| blog | https://people.freebsd.org/~dch |
| Trans Rights | Are Human Rights |
| aphorism | When Bhagavan was asked, "How should we treat others?", He responded, "There are no others." |
| Poverty | Is a disease of the rich |
@dch yep. I'm aware of people who are going nuts at the moment finding 0days with claude, bringing their own cost down to somewhere between 300-500$ in token per exploit and have 2 stable exploits after the weekend. If one is in the (imho despicable) business of selling such, this still translate into a lot of profit.
Also the exploit devs blogpost adresses the same point, that ilja van sprundel had in his 39c3 talk. FreeBSD needs to ramp up it's hardening game a bit more. Being easier to exploit does make it also cheaper for "AI".
all platforms are currently more under fire then before but the thing I see the most is still BEC, because phishing is easier. I'm literally investigating another case right now. Most of the bigger breaches recently are either based on stolen credentials, exposed secrets or supply chain attacks leading to the compromise of secrets.
We won't fix the humans, but better pipelines, reproducable builds, less and smaller dependencies as well as the ability to quickly role back to last non-infected version are becoming way more important imho.
#3GoodThings I helped a fellow FreeBSD person get a new port in.
I saw deer sprinting through the forest.
Spent another great day with my family, and marvelled at how my kids are growing up. They’re doing just fine.
Laughs and fun and helping. What more can you ask for from a day?
In case anyone here is interested: https://balkonsolardeutschland.de/ currently has spring sales on solar panels for balconies and batteries. With the code PLANB2030 you get an additional 10% off.
I already have a solar panel on my balcony but just ordered an Anker battery.
There is currently also a 250 € grant for solar panels from the Investment Bank Berlin you should make use of.
About 5 years ago my Dad and I drove down to where I grew up. He built that house from scratch, and it’s still standing today 60 years later.
I wish I’d gone into building than tech these days.
AI/LM has fucked everything worthwhile that I enjoyed about tech.
During the day, I watch people slop up regexes and yolo them to production.
No learning, no skill. No craft, no mastery.
What’s the point anymore? What will I have to show my kids, and maybe their grandkids?
A house of cards, built on stolen IP, and a planet unfit for human habitation, the destruction of millions of species and a priceless jewel in our incredible galaxy
#infosec #apocalypse AI identified, and LLM developed, both the original reported vulnerability *and* subsequently used to develop a full RCE.
- https://nicholas.carlini.com/
- https://blog.calif.io/p/mad-bugs-claude-wrote-a-full-freebsd
The bar to convert a published vuln into an exploit is getting very low.
I encourage you to read the security researcher’s site, & the exploit developer’s one.
Finally, imagine what a nation-state could do with tooling not limited by normal budget, token, and context.
We live in interesting times.
This post (I know, on Reddit) explains in welcome detail why the situation is in fact far worse than the MBIE and gov are telling us. Because how and what they are telling us is detached from and or grossly skews the real picture.
Poland's Supreme Court has ruled that same-sex marriages conducted in EU member states must be recognised, in a landmark case for LGBTIA+ rights.
Source: https://www.rte.ie/news/world/2026/0320/1564413-same-sex-marriage/
fellmoon 🏴
h4nd / UntouchedCupOfTea
World Beauty 
Art History Animalia
Julian Mair
Collapsible Julian
Shouty person