Gerald Benischke
LightNews LightNews
banner
beny23.github.io
Gerald Benischke
@beny23.github.io
3K followers 890 following 1K posts
Maker, breaker and fixer of software. Adventures in #appsec and #agile: beny23.github.io he/him
Posts Replies Media Videos
beny23.github.io
In this edition, we hear about how to break US tech dominance, how your mate's phone can infect your TV when they pop round and some more AI insecurities. #weaklylink

beny23.github.io/posts/weakly...
Weakly Link 26/02
My post is a little late this week as I went away with the scouts. Everyone else was in the bunkhouse, I was in a tent. Something about ratios. And I brought the summer sleeping bag. Freezing. Alone. ...
beny23.github.io
January 12, 2026 at 1:04 AM
beny23.github.io
Needing to throttle Pro and Business while Pro+ and Enterprise is fine? Sounds like a cost saving incident to me ;-)
GitHub status page: Some models missing in Copilot Subscribe Update - We continue to investigate. We'll post another update by 19:50 UTC. Jan 07, 2026 - 19:29 UTC Update - Correction - Copilot Pro and Business users are impacted. Copilot Pro+ and Enterprise users are not impacted. Jan 07, 2026 - 19:10 UTC Update - We continue to investigate this problem and have confirmed only Copilot Business users are impacted. We'll post another update by 19:30 UTC. Jan 07, 2026 - 19:06 UTC Update - We are currently investigating reports of some Copilot Pro premium models including Opus and GPT 5.2 being unavailable in Copilot products. We'll post another update by 19:08 UTC. Jan 07, 2026 - 18:44 UTC Update - We have received reports that some expected models are missing from VSCode and other products using Copilot. We are investigating the cause of this to restore access. Jan 07, 2026 - 18:33 UTC Xkcd excuse comic modified to THE #I EVERYONE EXCUSE FOR LEGITIMATELY SLACKING OFF: "YOU'RE ABSOLUTELY RIGHT." HEY! GET BACK TO WORK! MODELS DOWN! OH. CARRY ON.
January 7, 2026 at 7:42 PM
beny23.github.io
Learning from history has never been humanities strong point ;-)

No GenAI doesn’t solve the coding bottleneck.

Very enjoyable piece by Rob! Might just have to print it out and roll up. Would make a good stick to beat people with… (in a non-aggressive way of course)
robbowley.net Rob Bowley @robbowley.net · 5d
Even in the punchcard and batch era, coding was not the main bottleneck with software delivery.

You may have read 1st version of this already - I've significantly updated/re-written, going back to the 1940s.

Full timeline below 👇

blog.robbowley.net/2026/01/05/c...
Coding has never been the bottleneck | Rob Bowley
blog.robbowley.net
January 7, 2026 at 12:06 PM
Reposted by Gerald Benischke
paultassi.bsky.social
greetings from hell
January 4, 2026 at 7:11 PM
beny23.github.io
Like any blog post at New Year’s, we’ll be looking to the future. We’ll also check our assumptions and we’ve got some security content before looking at a website to destroy all websites.

beny23.github.io/posts/weakly...

#weaklylink #linkblog
Weakly Link 26/01
Like any blog post at New Year’s, we’ll be looking to the future. We’ll also check our assumptions and we’ve got some security content before looking at a website to destroy all websites. I did like t...
beny23.github.io
January 3, 2026 at 12:51 PM
beny23.github.io
Smash the social media oligopoly!
strange.website henry ✷ @strange.website · 10d
you’re right! it feels mostly awful to Go Online™, these days. the internet in a sad state, for reason after reason after reason. but there is a way to fix it; to trade the voidful howling for a quiet & joyful song.

here’s how to win the war for the soul of the internet, and build the Web We Want.
A Website To End All Websites | Henry From Online
How to win the war for the soul of the internet, and build the Web We Want.
henry.codes
January 2, 2026 at 12:07 AM
beny23.github.io
“The oxygen of publicity this year has mostly been consumed by our two-lettered friend, AI. There's no reason to think this will change in 2026. [..] here's a world where that's not true, a world where other things are happening that will shape the future. We like to call it the real world...”

🤣👏
December 30, 2025 at 6:42 PM
beny23.github.io
In this festive edition we do what we usually do during the holidays: focus on the latest vulnerabilities that ruin our Christmas and some advice on slowing things down. Enjoy!

beny23.github.io/posts/weakly...
Weakly Link 25/52
To those who celebrate the festivals either end of the last 7 days of the year: Happy <insert here>! This time round, there’s not one, but two bleeding fails in security, some interesting protections,...
beny23.github.io
December 28, 2025 at 10:54 AM
Reposted by Gerald Benischke
filippo.abyssdomain.expert
At the gpg.fail talk and omg #39c3

You can just put a \0 in the Hash: header and then newlines and inject text in a cleartext message.

Won’t even blame PGP here. C is unsafe at any speed.

gpg has not fixed it yet.
December 27, 2025 at 4:31 PM
Reposted by Gerald Benischke
ollieatnowhere.bsky.social
Weekly summary is out...

ctoatncsc.substack.com/p/cto-at-ncs...
CTO at NCSC Summary: week ending December 28th
Addressing fundamentals move dials - be it architectures (cross-domain, privileged access workstations etc), approaches (external attack surface management, deception), or solutions (passkeys).
ctoatncsc.substack.com
December 27, 2025 at 8:26 AM
Reposted by Gerald Benischke
doublepulsar.com
patch ye MongoDB, there's an exploit for a vuln which has been in the product for over a decade that allows the remote, unauth read of any memory - which includes plaintext creds.

Somebody posted an exploit on Christmas Day, Merry Christmas!

doublepulsar.com/merry-christ...
Merry Christmas Day! Have a MongoDB security incident.
Somebody from Elastic Security decided to post an exploit for CVE-2025–14847 on Christmas Day.
doublepulsar.com
December 26, 2025 at 10:57 PM
beny23.github.io
The American anus horribilis, wonder who that refers to ;-)
princess-vimentin.bsky.social Princess Vimentin PhD | Cancer Biologist @princess-vimentin.bsky.social · 19d
2025 is definitely the American annus horribilis.

The WH website spreads misinformation about the origins of Covid. The CDC denies real data about vaccines/autism. ACIP does not support Hep B vaccines for babies. Measles/pertussis outbreaks. #NIH is politicized.
🧪 www.thelancet.com/journals/lan...
2025: an annus horribilis for health in the USA
The US Advisory Committee on Immunization Practices vote on Dec 5 to no longer recommend the hepatitis B vaccine birth dose, which had ensured that babies exposed to hepatitis B would not later develo...
www.thelancet.com
December 23, 2025 at 5:35 PM
Reposted by Gerald Benischke
saraghadams.bsky.social
Let's play Who Said It, AI Hyper or The Borg?

"Embrace the inevitable."

"Knowledge is irrelevant unless shared."

"We are the future."

"This is the next stage of evolution."

"Your resources will be repurposed."

"We are the sum of all species."

"Your technology is obsolete."
December 21, 2025 at 4:07 PM
beny23.github.io
In this week's link collection, we look at incidents, get another SVG surprise and we've got good, bad and ugly stories about vibe coding.

beny23.github.io/posts/weakly...
Weakly Link 25/51
This week we’re looking through a mix of security and AI once more. Because tech is nothing but those two topics, right? Right? Anyway, I am often travelling on the train or stay in hotels these days,...
beny23.github.io
December 21, 2025 at 1:21 PM
Reposted by Gerald Benischke
robinince.bsky.social
Very sad that I felt I had no choice but to resign from The Infinite Monkey Cage - a victory for the transphobes and other bigots - I did it because so much of the media has chosen to believe the kind and empathetic people are a fiction - they are real and so often unrepresented.
This is the saddest day of my professional life. Today is not only the final recording of the latest series of The Infinite Monkey Cage, it is my last ever Monkey Cage. I never thought that I would have to leave the show. I always imagined going on until | dropped dead under the studio lights due to a brain aneurysm caused by my final attempt to understand notions of quantum gravity or the shock of being told about fly maggot infestations in the sacks of macaque monkeys. I resigned in September, after sixteen years of dedication to the show, A show that I named and helped develop over all those years. Unfortunately, my opinions outside the BBC have been considered problematic for sometime, whether it has been voicing support for the trans community, criticism of Donald Trump, numerous other outlandish opinions, including once gently criticising Stephen Fry. These things were considered to conflict with being a freelance BBC science presenter In a recent meeting where BBC Studio executives again voiced problems with me, I realised my choices. Obedience and being quieter to remain making Monkey Cage, or 'Resign and have the freedom to speak out against what I believe are injustices'. • I chose the latter. It broke my heart. I love this show and I love the audience, and it is because of the audience in particular, that this decision was so difficult to make. I kept thinking about all the extremist voices promoting hate and division. They are being given so many platforms, while voices that represent kindness, open mindedness, empathy seem to be scarcer and scarcer. I felt I couldn't pamper myself with the luxury of silence. One of my many privileges is that I am able to resign and I can speak out even if it is to the detriment of my career. I have thought a lot about my heroes, Sinead O Connor, James Baldwin, Audre Lorde, and so many more. I think of Sinead's words, "the job of an artist is to be themselves at any cost". James Baldwin said prejudice was really just a word for cowardice. Audre Lorde, viewing her life, wrote that her only regrets were her silences. I think of my father as I resign, he brought me up to believe in fairness , justice and kindness. Though my heart is broken, it is also full of fire. I apologise to our incredible listeners for my departure, your love of the show means a great deal. I am so sorry to let you down. I hope that you can understand my reasoning. I have to accept that I am not what the current BBC expects of their freelance presenters. Despite this I should add that I have always worked far more than my contracted hours to try and ensure the show was always the best it could be, as well as making myself accessible and responsive to the audience wherever and whenever I met them. Every night, we have recorded, I have been filled with determination to make the best show possible. This was not "just a job" I hope that with my departure I can be a better ally to the LGBTQ community, to the neurodivergent community, to activists fighting against those who aim to brutalise society, to those currently in prison on hunger strike, and to all those who fight for a more inclusive world. From many conversations, I know there are many Monkey Cage listeners who support these communities and activists too. The strawberry is dead. Long live the strawberry. B
December 13, 2025 at 12:02 AM
beny23.github.io
@quinnypig.com in @theregister.com writing about an AWS keynote. Has snarkmas come early? www.theregister.com/2025/12/08/a...
AWS re:Invent keynote: Matt Garman bores, then thrills
: But the 25 announcements in the last 10 minutes included a few well worth waiting for
www.theregister.com
December 13, 2025 at 11:11 AM
beny23.github.io
This week, we celebrate Let's Encrypt's birthday, look at exotic vulnerabilities and get serious about the exploitative nature of GenAI. #WeaklyLink beny23.github.io/posts/weakly...
beny23.github.io
December 11, 2025 at 10:31 PM
beny23.github.io
The latest weakly link reacts to react4shell and finds coffee will prevent the rise of the machines. beny23.github.io/posts/weakly...
Weakly Link 25/49
This week, we’re talking about React4shell. The latest in the 4shell family of vulnerabilities. What does 4shell mean? Usually that it’s possible to do RCE (Remote Code Execution) based on an applicat...
beny23.github.io
December 8, 2025 at 12:46 AM
beny23.github.io
This week’s link blog is an odd mixture about sandworms, supply chains and basically how everything is broken anyway. And then (after all the naughtiness) let’s end on something nice.

beny23.github.io/posts/weakly...
Weakly Link 25/48
This week is an odd mixture about sandworms, supply chains and basically how everything is broken anyway. And then (after all the naughtiness) let’s end on something nice. Thumped by a Sandworm Sha1 H...
beny23.github.io
December 1, 2025 at 1:11 AM
beny23.github.io
These words are insulting to weasels.
gerritd.bsky.social Gerrit De Vynck @gerritd.bsky.social · Nov 25
Additionally, OpenAI argues its not liable because Raine, by using ChatGPT for self-harm, broke its terms of service
November 26, 2025 at 9:11 AM
beny23.github.io
This week on my link blog: bureaucracy, bugs, reliability and those pesky 5 nines.

beny23.github.io/posts/weakly...
Weakly Link 25/47
This week there have been some interesting bugs. Or interest in bugs. Bugs It was Cloudflare’s turn to break the internet. As per usual, the transparency on display is rather cool. It was rather inter...
beny23.github.io
November 24, 2025 at 1:57 AM
beny23.github.io
Oh no, what will @kevlin.bsky.social do now?

www.theregister.com/2025/11/18/w...
Windows Digital Signage mode hides BSoDs after 15 seconds
: BORK is borked
www.theregister.com
November 19, 2025 at 8:34 AM
beny23.github.io
It’s wasn’t DNS. Wait what?!?

blog.cloudflare.com/18-november-...
Cloudflare outage on November 18, 2025
Cloudflare suffered a service outage on November 18, 2025. The outage was triggered by a bug in generation logic for a Bot Management feature file causing many Cloudflare services to be affected.
blog.cloudflare.com
November 19, 2025 at 8:02 AM
beny23.github.io
Unite in opposition?
BBC news headline: LIVE Home secretary says asylum reforms will 'unite a divided country' as full plans published
November 17, 2025 at 4:39 PM