Okay, so the funniest thing that has happened at work in the realm of AI so far is this:

So this guy (that holds a certain position of power) wants people to use more AI, meaning people are expected to install a set of AI tools on their laptops. But, of course, he doesn’t want to write proper documentation for this, because that would be silly monkey work, right? So he conjures up some AI prompts that are intended to make the AI agent install all this stuff by itself.

Do you see where this is going? Can you see the punchline?

That’s right! Since none of this AI stuff is deterministic, every setup is different. 🤦‍♀️ Like, 10, 20 systems, all set up a little different and people wonder why this or that doesn’t work as expected.

Okay, it’s not funny.

Image

@lyse@lyse.isobeef.org The thing is that’s hard to avoid if TYPE_CHECKING, but documentation tools such as pdoc don’t support that … so it’s either type hints or API docs. 🤷

I hope I can eventually find a way out of this mess …

@movq@www.uninformativ.de Sorry, I meant the builtin module:

$ python3 -m pep8 file.py
/usr/lib/python3/dist-packages/pep8.py:2123: UserWarning: 

pep8 has been renamed to pycodestyle (GitHub issue #466)
Use of the pep8 tool will be removed in a future release.
Please install and use `pycodestyle` instead.

  $ pip install pycodestyle
  $ pycodestyle ...

I can’t seem to remember the name pycodestyle for the life of me. Maybe that’s why I almost never use it.

Since I used so much Rust during the holidays, I got totally used to rustfmt. I now use similar tools for Python (black and isort).

What have I been doing all these years?! I never want to format code manually again. 🤣😅

mu (µ) now has builtin code formatting and linting tools, making µ far more useful and useable as a general purpose programming language. Mu now includes:

• An interpreter for quick “scriptinog”
  
• A native code compiler for building native executables (Darwin / macOS only for now)
  
• A builtin set of developer tools, currently: fmt (-fmt), check (-check) and test (-test).

@lyse@lyse.isobeef.org I can tell you this right now, writing assembly / machine code is fucking hard work™ 😓 I’m sure @movq@www.uninformativ.de can affirm 🤣 And when it all goes to shit™ (which it does often), man is debugging fucking hard as hell! Without debug symbols I can’t use the regular tools like lldb or gdb 😂

I need to update my profile page now that I finished my PhD… I wonder what should I write…

This animation is made with points in a Python collections.deque data structure, added by dragging the mouse (code shown bellow) 🔭 I'm currently working on a PhD at Unicamp. 🌱 I should be talking less and concentrating, but... 💬 Ask me about drawing with Python! Check out py5 and pyp5js, they bring in the vocabulary from Processing & P5js! I try to make a new drawing with code everyday, and I put the results at skech-a-day. 👯 I’d like to collaborate on open resources to teach programming. I collect tools for teaching Python in a visual output here. If you find the things I share here usefull, consider supporting my work! You can use this PayPal donation link, Wise, liberapay.com/villares, or if you are in Brazil, PIX: 46c37783-5edb-4f1c-b3a8-1309db11488c (chave aleatória). You can check out my Domestika course, Design with Python " target="_blank"> Image

@prologic@twtxt.net I’ve been awake at that time, didn’t notice anything. 🤔 Where was that BGP analyzer again … 😅 There’s a tool that keeps track of these things, right? I forgot what it was.

@lyse@lyse.isobeef.org Yeah, well, given that I didn’t need this for such a long time, it’s probably not an essential tool. 😅

I’ve often wanted to have an outline of text documents, though, and tagbar/ctags can do that as well:

https://movq.de/v/3c6d1a13d6/tagbar-md.png

https://movq.de/v/abc58e6d66/tagbar-latex.png

This isn’t as powerful as the “Navigator” tool in StarOffice/LibreOffice (which can be used to rearrange the document), but still pretty useful:

https://www.uninformativ.de/blog/postings/2024-05-23/0/so31.mp4

#Processing & #py5 tip:
Remember the shapes you put on draw() will be redrawn over and over, and if they don’t move (leaving a trail) you might want to either clean each frame with background(...), or stop the draw loop (noLoop() in Processing or no_loop() in py5), otherwise you kill the anti-aliasing of the lines/strokes/edges!

I’m posting this tip because even using these tools for years and knowing this, today I briefly thought something was odd/broken because my lines were ugly with no “smoothing” :D

”`python
import py5

def setup():

py5.size(200, 200)
py5.stroke_weight(2)
# a line that will drawn once only
py5.line(10, 10, 190, 90)  

def draw():

# you could clean the frame here with background(200)
# this other line will be redrawn many times
py5.line(10, 110, 190, 190) 

def key_pressed():

py5.save('out.png')

py5.run_sketch()

”`

Image

Why do people choose Discord (the closed forum tool) over Discourse (the open forum tool)?

[I know the feature set is different, and there are pros and cons, this is mostly a rant]

Android shopping list apps disappointed me too many times, so I went back to writing these lists by hand a while ago.

Here’s what’s more fun: Write them in Vim and then print them on the dotmatrix printer. 🥳

And, because I can, I use my own font for that, i.e. ImageMagick renders an image file and then a little tool converts that to ESC/P so I can dump it to /dev/usb/lp0.

(I have so much scrap paper from mail spam lying around that I don’t feel too bad about this. All these sheets would go straight to the bin otherwise.)

Image

@prologic@twtxt.net Let’s go through it one by one. Here’s a wall of text that took me over 1.5 hours to write.

This section says AI should not be treated as an authority. This is actually just what I said, except the AI phrased/framed it like it was a counter-argument.

The AI also said that users must develop “AI literacy”, again phrasing/framing it like a counter-argument. Well, that is also just what I said. I said you should treat AI output like a random blog and you should verify the sources, yadda yadda. That is “AI literacy”, isn’t it?

My text went one step further, though: I said that when you take this requirement of “AI literacy” into account, you basically end up with a fancy search engine, with extra overhead that costs time. The AI missed/ignored this in its reply.

Okay, so, the AI also said that you should use AI tools just for drafting and brainstorming. Granted, a very rough draft of something will probably be doable. But then you have to diligently verify every little detail of this draft – okay, fine, a draft is a draft, it’s fine if it contains errors. The thing is, though, that you really must do this verification. And I claim that many people will not do it, because AI outputs look sooooo convincing, they don’t feel like a draft that needs editing.

Can you, as an expert, still use an AI draft as a basis/foundation? Yeah, probably. But here’s the kicker: You did not create that draft. You were not involved in the “thought process” behind it. When you, a human being, make a draft, you often think something like: “Okay, I want to draw a picture of a landscape and there’s going to be a little house, but for now, I’ll just put in a rough sketch of the house and add the details later.” You are aware of what you left out. When the AI did the draft, you are not aware of what’s missing – even more so when every AI output already looks like a final product. For me, personally, this makes it much harder and slower to verify such a draft, and I mentioned this in my text.

You, @prologic@twtxt.net, also mentioned this in your car tyre example.

In my text, I gave two analogies: The gym analogy and the Google Translate analogy. Your car tyre example falls in the same category, but Gemini’s calculator example is different (and, again, gaslight-y, see below).

What I meant in my text: A person wants to be a programmer. To me, a programmer is a person who writes code, understands code, maintains code, writes documentation, and so on. In your example, a person who changes a car tyre would be a mechanic. Now, if you use AI to write the code and documentation for you, are you still a programmer? If you have no understanding of said code, are you a programmer? A person who does not know how to change a car tyre, is that still a mechanic?

No, you’re something else. You should not be hired as a programmer or a mechanic.

Yes, that is “skill evolution” – which is pretty much my point! But the AI framed it like a counter-argument. It didn’t understand my text.

(But what if that’s our future? What if all programming will look like that in some years? I claim: It’s not possible. If you don’t know how to program, then you don’t know how to read/understand code written by an AI. You are something else, but you’re not a programmer. It might be valid to be something else – but that wasn’t my point, my point was that you’re not a bloody programmer.)

Gemini’s calculator example is garbage, I think. Crunching numbers and doing mathematics (i.e., “complex problem-solving”) are two different things. Just because you now have a calculator, doesn’t mean it’ll free you up to do mathematical proofs or whatever.

What would have worked is this: Let’s say you’re an accountant and you sum up spendings. Without a calculator, this takes a lot of time and is error prone. But when you have one, you can work faster. But once again, there’s a little gaslight-y detail: A calculator is correct. Yes, it could have “bugs” (hello Intel FDIV), but its design actually properly calculates numbers. AI, on the other hand, does not understand a thing (our current AI, that is), it’s just a statistical model. So, this modified example (“accountant with a calculator”) would actually have to be phrased like this: Suppose there’s an accountant and you give her a magic box that spits out the correct result in, what, I don’t know, 70-90% of the time. The accountant couldn’t rely on this box now, could she? She’d either have to double-check everything or accept possibly wrong results. And that is how I feel like when I work with AI tools.

Gemini has no idea that its calculator example doesn’t make sense. It just spits out some generic “argument” that it picked up on some website.

The AI makes two points here. The first one, I might actually agree with (“bad bot behavior is not the fault of AI itself”).

The second point is, once again, gaslighting, because it is phrased/framed like a counter-argument. It implies that I said something which I didn’t. Like the AI, I said that you would have to adjust the copyright law! At the same time, the AI answer didn’t even question whether it’s okay to break the current law or not. It just said “lol yeah, change the laws”. (I wonder in what way the laws would have to be changed in the AI’s “opinion”, because some of these changes could kill some business opportunities – or the laws would have to have special AI clauses that only benefit the AI techbros. But I digress, that wasn’t part of Gemini’s answer.)

Except for one point, I don’t accept any of Gemini’s “criticism”. It didn’t pick up on lots of details, ignored arguments, and I can just instinctively tell that this thing does not understand anything it wrote (which is correct, it’s just a statistical model).

And it framed everything like a counter-argument, while actually repeating what I said. That’s gaslighting: When Alice says “the sky is blue” and Bob replies with “why do you say the sky is purple?!”

But it sure looks convincing, doesn’t it?

This took so much of my time. I won’t do this again. 😂

@movq@www.uninformativ.de Gemini liked your opinion very much. Here is how it countered:

The criticism of AI as untrustworthy is a problem of misapplication, not capability.

• AI as a Force Multiplier: AI should be treated as a high-speed drafting and brainstorming tool, not an authority. For experts, it offers an immense speed gain, shifting the work from slow manual creation to fast critical editing and verification.
  
• The Rise of AI Literacy: Users must develop a new skill—AI literacy—to critically evaluate and verify AI’s probabilistic output. This skill, along with improving citation features in AI tools, mitigates the “gaslighting” effect.
  

The fear of skill loss is based on a misunderstanding of how technology changes the nature of work; it’s skill evolution, not erosion.

• Shifting Focus to High-Level Skills: Just as the calculator shifted focus from manual math to complex problem-solving, AI shifts the focus from writing boilerplate code to architectural design and prompt engineering. It handles repetitive tasks, freeing humans for creative and complex challenges.
  
• Accessibility and Empowerment: AI serves as a powerful democratizing tool, offering personalized tutoring and automation to people who lack deep expertise. While dependency is a risk, this accessibility empowers a wider segment of the population previously limited by skill barriers.
  

The legal and technical flaws are issues of governance and ethical practice, not reasons to reject the core technology.

• Need for Better Bot Governance: Destructive scraping is a failure of ethical web behavior and can be solved with better bot identification, rate limits, and protocols (like enhanced robots.txt). The solution is to demand digital citizenship from AI companies, not to stop AI development.

@prologic@twtxt.net Nothing, yet. It was sent in written form. There’s probably little point in fighting this, they have made up their minds already (and AI is being rolled up en masse in other departments), but on the other hand, there are – truthfully – very few areas where AI could actually be useful to me.

There are going to be many discussions about this …

This is completely against the “spirit” of this company, btw. We used to say: “It’s the goal that matters. Use whatever tools you think are appropriate.” That’s why I’m allowed to use Linux on my laptop. Maybe they will back down eventually when they realize that trying to push this on people is pointless. Maybe not.

Erlang Solutions: ​​Expert Insights from Our Latest Webinars
The Erlang Solutions team has been creating webinars that share knowledge, spark ideas, and celebrate the BEAM community. Each one offers a chance to explore new tools, hear fresh perspectives, and learn from the people building scalable and reliable systems every day.

If you haven’t tuned in yet, here’s a look at some of our recent sessions, full of practical insights and new thinking shaping the future of the BEAM.

@lyse@lyse.isobeef.org

The one for Delphi was quite good.

It was! I didn’t use Delphi for long, though. Dunno why, I always gravitated towards Visual Basic back then. 😅

These days I don’t deal with GUI programming anymore.

I also avoid it when possible, because … it’s exhausting, because … the tools that I have/know are “subpar”. Doing anything regarding GUIs always feels like a chore. That wasn’t the case in the VB days.

Well, I made this in ~2009 with Java/Swing and it was pretty nice to work with, custom widgets and all:

https://movq.de/v/de26d5edb3/s.png

I wouldn’t dare doing this with GTK.

@movq@www.uninformativ.de I guess I wasn’t talking about the speed of interesting text/context, but more the “slowness” of these tools. I think I can build/ solutions and fix bugs faster most of the time? Hmmm 🤔 I think the only thing it’s able to do better than me is grasp large codebases and do pattern machines a bit better, mostly because we’re limited by the interfaces we have to use and in my ase being vision impaired doesn’t help :/

The Ultimate Guide to 403 Forbidden Bypass (2025 Edition)

Image

Master the art of 403 bypass with hands-on examples, tools and tips..

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/the-ultimate-guide-to-403-forbidden-byp … ⌘ Read more

23. Tools vs. Mindset: What Matters More in 2025

Image

Why the Right Mindset Will Outperform the Most Advanced Tools

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/23-tools-vs-mindset-what-matters-more-in-2025-1be217350787?source=rss—-7b7 … ⌘ Read more

** How to Use AI to Learn Bug Hunting & Cybersecurity Like a Pro (in 2025)**

Image

Hey there 👋,
I’m Vipul, the mind behind The Hacker’s Log — where I break down the hacker’s mindset, tools, and secrets 🧠💻

[Continue reading … ⌘ Read more

How to Add MCP Servers to Claude Code with Docker MCP Toolkit
AI coding assistants have evolved from simple autocomplete tools into full development partners. Yet even the best of them, like Claude Code, can’t act directly on your environment. Claude Code can suggest a database query, but can’t run it. It can draft a GitHub issue, but can’t create it. It can write a Slack message,… ⌘ Read more

[$] Gccrs after libcore
Despite its increasing popularity, the Rust programming language is still
supported by a single compiler, the LLVM-based rustc. At the 2025 GNU Tools\
Cauldron, Pierre-Emmanuel Patry said that a lot of people are waiting
for a GCC-based Rust compiler before jumping into the language. Patry, who
is working on just that compiler (known as “gccrs”), provided an update on
the status of that project and what is coming next. ⌘ Read more

Ubuntu 25.10 released
Ubuntu\
25.10, “Questing Quokka”, has been released. This release includes
Linux 6.17, GNOME 49, GCC 15, Python 3.13.7,
Rust 1.85, and more. This release also features Rust-based
implementations of sudo and coreutils; LWN covered the switch to the
Rust-based tools in March. The 25.10 version of Ubuntu flavors
Edubuntu, Kubuntu, Lubuntu, Ubuntu Budgie, Ubuntu Cinnamon, Ubuntu
Kylin, Ubuntu MATE, Ubun … ⌘ Read more

Security updates for Thursday
Security updates have been issued by AlmaLinux (gnutls, kernel, kernel-rt, and open-vm-tools), Debian (chromium, python-django, and redis), Fedora (chromium, insight, mirrorlist-server, oci-seccomp-bpf-hook, rust-maxminddb, rust-prometheus, rust-prometheus_exporter, rust-protobuf, rust-protobuf-codegen, rust-protobuf-parse, rust-protobuf-support, turbo-attack, and yarnpkg), Oracle (iputils, kernel, open-vm-tools, redis, and valkey), Red Hat (perl-File-Find-Rule and perl-File-Find-Rul … ⌘ Read more

[$] LWN.net Weekly Edition for October 9, 2025
Inside this week’s LWN.net Weekly Edition:

• Front: Kernel Rust features; systemd v258, part 2; Cauldron kernel hackers; BPF for GNU tools; 6.18 merge window, part 1; Lifetime-end pointer zapping; Robot Operating System.

• Briefs: OpenSSH 10.1; Firefox profiles; Python 3.14; U-Boot v2025.10; FSF presidency; Quotes; …

• Announcements: Newsletters, conferences, security upda … ⌘ Read more

Security updates for Wednesday
Security updates have been issued by Fedora (apptainer, civetweb, mod_http2, openssl, pandoc, and pandoc-cli), Oracle (kernel), Red Hat (gstreamer1-plugins-bad-free, iputils, kernel, open-vm-tools, and podman), SUSE (cairo, firefox, ghostscript, gimp, gstreamer-plugins-rs, libxslt, logback, openssl-1_0_0, openssl-1_1, python-xmltodict, and rubygem-puma), and Ubuntu (gst-plugins-base1.0, linux-aws-6.8, linux-aws-fips, linux-azure, linux-azure-nvidia, linux-gke, linux-nvidia-tegra- … ⌘ Read more

Unlocking Local AI on Any GPU: Docker Model Runner Now with Vulkan Support
Running large language models (LLMs) on your local machine is one of the most exciting frontiers in AI development. At Docker, our goal is to make this process as simple and accessible as possible. That’s why we built Docker Model Runner, a tool to help you download and run LLMs with a single command. Until… ⌘ Read more

@lyse@lyse.isobeef.org Cool! 😎 You might be interested in my own learnings and toying around with building my own container engine / tooling (whatever you wanna call it) box. I had to learn a bunch of this stuff too 😅 Control Groups, Namespaces, Process Isolation, etc.

Security updates for Tuesday
Security updates have been issued by Fedora (chromium), Red Hat (kernel, open-vm-tools, and postgresql), SUSE (chromedriver and chromium), and Ubuntu (haproxy and pam-u2f). ⌘ Read more

My open letter, to the European Commission digital markets act team:

Hello,

I am joining other developers, concerned about Googles new plan, to approve every app and effectively destroy most of the competing 3rd party stores this way. The biggest one of these alternative stores, most known for their focus on user and developer privacy, already states, this would make it impossible for them to operate: https://f-droid.org/cs/2025/09/29/google-developer-registration-decree.html
Even communities like the XDA forum, where new developers are often introduced to the world of Android development, would likely be strongly impacted, as making, publishing and installing Android apps is made less accessible.

I am not just writing on their behalf, I run a small website myself (https://thecanine.ueuo.com/), that both provides legal modifications, for some android apps - for example adding an amoled dark theme, to the most popular XMPP chat client for Android, or increasing one of Androids keyboard apps height. This all comes after Googles previous changes to the Android operating system, that prevent users from installing old apps (old to Google, can mean only a couple of months, without an update - https://developer.android.com/google/play/requirements/target-sdk and the target version gets increased every year). I rely on apps developed by a single developer, even for things like making the pixel art presented on my website and sideloading as a way to make these apps work, before developers can catch up to Google’s new requirements - if Google is allowed to slowly kill these options, us digital artists will soon lose the tools we need to create digital art.

ChatGPT Now Interacts With Multiple Apps Inside Conversations
ChatGPT users can now interact with a handful of third-party apps directly within their conversations, OpenAI has announced.

Image

The new Apps SDK allows developers to build tools that blend naturally into chats, and initial partners include Spotify, Canva, Zillow, Expedia, Booking.com, Coursera, and Figma.

User … ⌘ Read more

U-Boot v2025.10 released
Version 2025.10 of the U-Boot boot loader
has been released with new features, including Python tooling improvements,
cleanups for implicit header inclusions, better support for numerous Arm
platforms, support for new RISC-V platforms, better documentation, and
more. Maintainer Tom Rini also reports on some project news:

As I mentioned with the v2025.07
release, I was looking for a few people to step up and help with the
overall organization and management of the project. To that … ⌘ Read more

Create a MacOS Tahoe VM with tart
The Mac command line tool tart continues to offer one of the simplest and fastest ways to setup a new virtual machine, and setting up a Tahoe VM is no exception. Whether you’re a developer, tinkerer, tester, or just someone who wants to give the latest MacOS Tahoe 26 operating system a trial run without … Read More ⌘ Read more

[$] Next steps for BPF support in the GNU toolchain
Support for BPF in the kernel has been tied to the LLVM toolchain since the
advent of extended BPF. There has been a growing effort to add BPF support
to the GNU toolchain as well, though. At the 2025 GNU Tools Cauldron, the
developers involved got together with representatives of the kernel
community to talk about the state of that work and what needs to happen
next. ⌘ Read more

Security updates for Monday
Security updates have been issued by AlmaLinux (kernel), Debian (dovecot, git, log4cxx, and openssl), Fedora (containernetworking-plugins, firebird, firefox, jupyterlab, mupdf, and thunderbird), Oracle (ipa), Red Hat (container-tools:rhel8, firefox, gnutls, kernel, kernel-rt, multiple packages, mysql, mysql:8.0, nginx, podman, and thunderbird), Slackware (fetchmail), SUSE (afterburn, chromium, firefox, haproxy, libvmtools-devel, logback, python311-Django, python311-Django4, and … ⌘ Read more

KI im Klassenzimmer: Wie Schüler und Lehrer mit dem “neuen Normalzustand” umgehen
Tools wie ChatGPT sind längst in den Schulen angekommen. Wie sich der Unterricht dadurch verändert - und wie sich Risiken vermindern lassen. Ein Bericht von Oliver Jessner ( KI, Wissenschaft)

Image

Präventive Fahndung mit PrismX: Der Radikalisierung per KI zuvorkommen
Das KI-Tool PrismX eines indischen Studenten analysiert Postings in sozialen Medien und erstellt eine Risikoeinschätzung für die Radikalisierung einer Person. Ein Bericht von Lars Lubienetzki ( Tools, KI)

Image

2 Ways to Install Homebrew in MacOS Tahoe
Homebrew is a powerful command line package manager that allows you to easily install, update, and manage popular command line programs and tools, as well as traditional graphical apps with cask (and third party tools like Applite help you manage cask through the GUI too). It’s a popular tool with advanced Mac users and those … Read More ⌘ Read more

Computational tool helps forecast volcano slope collapses and tsunamis
For people living near volcanoes, danger goes well beyond lava flows and clouds of ash. Some explosive eruptions can lead to dramatic collapses of the sides of a volcano, like those at Mount St. Helens, Washington, and Anak Krakatau, Indonesia. The latter triggered tsunamis blamed for most deaths from its historic eruptions in 1883. ⌘ Read more

I know good people who work at Microsoft (like Guido van Rossum and Pamela Fox) but I don’t trust MS a iota. Making Processing work on VS Code… I don’t know if I like it. It leads people to a tool too much under MS control. I guess VS Code is too big to fail now?
I know about VS Codium… also, I’m struggling to move my stuff out of GitHub.

[$] Kernel hackers at Cauldron, 2025 edition
The GNU Tools Cauldron is almost entirely focused on user-space tools, but
kernel developers need a solid toolchain too. In what appears to be a
developing tradition ( started in 2024),
some kernel developers attended the 2025 Cauldron for the
second year in a row to discuss their needs with the assembled toolchain
developers. Topics covered in this year’s gathering include Rust, better
[BPF type\
format (BTF … ⌘ Read more

Security updates for Wednesday
Security updates have been issued by AlmaLinux (kernel, kernel-rt, mysql:8.0, and openssh), Debian (libcommons-lang-java, libcommons-lang3-java, libcpanel-json-xs-perl, libjson-xs-perl, libxml2, open-vm-tools, and u-boot), Fedora (bird, dnsdist, mapserver, ntpd-rs, python-nh3, and rust-ammonia), Oracle (kernel and mysql:8.0), Red Hat (cups, postgresql:12, and postgresql:13), SUSE (cJSON-devel, gimp, kernel-devel, kubecolor, open-vm-tools, openssl-1_1, openssl-3, and ruby3.4-ruby … ⌘ Read more

[$] Linting Rust code in the kernel
Klint is a Rust compiler extension
developed by Gary Guo to run some
kernel-specific lint rules, which may also be useful for embedded system
development. He spoke about his
recent work on the project at
Kangrejos 2025. The next day, Alejandra González
led a discussion about Rust’s normal linter,
Clippy. The two tools … ⌘ Read more

@lyse@lyse.isobeef.org I can suggest you a trick to do a “cold” welding.

Using a copper wire or a similarly malleable material, pass it through a drilled hole, hammer it on one end until flat, then do the same on the other side.

It does the same job of a rivet but it’s flatter and look nicer on both sides, it’s of course weaker but still strong enough for small objects.

It’s sometimes used to reduce risk of deformities due to heat in hand-crafted jewelry and to reduce costs of small tools.

Security updates for Tuesday
Security updates have been issued by Debian (python-internetarchive and tiff), Fedora (nextcloud), Oracle (kernel, openssh, and squid), Red Hat (kernel, kernel-rt, and ncurses), SUSE (afterburn and chromium), and Ubuntu (open-vm-tools, ruby-rack, and tiff). ⌘ Read more

Expanding Docker Hardened Images: Secure Helm Charts for Deployments
Development teams are under growing pressure to secure their software supply chains. Teams need trusted images, streamlined deployments, and compliance-ready tooling from partners they can rely on long term. Our customers have made it clear that they’re not just looking for one-off vendors. They’re looking for true security partners across development and deployment. That’s why… ⌘ Read more

100% All Achievements
⌘ Read more

DietPi September 2025 Update Brings Faster Backups and Roon Server Early Access
The September 20th release of DietPi v9.17 introduces smaller and more efficient system images, faster backups with reduced disk usage, and a new toggle for Roon Server’s early access builds. The update also addresses SPI bootloader flashing issues on Rockchip devices, improves Raspberry Pi sound card handling, and includes multiple bug fixes across tools and […] ⌘ Read more

@bender@twtxt.net @movq@www.uninformativ.de Thank you! Not sure what I end up putting in there, but I’m sure I will find some tools to go in. :-)

Yes, this was a flat piece of sheet metal. It went together like a cardboard box, just much slower and with timbers clamped down to get a straight folding line. I don’t have a sheet metal brake, so I just carefully hammered the piece bit by bit. Like in this video by the Sheet Metal Dude: https://www.youtube.com/watch?v=WYgEfWEMXk0

ESP32 Bus Pirate Turns Low-Cost Boards into Multi-Protocol Debugging Tools
An open-source project called ESP32 Bus Pirate has been released, inspired by the classic Bus Pirate and adapted for modern ESP32-S3 hardware. Developed by Geo-tp, the firmware transforms low-cost ESP32 boards into versatile debugging devices that can probe, sniff, and interact with a wide range of digital and radio protocols. The firmware supports protocols such […] ⌘ Read more

Run, Test, and Evaluate Models and MCP Locally with Docker + Promptfoo
Promptfoo is an open-source CLI and library for evaluating LLM apps. Docker Model Runner makes it easy to manage, run, and deploy AI models using Docker. The Docker MCP Toolkit is a local gateway that lets you set up, manage, and run containerized MCP servers and connect them to AI agents.  Together, these tools let… ⌘ Read more

MCP Horror Stories: The Drive-By Localhost Breach
This is Part 4 of our MCP Horror Stories series, where we examine real-world security incidents that expose the devastating vulnerabilities in AI infrastructure and demonstrate how Docker MCP Gateway provides enterprise-grade protection against sophisticated attack vectors. The Model Context Protocol (MCP) has transformed how developers integrate AI agents with their development environments. Tools like… ⌘ Read more

Here is just a small list of things™ that I’m aware will break, some quite badly, others in minor ways:

1. Link rot & migrations: domain changes, path reshuffles, CDN/mirror use, or moving from txt → jsonfeed will orphan replies unless every reader implements perfect 301/410 history, which they won’t.
   
2. Duplication & forks: mirrors/relays produce multiple valid locations for the same post; readers see several “parents” and split the thread.
   
3. Verification & spam-resistance: content addressing lets you dedupe and verify you’re pointing at exactly the post you meant (hash matches bytes). Location anchors can be replayed or spoofed more easily unless you add signing and canonicalization.
   
4. Offline/cached reading: without the original URL being reachable, readers can’t resolve anchors; with hashes they can match against local caches/archives.
   
5. Ecosystem churn: all existing clients, archives, and tools that assume content-derived IDs need migrations, mapping layers, and fallback logic. Expect long-lived threads to fracture across implementations.

Silent Component Updates & Redesigned Update Experience
Following on from our previous initiative to improve how Docker Desktop delivers updates, we are excited to announce another major improvement to how Docker Desktop keeps your development tools up to date. Starting with Docker Desktop 4.46, we’re introducing automatic component updates and a completely redesigned update experience that puts your productivity first. Why We’re… ⌘ Read more

@kat@yarn.girlonthemoon.xyz it is not showing for me, on a validator. Missing something?

#Pyxel is a retro inspired #GameEngine for #Python, it’s very impressive!

It’s not hard to generate a static HTML page that loads your game to run on the browser with #pyodide (WASM). And it comes with an assets editor and a #chiptune making tool.

https://github.com/kitao/pyxel

I intentionally use #AI tools to work…

Updating my #Processing + #Python tools table:

https://github.com/villares/Resources-for-teaching-programming/blob/main/README.md#processing–python-tools-table

After some years, things changed and my opinions changed a bit too:

• #py5 is going supper strong and the “new snake_case names” are not an issue for me anymore. I used to worry a lot about all the Processing Python mode examples and teaching materials out there, and some of my own, with “CamelCase Processing names” I’m not worried at all about it anymore!

• For the record, Processing Python mode is just a legacy thing, no one should start anything with it.

• The great pure Python Processing implementation project #p5py seems stalled, latest release in Dec. 2023 :((( Advancing it was always going to be an uphill battle…

• The unrelated Brython based site p5py.com seems to be gone, so I removed it from the table.

• I added a link to my own #pyp5js hack py5pjs/py5mode because this is what I’m using most nowadays.

Updating my #Processing + #Python tools table:

https://github.com/villares/Resources-for-teaching-programming/blob/main/README.md#processing–python-tools-table

After some years, things changed and my opinions changed a bit too:

• #py5 is going super strong and the “new snake_case names” are not an issue for me anymore. I used to worry a lot about all the Processing Python mode examples and teaching materials out there, and some of my own, with “CamelCase Processing names” I’m not worried at all about it anymore!

• For the record, Processing Python mode is just a legacy thing, no one should start anything with it.

• The great pure Python Processing implementation project #p5py seems stalled, latest release in Dec. 2023 :((( Advancing it was always going to be an uphill battle…

• The unrelated Brython based site p5py.com seems to be gone, so I removed it from the table.

• I added a link to my own #pyp5js hack py5pjs/py5mode because this is what I’m using most nowadays.

Updating my #Processing + #Python tools table:

https://github.com/villares/Resources-for-teaching-programming/blob/main/README.md#processing–python-tools-table

After some years, things changed and my opinions changed a bit too:

• #py5 is going super strong and the “new snake_case names” are not an issue for me anymore. I used to worry a lot about all the Processing Python mode examples and teaching materials out there, and some of my own, with “CamelCase Processing names” I’m not worried at all about it anymore!

• For the record, Processing Python mode is just a legacy thing, no one should start anything with it.

• The great “pure Python” (no Java required) Processing implementation project #p5py seems stalled, latest release in Dec. 2023 :((( Advancing it was always going to be an uphill battle…

• The unrelated Brython based site p5py.com seems to be gone, so I removed it from the table.

• I added a link to my own #pyp5js hack py5pjs/py5mode because this is what I’m using most nowadays.

Updating my #Processing + #Python tools table:

https://github.com/villares/Resources-for-teaching-programming/blob/main/README.md#processing–python-tools-table

After some years, things changed and my opinions changed a bit too:

• #py5 is going super strong and the “new snake_case names” are not an issue for me anymore. I used to worry a lot about all the Processing Python mode examples and teaching materials out there, and some of my own, with “CamelCase Processing names” I’m not worried at all about it anymore!

• For the record, Processing Python mode is just a legacy thing, no one should start anything new with it.

• The great “pure Python” (no Java required) Processing implementation project #p5py seems stalled, latest release in Dec. 2023 :((( Advancing it was always going to be an uphill battle…

• The unrelated #Brython based site p5py.com seems to be gone, so I removed it from the table.

• I added a link to my own #pyp5js hack py5pjs/py5mode because this is the version of pyp5js I’m using most nowadays.

#Pillow #PIL #Python

DeprecationWarning: 'mode' parameter is deprecated and will be removed in Pillow 13 (2026-10-15) img1 = PIL.Image.fromarray(my_array, mode="RGB")

So I went to see the documentation:

https://hugovk-pillow.readthedocs.io/en/latest/reference/Image.html#PIL.Image.fromarray

And came out empty handed, that is, couldn’t understand what to do instead :(

And the plot thickens:
https://github.com/python-pillow/Pillow/pull/9063

(@py5coding I guess you’ll want to check this out at some point. py5_tools.animated_gif uses this)

#Pillow #PIL #Python

DeprecationWarning: 'mode' parameter is deprecated and will be removed in Pillow 13 (2026-10-15) img1 = PIL.Image.fromarray(my_array, mode="RGB")

So I went to see the documentation:

https://hugovk-pillow.readthedocs.io/en/latest/reference/Image.html#PIL.Image.fromarray

And came out empty handed, that is, couldn’t understand what to do instead :(

And the plot thickens (this affects many projects, there are some workarounds, but some argument about “reverting” this change allowing some “mode” on import):

https://github.com/python-pillow/Pillow/pull/9063

(@py5coding@py5coding I guess you’ll want to check this out at some point. py5_tools.animated_gif uses mode=“RGB”)

#Pillow #PIL #Python
On Image.fromarray():

DeprecationWarning: 'mode' parameter is deprecated and will be removed in Pillow 13 (2026-10-15) img1 = PIL.Image.fromarray(my_array, mode="RGB")

So I went to see the documentation:

https://hugovk-pillow.readthedocs.io/en/latest/reference/Image.html#PIL.Image.fromarray

And came out empty handed, that is, couldn’t understand what to do instead :(

And the plot thickens (this affects many projects, there are some workarounds, but some argument about “reverting” this change allowing some “mode” on import):

https://github.com/python-pillow/Pillow/pull/9063

(@py5coding@py5coding I guess you’ll want to check this out at some point. py5_tools.animated_gif uses mode=“RGB”)

Erlang Solutions: Supporting the BEAM Community with Free CI/CD Security Audits
At Erlang Solutions, our support for the BEAM community is long-standing and built into everything we do. From contributing to open-source tools and sponsoring events to improving security and shaping ecosystem standards, we’re proud to play an active role in helping the BEAM ecosystem grow and thrive.

One way we’re putting that support into action is by offering free CI/CD-based security … ⌘ Read more

@kat@yarn.girlonthemoon.xyz dmenu is such a great tool. So simple, yet so versatile.

@prologic@twtxt.net @bender@twtxt.net That’s what I thought as well, sounds way too expensive to me. But I have no idea what the prices are over here. Probably also astronomical. Campers sit around most of the time, one really would need to use them a lot to justify spending so much money on them.

But yeah, each to their own (expensive) hobbies. :-) I, for example, burn my money on tools that I don’t really™ need. :-P

@prologic@twtxt.net Ah, I’m referring to software that’s similar to that of suckless.org: Small, minimal codebases, small tools, but still useful. dmenu is probably the best example and also farbfeld.

Here’s the author of Anubis talking about some of their experiences:

https://xeiaso.net/blog/why-i-use-suckless-tools-2020-06-05/

(You can skip the long config and keybinds part.)

@eldersnake@we.loveprivacy.club This was an interesting read for sure! 👍 I don’t think it had anything I hadn’t already considered in terms of the ethical/moral points of view. I’m not sure where I stand myself either to be honest. I’ve forced myself to get familiar with the ecosystem and tooling, because in my line of work as a tech lead (staff engineer in sre) you don’t want to be that one guy that ya know 😉 Ethically/Morally though, I’m definitely with the sentiment of this post 😅 Much like the whole Crypto hype yaers back (if y’all remember?!) this is also one of the most energy hungry pieces of “tech” (if you can call it that?) in a while. Then there’s these other issues “stealing people’s work”, “reliance is causing humans to become cognitively weak and neural connections to shrink”, to name a few…

@lyse@lyse.isobeef.org I have to say, this sounds much worse than our stuff at work. 🫩 (We don’t use any Microsoft services, at least not for core tools.)

Here are nice tools to search for news, if your newsoutlet is blocked. Web search or Port70news under newsfeeds.

@bender@twtxt.net Maybe one day I’ll take back over my prologic.blog domain from µBlog and redoit with my handy zs tool with some nice CSS 🤣

Spielebranche: Apple präsentiert Games-App für iOS 26 & Co
Apple bündelt mit der neuen Games-App alle Spiele und Community-Funktionen bei Mac. Dazu kommen optimierte Entwickler-Tools für bessere Performance. ( WWCD 2025, Apple)

Image

Gaokao: KI-Tools während Chinas wichtigster Prüfung abgeschaltet
Chinas Technologiekonzerne haben ihre KI-Dienste während der diesjährigen Hochschulzulassungsprüfungsprüfungen eingeschränkt. ( KI, Software)

Image

12 Development Tools
A small list of useful open source tools

Comments ⌘ Read more

container: tool for creating and running Linux containers using lightweight virtual machines on a Mac
Comments ⌘ Read more

Ish: Grep-like text search with optimal alignment, built with Mojo
Associated preprint: https://www.biorxiv.org/content/10.1101/2025.06.04.657890v1

The “built with Mojo” is there because this tool exists specifically to test run Mojo as a language for bioinformatics tool development.

Comments ⌘ Read more

(g+) Erstes Recall im Test: Recall gibts auch ohne Microsoft - als KI-Lern-Tool
Nein, es ist nicht das Recall von Microsoft, sondern ein KI-Tool, das hilft, Wissen zu erfassen, sammeln und sortieren - und das ziemlich gut. Ein Test von Tobias Költzsch ( KI, Browser)

Image

50 Command Line Tools You Wish You Knew Sooner

Image

Master the terminal with these essential commands that will transform your Linux experience from novice to power user.

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/50-command-line-tools-you-wis … ⌘ Read more

105 vibe-coded tools
Comments ⌘ Read more

A tool for burning visible pictures on a compact disc surface
Comments ⌘ Read more

21 Secret Linux Commands Hackers and Sysadmins Don’t Want You to Know About

Image

Not your usual ‘ls’ and ‘pwd’ — these are the real tools used by professionals.

[Continue reading on InfoSec Write-ups »](https://info … ⌘ Read more

GPU Memory Consistency: Specifications, Testing, and Opportunities for Performance Tooling
Comments ⌘ Read more

/e/OS 3.0 released
Version\
3.0 of the privacy-centric, open-source mobile operating system
has been released. Notable changes in this release include improved
privacy tools, a “find my device” feature, and more. LWN looked at /e/OS in
March. ⌘ Read more

Coding-KI: Kommerzielle KI-Tools sind für alten Code nicht geeignet
Um alten Code intern verwendeter Programme zu überprüfen, hat Morgan Stanley ein eigenes Tool entwickelt. Weniger Entwickler soll es deshalb nicht geben. ( KI, Programmiersprachen)

Image

@lyse@lyse.isobeef.org oh it wouldn’t be very long, maybe that’d make for a fun blog post! i just used the same tool that the nerd font people use to add glyphs, but for a “custom glyph set” i just added. the whole noto font LMAO

How to Make an AI Chatbot from Scratch using Docker Model Runner
Today, we’ll show you how to build a fully functional Generative AI chatbot using Docker Model Runner and powerful observability tools, including Prometheus, Grafana, and Jaeger. We’ll walk you through the common challenges developers face when building AI-powered applications, demonstrate how Docker Model Runner solves these pain points, and then guide you step-by-step through building… ⌘ Read more

Security updates for Tuesday
Security updates have been issued by AlmaLinux (varnish), Debian (asterisk and roundcube), Fedora (systemd), Mageia (golang), Red Hat (ghostscript, perl-CPAN, python36:3.6, and rsync), SUSE (govulncheck-vulndb, libsoup-2_4-1, and postgresql, postgresql16, postgresql17), and Ubuntu (mariadb, open-vm-tools, php-twig, and python-tornado). ⌘ Read more

**2. Setting Up the Ultimate Hacker’s Lab (Free Tools Only) **

Image

“You don’t need a fortune to break into bug bounty. You just need the right mindset — and the right setup.”

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/2-se … ⌘ Read more

[$] Hardening fixes lead to hard questions
Kees Cook’s “hardening\
fixes” pull request for the 6.16 merge window looked like a
straightforward exercise; it only contained four commits. So just about
everybody was surprised when it resulted in Cook being temporarily blocked
from his kernel.org account among fears of malicious activity. When the
dust settled, though, the red alert was canceled. It turns out,
surprisingly, that Git is a tool with which one can inflict substantial … ⌘ Read more

Less TODO, more done: The difference between coding agent and agent mode in GitHub Copilot
We’ll decode these two tools—and show you how to use them both to work more efficiently.

The post Less TODO, more done: The difference between coding agent and agent mode in GitHub Copilot appeared first on [Th … ⌘ Read more

Security updates for Monday
Security updates have been issued by Debian (espeak-ng, kitty, kmail-account-wizard, krb5, libreoffice, libvpx, net-tools, python-flask-cors, symfony, tcpdf, thunderbird, and twitter-bootstrap3), Fedora (chromium, dropbear, firefox, gstreamer1-plugins-bad-free, python-tornado, systemd, and thunderbird), Mageia (coreutils, deluge, glib2.0, and redis), Oracle (firefox, kernel, and systemd), Red Hat (firefox, kernel, kernel-rt, varnish, varnish:6, and zlib), SUSE (bind, curl, dnsdist, … ⌘ Read more

Tools and datasets to support, sustain, and secure critical digital infrastructure
Comments ⌘ Read more

Learning YARA: A Beginner SOC Analyst’s Notes

Image

Learn how to build a YARA-powered malware detection and automation system using n8n, GPT, and hybrid analysis tools. This hands-on guide…

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/learnin … ⌘ Read more

Using lots of little tools to aggressively reject the bots
Comments ⌘ Read more

Tools built on tree-sitter’s concrete syntax trees
Comments ⌘ Read more

Did you know about @panoramax@panoramax , “a federation offering geolocated street-level pictures”?

Pictures are offered through a decentralized architecture, with a set of free and open-source tools. In other words, it is “like a self-hosted Street View” that does not impose its own app and gives you the right to fork the server.

#fediverse #osm

Cool tools I’ve learned about this afternoon during #WikiConPT :

https://mapcomplete.org/
https://osm.wikidata.link

Thanks @waldyrious@waldyrious !

FOSS tools for infrastructure testing
Comments ⌘ Read more