The Normalization of Deviance in AI

https://embracethered.com/blog/posts/2025/the-normalization-of-deviance-in-ai/

The next days #39c3 https://media.ccc.de thx ukeer

Question to people more knowledgeable about #BSD systems (primarily #FreeBSD, but the more answers the merrier)!

On Linux, I can use ipset (or nftables sets) to create a set of IP addresses I can match against with one rule. Like:

# ipset create test-set iphash
# iptables -I INPUT -m set --match-set test-set src -j DROP

This would drop any and all source addresses that I add to test-set in the future, without having to update INPUT. It also does some magic hashing thing to make all this efficient.

The reason I want this is because I'll be adding a lot of unique IPs to this set (about half a million, if not more). When adding them directly to iptables, the Linux kernel was very unhappy about that. But with a set? Worked like a charm.

Can pf or any other packet filter tool on the BSDs do something similar? Allow me to block a very large number of unique IPs?

Blocking ASNs or ranges is not feasible, I need to block unique IPs.

Bonus points if it can automatically expire entries that were added or updated N seconds ago.

Boosts appreciated.

I recently bought something from poshmark.com, for the first time. While I haven't heard of them before, I figure with credit card protections as they are in the US, there's really no harm with giving it a shot.

Within about 30 minutes of placing my order, I got a not-very-good phishing email from purchase-orders@loyverse[.]com, claiming to be "Poshmark".
The first time in my life that I've received a phish from somebody claiming to be Poshmark.

My wonders at this point:

• Is Poshmark currently breached?
• Is Poshmark unknowingly leaking the email addresses of people who purchase through their site?
• Is Poshmark knowingly leaking the email addresses of people who purchase through their site? Sub-wonder: If true, is this publicly known?
• Is the person whose Poshmark listing I purchased from either compromised or malicious?

🤔

MDN is more than just a resource. It's a community of developers, contributors, and learners passionate about web development.

Contribute to,
📚 MDN documentation
🤝 Help other devs
💟 Localize content
📝 Review or write on MDN

Start now 👇
https://developer.mozilla.org/en-US/community

Happy 0 January 2026 to all you nerds.

The US Treasury has lifted sanctions on three executives tied to spyware maker Intellexa, reversing a designation imposed by the Biden administration in 2024 (Suzanne Smalley/The Record)

https://therecord.media/treasury-sanctions-intellexa-removed
http://www.techmeme.com/251230/p18#a251230p18

BTW, glitching the early UART boot path that is fuse protected gives you access to very early nvidia-only key material that is locked down pretty early during the normal boot path. Every single other key on the TX2 is either derived from the FEK1 or FEK2 depending on a fuse bit. Default seems to be FEK2.

SHA1(FEK1) = 9d00fe0637b15de7b417c740a6210d19932c7eb4
SHA1(FEK2) = 0e0fdef7a31d32aaf0fee77679e065652daecb44

I initially did all this to reverse engineer the Denver microcode, however I never could make sense of the instruction set encoding. If anyone wants to tackle this, I can decrypt both microcode stages - seemingly a loader and the final JIT and I more or less completely reverse engineered MB1 that loads the Denver microcode.

/cc @elise

https://media.ccc.de/v/39c3-making-the-magic-leap-past-nvidia-s-secure-bootchain-and-breaking-some-tesla-autopilots-along-the-way

If you're interested in obscure details of the microcode in the Intel 8087 floating-point chip, I have a new blog post...
https://www.righto.com/2025/12/8087-microcode-conditions.html

I just got reminded that when you start a brand new smartphone the default screen autolock time is around 30s.

This is the attention span vendors are expecting from you.

[RSS] Why are we worried about memory access semantics? Full barriers should be enough for anybody

https://devblogs.microsoft.com/oldnewthing/20251226-00/?p=111919

Today I saw this UNIX v4 PDP11 emulator (running simh in the browser) and decided to write an IO plugin for radare2 to load tapes. Here's the source in case you are curious about how tapes are structured and how to extend r2 with new features like IO backends. https://github.com/radareorg/radare2/commit/aeeccc1d23d3b75edcd6e0013f1372830a6af134

Gentle Reminder for Newcomers :

Boosting posts keeps Mastodon alive!

Boost what you love! 💚
Boost freely! ✨

#Mastodon #Fediverse

New post on my blog! Decapping with DMSO.

https://dev-zzo.github.io/blarg/2025/12/19/decapping-dmso.html

#electronics #reverseengineering

Learn why some vulnerabilities resist to fuzzing and persist in long-enrolled OSS-Fuzz projects, and how you can find them!

https://github.blog/security/vulnerability-research/bugs-that-survive-the-heat-of-continuous-fuzzing/

Unix V4 in your browser:

https://riedstra.dev/static/unixv4/

New Project Zero issue:

Samsung: QuramDng FixBadPixelList opcode out-of-bounds read/write

https://project-zero.issues.chromium.org/issues/448241955

CVE-2025-58479

New Project Zero issue:

Samsung: QuramDng opcodes ignore PixelType, leading to out-of-bounds read/writes

https://project-zero.issues.chromium.org/issues/447479300

CVE-2025-58478

[RSS] Blind trust: what is hidden behind the process of creating your PDF file?

https://swarm.ptsecurity.com/blind-trust-what-is-hidden-behind-the-process-of-creating-your-pdf-file/