| Founder of | https://kilpi.tech |
| Personal website | https://nyman.re |
For once I have significant time to read, and am out of books.
What's your favorite book on leadership? Something with clear takeaways on how to lead a high-performing team of very senior cybersecurity folks? I manage managers these days and would love to sharpen those skills.
Our quest for world domination continues! AltStore PAL is now available in Brazil 🇧🇷
Starting today, iPhone users in Brazil can download AltStore PAL and join the community of users already in the EU and Japan 🌎
Download now (iOS 26.5+): https://altstore.io
We are looking for a Program Manager to lead the #SovereignTechFellowship and #SovereignTechStandards network, two cohort-based programs that engage directly with open source maintainers and contributors.
You will drive the continued development of the cohorts and coordinate a range of mentoring opportunities. Your focus will be on aligning both programs with the Sovereign Tech Agency’s strategic objectives and ensuring that they create lasting impact across the open source ecosystem.
(1)
RE: https://social.edps.europa.eu/@EDPS/116753352405036204
The most effective way to discourage the use of unapproved tools is by providing approved AI platforms that are secure, compliant and capable of meeting staff needs while ensuring full regulatory compliance.
the cyberpunk present is weird as fuck: the latest Shai Hulud malware wave contains an LLM prompt to create biological weapons and nuclear weapons, with the purpose to trip LLM safety refusals so that LLM-based code scanning wont see the malware
Came across a phishing campaign yesterday which was targeting Finnish people, imitating the Finnish social security agency (KELA).
From a brief look it looked like the same (or related) Moroccan criminals who I have been investigating before but with a somewhat newer kit. Still php though.
So I quickly put together a little script that generated realistic looking but fake data and set the script to work.
Took ~30 minutes and then the page started to return 404 so clearly someone on the receiving end was annoyed.
Remember, if you have spare time and want to do something good, you too can #imposecost on the bad people.
came across this in my archive, a "exploded" n64 controller from when I repaired the stick a few years ago
got the replacement parts from kitch-bent , that seems to be a project of love
Almost 25 years ago, I wrote a blog post with the title ‘jumping ship slowly’ about leaving Windows (XP was awful, it was mind boggling to me that Vista managed to make people nostalgic for XP). My advice remains the same:
Don’t try switching OS first. The OS is the most easily replaceable bit in the stack. Switch applications first. Most ‘Linux’ apps are cross platform. They’ll run on Windows, and the few that don’t will run in WSL2. You can switch out apps one at a time, and take the time to get comfortable with the alternatives.
Once you’re comfortable not using any Windows-only apps, changing the OS but using all of the same applications is very easy to do. Changing OS and application stack at the same time is an enormous obstacle.
I believe this is also why a lot of corporate and government Linux migrations fail: they try to change everything at the same time and that’s too steep a learning curve.
I was scrolling through my timeline and came across a toot about zcash and opus 4.8.
Read it, and found it interesting but it felt off.
So I looked at where it came from
And it kind of made me realize how different the ambience of X is vs Mastodon.
Sure there are people on Mastodon who are very pro-AI, but at least what I see always tries to back up the claims somehow. Like the peope who are sharing want to have discussion and not just eyeballs. I assume being selective with who I follow helps.
a four year-old bug in zcash's orchard privacy pool could have allowed unlimited and undetectable fake $zec minting, not a good look here. it was found on may 29 by a security engineer called "taylor hornby" using anthropic's opus 4.8, released just the day before. plus he didn't just find it, he even wrote a working exploit that confirmed it was real. the fix shipped in days via an emergency hard fork. currently there's zero evidence of exploitation, but here's the problem with that: orchard's privacy design makes it cryptographically impossible to prove it was never used. that uncertainty alone sent $zec down ~30%. from my research i found that arthur hayes exited his entire position over it. also worth noting: human auditors missed this for 4 years but ai caught it in a single targeted review should we hire auditors anymore or just pay anthropic to access claude security?
Matt Linton 
AltStore
Sovereign Tech Agency
Gabriel (gnyman)
Laurens Hof
David Chisnall (*Now with 50% more sarcasm!*)