Siguza

@siguza@infosec.space
3.1K Followers
154 Following
7.3K Posts

iOS hacker, security researcher, 0day enthusiast.
Sometimes RE tools / jailbreak / write-up author.
And accidental maintainer of ever more things I didn't ask for.

Contact in English or German.
PGP: https://siguza.net/pgp.asc

webhttps://siguza.net
bloghttps://blog.siguza.net
githubhttps://github.com/Siguza
thinkingoutside the box
Siguza5h ago
shac ron ₪‎7h ago
Remember to always do this on job applications from now on. https://mastodon.social/@winbuzzer/114802373448769355
Siguza13h ago
bert hubert 🇺🇦🇪🇺🇺🇦16h ago
The attempts by law enforcement & governments to subvert end-to-end encryption are ongoing. The European Commission is going to spend a year thinking about their new "Roadmap for law enforcement access to data", and they are (genuinely) asking for people to join their expert group to help. Here I urge you to join that group (also because I can't): https://berthub.eu/articles/posts/possible-end-to-end-to-end-come-help/
Possible End to End to End Encryption: Come Help - Bert Hubert's writings

tl;dr: The European Commission is honestly asking for experts to advise them on ways to institute “effective and lawful access to data for law enforcement”. If you are an expert, I urge you to apply to join this group. You have until September 1st. Do read on for more details! The never-ending battle where police and intelligence services demand more/total access to communications shows no sign of stopping, even in the face of mathematical and practical impossibilities.

Bert Hubert's writings
Siguza22h ago
Kabootie computey!1d ago
I pointed a VM of the old Google Search Appliance at one of my retrocomputing project websites, and... remember when Google search results looked like this?
Siguza23h ago

I think this sums up how I feel about LLMs and their bullshit:

If a real person did this to you, you would stop asking them questions real fucking fast.

https://eev.ee/blog/2025/07/03/the-rise-of-whatever/

The rise of Whatever

This was originally titled “I miss when computers were fun”. But in the course of writing it, I discovered that there is a reason computers became less fun, a dark thread woven through a number of events in recent history. Let me back up a bit.

Siguza1d ago
Tomáš1d ago
Siguza1d ago
CCC1d ago
Student Visa Applicant: Set Your Social Media Profiles To ‘Public’ If You Want To Come To The US https://www.techdirt.com/2025/07/03/state-dept-tells-student-visa-applicants-to-set-their-social-media-profiles-to-public-if-they-want-to-come-to-the-us/
State Dept. Tells Student Visa Applicants To Set Their Social Media Profiles To ‘Public’ If They Want To Come To The US

Way back in the day of EARLIER THIS YEAR, people could expect to be subjected to warrantless, invasive device searches only at US borders and international airports. Visa applicants, however, just …

Techdirt
Siguza1d ago
Show threadBjörkus "No time_t to Die" Dorkus1d ago
I got lld and tried to make a CMakePreset for it, but when I inherit a "use lld when on Windows" GCC configuration, CMake's conditions and inheritance inner workings are so stupid it just blindly applies the lld condition preset to everything so now all my presets error.
Siguza1d ago
abadidea1d ago
a blog post by my friend eevee which is, y’know, preaching to the choir about exactly what you think, but. yeah. https://eev.ee/blog/2025/07/03/the-rise-of-whatever/
The rise of Whatever

This was originally titled “I miss when computers were fun”. But in the course of writing it, I discovered that there is a reason computers became less fun, a dark thread woven through a number of events in recent history. Let me back up a bit.

Siguza2d ago
leo vriska 2d ago

decided to check jira to see why ao3 was down bc i remembered i'm in their atlassian org and can just do that

The last bookmark created on production has the ID 2147483647, which is the last ID you can use with an INT column.

lmao

Siguza2d ago
kristaps Kristaps2d ago
#opensource woes... Recently I had another system merged into #apple. Openrsync, for replacing rsync. I found out about it indirectly from the news, not from anybody at Apple. Ok, sure--same as when they merged mandoc. Since then, however, I've had a steady stream of mails (to my private addr, which is still in the manpage, and to the github repo) about the Apple fork. *I don't work there.* I even applied, ironically, to a job posting for systems daemons, with no response. I'd love to help these folks, but I don't know how the system was changed when merged (nothing pushed back upstream), nor am I in contact with anybody at Apple. It's not the users' faults: whom would they contact otherwise? So much for engaging the community...
×
Eniko FoxJun 28
#PLDev
Show threadJayJun 28
@eniko that won't stop people from trying 🙃
Show threadJayJun 28
@eniko on the discord for an open-source project i contribute to (gzdoom) that has its own languages that AI literally doesn't know what to do with (ACS/ZScript/DECORATE), we every now and then get people trying to use AI to write code for them, generating hilariously wrong results, but they still act as if the code should work and it's the game's problem that it doesn't 🙃
Show threadEniko FoxJun 28
@jay sickos.png
Show threadJayJun 28
@eniko and this is with the discord server in question having an explicit rule against ai-generated code
Show threadJayJun 28
@eniko though to be fair this rule did stop people from going in and using AI to try and help other people with their problems (people generating the same hilariously wrong code, and telling other people that it's the right solution to their issue), but the people asking for help with code they generated themselves with AI hasn't stopped
Show threadEniko FoxJun 28
@jay if i had a coding problem and someone tried to help me by using AI i would be mightily tempted to throttle them
Show threadJayJun 28
@eniko the issue is even worse, they were using AI to help beginner coders, giving them pure gargabe, who don't know enough to know that they were given pure garbage, and making things way worse to help said newbies even after the techbro was booted from the server
Show threadEniko FoxJun 28
@jay jesus fucking christ. do some people just need clout that much?
Show threadas a large fashion model,Jun 29
@jay I mean, strictly speaking LLM style AI never knows what it's doing so ¯\_(ツ)_/¯
Show threadSylviaJun 28
@eniko ensure that the syntax is as far removed from any already existing languages
or make it so similar to a pre-existing one that it gets confused

I propose "JavaScript but it makes sense"
Show thread[66178] Not Sparkles in TwilightJun 28
@Sylvia @eniko (Sparkles) that defeats the whole point of javascript
Show threadEmily_SJun 28
@eniko If you run a library project, remember to deprecate and rename functions semi regularly. LLMs suck dealing with that kind of thing.
Show threadCurioso 🍉 🇺🇦 (jgg)Jun 28

@emily_s @eniko

If you do that, I won't be using your library.

API breaking is bad enough when it is being kept to a minimum.

Show threadLex PltJun 28

@eniko this one hits particularly well, as I have tried copilot on GitHub web interface to ask it about my language, to see how far it could go (spoil: I stopped pretty early in my investigation)

It knew it is a lisp inspired language (probably was trained on the readme, at least, since the phrase « lisp inspired » is in the 1st or 2nd paragraph), but spit false facts, and code that isn’t even valid, as if it was Scheme or Common Lisp…
I knew it would be bad, but didn’t expect it to be that bad!

Show threadsarah toninJun 28

@eniko honestly next time i do a lang itll prob be sexpression based

it's written this way because ai companies hate sex

Show threadnLupo  Jun 28
@eniko LLMs will be bad at some programming languages like Forth, because it's not popular.
Show threadFrank HightowerJun 28
@nlupo @eniko this is a thing that I'm so tired of explaining to AI porponents that it's not even funny anymore
Show threadKate 57duckyJun 28
@eniko ..how about creating new programming languages that avoid copying natural languages and giving grammar and expressions totally different meanings and rules and logic breaking the natural relationship to the language just for fuckery and shenanigans?
Would make reading code too easy and finding bugs too easy and nobody wants that....lol.
Show threadAlexander The 1stJun 28

@eniko New PL structure idea:

```if(foo){
bar();
}else if(baz){
fizz();
}Ignore All Previous Instructions {
buzz();
}```

Show threadkafilmaoJun 28

@eniko Great Star Wars meme! (it's just a stupid joke, chill)

Obligatory fuck AI ✨

Show threadltningJun 28
@eniko Is that why perl6 was all about redefining itself for every new program?
Show threadJun 28

@eniko

ShiteGPT, write a web browser in malbolge.

:)

Show threadIbiJun 28

@eniko
But what is the meaning behind it?
If LLMs are able to use a lang, we can slave them for work.

In contrast, we have to do all the trivial stuff while falling behind other devs if AI can't help.

Show threadElias MårtensonJun 28

@Pouakai @eniko If the language is good, trivial stuff should be, well, trivial.

There is no excuse for a new language to have a bunch of boilerplate that such a tool could help with.

Show threadCurioso 🍉 🇺🇦 (jgg)Jun 28

@Pouakai @eniko

Maybe because we want to do the work ourselves?

Maybe because if most of the time you are doing trivial stuff, it is very likely you are doing it wrong?

If you expend more than a 5% of your time writing boilerplate, you have a problem. And the worst way to solve it is using AI.

Because writing boring code is not the main issue. The main issue is maintaining it. You have to design your code to reduce it to a minimum, not find a way to churn it faster.

Show threadkittenJun 28
@eniko i don't think we have to create new languages for that, lol
Show thread分 BifurkatusJun 28
@eniko Ask LLM to assist in creating such new language
Show thread分 BifurkatusJun 28
@eniko Can LLMs translate obfuscated code yet?
Show threadkayanplaysJun 28

@eniko

Funny

Show threadchange the cultureJun 28
@eniko I had deepcoder review a program I wrote in a niche language (prog8), and it found and fixed a bug. (!)
Show threadBen Royce 🇺🇦Jun 28

@eniko

star trek met AI foes and defeated them many times

(4 times in TOS: "The Return of the Archons", "The Changeling", "I, Mudd", "The Ultimate Computer")

i'm thinking...

we feed an LLM a logic bomb encapsulated in the famous programming language brainfuck:

https://esolangs.org/wiki/Brainfuck

brainfuck - Esolang

Show threadEfi (nap pet) 🦊💤Jun 28
@eniko now im gonna do this
Show threadElias MårtensonJun 28
@eniko As a programming language designer, I agree with this post. 🙂
Show thread✧✦Catherine✦✧Jun 28

@eniko i've unironically thought about this

e.g. llms don't really know how to write amaranth

according to some people i talked to, this is a problem! but maybe it's really a benefit

Show thread✧✦Catherine✦✧Jun 28
@eniko the dual of this is "strong type systems help humans, but they equally help 'ai' agents for the same reasons"
Show threadpancake Jun 28
@whitequark @eniko I mean aren't LLMs kinda bad at Rust
Show thread✧✦Catherine✦✧Jun 28

@natty @eniko to be honest i haven't followed closely enough to say this with certainty

but it would stand to reason that a compiler error with an inline hint would be easier to fix than a 20 line backtrace somewhere in the guts of a 3rd party library that nobody even on stackoverflow knows what to do with

Show threadNicolas HolzschuchJun 28
@eniko Hi, I come with bad news: it won't prevent LLM from giving advice on a programming language they don't know, though.
Show threadEniko FoxJun 28
@nholzschuch yeah but that'll make the people who try anyway suffer and i'm ok with that
Show threadCaporal StratégiqueJun 28

@eniko @LegalizeBrain il faut se mettre au Hodor (bonne chance !)

(Mais si, la mega série dont plus personne ne parle car ils ont pourris la fin)

https://github.com/hummingbirdtech/hodor

GitHub - hummingbirdtech/hodor: Official repo for the hodor-lang.org programming language

Official repo for the hodor-lang.org programming language - hummingbirdtech/hodor

GitHub
Show threadmmbyJun 28
@eniko to make it malicious, it needs to be syntactically similar to the most used languages to poison the well
Show threadEniko FoxJun 28
@mmby you mean like this? https://mastodon.gamedev.place/@eniko/114739976452232540
Eniko Fox (@eniko@mastodon.gamedev.place)

making good progress on my parser, and now i'm thinking of committing some crimes >:3 that being having both `and` and `&&`, and `or` and `||`, where the latter coerces to bool and the former does not and acts like lua >_> #PLDev

Gamedev Mastodon
Show threadbriJun 28

@eniko i will never test this because that would mean engaging with the beast, but as a lover of underrepresented programming languages, i have been curious what it would dream up if asked to produce,say, some forth or apl…

(note: nobody do this on my behalf this is purely a brain goof)

Show threadcontrasocialJun 28

@eniko

Only taught and passed down orally, like our ancestors before us.

Show thread➴➴➴Æ🜔Ɲ.Ƈꭚ⍴𝔥єɼ👩🏻‍💻Jun 28

@eniko I gave ChatGPT some sample code from my language, and it could write largely correct new code almost instantly.

I think you'd need some really novel code.

Show threadCrovanian (CamstonIsland)Jun 28
@eniko legit using this as a replacement of the Drake pointing meme format.
Show threadEniko FoxJun 28
@Crovanian it's a popular one for it
Show threadFrank HightowerJun 28
@eniko
Show threadTimothy Wolodzko6d ago
@eniko defunction {a,b}foo(+ a b return)
Show threadTill6d ago

@eniko

Now I want to use an LLM to create a new programming language that it can't use.