Looks like an interesting tool to check your SQL queries on the CI.

We're not helped much by our tools here... Clearly provenance needs to be double checked.

You'd wish more projects would put such measures in place.

Clearly those are new and the vendors need to put in place proper security practices. Still those are on the road...

Interesting trick in Got, using SSH certificates to prove the origin on commits. This feels a bit rough though, tooling has room for improvement.

Kind of obvious I think, but this likely bears repeating. Containers are not a magical recipe for security. There are many attack vectors to keep in mind and evaluate.

Not sure it'll keep being efficient if the political heat keeps going up. Still this is a nice idea.

One more example that it should be used for NLP tasks, not knowledge related tasks. The model makers are consuming so much data indiscriminately that they can't easily fine comb everything to remove the poisoned information.

The OpenClaw instances running around are really a security hazard...

Looks like a neat little tool in the Mac ecosystem. It seems to make sandboxing easy despite a couple of caveats.

I've always been fascinated by steganography. It's a good reminder that the basics are fairly simple.

Bluetooth might be convenient, clearly it leads to metadata leakage though.

Didn't know about sorting networks. They have interesting properties and are definitely good options on modern hardware.

Oh this is bad! The amount of data exfiltrated by those malicious extensions. Data brokers will do anything they can to have something to resell. This is also a security and corporate espionage hazard.

Accidents can happen in life. This might come in handy if you loose memory for some reason. It requires planning ahead though.

Very in depth review of the mess of a Matrix home server vide coded at Cloudflare... all the way to the blog announcing it. Unsurprisingly this didn't go well and they had to cover their tracks several times. The response from the Matrix foundation is a bit underwhelming, it's one thing to be welcoming, it's another to turn a blind eye to such obvious failures. This doesn't reflect well on both Cloudflare and the Matrix Foundation I'm afraid.

Are we surprised? Of course not... As soon as you backup the keys on someone else's server BitLocker can't do anything to ensure privacy.

Are you sure you want to trust that random project you got provided with? Really?

New packaging ecosystems bring their new attack vectors. This is definitely a teething problem which will need to be addressed soon.

Friendly reminder that securing APIs and secrets is a must. Not doing so can have really bad consequences.