equilibriumuk
@equilibriumuk.bsky.social
Writes Code · Breaks Hardware · 👹🎲 😇👀
🔑 Cyber Security
🐧 Linux
🧰 Electronics
⌨️ Programming
🖋️ Occasional Blogger @ equk.co.uk
🍵 Green Tea
☕ Black Coffee
🐮 Dairy Free
Webdev · JS, TS, Go, Rust 🦀
🔑 Cyber Security
🐧 Linux
🧰 Electronics
⌨️ Programming
🖋️ Occasional Blogger @ equk.co.uk
🍵 Green Tea
☕ Black Coffee
🐮 Dairy Free
Webdev · JS, TS, Go, Rust 🦀
Reposted by equilibriumuk
#rustlang hot take: We should rename .unwrap() to .or_panic(). (And .expect() to .or_panic_with().) "Unwrap" is a terrible name for the panicking function, especially since we also have things like .unwrap_or() and .unwrap_or_default() which never panic.
November 19, 2025 at 7:32 AM
#rustlang hot take: We should rename .unwrap() to .or_panic(). (And .expect() to .or_panic_with().) "Unwrap" is a terrible name for the panicking function, especially since we also have things like .unwrap_or() and .unwrap_or_default() which never panic.
Reposted by equilibriumuk
Scientists and scholars in AI and its social impacts call on von der Leyen to retract #AIHype statement.
@olivia.science
@abeba.bsky.social
@irisvanrooij.bsky.social
@alexhanna.bsky.social
@rocher.lc
@danmcquillan.bsky.social
@robin.berjon.com
& many others have signed
www.iccl.ie/press-releas...
@olivia.science
@abeba.bsky.social
@irisvanrooij.bsky.social
@alexhanna.bsky.social
@rocher.lc
@danmcquillan.bsky.social
@robin.berjon.com
& many others have signed
www.iccl.ie/press-releas...
Scientists call on the President of the European Commission to retract AI hype statement
Experts in AI call on the President of the European Commission to retract unscientific AI hype statement she made in the budget speech.
www.iccl.ie
November 10, 2025 at 9:48 AM
Scientists and scholars in AI and its social impacts call on von der Leyen to retract #AIHype statement.
@olivia.science
@abeba.bsky.social
@irisvanrooij.bsky.social
@alexhanna.bsky.social
@rocher.lc
@danmcquillan.bsky.social
@robin.berjon.com
& many others have signed
www.iccl.ie/press-releas...
@olivia.science
@abeba.bsky.social
@irisvanrooij.bsky.social
@alexhanna.bsky.social
@rocher.lc
@danmcquillan.bsky.social
@robin.berjon.com
& many others have signed
www.iccl.ie/press-releas...
just added more prefs to firefox after noticing 'ask ai chatbot' appear in context menu after update
user_pref("browser.ml.chat.page", false);
user_pref("browser.ml.chat.menu", false);
...
user_pref("browser.ml.chat.page", false);
user_pref("browser.ml.chat.menu", false);
...
Comparing 79a32b3..a19bac6 · equk/ffox_profile_tools
🦊 linux firefox profiles with security presets & userchrome styles - Comparing 79a32b3..a19bac6 · equk/ffox_profile_tools
github.com
October 25, 2025 at 11:08 AM
just added more prefs to firefox after noticing 'ask ai chatbot' appear in context menu after update
user_pref("browser.ml.chat.page", false);
user_pref("browser.ml.chat.menu", false);
...
user_pref("browser.ml.chat.page", false);
user_pref("browser.ml.chat.menu", false);
...
Reposted by equilibriumuk
Omg, the solution to CIA's Kryptos being discovered by someone becoming a subject matter expert, going on location, and finding the plaintext sitting in a vault several miles away is the absolute *perfect* ending to Kryptos. You couldn't write it. Just absolutely A+ www.nytimes.com/2025/10/16/s...
A C.I.A. Secret Kept for 35 Years Is Found in the Smithsonian’s Vault
www.nytimes.com
October 17, 2025 at 12:49 AM
Omg, the solution to CIA's Kryptos being discovered by someone becoming a subject matter expert, going on location, and finding the plaintext sitting in a vault several miles away is the absolute *perfect* ending to Kryptos. You couldn't write it. Just absolutely A+ www.nytimes.com/2025/10/16/s...
Reposted by equilibriumuk
#ESETresearch has discovered #HybridPetya ransomware on VirusTotal: a UEFI-compatible copycat of the infamous Petya/NotPetya malware. HybridPetya is capable of bypassing UEFI Secure Boot on outdated systems. www.welivesecurity.com/en/eset-rese... 1/8
www.welivesecurity.com
September 12, 2025 at 9:02 AM
#ESETresearch has discovered #HybridPetya ransomware on VirusTotal: a UEFI-compatible copycat of the infamous Petya/NotPetya malware. HybridPetya is capable of bypassing UEFI Secure Boot on outdated systems. www.welivesecurity.com/en/eset-rese... 1/8
Reposted by equilibriumuk
You've probably heard about the supply chain attack that affected a number of widely-used npm packages today.
tl;dr: Don't panic. Notes:
1. Svelte, SvelteKit and their associated packages are not vulnerable to this attack, as they do not use any of the compromised dependencies in the browser
tl;dr: Don't panic. Notes:
1. Svelte, SvelteKit and their associated packages are not vulnerable to this attack, as they do not use any of the compromised dependencies in the browser
September 8, 2025 at 7:58 PM
You've probably heard about the supply chain attack that affected a number of widely-used npm packages today.
tl;dr: Don't panic. Notes:
1. Svelte, SvelteKit and their associated packages are not vulnerable to this attack, as they do not use any of the compromised dependencies in the browser
tl;dr: Don't panic. Notes:
1. Svelte, SvelteKit and their associated packages are not vulnerable to this attack, as they do not use any of the compromised dependencies in the browser
Reposted by equilibriumuk
you may have heard about a supply chain attack on a number of packages distributed on npm. a quick update:
1. nuxt is not vulnerable.
we do not ship code into client/server from these particular packages (this attack required running in the browser)
www.aikido.dev/blog/npm-de...
1. nuxt is not vulnerable.
we do not ship code into client/server from these particular packages (this attack required running in the browser)
www.aikido.dev/blog/npm-de...
npm debug and chalk packages compromised
The popular packages debug and chalk on npm have been compromised with malicious code
www.aikido.dev
September 9, 2025 at 7:54 AM
you may have heard about a supply chain attack on a number of packages distributed on npm. a quick update:
1. nuxt is not vulnerable.
we do not ship code into client/server from these particular packages (this attack required running in the browser)
www.aikido.dev/blog/npm-de...
1. nuxt is not vulnerable.
we do not ship code into client/server from these particular packages (this attack required running in the browser)
www.aikido.dev/blog/npm-de...
imagine going to great lengths to inject malware which runs on the browser into nodejs packages ...
September 9, 2025 at 10:28 AM
imagine going to great lengths to inject malware which runs on the browser into nodejs packages ...
Reposted by equilibriumuk
🚨 Breaking: npm author Qix compromised. Malicious package versions published in projects that typically see hundreds of millions of downloads each week.
Details: socket.dev/blog/npm-aut...
Details: socket.dev/blog/npm-aut...
npm Author Qix Compromised in Major Supply Chain Attack - So...
npm author Qix’s account was compromised, with malicious versions of popular packages like chalk-template, color-convert, and strip-ansi published.
socket.dev
September 8, 2025 at 3:23 PM
🚨 Breaking: npm author Qix compromised. Malicious package versions published in projects that typically see hundreds of millions of downloads each week.
Details: socket.dev/blog/npm-aut...
Details: socket.dev/blog/npm-aut...
Reposted by equilibriumuk
Humblebundle to support World Central Kitchen, and get a bunch of my books from @tordotcom.bsky.social including Murderbot and Witch King! #booksky
www.humblebundle.com/books/martha...
www.humblebundle.com/books/martha...
Humble Book Bundle: Martha Wells' Murderbot and More by TOR
Fall in love with Martha Wells’ The Murderbot Diaries series—the engine behind the hit AppleTV adaptation—and help support World Central Kitchen.
www.humblebundle.com
August 24, 2025 at 2:57 AM
Humblebundle to support World Central Kitchen, and get a bunch of my books from @tordotcom.bsky.social including Murderbot and Witch King! #booksky
www.humblebundle.com/books/martha...
www.humblebundle.com/books/martha...
Reposted by equilibriumuk
it is still incredibly funny to me how “GamersNexus” remains one of the hardest-hitting voices in contemporary investigative journalism
August 23, 2025 at 3:08 AM
it is still incredibly funny to me how “GamersNexus” remains one of the hardest-hitting voices in contemporary investigative journalism
Reposted by equilibriumuk
We've spent 3 weeks in Asia investigating the AI GPU Black Market. We need your help finalizing this crazy story: www.youtube.com/watch?v=ltgy...
Detained by a Government & Probably Blacklisted by NVIDIA for Our Next Investigation
YouTube video by Gamers Nexus
www.youtube.com
August 9, 2025 at 2:56 AM
We've spent 3 weeks in Asia investigating the AI GPU Black Market. We need your help finalizing this crazy story: www.youtube.com/watch?v=ltgy...
Reposted by equilibriumuk
I imagined the Chatsubo in 1984. 41 years later I opened its door. Neuromancer is in production.
July 1, 2025 at 7:14 PM
I imagined the Chatsubo in 1984. 41 years later I opened its door. Neuromancer is in production.
Reposted by equilibriumuk
Consider a programmer looking at code they themselves wrote a year ago, now having to identify and fix a bug. They have to rebuild the mental model of what is going on, which is easier if they have already had a mental model of what is going on.
June 24, 2025 at 6:37 AM
Consider a programmer looking at code they themselves wrote a year ago, now having to identify and fix a bug. They have to rebuild the mental model of what is going on, which is easier if they have already had a mental model of what is going on.
Reposted by equilibriumuk
Reposted by equilibriumuk
wat...?
New authd users logging in via SSH are members of the root group
### Impact
When a user who hasn't logged in to the system before (i.e. doesn't exist in the authd user database) logs in via SSH, the user is considered a member of the root group in the context o...
github.com
June 16, 2025 at 6:44 PM
wat...?
Reposted by equilibriumuk
"Over four months, LLM users consistently underperformed at neural, linguistic, and behavioral levels."
arxiv.org/abs/2506.08872
arxiv.org/abs/2506.08872
Your Brain on ChatGPT: Accumulation of Cognitive Debt when Using an AI Assistant for Essay Writing Task
This study explores the neural and behavioral consequences of LLM-assisted essay writing. Participants were divided into three groups: LLM, Search Engine, and Brain-only (no tools). Each completed thr...
arxiv.org
June 15, 2025 at 12:33 PM
"Over four months, LLM users consistently underperformed at neural, linguistic, and behavioral levels."
arxiv.org/abs/2506.08872
arxiv.org/abs/2506.08872
Reposted by equilibriumuk
The Rust GCC backend can now fully bootstrap the Rust compiler. Excellent work from FractalFir in their GSoC (which starts in one week XD).
More information here: www.reddit.com/r/rust/comme...
More information here: www.reddit.com/r/rust/comme...
From the rust community on Reddit: [Media] The GCC compiler backend can now fully bootstrap the Rust compiler!
Explore this post and more from the rust community
www.reddit.com
May 23, 2025 at 7:16 PM
The Rust GCC backend can now fully bootstrap the Rust compiler. Excellent work from FractalFir in their GSoC (which starts in one week XD).
More information here: www.reddit.com/r/rust/comme...
More information here: www.reddit.com/r/rust/comme...
Reposted by equilibriumuk
"AI's gonna take your jobs"
May 22, 2025 at 7:52 AM
"AI's gonna take your jobs"
Reposted by equilibriumuk
📣 The rush to add AI into everything is a big threat to privacy, as we've been saying.
MS Recall's screenshotting everything is a (not) great example of exactly why.
So, Signal took steps to protect everyone using Signal on Windows 11 from Recall's privacy invasion.👇
signal.org/blog/signal-...
MS Recall's screenshotting everything is a (not) great example of exactly why.
So, Signal took steps to protect everyone using Signal on Windows 11 from Recall's privacy invasion.👇
signal.org/blog/signal-...
By Default, Signal Doesn't Recall
Signal Desktop now includes support for a new “Screen security” setting that is designed to help prevent your own computer from capturing screenshots of your Signal chats on Windows. This setting is a...
signal.org
May 21, 2025 at 5:08 PM
📣 The rush to add AI into everything is a big threat to privacy, as we've been saying.
MS Recall's screenshotting everything is a (not) great example of exactly why.
So, Signal took steps to protect everyone using Signal on Windows 11 from Recall's privacy invasion.👇
signal.org/blog/signal-...
MS Recall's screenshotting everything is a (not) great example of exactly why.
So, Signal took steps to protect everyone using Signal on Windows 11 from Recall's privacy invasion.👇
signal.org/blog/signal-...
Reposted by equilibriumuk
new #rustlang crate drop: iddqd! ID-based maps where keys are borrowed from values. Four maps are included: IdOrdMap, IdHashMap, a bijective (1:1) BiHashMap and a trijective (1:1:1) TriHashMap.
At Oxide we've found this pattern to be very useful. iddqd is no-std compatible, too!
docs.rs/iddqd
At Oxide we've found this pattern to be very useful. iddqd is no-std compatible, too!
docs.rs/iddqd
![use iddqd::{IdOrdMap, IdOrdItem, id_upcast};
#[derive(Debug)]
struct User {
name: String,
age: u8,
}
// Implement IdOrdItem so the map knows how to get the key from the value.
impl IdOrdItem for User {
// The key type can borrow from the value.
type Key<'a> = &'a str;
fn key(&self) -> Self::Key<'_> {
&self.name
}
id_upcast!();
}
let mut users = IdOrdMap::<User>::new();
// You must pick an insertion behavior. insert_unique returns an error if
// the key already exists.
users.insert_unique(User { name: "Alice".to_string(), age: 30 }).unwrap();
users.insert_unique(User { name: "Bob".to_string(), age: 35 }).unwrap();
// Lookup by name:
assert_eq!(users.get("Alice").unwrap().age, 30);
assert_eq!(users.get("Bob").unwrap().age, 35);
// Iterate over users:
for user in &users {
println!("User {}: {}", user.name, user.age);
}](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:sl3g3nhnad34sfhjnqdivbzd/bafkreiehx7zar5nmgjprieoppncgyoge423xexinhysxcxytcirvm3dw64@jpeg)
May 21, 2025 at 9:19 PM
new #rustlang crate drop: iddqd! ID-based maps where keys are borrowed from values. Four maps are included: IdOrdMap, IdHashMap, a bijective (1:1) BiHashMap and a trijective (1:1:1) TriHashMap.
At Oxide we've found this pattern to be very useful. iddqd is no-std compatible, too!
docs.rs/iddqd
At Oxide we've found this pattern to be very useful. iddqd is no-std compatible, too!
docs.rs/iddqd
Reposted by equilibriumuk
Oh my god, Copilot is allowed to create and fix issues on Microsoft github repos and it goes exactly as you'd have imagined.
Try going into any of these PRs commits to see poor Microsoft engineers try to coerce Copilot into doing literally anything right.
www.reddit.com/r/Experience...
Try going into any of these PRs commits to see poor Microsoft engineers try to coerce Copilot into doing literally anything right.
www.reddit.com/r/Experience...
From the ExperiencedDevs community on Reddit: My new hobby: watching AI slowly drive Microsoft employees insane
Explore this post and more from the ExperiencedDevs community
www.reddit.com
May 21, 2025 at 10:48 AM
Oh my god, Copilot is allowed to create and fix issues on Microsoft github repos and it goes exactly as you'd have imagined.
Try going into any of these PRs commits to see poor Microsoft engineers try to coerce Copilot into doing literally anything right.
www.reddit.com/r/Experience...
Try going into any of these PRs commits to see poor Microsoft engineers try to coerce Copilot into doing literally anything right.
www.reddit.com/r/Experience...
Reposted by equilibriumuk
I’m writing a series of posts about Hardcovers recent migration. The first one in the series was published yesterday!
Part 1: How We Fell Out of Love with Next.js and Back in Love with Ruby on Rails & Inertia.js
hardcover.app/blog/part-1-...
Part 1: How We Fell Out of Love with Next.js and Back in Love with Ruby on Rails & Inertia.js
hardcover.app/blog/part-1-...
Part 1: How We Fell Out of Love with Next.js and Back in Love with Ruby on Rails & Inertia.js - Hardcover Blog
A look at how and why we migrated from Next.js to Ruby on Rails.
hardcover.app
May 3, 2025 at 5:17 PM
I’m writing a series of posts about Hardcovers recent migration. The first one in the series was published yesterday!
Part 1: How We Fell Out of Love with Next.js and Back in Love with Ruby on Rails & Inertia.js
hardcover.app/blog/part-1-...
Part 1: How We Fell Out of Love with Next.js and Back in Love with Ruby on Rails & Inertia.js
hardcover.app/blog/part-1-...