After realizing the macOS Terminal isn't compatible with tmux's page-up, I quickly discovered iTerm as an alternative. However, between feature creep and obnoxiously high CPU usage, I've moved on to wezterm (after poking around at some inferior alternatives). 3 months in, I can confidently say that we have a winner. The main nit that I had was that by default it was hard to see the window borders if the terminal was on top of something black. Putting this in `~/.wezterm.lua` fixed it for me: ``` local wezterm = require 'wezterm' local config = {} -- keep native resizable border; also keep the macOS shadow on config.window_decorations = "RESIZE|MACOS_FORCE_ENABLE_SHADOW" -- draw a super-thin internal border to outline corners/edges config.window_frame = { -- widths/heights accept “cell” units; small fractions are thin border_left_width = '0.15cell', border_right_width = '0.15cell', border_top_height = '0.10cell', border_bottom_height= '0.15cell', -- subtle grey that’s visible on black border_left_color = '#444444', border_right_color = '#444444', border_top_color = '#444444', border_bottom_color = '#444444', } -- no padding—let the border sit right at the edge config.window_padding = { left = 0, right = 0, top = 0, bottom = 0 } return config ```
cat <file>, which is... impressive?
A phone’s push notifications can contain a significant amount of information about you, your communications, and what you do throughout the day. And there are myriad ways that law enforcement can access the content or metadata of push notifications. Let’s fix that.
so now there’s a proposed federal U.S. bill that mandates EVERY OS to verify your age on setup, regardless if you’re an adult or not or if you even want this feature…
and they call it the Parents Decide Act.
excellent 
https://itsfoss.com/news/os-level-age-verification-across-us/
Interestingly, a good chunk of the [(12/73) AV detections on VT](https://www.virustotal.com/gui/file/d84250e2ad053ab4097d0591933935573e4cab3e975360004a126abc102dc6f6 for this RedSun.exe exploit are due to the EICAR part being detected, as opposed to what the exploit does, despite the string being reversed in the code. (note: this reversal apparently does nothing to prevent EICAR detection in the AV engines on VT)
If we make the EICAR string less obvious (encrypted), the detections drop to 5.
Defender currently doesn't detect the exploit in either case.
FCC exempts Netgear from ban on foreign routers, doesn't explain why
https://arstechnica.com/tech-policy/2026/04/fcc-exempts-netgear-from-ban-on-foreign-routers-doesnt-explain-why/?utm_source=flipboard&utm_medium=activitypub
Posted into Ars Technica @ars-technica-ArsTechnica
From the GitHub repo:
When Windows Defender realizes that a malicious file has a cloud tag, for whatever stupid and hilarious reason, the antivirus that's supposed to protect decides that it is a good idea to just rewrite the file it found again to it's original location.
This Exploit uses the "Cloud Files API", writes EICAR to a file using it, uses an oplock to win a volume shadow copy race, and uses a directory junction/reparse point to redirect the file rewrite (with new contents) to C:\Windows\system32\TieringEngineService.exe. At this point, the Cloud Files Infrastructure runs the attacker-planted TieringEngineService.exe (which is the RedSun.exe exploit itself) as SYSTEM. Game over.
evacide
crimsonfall
Ars Technica
