Day 2 was pretty tough on my old hardware. Part 1 originally took 16 minutes, then I got it down to 9 seconds – only to realize later that my solution abused some properties of my particular input. A correct solution will probably take about 30 seconds. 🫤

Part 2 took 29 minutes this morning. I wrote an optimized version but haven’t tested it yet. I hope it’ll be under a minute.

Python 1 feels really slow, even compared to Java 1. And these first puzzles weren’t even computationally intensive. We’ll see how far I’ll make it …

https://movq.de/v/f831d98103/day02.jpg

Prof. Bigode mandou na outra rede:

“Lamento informar o falecimento do matemático catalão Claudi Alsina (1952-2025), foi dos maiores popularizadores da Matemática da España e do mundo. Alsina conhecido por seu humor refinado tinha uma vasta cultura, doutorou-se em Matemática pela Universidade de Barcelona e ao longo de sua vida acadêmica aproximou a Matemática de outras áreas do conhecimento, em especial a Arquitetura e o Design, fez parte da equipe que estudou os projetos de Gaudí para a reconstrução da Sagrada Família de Barcelona. Alsina era professor catedrático Universidade Politécnica da Catalunha, onde se aposentou, autor de mais de 50 livros sobre Matemática Recreativa, Cultura Matemática, Matemática para o Ensino Superior e para a Formação de Professores.
Sou “bi-neto acadêmico” de Alsina que foi orientador de meus orientadores (de doutorado) e desde que o conheci há cerca de 30 anos tenho me inspirado em seu trabalho.
Para quem sabe do que estou falando, Alsina tinha número de Erdős = 2.”

https://es.wikipedia.org/wiki/Claudi_Alsina_Catal%C3%A0

Image

Thinking about doing Advent of Code in my own tiny language mu this year.

mu is:

• Dynamically typed
  
• Lexically scoped with closures
  
• Has a Go-like curly-brace syntax
  
• Built around lists, maps, and first-class functions
  

Key syntax:

• Functions use fn and braces:
  

fn add(a, b) {
    return a + b
}

• Variables use := for declaration and = for assignment:
  

x := 10
x = x + 1

• Control flow includes if / else and while:
  

if x > 5 {
    println("big")
} else {
    println("small")
}

while x < 10 {
    x = x + 1
}

• Lists and maps:
  

nums := [1, 2, 3]
nums[1] = 42

ages := {"alice": 30, "bob": 25}
ages["bob"] = ages["bob"] + 1

Supported types:

• int
  
• bool
  
• string
  
• list
  
• map
  
• fn
  
• nil
  

mu feels like a tiny little Go-ish, Python-ish language — curious to see how far I can get with it for Advent of Code this year. 🎄

@lyse@lyse.isobeef.org Damn. That was stupid of me. I should have posted examples using 2026-03-01 as cutoff date. 😂

In my actual test suite, everything uses 2027-01-01 and then I have this, hoping that that’s good enough. 🥴

def test_rollover():
    d = jenny.HASHV2_CUTOFF_DATE
    assert len(jenny.make_twt_hash(URL, d - timedelta(days=7), TEXT)) == 7
    assert len(jenny.make_twt_hash(URL, d - timedelta(seconds=3), TEXT)) == 7
    assert len(jenny.make_twt_hash(URL, d - timedelta(seconds=2), TEXT)) == 7
    assert len(jenny.make_twt_hash(URL, d - timedelta(seconds=1), TEXT)) == 7
    assert len(jenny.make_twt_hash(URL, d, TEXT)) == 12
    assert len(jenny.make_twt_hash(URL, d + timedelta(seconds=1), TEXT)) == 12
    assert len(jenny.make_twt_hash(URL, d + timedelta(seconds=2), TEXT)) == 12
    assert len(jenny.make_twt_hash(URL, d + timedelta(seconds=3), TEXT)) == 12
    assert len(jenny.make_twt_hash(URL, d + timedelta(days=7), TEXT)) == 12

(In other words, I don’t care as long as it’s before 2027-01-01. 😏😅)

@aelaraji@aelaraji.com Thanks for the account! I figured out one thing at least so far, my WAF was blocking some of the AP requests. Fixed that. Anyway, holiday time 🤣 Back in ~2 weeks.

@lyse@lyse.isobeef.org Probably wouldn’t help, since almost every request comes from a different IP address. These are the hits on those weird /projects URLs since Sunday:

    1 IP  has  5 hits
    1 IP  has  4 hits
   13 IPs have 3 hits
  280 IPs have 2 hits
25543 IPs have 1 hit

The total number of hits has decreased now. Maybe the botnet has moved on …

@lyse@lyse.isobeef.org @bender@twtxt.net Pfft, they want folks to relocate to Sydney. Fuck that 🤣 Sydney is a bit like San Francisco, I’m not actually sure which is worse. Fuck’n expensive as hell, the only palce you’d be able to afford to buy or rent is at least ~2hrs out of the city by public transport (i.e: train) and by that time you’ve just pissed your life down the toilet, because you’d be expected ot work a 9-10hr day + 2-3hrs of travel each way, buy the time you factor in having to wake up super early to get ready to travel in to work, you basically have zero time for anything else, let alone your ufamily,

Fuck that.

What do you do, when a recruiter throws you a PD or two and says the total compensation is ~2-3x what you’re on now?! 🤔

Testing 1 2 3

Testing 1 2 3

FTR, I see one (two) issues with PyQt6, sadly:

1. The PyQt6 docs appear to be mostly auto-generated from the C++ docs. And they contain many errors or broken examples (due to the auto-conversion). I found this relatively unpleasent to work with.
   
2. (Until Python finally gets rid of the Global Interpreter Lock properly, it’s not really suited for GUI programs anyway – in my opinion. You can’t offload anything to a second thread, because the whole program is still single-threaded. This would have made my fractal rendering program impossible, for example.)

Hello World! Testing 1 2 3

Testing 1 2 3 @manton@twtxt.net

For those curious, the new Twtxt <-> ActivityPub bridge I’m building (bidirectional) simply requires three things:

1. You register your Twtxt feed to the bridge: https://bridge.twtxt.net
   
2. You verify that you in fact own/control the feed by putting the verification code somewhere on/in your feed (doesn’t matter where or how)
   
3. You proxy/forward requests for /.well-known/webfinger to the Bridge bridge.twtxt.net.
   

I’m still testing through and ironing out bugs 🐛 Please be patient! 🙏

How to Find P1 Bugs using Google in your Target — (Part-2)

Image

Earn rewards with this simple method.

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-to-find-p1-bugs-using-google-in-your-target-part-2-d37a9bb0b2e7?sour … ⌘ Read more

My goodness, a new level of stupidity.

The bots are now doing things like this:

GET http://uninformativ.de/projects/lariza/feednotify/datenstrahler/slinp/countty HTTP/1.1

1. That URL does not exist.
   
2. By including http://uninformativ.de in that request, this instructs the webserver to do an HTTP proxy request. Of course, this isn’t allowed on my webserver (and shouldn’t by allowed on any normal webserver), resulting in HTTP 400. And even if it were, the target would be the exact same server, making a proxy request unnecessary.
   

And of course, it’s not just 50 hits like this or 100 or 1’000 or 10’000. No, it’s over 150’000 in the last 2 days. All from vastly different IP ranges of different cloud hosters.

This almost looks like a DDoS attack, but it’s just completely stupid. This feels more like some idiot vibe coded a crawler.

** Timber **

Image

Timber, I’m not gonna lie, I kinda hated you. At the same time I am surprised to find how gutted I am now … ⌘ Read more

@movq@www.uninformativ.de Gemini liked your opinion very much. Here is how it countered:

The criticism of AI as untrustworthy is a problem of misapplication, not capability.

• AI as a Force Multiplier: AI should be treated as a high-speed drafting and brainstorming tool, not an authority. For experts, it offers an immense speed gain, shifting the work from slow manual creation to fast critical editing and verification.
  
• The Rise of AI Literacy: Users must develop a new skill—AI literacy—to critically evaluate and verify AI’s probabilistic output. This skill, along with improving citation features in AI tools, mitigates the “gaslighting” effect.
  

The fear of skill loss is based on a misunderstanding of how technology changes the nature of work; it’s skill evolution, not erosion.

• Shifting Focus to High-Level Skills: Just as the calculator shifted focus from manual math to complex problem-solving, AI shifts the focus from writing boilerplate code to architectural design and prompt engineering. It handles repetitive tasks, freeing humans for creative and complex challenges.
  
• Accessibility and Empowerment: AI serves as a powerful democratizing tool, offering personalized tutoring and automation to people who lack deep expertise. While dependency is a risk, this accessibility empowers a wider segment of the population previously limited by skill barriers.
  

The legal and technical flaws are issues of governance and ethical practice, not reasons to reject the core technology.

• Need for Better Bot Governance: Destructive scraping is a failure of ethical web behavior and can be solved with better bot identification, rate limits, and protocols (like enhanced robots.txt). The solution is to demand digital citizenship from AI companies, not to stop AI development.

Won a bunch of games of Solitaire and then rearranged the cards for maximum negative points, to distract me from the horrors.

(Still ended up with >0 points on OS/2, because don’t ask me.)

https://www.uninformativ.de/desktop/2025%2D11%2D04%2D%2Dkatriawm%2Dsolitaire.png

ProcessOne: Europe’s Decentralized Messaging Survives “Chat Control” Threat

Image

Good news for anyone building messaging infrastructure in Europe: Denmark&aposs Council presidency is abandoning mandatory detection orders in the Child Sexual Abuse Material (CSAM) proposal for now. The proposal was nickna … ⌘ Read more

#Compoética #Compoética2025
Encontro Brasileiro de #ProgramaçãoCriativa

Vai ser agora sábado e domingo, 1 e 2 de novembro:

https://compoetica.github.io/hotsite/?evento=EV_2025

Domingo tem atividades no
#GaroaHackerClube #Algorave

https://youtube.com/@compoetica

The $2,000 Bug That Changed My Life: How a Tiny URL Parameter Broke Web-Store Pricing !! ⌘ Read more

#Compoética #Compoética2025
Encontro Brasileiro de #ProgramaçãoCriativa

Vai ser agora sábado e domingo, 1 e 2 de novembro:

https://compoetica.github.io/hotsite/?evento=EV_2025

Domingo tem atividades no
#GaroaHackerClube #Algorave

Ukraine retakes 2 villages in Donetsk Oblast near Dobropillia, military says ⌘ Read more

Envious of her friend (wrangelina) [black souls 2] ⌘ Read more

A massive Russian drone and missile attack on Kyiv kills at least 2, Ukrainian officials say ⌘ Read more

Canada’s annual inflation rate rose 2.4% in September as grocery prices keep creeping up ⌘ Read more

@movq@www.uninformativ.de streamlining jenny.vim?

index adc0db9..cb54abc 100644
--- a/vim/ftdetect/jenny.vim
+++ b/vim/ftdetect/jenny.vim
@@ -1 +1,2 @@
 au BufNewFile,BufRead jenny-posting.eml setl completefunc=jenny#CompleteMentions fo-=t wrap
+au BufRead,BufNewFile jenny-posting.eml normal $

How to Find XSS Vulnerabilities in 2 Minutes [Updated]

Image

My simple yet powerful technique for spotting XSS vulnerabilities during bug hunting.

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/find-xss-vulnerabilities-in-just-2-minutes-d14b63d00 … ⌘ Read more

@madcap duas perguntas:

1 você anda vendo um aviso de “demasiados pedidos” ou algo assim? Tenho visto isso no cliente Moshidon. Uma amiga minha na instância pynews.com.br também teve esse problema um tempo atrás…

2 de tempos em tempos eu esqueço como põe na interface aquela opção de posts só para a nossa instância… como faz mesmo?

Israel frees nearly 2,000 Palestinian prisoners, including hundreds of terror convicts ⌘ Read more

Neighbours’ shock over death of girl, 2, and boy, 3
Neighbours speak of their shock over deaths after a woman, 43, is arrested on suspicion of murder. ⌘ Read more

Hash Me If You Can — How I Beat a 2-Second Hashing Challenge on RingZer0Team ⌘ Read more

Murder arrest over deaths of children aged 2 and 3
Police name the pair as Meraj Ul Zahra and Abdul Momin Alfaateh. ⌘ Read more

Murder arrest over deaths of children aged 2 and 3
Police name the pair as Meraj Ul Zahra and Abdul Momin Alfaateh. ⌘ Read more

“Trade war 2.0? China just told Trump: We’re not afraid of a tariff war” 🇨🇳🔥🇺🇸 ⌘ Read more

Farmer finds car-sized Nasa probe in Texas field
The missing Nasa research-probe had blown off course and crash-landed in Edmonson on 2 October. ⌘ Read more

Nova survivor dies by suicide, 2 years after girlfriend was killed in front of him ⌘ Read more

Fucking Juno (Nagoonimation) [Overwatch 2] ⌘ Read more

Trump threatens to impose additional 100% tariff on China
The S&P 500 closed down 2.7%, its steepest fall since April, after the US president hit out at China. ⌘ Read more

US markets reel as Trump threatens to pull out of meeting with China’s Xi
The S&P 500 closed down 2.7%, its steepest fall since April, after the US president hit out at China. ⌘ Read more

US markets reel as Trump threatens to pull out of meeting with China’s Xi
The S&P 500 closed down 2.7%, its steepest fall since April, after the US president hit out at China. ⌘ Read more

[$] Enhancing FineIBT
At the Linux\
Security Summit Europe (LSS EU), Scott Constable and Sebastian
Österlund gave a talk on an enhancement to a control-flow integrity (CFI)
protection that was added to the kernel several years ago. The “ FineIBT: Fine-grain Control-flow\
Enforcement with Indirect Branch Tracking” mechanism was merged for
Linux 6.2 in early 2023 to harden the kernel against CFI attacks of various
sorts, but needed [ … ⌘ Read more

Lady Gaga am Set von „Der Teufel trägt Prada 2“ in Mailand ⌘ Read more

WIFO: Lebensmittelpreise steigen 2026 um 3,2 Prozent ⌘ Read more

10 Surprising Things Found or Left on the Moon
The Moon’s surface is a desolate place, a landscape composed of dusty craters and barren mountains. But since 1959, its inventory of objects has been steadily expanding thanks to humanity—beginning with the Soviet probe Luna 2, the first human-made object to reach the lunar surface. While it’s well known that the Moon is now a […]

The post [10 Surprising Things Found or Left on the Moon](https://listverse.com/2025/10/10/10-surprising-thin … ⌘ Read more

DL40N Fanless 1.3L Mini PC with Intel Twin Lake Processors
The DL40N is a fanless 1.3-liter mini PC powered by Intel Twin Lake processors and up to 16GB DDR5 memory. It supports triple 4K display output, dual 2.5G Ethernet, and multiple USB and COM ports for reliable 24/7 operation in applications such as factory automation, digital signage, kiosks, and more. Built on Intel’s Twin Lake […] ⌘ Read more

@lyse@lyse.isobeef.org In my case it was a silver necklace, a hummingbird with a wing connected with the cold welding I mentioned using thin brass wires.

It made it in a goldsmithing class (I went to a private craftmanship high-school) so no phones allowed (no photos of it) and no “take home” of the works.

Here’s a rough sketch of it drawn by memory, the dots in the wing is where it connects to the body.

Image

The technique is basically the same as i described, but the scale is much smaller, the whole piece was about 5-6 cm on the largest side.

The rivet was made by drilling a hole through the parts, than with a short and thicker drill you widen the hole on the surface to let the rivet settle flatter on the piece, then with a rubber hammer you hit it to flatten the head until it’s snug on the hole, lock them together by doing the same on the other side.

Note that widening the hole with a thicker drill head won’t make a difference with bigger holes, mine had holes of about 1-2 mm of diameter maximum.

Here’s a sketch of what is going on for clarity.

Image

Imagery HTB WriteUp: Season 9 Machine 2 ⌘ Read more

[$] LWN.net Weekly Edition for October 9, 2025
Inside this week’s LWN.net Weekly Edition:

• Front: Kernel Rust features; systemd v258, part 2; Cauldron kernel hackers; BPF for GNU tools; 6.18 merge window, part 1; Lifetime-end pointer zapping; Robot Operating System.

• Briefs: OpenSSH 10.1; Firefox profiles; Python 3.14; U-Boot v2025.10; FSF presidency; Quotes; …

• Announcements: Newsletters, conferences, security upda … ⌘ Read more

Lecornu sieht Weg frei für neuen Premier
In Frankreichs Regierungskrise stehen die Zeichen vorerst auf Entspannung: Der zurückgetretene Ministerpräsident Sebastien Lecornu sieht nach Abschluss seiner Beratungen mit Vertretern anderer Parteien einen Ausweg aus der Regierungskrise. Das sagte Lecornu nach einem Treffen mit Präsident Emmanuel Macron in den Abendnachrichten dem Sender France 2. Lecornu sieht den Weg für einen neuen Premier frei. ⌘ Read more

Stealing Part of a Production Language Model (2024)
We introduce the first model-stealing attack that extracts precise, nontrivial information from black-box production language models like OpenAI’s ChatGPT or Google’s PaLM-2. Specifically, our attack recovers the embedding projection layer (up to symmetries) of a transformer model, given typical API access. For under $20 USD, our attack extracts the entire projection matrix of OpenAI’s ada and babbage language models. We thereby confirm, for the first time, that these black-box … ⌘ Read more

Abuse survivor ‘kicked in the guts’ as WA government appeals $2.85m payout
An appeal against a $2.85 million compensation payout to a man who suffered child sexual abuse while in state care should be abandoned, a prominent Perth lawyer and the state opposition says. ⌘ Read more

Managing Kubernetes Workloads Using the App of Apps Pattern in ArgoCD-2
Managing a cloud native infrastructure at scale is no longer just about deploying single applications – it’s about organizing environments, defining clear boundaries and keeping everything version-controlled, consistent, automated and easily managed within a simple and… ⌘ Read more

The 10 Best Apple Deals Under $100 for Prime Day
As Prime Big Deal Days continues, we’re highlighting all of the best Apple deals you can get for under $100 on Amazon. This includes AirPods, Apple Pencil Pro, AirTags, iPhone cases, USB-C chargers, and more.

Image

WA Government appeals $2.8m compensation for foster care abuse survivor
The WA government is appealing a record $2.8 million compensation payment awarded to Dion Barber, who suffered repeated sexual abuse while in foster care during the 1980s and 1990s. ⌘ Read more

Indigenous-run corporation convicted, fined for failing to lodge reports
The corporation has been fined $2,000 for failing to lodge reports to the Office of the Registrar of Aboriginal and Torres Strait Islander Corporations. ⌘ Read more

Beta 2 of iOS 26.1, macOS Tahoe 26.1, iPadOS 26.1 Available for Testing
Apple has released the second beta versions of iOS 26.1, iPadOS 26.1, and macOS Tahoe 26.1. The new beta builds are available for all enrolled beta testers, and offer continued refinement of the new operating systems. iOS 26.1 beta includes a new “Slide to Stop” feature for turning off alarm clocks on iPhone, which aims … [Read More](https://osxdaily.com/2025/10/06/beta-2-of-ios-26-1-macos-tah … ⌘ Read more

Far north of WA sees 2.7 million hectares burnt, double the size of Sydney
This year’s northern bushfire season has been dubbed “one of the toughest on record”, with blazes having burnt through about 2.7 million hectares of land in WA’s Kimberley region. ⌘ Read more

Russians report drone attack in Tyumen, 2,000 km from Ukraine ⌘ Read more

The project cost blow-out rivalling Snowy Hydro 2.0 and Hobart stadium
It’s taken 10 years, blown out by hundreds of millions of dollars, and is still nowhere near becoming operational. Now there are calls for the Darwin ship lift project to be scrapped. ⌘ Read more

Adventure: Baphomets Fluch 2 erscheint neu als Reforged-Version
Revolution Software bringt Baphomets Fluch 2 mit 4K-Grafik, neuer Soundkulisse und zwei Spielmodi neu heraus. ( Baphomets Fluch, Adventure)

Image

Breaking: Alleged Croydon Park gunman charged with 25 offences
Artemios Mintzas, 60, will appear in a Sydney court charged over an alleged shooting spree that shut down an inner west suburb for over 2 hours on Sunday night. ⌘ Read more

Kickstarter: Japanischer Bürostuhl hat 6D-Armstützen und Beinablage
Der Cofo Premium 2 kann an Lumbarstütze, Kopfstütze, Armlehnen und weiteren Punkten eingestellt werden. Auch die Beine lassen sich ablegen. ( Ergonomie, Kickstarter)

Image

After 2 months of hiding our new cat finally graces us with her presence! Helly 🧡🖤 ⌘ Read more

Imagine spent hours making a pet gate and your cat got through it in just 2 seconds… ⌘ Read more

KI-Videos: Sora 2 soll bessere Copyright-Kontrolle erhalten
In der neuen KI-Video-App Sora 2 sind viele urheberrechtlich geschützte Charaktere aufgetaucht. Nach einem Update soll das nun weniger passieren. ( OpenAI, Urheberrecht)

Image

I experimented with a 2.4x7mm aluminium rivet I had on hand. As expected, it was quite a bit long. Using my pliers wrench, I was able to crush it down by quite some bit. I should have taken a photo right after the hand riveter for comparison. Now, it’s much smoother and the chance of cutting my hand open is reduced by quite a bit. But breaking the burr with a few file strokes is still necessary. I should get 2.4x4mm rivets and try with them. I reckon they would be more suited for my 0.5mm sheet metal.

With the pliers wrench again, I was able to also crush down the chopped off 3mm copper nail and form a second head. That was surprisingly easy. Now, I need to figure out how to efficiently make a head on the remaining copper nail shaft, so that I can use this again.

Both are rock solid, there’s absolutely no movement at all between the two sheet metal cutoffs.

https://lyse.isobeef.org/tmp/nietenexperiment/

How To Attack Admin Panels Successfully Part 2

Image

Not Attacking Web Apps Admin Panels The Right Way?

Continue reading on InfoSec Write-ups » ⌘ Read more

Éoliennes, taxes anti-Shein, FiDA : profiteurs de connivence
Un article de Henry Bonner Des économistes ou chefs d’entreprises promettent plus de croissance à l’avenir, comme solution aux déficits. Ainsi, le patron des E. Leclerc affirme par exemple : « Il faut investir pour notre croissance : l’éducation, les nouvelles mobilités, la transition énergétique, la transition numérique, la décarbonation, les 2,5 millions de logements sociaux à construire… » […] ⌘ Read more

2 Ways to Install Homebrew in MacOS Tahoe
Homebrew is a powerful command line package manager that allows you to easily install, update, and manage popular command line programs and tools, as well as traditional graphical apps with cask (and third party tools like Applite help you manage cask through the GUI too). It’s a popular tool with advanced Mac users and those … Read More ⌘ Read more

Best Apple Deals of the Week: Apple Watch SE 2 Hits Ultra Low $179 Price, Plus Early Prime Day Deals
We’re gearing up for big Prime Day deals over the next few days, and this week saw multiple early Prime Day discounts arriving for iPhone 17 cases, the second generation Apple Watch SE, and more.

Image

Orador a mostrar slide com cartas de jogar. Filha minha de 2,5 anos: tá ali o Balato!

(referência ao #Balatro, está muito bem ensinada)

Accelerated Gulf of Maine warming may pose a serious threat to American lobsters
The Gulf of Maine is warming faster than 99% of the world’s oceans, raising concerns for its $2 billion-a-year American lobster fishery. Scientists at William & Mary’s Batten School & VIMS have been studying the impacts of ocean acidification and warming on lobster reproduction, and the results of their most recent research suggest the rising temperatures pose the greatest risk. ⌘ Read more

Okay, they are also offering 2.8x25mm copper nails. Which I actually do have a single one here. :-)

My hardware collection also includes a few brass-like looking screws that I could repurpose into rivets. But I reckon I have to upgrade my burner first. I’m not a metal worker by any means, so I could be totally wrong, but I imagine that some heat is necessary to loosen the work-hardening effect when beating on them. I will do some experiments on Saturday and report back.

From Shell Scripts to Science Agents: How AI Agents Are Transforming Research Workflows
It’s 2 AM in a lab somewhere. A researcher has three terminals open, a half-written Jupyter notebook on one screen, an Excel sheet filled with sample IDs on another, and a half-eaten snack next to shell commands. They’re juggling scripts to run a protein folding model, parsing CSVs from the last experiment, searching for literature,… ⌘ Read more

Apple Provides Fix for iMessage Activation Bug in iOS 26
Apple this week provided troubleshooting steps for iPhone owners who are unable to activate iMessage with a phone number in iOS 26.

Image

According to Apple, some customers might not be able to activate iMessage with a phone number … ⌘ Read more

[$] LWN.net Weekly Edition for October 2, 2025
Inside this week’s LWN.net Weekly Edition:

• Front: Fedora and AI; Linting kernel Rust; openSUSE Leap 16; mmap() file operation; 6.17 statistics; dirlock.

• Briefs: Bcachefs removal; Alpine /usr merge; F-Droid; Fedora AI policy; OpenSUSE Leap 16; PostgreSQL 18; Radicle 1.5.0; Quotes; …

• Announcements: Newsletters, conferences, security updates, patches, and more. ⌘ Read more

Our Husky Nanook has been living outside 24/7 since summer (except for 2-3 nights). Yesterday I finished his new insulated house, made it with my stepdad. So now Nanook is ready to spend the whole year outside.

Image

iOS 26.0.1 Update Released to Fix Various iPhone 17 Issues, & Blank Screen Icons
Apple has released the first update for iOS 26.0.1, which includes a handful of bug fixes specifically aimed at the new iPhone 17 lineup, as well as addressing an issue for all devices where Home Screen icons can appear blank after using various Liquid Glass customization settings, and another issue where VoiceOver might disable itself … [Read More](https://osxdaily.com/2 … ⌘ Read more

@itsericwoodward@itsericwoodward.com No worries, all good, mate! We all have to start somewhere. Other software requests my feed several orders of magnitude more often.

I can confirm, the User-Agent header appears to be fixed. \o/

Two other things I noticed, though:

1. There’s now an OPTIONS request for my feed coming from something that claims to be Firefox, pointing to your feed URL in the query. No clue what this is about. In any case, it’s rejected with a 405 Method Not Allowed.

2. Not that these few requests bother me at all, but you might wanna implement caching next with either the If-Modified-Since or If-None-Match request headers. This way, if the feed hasn’t changed, the web server can reply with a 304 Not Modified and no body at all, saving unnecessary traffic. But again, this is really not an issue for me at all. I just wanted to make sure you’re aware of it, that’s all. It might be even already on your agenda. Or you might decide to never do anything about it, which is also fine for me. :-)

Please don’t hate me today; I’m a bit grumpy and have too many reasons to be upset:

• 2 counts of pushing and trying to get the simplest things done at work (that for some reason are made more difficult than they should be)
  
• This whole Chat Control bullshit
  
• And some other person things going on that have been ongoing for 72 days and counting 🤬

@prologic@twtxt.net I know we won’t ever convince each other of the other’s favorite addressing scheme. :-D But I wanna address (haha) your concerns:

1. I don’t see any difference between the two schemes regarding link rot and migration. If the URL changes, both approaches are equally terrible as the feed URL is part of the hashed value and reference of some sort in the location-based scheme. It doesn’t matter.

2. The same is true for duplication and forks. Even today, the “cannonical URL” has to be chosen to build the hash. That’s exactly the same with location-based addressing. Why would a mirror only duplicate stuff with location- but not content-based addressing? I really fail to see that. Also, who is using mirrors or relays anyway? I don’t know of any such software to be honest.

3. If there is a spam feed, I just unfollow it. Done. Not a concern for me at all. Not the slightest bit. And the byte verification is THE source of all broken threads when the conversation start is edited. Yes, this can be viewed as a feature, but how many times was it actually a feature and not more behaving as an anti-feature in terms of user experience?

4. I don’t get your argument. If the feed in question is offline, one can simply look in local caches and see if there is a message at that particular time, just like looking up a hash. Where’s the difference? Except that the lookup key is longer or compound or whatever depending on the cache format.

5. Even a new hashing algorithm requires work on clients etc. It’s not that you get some backwards-compatibility for free. It just cannot be backwards-compatible in my opinion, no matter which approach we take. That’s why I believe some magic time for the switch causes the least amount of trouble. You leave the old world untouched and working.

If these are general concerns, I’m completely with you. But I don’t think that they only apply to location-based addressing. That’s how I interpreted your message. I could be wrong. Happy to read your explanations. :-)

@alexonit@twtxt.alessandrocutolo.it thank you and welcome back to Yarn! The somewhat plushie-like look is intentional, so I’m glad it was noticed.

Only have 2 sizes of him in this pose, as well as most other sitting poses, but if there’s ever a sitting pose, shared by more than 2 of them, I’ll be sure to make a matrioska edit.

I bought an iPhone (as my third smartphone)
I never thought I would do this, but I bought an iPhone. It’s a pretty cheap iPhone SE 2. Gen (2020) used from eBay, like the device I got issued from my work. It’s so tiny and it’s really difficult to type even a short text like this. ⌘ Read more

🧮 USERS:1 FEEDS:2 TWTS:1470 ARCHIVED:90004 CACHE:2669 FOLLOWERS:22 FOLLOWING:14

🧮 USERS:1 FEEDS:2 TWTS:1469 ARCHIVED:89989 CACHE:2669 FOLLOWERS:22 FOLLOWING:14

Here’s one possible hobby: 1. Take something you don’t like. 2. Try to like it. You can try to like stuff

🧮 USERS:1 FEEDS:2 TWTS:1468 ARCHIVED:89982 CACHE:2683 FOLLOWERS:22 FOLLOWING:14

🧮 USERS:1 FEEDS:2 TWTS:1467 ARCHIVED:89975 CACHE:2680 FOLLOWERS:22 FOLLOWING:14

🧮 USERS:1 FEEDS:2 TWTS:1466 ARCHIVED:89964 CACHE:2691 FOLLOWERS:22 FOLLOWING:14

🧮 USERS:1 FEEDS:2 TWTS:1465 ARCHIVED:89956 CACHE:2696 FOLLOWERS:22 FOLLOWING:14

Ignite Realtime Blog: Openfire 5.0.2 release!
The IgniteRealtime community is happy to announce a new release of its open source, real-time communications server server Openfire! Version 5.0.2 brings a number of stability improvements and bug fixes.

Notably, it addresses a recently identified security vulnerability, identifies as CVE-2025-59154. The issue allows for potential identity spoofing via unsafe Common Nam … ⌘ Read more

🧮 USERS:1 FEEDS:2 TWTS:1464 ARCHIVED:89943 CACHE:2694 FOLLOWERS:22 FOLLOWING:14

ok so i have found a genuine twt hash collision. what do i do.

internally, bbycll relies on a post lookup table with post hashes as keys, this is really fast but i knew i’d inevitably run into this issue (just not so soon) so now i have to either:
  1) pick the newer post over the other
  2) break from specification and not lowercase hashes
  3) secretly associate canonical urls or additional entropy with post hashes in the backend without a sizeable performance impact somehow

🧮 USERS:1 FEEDS:2 TWTS:1463 ARCHIVED:89933 CACHE:2719 FOLLOWERS:22 FOLLOWING:14

🧮 USERS:1 FEEDS:2 TWTS:1462 ARCHIVED:89926 CACHE:2715 FOLLOWERS:22 FOLLOWING:14

🧮 USERS:1 FEEDS:2 TWTS:1461 ARCHIVED:89907 CACHE:2729 FOLLOWERS:22 FOLLOWING:14

Since Google announced their intentions to heavily limit sideloading on Android, starting end of 2026, I’ve been looking for potential solutions, for this policy change, that threatens the majority of projects I maintain, in some way. Google already killed my browser project years ago, but I have no other choice, than to fight this, any way I can.

The best choice to deal with this, will probably be the Android Debug Bridge, which can be used not only to install apps unrestricted, but also to uninstall, or remove, almost any unnecessary part of the OS. Shizuku, combined with Canta Debloater, is the winning combination for now.

I’ve already removed most Google apps from my device: the annoying AI assistant, the stupid Google app adding the annoying articles, left of your homes screen, Google One, Gboard, Safety app… it’s amazing, no distracting Google slopware, like in the good old Android 2 days! And I absolutely intend to keep it this way, from now on, no new Google apps or services on my devices, unless Google can give me a good enough reason, to allow them there and whenever the app that verifies signatures, to block installing apps not approved by Google, I’ll just remove it from my device and advocate others do so too.

🧮 USERS:1 FEEDS:2 TWTS:1460 ARCHIVED:89905 CACHE:2731 FOLLOWERS:22 FOLLOWING:14