Åh nej inte en bugg i autokorrigeringen i det för lilla tangentbordet som behöver autokorrigering för att fungera.

GitHub - geomys/sandboxed-step: A GitHub Action that runs a command in a gVisor sandbox A GitHub Action that runs a command in a gVisor sandbox - geomys/sandboxed-step

I got frustrated with how GitHub Actions lets workflows with read-only permissions poison the cache of read/write workflows (!!??!?), so yesterday night I put together an Action that runs commands in a gVisor sandbox.

Abstract. Germany is currently rolling out an opt-out, nation-scale database of the medical records of the majority of its population, with low-income people being disproportionally represented among its users. While there has been considerable criticism of the system coming from civil society, independent academic analysis of the system by the cryptography and information security community has been largely absent. In this paper, we aim to raise awareness of the system’s existence and, based on the system’s public specifications, highlight several concerning cryptographic engineering decisions. Our core observations is that the system’s most sensitive long-term user keys are derived by a rudimentary, home-grown centralized key escrow mechanism. This mechanism relies on a per-use salt and only 256 bit of entropy, shared globally across millions of users. Furthermore, the system’s specification mandates only level 3 compliance with the obsolete FIPS 140-2 security standard, which requires “hard, opaque potting”, but lacks active tamper sensing. As a result, the system remains vulnerable to attacks by nation states and other well-funded adversaries.

Image showing part 2 of abstract.

Germany Is Rolling Out Nation-Scale Key Escrow And Nobody Is Talking About It (Jan Sebastian Götte) ia.cr/2025/1963

Front page of NYT on September 22, 2025, with large top-of-page photo of a Charlie Kirk memorial service, and the lead page-one story on the same topic.

Front page of today's NYT, Oct 19, with no story about the nationwide protests, and a "below the fold" montage of two photos, and a link to a story on page 23.

Those with sharp eyes might detect a subtle difference in NYT play last month of an event in one city, w 100,000+ attendees, versus play this morning of some 2500+ events w many millions of attendees, in all 50 states.

See if you can spot it! /s

Then you can find today's story on p A23

How Fr Paul Murphy helps Irish peacekeepers prepare for danger Niall O’Connor is reporting this week from South Lebanon where he met Fr Paul Murphy who cares for the Irish soldiers.

On a visit to Camp Shamrock, we spoke to Fr Paul Murphy about his work, how he is the only unarmed non-combatant in the base, and how when he was stabbed in a terror attack at the gates of a military barracks it only reinforced his sense of duty.
http://jrnl.ie/6846276t

Wikipedia Volunteers Avert Tragedy by Taking Down Gunman at Conference After the man walked onto the stage at the “Wiki World’s Fair” event and threatened to kill himself, witnesses said, two members of the audience jumped in to stop him.

Two Wikipedia contributors averted a potential tragedy at a conference for the site’s editors on Friday in Manhattan when they jumped in to take down a man with a gun.

UXO cleanup was not something USAID did, that was a State affair. In Gaza, we kept advocating for more UXO work, but it was always tied to the ceasefire negotiations and Israel's desired "humanitarian bubbles" - the project which became GHF. As a result, no meaningful US-funded UXO work occurred.

Both sides of a conflict are calling each other evil and corrupt, rendering me, a humble journalist, helpless to discern the truth. Best I can do is let you know that both sides are in fact saying those things. Hope this helps

Reminder of what Salvini was doing 11 years ago: visiting Crimea to support Russian annexation of the region and encourage Italian businesses to invest there.

A major evolution of Apple Security Bounty, with the industry's top awards for the most advanced research - Apple Security Research Today we’re announcing the next major chapter for Apple Security Bounty, featuring the industry’s highest rewards — up to $2 million and a maximum payout in excess of $5 million — expanded research ca...

Apple is planning a special initiative featuring iPhone 17 with Memory Integrity Enforcement. To rapidly make this defense available to those targeted by mercenary spyware, the company will provide a thousand iPhone 17 devices to civil society organizations.

security.apple.com/blog/apple-s...

Den här synen på makt har ju ganska uppenbara begränsningar när den de facto inte påverkat massvält och krigsbrott inför fullt mediepådrag i två år.

While providing tech support for my FIL:

FIL: What's that screen?

ME: The terminal. You should never use it.

FIL: Never?

ME: So you know how I'm allowed to watch you open the electrical panel and swap out breakers, but I'm not allowed to ever open up it myself?

FIL: Ah! I understand, thank you.

De ger sej ut på duktigt djupt vatten direkt med premissen att GT skulle vara makthavare i det här sammanhanget. Ekar ganska tomt med tanke på hur lite det frågas av riktiga makthavare i det här sammanhanget.

In my consultant phase after I left Twitter a lot of folk asked me for advice on building social networks and my advice was always: don’t. Do not.

tired: it's always DNS

inspired: ICANN feel it coming in the air tonight

Sounded like smaller drones intended to disrupt traffic and cause headlines. Same around Oslo as well. Different from armed drones over Poland or Migs going 10 minutes inside Estonian airspace.

To be fair Sqlite is probably something Brendan Eich was asked to fit into the Netscape 2 betas during a few weeks in the 90's

filing this under the, "this is why we can't have nice things" folder...

Phishing email sent to NPM package maintainers:

Låter som termer som inte används på allvar på 20 år har bevarats av någon techlobby-bubbla och nu kommer ut ur en politikers mun :)

Bunny meme with text: "There are tunnels underground where bunnies are safe -- safe from undefined behaviour"

Couldn't not do this

Prompt engineering is knowing the correct answer and trying to get the chatbot to produce it.

Placera killarna där nere också tack.

I ljuset av de temperaturbaserade problemen med Stockholms vattenförsörjning vill jag påminna om att det finns killar som på allvar föreslagit "datacenter på havsbotten" som "lösning" på AI-modellernas vattenförbrukning

Jag får gratulera @jensliljestrand.bsky.social till fantastisk kunskap om ryska dialekter och hoppas att jag inte gav upphov till kulturartiklar när jag talade ryska med mina barn på Spaniensemestern. bsky.app/profile/jens...

I think it's great how the entire U.S. economy is currently being held together by like 4 tech companies, and in response we're about to put tariffs on semiconductors.

It's a brilliant plan.

Occam's brödkniv