CrimeFlare using Large Lying Models to write their code now

https://github.com/cloudflare/workers-oauth-provider?tab=readme-ov-file#written-using-claude

"Written using Claude [...] Every line was thoroughly reviewed and cross-referenced with relevant RFCs, by security experts with previous experience with those RFCs"

Meanwhile - CVE-2025-4143 - https://github.com/advisories/GHSA-4pc9-x2fx-p7vj

"Readers who are familiar with OAuth may recognize that failing to check redirect URIs against the allowed list is a well-known, basic mistake, covered extensively in the RFC and elsewhere. The author of this library would like everyone to know that he was, in fact, well-aware of this requirement, thought about it a lot while designing the library, and then, somehow, forgot to actually make sure the check was in the code. That is, it's not that he didn't know what he was doing, it's that he knew what he was doing but flubbed it."

🔥🔥🔥🔥🔥

#CloudFlare #LLM

Nachrichten in TV & Radio schalte ich schon lange ab, selektive Berichterstattung, vermengt mit zu viel Meinung, nicht nur bei der Meldungsauswahl - gefällt mir nicht. Setze auf freie Kanäle diverser (inter)nationaler Nachrichtenagenturen sowie Newsaggregatoren wie #newstral - aber deren Seite kann ich seit Kurzem durch den Einsatz von #cloudflare für das #captcha nicht mehr aufrufen. Schade. Erfreulich hingegen, daß wider Erwarten viele Online Zeitungen #RSSfeed anbieten 😁

#vpn #dnsblocking

"NOOOOOOOO!!!! You can't just use an LLM to write an auth library!"

"haha gpus go brrr"

https://github.com/cloudflare/workers-oauth-provider/?tab=readme-ov-file#written-using-claude

#AI #CloudFlare #oAuth #Claude #GPUsGoBrrr #LLM

Speaking of vindictiveness, if I had money and there was a subscription service that could punish CloudFlare the company every time I either can't go to a website because of CloudFlare or have to deal with some hostile BS because of CloudFlare, I would surely pay to do so. (In this hypothetical scenario where I have money.)

If #CloudFlare wasn't destroying the internet for people with older devices, linux, and/or accessibility needs, I wouldn't have this much of a vendetta against it.

But here we are. Net being destroyed site by site by a large and unaccountable service.

(Not interested in hearing about A.I. scrapers. Other anti-A.I. scraping tools have demonstrated that it's possible to ruin A.I. scrapers' days without ruining accessibility. Anubis isn't an example of that. Their "proof of work" stuff requires a modern JavaScript capable and enabled browser, damaging older devices' access and probably causing accessibility issues. I wouldn't dare say they were "just as bad" as CloudFlare but they're not meeting any of the needs I'm referring to here.)

#Fedify 1.6 is approaching with three major enhancements: RFC 9421 HTTP Message Signatures support with double-knocking for seamless backward compatibility, a new builder pattern for better code organization in large applications, and native #Cloudflare #Workers support for serverless deployments. These additions strengthen Fedify's standards compliance while expanding deployment flexibility across different environments. Stay tuned for the official release! 🚀

#ActivityPub #fedidev #fediverse #RFC9421 #CloudflareWorkers