Mastodawn

My fellow people of the United States, if I have anything to teach from what Minneapolis just lived through, it is this:

Nobody is coming to save us.

Not Congress. Not the courts. Not the ICC or the EU or NATO. Not the generals or the rank and file. Not the press. Not the markets. Not the elections. Not some mythical version of “The People” that materializes out of nowhere as some messianic external force.

We’re it. We’re all we’ve got. If we don’t stop fascism from completely engulfing the US, then nobody stops it.

Rogan Dawes 4h ago

Chris Alemany🇺🇦🇨🇦🇪🇸21h ago

“Wang Chuanfu, BYD’s CEO, barely slept for weeks. Three passengers, all in their twenties. His chemistry. His cell. His company’s name on the casing. He had not built it to kill anyone, but it had. He pulled his engineers together with one question: What is the mechanism by which this cell fails, and how do we make that physically impossible”

Someone needs to get this article in front of Mark Carney and Doug Ford and then the stupid limits on Chinese cars need to be eliminated so Canada can start building these things immediately.

This is the future.

China is leading that future and we need to come to terms with it and use our influence to make it, and them, better.

https://www.fastcompany.com/91519302/byd-nail-test-why-this-54-billion-innovation-is-terrifying-western-auto-executives?utm_source=flipboard&utm_medium=activitypub
#climateEmergency #climatechange #byd #china #canada #canpoli

The Nail Test: Why this $54 billion innovation is terrifying Western auto executives

The practice of reproducing failure on purpose until the physics revealed itself became the bedrock of BYD’s entire operation.

Fast Company

Rogan Dawes 2d ago

Yazoul - Cybersecurity Alerts 2d ago

🚨 New security advisory:

CVE-2026-34612 affects multiple systems.

• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems

Full breakdown:
https://www.yazoul.net/advisory/cve/cve-2026-34612-kestra-sqli-to-rce

#InfoSec #VulnerabilityManagement #CyberSec

Kestra SQLi to RCE (CVE-2026-34612) - Patch Now

CVE-2026-34612 is a critical SQL injection flaw in Kestra orchestration platform (CVSS 9.9). It allows authenticated attackers to execute arbitrary OS commands on the host server.

Yazoul Security

@RoganDawes One of my own, ESP32S3 Dual CPU 4M flash 2M RAM. Powered by USB-C and/or 12V DC (well up to 17V) on WAGOs, to 3.3V with 2A to help power peripherals. All GPIOs exposed on 0.1" pads along with GND and 3.3V. GPIO 0 to RGB WS2812 style LED on board, but obviously can be used for any I/O.

https://www.tindie.com/products/revk/small-esp32-s3-mini-1-n4-r2-dev-board-all-gpios/

Small ESP32-S3-MINI-1-N4-R2 Dev board all GPIOs by Andrews&Arnold Ltd on Tindie

An ESP32-S3 board, with power supply (USB-C and DC 5V-17V), USB-C flash/debug, and all GPIOs, and a WS2812 LED

Tindie

Rogan Dawes 2d ago

Daniel Cuthbert 2d ago

From the “no shit, didn’t see this coming” department:

District Judge Jeremy Daniel in Chicago said drivers in the proposed class action ⁠can try to prove that Allstate violated the Federal Wiretap Act by monitoring their travel locations, trip distances, speed, acceleration, braking, phone usage and attention to the road, and tried to monetize that data to boost profit.

Reminds me of the cool chat @thedarktangent and I had years ago at Blackhat London about the oncoming privacy nightmares of modern cars

https://www.reuters.com/legal/government/allstate-must-face-privacy-lawsuit-over-cellphone-tracking-drivers-2026-03-04/#:~:text=Summary,when%20they%20rode%20as%20passengers.

Rogan Dawes 3d ago

Clément Labro 3d ago

🆕 New blog post!

"BitLocker's Little Secrets: The Undocumented FVE API"

A small Windows RE adventure to figure out how to get the status and configuration of a BitLocker protected drive programmatically and without admin privileges.

Now also implemented in PrivescCheck! 🔥

👉 https://itm4n.github.io/bitlocker-little-secrets-the-undocumented-fve-api/

Rogan Dawes 3d ago

abadidea 4d ago

IT'S HAPPENING

GITHUB, THE FIRST ENTERPRISE CLOUD SOLUTION TO REACH ZERO NINES RELIABILITY

https://mrshu.github.io/github-statuses/

#github

Rogan Dawes 3d ago

derPUPE 4d ago

Spread this #Typography masterpiece

by Barbara Galińska

Rogan Dawes 3d ago

Kevin Beaumont 4d ago

Probably going to get a viral blog out of this experience, I'm trying to report a 4tb exposed cloud bucket to a company using their responsible disclosure programme... but they replaced the people with a GenAI ticket system that refuses to discuss the case as it thinks exploring open buckets is unethical and against its rules.

Rogan Dawes 5d ago

Charlie Stross 5d ago

About trans rights:

They're a wedge issue. If you think it's okay to deprive trans people of the right to exist in the public sphere then you're saying human rights are conditional and/or can be withdrawn. Which puts you on a slippery slope to no human rights for anyone.

When you trace the roots of the modern anti-trans movement they boil down to some combination of bigotry and billionaire bullshit— the oligarchs think rights are for the rich.

So: trans-rights are human rights. No exceptions.