Ænðr E. Feldstraw

@aeveltstra
670 Followers
1,026 Following
15.3K Posts
Hi, this is Andre. I'll be writing about software architecture and development, cyber security, UX/UI topics, politics, and queer experiences. I'm a classically trained musician and music composer, band director, and music instructor. I'm handfasted, have kids, and play and create (video) games. Sometimes I don't recognize social cues.
Patreon, for Softwarehttps://patreon.com/aev_software
Patreon, for Musichttps://patreon.com/aev_music
Ænðr E. Feldstraw1d ago
jbz2d ago

🚧 Programmers Using AI Create Way More Glaring Security Issues, Data Shows

「 The tradeoff has, however, been severe: privilege escalation, or code that allows an attacker to get higher access to a system than they should, increased by a staggering 322 percent. Architectural design problems, meanwhile, were up 153 percent 」

https://futurism.com/ai-coding-security-problems

#ai #llm #vibecoding #cybersecurity

Programmers Using AI Create Way More Glaring Security Issues, Data Shows

AI has proven repeatedly to have issues with accuracy — and using it as a coding assistant creates more security problems, too.

Futurism
Ænðr E. Feldstraw1d ago
"Live by the sword, die by the sword."
Ænðr E. Feldstraw1d ago

Did you know that #AWSS3 remembers and propagates file attributes like read-only? Now you do.

#sysop

Ænðr E. FeldstrawSep 2
iamdtmsSep 2
GIMP 3.1.4 Released With A Project From 2006 Resurrected And Another Big Feature - Phoronix
https://www.phoronix.com/news/GIMP-3.1.4-Released
GIMP 3.1.4 Released With A Project From 2006 Resurrected And Another Big Feature

GIMP 3.1.4 is out today as the second development release treking toward GIMP 3.2

Ænðr E. FeldstrawSep 2

If government staff pays themselves well and keeps citizens poor and exploited, revolts will happen.

History is not nice to exploiters.

Ænðr E. FeldstrawAug 29

There's a problem with extensions, packages, crates, libraries, modules, gists, blooms, and other things that can be added to a computer or computer program: lack of vetting. Is it safe to use or not?

Ideally, every user would vet the source code prior to deployment. But: not many users can, and those who can may not have the time.

Malicious actors bank on that, as reported here, about #VSCode:
https://www.reversinglabs.com/blog/malware-vs-code-extension-names

#cybersecurity

How to solve?

Loophole allows threat actors to claim VS Code extension names | ReversingLabs

RL has discovered a loophole on VS Code Marketplace that allows threat actors to reuse legitimate, removed package names for malicious purposes. 

ReversingLabs
Ænðr E. FeldstrawAug 29
OTX BotAug 29

VS Code Extensions Used for Malware Delivery Campaign

A recently uncovered vulnerability in the Visual Studio Code (VS Code) Marketplace allowed malicious actors to hijack discontinued extension names and distribute malware to unsuspecting developers.

Pulse ID: 68b1d0b1d43ed29019312747
Pulse Link: https://otx.alienvault.com/pulse/68b1d0b1d43ed29019312747
Pulse Author: cryptocti
Created: 2025-08-29 16:09:21

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #Vulnerability #bot #developers #cryptocti

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange
Ænðr E. FeldstrawAug 29
Solène Aug 29

I just put together a Qubes OS guide on setting up an HTTP(S) proxy with Squid, so you can actually filter which URLs a qube is allowed to access. (even if you set it offline)

Because you can't just put a domain name into the firewall and expect it to work more than a few minutes nowadays.

https://forum.qubes-os.org/t/url-filtering-https-proxy/35846/1

#qubesos

URL filtering HTTPS proxy

Introduction This guide is meant to users who want to allow a qube to reach some websites but not the all Internet, but facing the issue that using the firewall does not work well if DNS names on which the associated IPs often change. ⚠ This guide is for advanced users who understand what a HTTP(s) proxy is, and how to type commands or edit files in a terminal. The setup will create a “sys-proxy-out” qube that will define a list of allowed domains, and use qvm-connect-tcp to allow clie...

Qubes OS Forum
Ænðr E. FeldstrawAug 29

Video game realism: does the running character tire?

Horizon: no.
Call of Duty: no.
DotHackSign: no.
Roblox: no.
Minecraft: yes.
Genshin Impact: yes.
Fortnite: yes.

Which do you feel gives a better game play?

Do get tired
50%
Don't get tired
0%
It depends...
50%
Poll ended at .
Ænðr E. FeldstrawAug 29
atomickerAug 27

Out-of-control wildfire in Nova Scotia has destroyed homes, forced 1000+ to evacuate and 'could burn for another month'

https://www.cbc.ca/news/canada/nova-scotia/long-lake-wildfire-annapolis-county-update-aug-27-1.7618759

#Canada #CDNPoli #NoPipelines #CliamteCrisis #GlobalBoiling #NovaScotia #Wildfires

Annapolis County wildfire could burn for another month: Natural Resources | CBC News

The timeline for crews heading home depends on the area receiving some much-needed rain.

CBC