ℵ₁
LightNews LightNews
banner
aleph1.underground.org
ℵ₁
@aleph1.underground.org
570 followers 160 following 330 posts
Posts Replies Media Videos
Reposted by ℵ₁
dfeldman.org
did you know standard barcodes almost ended up being round instead of square?
bullseye-shaped barcode
November 24, 2025 at 7:29 AM
Reposted by ℵ₁
boblord.bsky.social
📢 Announcing hacklore.org 📢

It’s time to retire outdated cyber advice! More than 80 cybersecurity veterans have signed an open letter urging a shift from folklore to guidance that actually helps people avoid the most common attacks. 🔐

Blog: medium.com/@boblord/let...

Site: www.hacklore.org
Stop Hacklore!
hacklore.org
November 24, 2025 at 3:05 PM
Reposted by ℵ₁
lookitup.baby
It was the GOAT. See?
November 24, 2025 at 2:03 AM
aleph1.underground.org
This is a worse case scenario for a security product meant as an isolation boundary.
Azure Bastion CVE-2025-49752: Brief Summary of Critical Elevation of Privilege Vulnerability - ZeroPath Blog
This post provides a brief summary of CVE-2025-49752, a critical authentication bypass vulnerability in Azure Bastion. It covers technical details, affected versions, and vendor security history based...
zeropath.com
November 23, 2025 at 9:56 PM
Reposted by ℵ₁
ernie.tedium.co
If you have been sharing that Malwarebytes article on the Gmail thing, you should note the giant correction up top.

www.malwarebytes.com/blog/news/20...
Update November 22. We’ve updated this article after realising we contributed to a perfect storm of misunderstanding around a recent change in the wording and placement of Gmail’s smart features. The settings themselves aren’t new, but the way Google recently rewrote and surfaced them led a lot of people (including us) to believe Gmail content might be used to train Google’s AI models, and that users were being opted in automatically. After taking a closer look at Google’s documentation and reviewing other reporting, that doesn’t appear to be the case. Gmail does scan email content to power its own “smart features,” such as spam filtering, categorisation, and writing suggestions. But this is part of how Gmail normally works and isn’t the same as training Google’s generative AI models. Google also maintains that these feature settings are opt-in rather than opt-out, although users’ experiences seem to vary depending on when and how the new wording appeared. It’s easy to see where the confusion came from. Google’s updated language around “smart features” is vague, and the term “smart” often implies AI—especially at a time when Gemini is being integrated into other parts of Google’s products. When the new wording started appearing for some users without much explanation, many assumed it signalled a broader shift. We’ve revised this article to reflect what we can confirm from Google’s documentation, as it’s always been our aim to give readers accurate, helpful guidance.
November 22, 2025 at 9:44 PM
Reposted by ℵ₁
eliothiggins.bsky.social
Google NotebookLM just added a NanoBanana powered infographics feature, which seems pretty impressive so far. Here's an example based on some recent work of mine:
November 22, 2025 at 11:15 PM
Reposted by ℵ₁
ence.bsky.social
We spent a year investigating billionaires for @washingtonpost.com.

We found: the wealthiest 100 Americans gave $1.1 billion to influence the 2024 elections — 140x more than they did in 2000. And almost all of that giving boosted Republicans.

washingtonpost.com/politics/int...
November 21, 2025 at 2:56 PM
Reposted by ℵ₁
meodai.bsky.social
What if color harmonies were a continuum? Not fixed rules, and you could glide through them just by interpolating?
November 22, 2025 at 12:15 AM
Reposted by ℵ₁
timkellogg.me
Software 2.0 relies on validation

If your code base doesn’t have verification & controls that are as good or better than your senior dev, you’ll get slop
A large pink slide fills most of the image, displayed in a bright glass-walled auditorium. A presenter stands beneath it on a red circular carpet, wearing a dark T-shirt and dark pants, holding a clicker. Slide title (top, in large red text): “The Problem: Most Codebases Lack Sufficient Verifiability” Subheading in smaller text: “Humans work around incomplete infrastructure. AI agents cannot.” The slide is divided into two rounded pink boxes: ⸻ Left box: “What Humans Can Handle” A bulleted list in red text: • 60% test coverage (“I’ll test manually”) • Outdated docs (“I’ll ask the team”) • No linters/formatters (“I’ll review it”) • Flaky builds (“I’ll retry”) • Complex setup (“I’ll help onboard”) • Missing observability (“Check logs”) • No security scanning (“We’ll catch it later”) • Inconsistent patterns (“I know the history”) ⸻ Right box: “What Breaks AI Agents” Bulleted list with each line marked by a red “X”: • No tests → can’t validate correctness • Outdated docs → makes wrong assumptions • No quality checks → generates bad code • Flaky builds → can’t verify changes • Complex setup → can’t reproduce environment • No observability → can’t debug failures • No security checks → introduces vulnerabilities • No standards → creates inconsistency ⸻ At the bottom in a wide pink bar: “Most organizations have partial infrastructure across the eight pillars. AI agents need systematic coverage to succeed.” Tall windows behind the stage reveal greenery and modern architecture outside.
November 21, 2025 at 7:12 PM
Reposted by ℵ₁
timkellogg.me
truth hurts
A large slide fills most of the image, projected in a modern glass-walled auditorium. The slide has a pink background with bold red text at the top: “Managers have been vibe coding forever” Below is a bulleted list in plain red text: • tell dev to implement a new feature (vibe coding) • dev makes changes to code • manager tests app • manager does not read the code • manager complains about bugs • dev makes changes to fix bugs • manager doesn’t read the code (again) • dev says “done, by now” • manager says “gj but be faster next time” or insults the living hell out of the dev In the lower-left foreground, a speaker stands behind a black podium labeled: AI Engineer Code Summit Presented by Google DeepMind The room is bright with floor-to-ceiling windows behind the stage showing greenery and modern architecture outside.
November 21, 2025 at 5:21 PM
Reposted by ℵ₁
reichlinmelnick.bsky.social
THREAD: Judge Ellis is the first federal judge to review extensive body cam video of DHS's actions in Chicago. She finds that DHS *repeatedly* misled the public and made claims that were disproven by agents' own videos.

I'll go through some of the most egregious ones here.
II. Credibility The Court next addresses the credibility of the parties’ evidence and witnesses. After reviewing all the evidence submitted to the Court and listening to the testimony elicited at the preliminary injunction hearing, during depositions, and in other court proceedings, the Court finds Defendants’ evidence simply not credible. [FN 6] Plaintiffs submitted a mountain of evidence, providing the Court with over eighty declarations, numerous videos and articles, and other evidence. Defendants did not rebut anything that Plaintiffs set forth in their declarations or testimony, even with BWC footage. [FN 6] In another case considering some of the same evidence presented to this Court, another court in this district also found that the perceptions of certain of Defendants’ declarants, such as Hott and Parra, were not reliable. See Illinois v. Trump, No. 25-cv-12174, 2025 WL 2886645, at *5 (N.D. Ill. Oct. 10, 2025) (noting a “troubling trend of Defendants’ declarants equating protests with riots and a lack of appreciation for the wide spectrum that exists between citizens who are observing, questioning, and criticizing their government, and those who are obstructing, assaulting, or doing violence”), motion to stay denied in part, 155 F.4th 929 (7th Cir. 2025).
November 20, 2025 at 11:04 PM
aleph1.underground.org
This is beautiful.
elgofo.fr El GoFo 🅅 🎣 @elgofo.fr · 4d
Just saw an extended version
November 20, 2025 at 11:57 PM
Reposted by ℵ₁
emollick.bsky.social
Tell all the truth but tell it slant—
Success in Circuit lies
Too bright for our infirm Delight
The Truth's superb surprise

This paper finds poetry is a universal single shot jailbreak for LLMs. Systems built to stop prosaic attacks fail when the request is phrased in verse arxiv.org/abs/2511.15304
November 20, 2025 at 9:47 PM
Reposted by ℵ₁
merriam-webster.com
Autocorrect has become our worst enema.
November 19, 2025 at 10:04 PM
Reposted by ℵ₁
rahaeli.bsky.social
The four horsemen of internet service outages are DNS, BGP, the Greater American Cable Seeking Backhoe, and a fucked up config file getting propagated through the network, and the result is in: the fourth horseman is what got Cloudflare this time blog.cloudflare.com/18-november-...
Cloudflare outage on November 18, 2025
Cloudflare suffered a service outage on November 18, 2025. The outage was triggered by a bug in generation logic for a Bot Management feature file causing many Cloudflare services to be affected.
blog.cloudflare.com
November 19, 2025 at 5:57 PM
Reposted by ℵ₁
sifu.tweety.fish
cloudflare's on-duty IT staff bangs on the doors which I have padlocked from the inside as I calmly break open lava lamp after lava lamp and drink the contents
November 18, 2025 at 1:59 PM
aleph1.underground.org
A substantial portion of the traffic to Google is not search use cases where a user seeks to find a destination. Rather, they are "question answering" use cases. And LLMs are the ultimate question answering machine.

1/
klonick.bsky.social Kate Klonick @klonick.bsky.social · 6d
But that is a different thread.

My main point, and this is a genuine question, is I cannot understand for the life of me WHY GOOGLE WOULD DO THIS?

Because in addition to Google making money on search result ads, it also owns an estimated +50% of the global digital ad revenue market GENERALLY

13/
November 18, 2025 at 9:59 PM
Reposted by ℵ₁
boblord.bsky.social
Dear Lazyweb: What's the current state of encrypted DNS with modern browsers/OSs? Links welcome!

(boot for reach, SVP!🙏 )
November 18, 2025 at 2:13 AM
aleph1.underground.org
This tracks.
Bovino became a voracious reader in high school, devouring books by everyone from historian Robert Service to the frontier stories of Louis L'Amour, the sister said. He grew obsessed with one title in particular, Starship Troopers, a military Sci-Fi novel by Robert Heinlein from 1959 imagining an interstellar war between humanity and alien bugs. 'Now he reads Starship Troopers once a year,' his sister told the Daily Mail.
November 18, 2025 at 12:44 AM
Reposted by ℵ₁
thedeerwhisperer.bsky.social
The Rainbow Ice Cave, Mt Rainier National Park, Washington
📸Mathew Nichols
Rainbow colored ice cave
November 15, 2025 at 2:52 AM
Reposted by ℵ₁
eatonphil.bsky.social
Turns out you can communicate across containers via 63-bits of available space in a shared lock you acquire on /proc/self/ns/time that all processes have access to.

No networking required. The post has a demo of a chat app communicating across unprivileged containers.

h4x0r.org/funreliable/
November 12, 2025 at 2:35 PM
Reposted by ℵ₁
simonwillison.net
Another banger from Singer Sound System, this time a cover of Bowie's The Man Who Sold The World on sewing machine powered hurdy-gurdy with attached theremin www.tiktok.com/@singersound...
The Man Who Sold The World // @David Bowie I've had this melody stuck in my head for a while! Do you remember which video game used it 😜? #hurdygurdy #sewinggurdy #cover #nirvana #metalgearsolid...
TikTok video by SingerSoundSystem
www.tiktok.com
October 19, 2025 at 3:45 PM
Reposted by ℵ₁
mantzarlis.com
NEW on @indicator.media: A first *full-scale* comparison of Grokipedia v Wikipedia.

Last week the awesome @harold.bsky.social rocked up to my desk bearing gifts.

Hal had collected almost all 900K Grokipedia entries and compared them to their Wikipedia equivalents for text and citation similarity.
Grokipedia cites a Nazi forum and fringe conspiracy websites
A site-wide comparison with Wikipedia sheds light on what Elon Musk is trying to do
indicator.media
November 13, 2025 at 1:12 PM
aleph1.underground.org
Clapton is a patsy. Bob Marley is the man they want.
malwarejake.bsky.social Jake Williams @malwarejake.bsky.social · 12d
BREAKING: Eric Clapton suspended from BlueSky for 72 hours for shooting the sheriff.

BlueSky mods said he would have been permanently banned, but he showed restraint by not shooting the deputy.
November 12, 2025 at 11:13 PM
Reposted by ℵ₁
ditzkoff.bsky.social
Joyce Carol Oates quoting a tweet that says “wherever he [Elon Musk] goes, he wants to leave”: "wherever he goes, he wants to leave"-- that's because when he gets there, he has brought his own self along; & whatever club he's invited to join has been devalued by the invitation. Boy watching Homer beat up the krusty burglar: Stop! He’s already dead!
November 11, 2025 at 2:56 AM