Mastodon Feed
fromjason ("fromjason.xyz ❤️ 💻 ✍️ 🥐 🇵🇷") wrote:
I feel it coming on. I’m about to embark on the journey of completely revamping my notes and tasks systems.
Notion, Obsidian, iA Writer, and physical notebook here I come.
Mastodon FeedMastodon Feedbaldur@toot.cafe ("Baldur Bjarnason") wrote:
You also need to consider that the reporter in question is one of the more credulous pro-"AI" reporters around and whose coverage has been so PR-laden in the past that I know people who stopped reading Ars Technica specifically because of him (and maybe their super pro-Musk rocketry reporter).
Mastodon Feedbaldur@toot.cafe ("Baldur Bjarnason") wrote:
"Ars Technica Fires Reporter After AI Controversy Involving Fabricated Quotes"
https://futurism.com/artificial-intelligence/ars-technica-fires-reporter-ai-quotes
Seeing a lot of people assume that this reporter got fired for making one mistake during a sick day, something most people could see themselves doing
I think it's safe to assume that the reporter's version of events downplayed his culpability to a substantial degree
Mastodon Feedadam@social.lol ("Adam") wrote:
so is it safe to start using the sparkle emoji again or no
Mastodon FeedBoosted by soatok@furry.engineer ("Soatok Dreamseeker"):
tekhedd@byteheaven.net wrote:
@rusty__shackleford @soatok ROFLSTOMP!
The documentation clearly states that if the user supplies a string longer than MAX_PASSWORD_LEN, the buffers will overwrite system memory with the contents of the password, allowing remote shell access. This is not a bug, and changing it would mean I would have to write code. Plus I already wrote the docs.
Mastodon Feedjscalzi@threads.net ("John Scalzi") wrote:
And if you are about to say "okay, but these guys kind of did the absolute minimum, here": Yes! That's the point! Even the absolute minimum would have worked!
Mastodon Feedjscalzi@threads.net ("John Scalzi") wrote:
It's actually easy to avoid billionaires who are obvious moral hazards! Who knew!
https://www.science.org/content/article/meet-three-scientists-who-said-no-epstein
Mastodon FeedBoosted by soatok@furry.engineer ("Soatok Dreamseeker"):
iagondiscord@wetdry.world ("IAG") wrote:
@soatok @dalias @david_chisnall @inex my attitude towards the C code I write is "I make no security guarantees, this fucker probably leaks memory somewhere too, and if you want to use my code securely then I urge you to reconsider"
Mastodon FeedBoosted by soatok@furry.engineer ("Soatok Dreamseeker"):
ofeeg@cyberpunk.lol ("professional box/furniture thrower") wrote:
@soatok Someone mentioned libhydrogen as what you would use if you considered using monocypher, and I'd like to point out: Reading libhydrogen's code, they have very simple input validation that would be easily replicable here, and yet the developer says "No, it would break portability to check" ?????
Libhydrogen is portable, so ?????
Mastodon FeedBoosted by jscalzi@threads.net ("John Scalzi"):
chuck_wendig@threads.net ("Chuck Wendig") wrote:
Today is the paperback release of THE STAIRCASE IN THE WOODS and I talk about that and the book a little bit at the blog. Remember those? Blogs? Good times.
https://terribleminds.com/ramble/2026/03/03/out-now-the-staircase-in-the-woods-paperback-edition/
Mastodon Feedjscalzi@threads.net ("John Scalzi") wrote:
I guarantee you Jesus is staying the fuck away from your mess, Pete Hegseth
Mastodon FeedBoosted by soatok@furry.engineer ("Soatok Dreamseeker"):
xan@xantronix.social ("[HANDMAIDEN] xan") wrote:
@soatok @dalias @david_chisnall @inex not to toot my own horn or anything, it can be done, only because the following are not optional for me:
• Valgrind/Address Sanitizer
• gcov
• Obsessive use of RAII
• Insane number of testsand this philosophy must be present from the beginning. look at Monocypher...good lord
Mastodon Feedfromjason ("fromjason.xyz ❤️ 💻 ✍️ 🥐 🇵🇷") wrote:
And that's the really scary/upsetting thing.
Meta controls the entire tech stack, from data center, to fiber optic cables, computation, and software. Everything *except* consumer hardware.
If Meta can achieve market dominance on whatever the next iPhone will be, they'll have complete control over many peoples' lives.
Worse than what Apple has because glasses are a portal into our real lives. We are crossing over the horizon from logged-life to lived life.
Mastodon Feedfromjason ("fromjason.xyz ❤️ 💻 ✍️ 🥐 🇵🇷") wrote:
It would be really cool to see an open source, not-for-profit that attempts to develop inexpensive AR glasses for those with disabilities. Has anyone shoved a Raspberry Pi into a pair of glasses? lol
Thinking about it, wow this is a hard problem to solve. But it makes sense.
Meta is building a hardware moat. Zuck doesn't want to spend the next twenty years as a software company at the mercy of the next iPhone company. He wants that company to be Meta.
Mastodon FeedBoosted by cstanhope@social.coop ("Your weary 'net denizen"):
jalefkowit@vmst.io ("Jason Lefkowitz") wrote:
“Condé Nast-owned Ars Technica has terminated senior AI reporter Benj Edwards following a controversy over his role in the publication and retraction of an article that included AI-fabricated quotes, Futurism has confirmed.”
https://futurism.com/artificial-intelligence/ars-technica-fires-reporter-ai-quotes
Mastodon FeedBoosted by soatok@furry.engineer ("Soatok Dreamseeker"):
karl@infosec.exchange ("Karl") wrote:
@FritzAdalis @whyrl @pq1r @inex @soatok @paco in line with "personally, I would avoid the check"
Mastodon Feedpzmyers@freethought.online ("pzmyers 🕷") wrote:
Face it, once you reach a certain age, the news is one big serving of cancer. And you always feel like the wrong person is suffering.
https://freethoughtblogs.com/pharyngula/2026/03/03/goddamn-cancer-3/
Mastodon FeedBoosted by soatok@furry.engineer ("Soatok Dreamseeker"):
FritzAdalis@infosec.exchange ("Fritz Adalis") wrote:
@whyrl @pq1r @inex @soatok @paco
> The absence of input validation is core to the design of MonocypherWAT.
Mastodon Feedjsonstein@masto.deoan.org ("Jeff Sonstein") wrote:
truth
Mastodon Feedpzmyers@freethought.online ("pzmyers 🕷") wrote:
DO YOUR FUCKING JOB, WHITE HOUSE CORRESPONDENTS ASSOCIATION. They won't. Expect a boring evening of pandering, suck-uppery, and cowardice.
Mastodon FeedBoosted by soatok@furry.engineer ("Soatok Dreamseeker"):
SiteRelEnby@transfem.social ("Site Reliability Enby") wrote:
@lain@lain.com @soatok@furry.engineer @inex@pony.social
Sloccount counts under 2000 lines of code, small enough to allow audits. The binaries can be under 50KB, small enough for many embedded targets.
"Measuring software development by lines of code is like measuring aircraft design by weight"
Just that in this case, proving that too few is just as bad as too many.
Mastodon FeedBoosted by soatok@furry.engineer ("Soatok Dreamseeker"):
lain@lain.com ("lain, author of the quixote") wrote:
@inex @soatok
> The absence of input validation is core to the design of Monocypher???? why???
Mastodon FeedBoosted by soatok@furry.engineer ("Soatok Dreamseeker"):
wordshaper@weatherishappening.network ("Dan Sugalski") wrote:
@soatok good thing this code doesn’t have to operate in an adversarial environment. Something unfortunate could happen.
Mastodon FeedBoosted by soatok@furry.engineer ("Soatok Dreamseeker"):
charlotte@akko.chir.rs ("Charlotte :lotteheartplural:/Cinny :cinny_heart_plural: :thetadelta: :ursaminor: :treblesand: ") wrote:
@rusty__shackleford @soatok personally my raccryptography libraries should just randomly silently explode because i didn’t check something it extremely trivially could check itself
Mastodon FeedBoosted by soatok@furry.engineer ("Soatok Dreamseeker"):
wordshaper@weatherishappening.network ("Dan Sugalski") wrote:
@soatok Wait, so the entire input validation scheme is "don't call it wrong?"
That's... well, that's a choice you can make, I guess.
Mastodon FeedBoosted by soatok@furry.engineer ("Soatok Dreamseeker"):
mttaggart@infosec.exchange ("Taggart") wrote:
Claude is down again and I am seeing people basically go through withdrawal.
If you are feeling it, recognize it for what it is.
Mastodon Feedsoatok@furry.engineer ("Soatok Dreamseeker") wrote:
tfw you report issues, get dismissed by the maintainer, and then several other people go "wtf?" to the maintainer so you don't feel alone
EDIT: context -- https://furry.engineer/@soatok/116161297413483269
Mastodon FeedBoosted by soatok@furry.engineer ("Soatok Dreamseeker"):
rusty__shackleford ("Rusty Shackleford") wrote:
Holy shit
Attachments:
- gifv: e32eca397c430663.mp4
Mastodon FeedBoosted by soatok@furry.engineer ("Soatok Dreamseeker"):
f4grx@chaos.social ("F4GRX Sébastien") wrote:
@lady_alys @soatok using crypto is difficult, even more so when you voluntarily don't validate inputs. Oh my dog. This lib should be in a kind of oss security blacklist!
Mastodon FeedBoosted by soatok@furry.engineer ("Soatok Dreamseeker"):
f4grx@chaos.social ("F4GRX Sébastien") wrote:
@soatok
> closed as not planned.
Lmao.> The absence of input validation is core to the design of Monocypher, and Well documented. This allows Monocypher to simplify error handling and maximise portability. What you found was normal and expected.
Oh my dog