https://kagifeedback.org/d/9373-standard-translation-is-unusable-for-hungarian

My point is that doing a dictionary lookup for all words (~1mil for English) could be done on a disposable vape in no time with better results, incl. clear indication of lookup failures, so you can fall back to your GPUs when needed.

https://gpg.fail IS ONLINE
TALK VOD IS ONLINE (preliminary recording, not yet edited) #39c3

The worst part of Christmas, where everyone is at #39c3 and I am not

[RSS] Why is the last letter of my string not making it to the clipboard?

https://devblogs.microsoft.com/oldnewthing/20251225-00/?p=111914

(I use Linux and X11, usually none of my string makes it to the clipboard)

Who's watching #DieHard 4 tonight? :)

https://www.youtube.com/watch?v=OTyw6cq86kY

I was away for a while, dropping my current side-project here.
Password cracking in your browser. Think of it as a mini-@hashcat it uses WebGPU to perform the cracking.
NT/LM/DCC/DCC2/MD5 currently implemented with bruteforce/mask/wordlist/hybrid attacks.
https://webcrack.octopwn.com/

RE: https://infosec.exchange/@zak/115793005915790340

This is a metaphor about cybersecurity products.

🔺This is the first talk I've given in 6 years – featuring formal verification of post-quantum cryptography, the evolution of the Secure Page Table Monitor, a view into Memory Integrity Enforcement, updates to Apple Security Bounty… and a personal note.
https://bird.makeup/users/hexacon_fr/statuses/2002020791865532704

I'm parsing the #IDA type info library and it turns out:

- Sometimes struct member names are not returned. Sometimes!
- The first struct member is at offset 94489263476241, but amazingly the second one is at 8.

Just in case you wonder why I drink...

Edit: that weird value is somewhat random too, so I suspect a memory leak