equilibriumuk
LightNews LightNews
banner
equilibriumuk.bsky.social
equilibriumuk
@equilibriumuk.bsky.social
39 followers 100 following 9 posts
Writes Code · Breaks Hardware · 👹🎲 😇👀 🔑 Cyber Security 🐧 Linux 🧰 Electronics ⌨️ Programming 🖋️ Occasional Blogger @ equk.co.uk 🍵 Green Tea ☕ Black Coffee 🐮 Dairy Free Webdev · JS, TS, Go, Rust​ 🦀
Posts Media Videos Starter Packs
equilibriumuk.bsky.social
equilibriumuk @equilibriumuk.bsky.social · 10d
just added more prefs to firefox after noticing 'ask ai chatbot' appear in context menu after update

user_pref("browser.ml.chat.page", false);
user_pref("browser.ml.chat.menu", false);

...
Comparing 79a32b3..a19bac6 · equk/ffox_profile_tools
🦊 linux firefox profiles with security presets & userchrome styles - Comparing 79a32b3..a19bac6 · equk/ffox_profile_tools
github.com
Reposted by equilibriumuk
pwnallthethings.bsky.social
Pwnallthethings @pwnallthethings.bsky.social · 18d
Omg, the solution to CIA's Kryptos being discovered by someone becoming a subject matter expert, going on location, and finding the plaintext sitting in a vault several miles away is the absolute *perfect* ending to Kryptos. You couldn't write it. Just absolutely A+ www.nytimes.com/2025/10/16/s...
A C.I.A. Secret Kept for 35 Years Is Found in the Smithsonian’s Vault
www.nytimes.com
27 240 970
Reposted by equilibriumuk
esetresearch.bsky.social
ESET Research @esetresearch.bsky.social · Sep 12
#ESETresearch has discovered #HybridPetya ransomware on VirusTotal: a UEFI-compatible copycat of the infamous Petya/NotPetya malware. HybridPetya is capable of bypassing UEFI Secure Boot on outdated systems. www.welivesecurity.com/en/eset-rese... 1/8
www.welivesecurity.com
1 11 11
Reposted by equilibriumuk
svelte.dev
Svelte @svelte.dev · Sep 8
You've probably heard about the supply chain attack that affected a number of widely-used npm packages today.

tl;dr: Don't panic. Notes:

1. Svelte, SvelteKit and their associated packages are not vulnerable to this attack, as they do not use any of the compromised dependencies in the browser
1 12 88
Reposted by equilibriumuk
nuxt.com
Nuxt @nuxt.com · Sep 9
you may have heard about a supply chain attack on a number of packages distributed on npm. a quick update:

1. nuxt is not vulnerable.

we do not ship code into client/server from these particular packages (this attack required running in the browser)

www.aikido.dev/blog/npm-de...
npm debug and chalk packages compromised
The popular packages debug and chalk on npm have been compromised with malicious code
www.aikido.dev
1 11 32
equilibriumuk.bsky.social
equilibriumuk @equilibriumuk.bsky.social · Sep 9
imagine going to great lengths to inject malware which runs on the browser into nodejs packages ...
Reposted by equilibriumuk
socket.dev
Socket @socket.dev · Sep 8
🚨 Breaking: npm author Qix compromised. Malicious package versions published in projects that typically see hundreds of millions of downloads each week.

Details: socket.dev/blog/npm-aut...
npm Author Qix Compromised in Major Supply Chain Attack - So...
npm author Qix’s account was compromised, with malicious versions of popular packages like chalk-template, color-convert, and strip-ansi published.
socket.dev
2 25 31
Reposted by equilibriumuk
marthawells.com
Martha Wells @marthawells.com · Aug 24
Humblebundle to support World Central Kitchen, and get a bunch of my books from @tordotcom.bsky.social including Murderbot and Witch King! #booksky

www.humblebundle.com/books/martha...
Humble Book Bundle: Martha Wells' Murderbot and More by TOR
Fall in love with Martha Wells’ The Murderbot Diaries series—the engine behind the hit AppleTV adaptation—and help support World Central Kitchen.
www.humblebundle.com
25 1.1K 1.6K
Reposted by equilibriumuk
elizas.website
eliza🌻 @elizas.website · Aug 23
it is still incredibly funny to me how “GamersNexus” remains one of the hardest-hitting voices in contemporary investigative journalism
Gamers Nexus 9 hours ago Bloomberg filed an illegitimate copyright strike against our 3.5-hour movie for a clip we used of the US President speaking. This was especially bizarre since their copyright claim timestamp includes our scripting and voice over recorded in our studio while we show screenshots of websites. Turns out, it's easy to do a day trip to New York. It was amusing to hear a rank-and-file Bloomberg employee express an opinion that we were within fair use. Video soon.
4 21 130
Reposted by equilibriumuk
gamersnexus.bsky.social
gamersnexus.bsky.social @gamersnexus.bsky.social · Aug 9
We've spent 3 weeks in Asia investigating the AI GPU Black Market. We need your help finalizing this crazy story: www.youtube.com/watch?v=ltgy...
Detained by a Government & Probably Blacklisted by NVIDIA for Our Next Investigation
YouTube video by Gamers Nexus
www.youtube.com
4 49 150
Reposted by equilibriumuk
greatdismal.bsky.social
William Gibson @greatdismal.bsky.social · Jul 1
I imagined the Chatsubo in 1984. 41 years later I opened its door. Neuromancer is in production.
310 1.9K 7.4K
Reposted by equilibriumuk
pookleblinky.bsky.social
Pookleblinky @pookleblinky.bsky.social · Jun 24
Consider a programmer looking at code they themselves wrote a year ago, now having to identify and fix a bug. They have to rebuild the mental model of what is going on, which is easier if they have already had a mental model of what is going on.
6 130 690
Reposted by equilibriumuk
thelouvreof.bsky.social
The Louvre of Bluesky @thelouvreof.bsky.social · Jun 17
Bill Mitchell @askbillmitchell.bsky.social • 20h Signal will some sort of LLM integration in it soon. Meredith Whittaker @meredithmeredith.b... • 11h No •• • Bill Mitchell @askbillmitchell.bsky.social • 6h They will, likely be timing up with Anthropic's Claude or Perplexity, but its coming. The engineers have already began laying out the ground work for such support. ••• Meredith Whittaker @meredithmeredith.bs... • 5h ...he says to Signal's president
130 2K 11K
Reposted by equilibriumuk
ariadne.space
Ariadne Conill 🐰 @ariadne.space · Jun 16
wat...?
New authd users logging in via SSH are members of the root group
### Impact When a user who hasn't logged in to the system before (i.e. doesn't exist in the authd user database) logs in via SSH, the user is considered a member of the root group in the context o...
github.com
4 13 37
Reposted by equilibriumuk
dryohanjohn.bsky.social
Yohan J John @dryohanjohn.bsky.social · Jun 15
"Over four months, LLM users consistently underperformed at neural, linguistic, and behavioral levels."

arxiv.org/abs/2506.08872
Your Brain on ChatGPT: Accumulation of Cognitive Debt when Using an AI Assistant for Essay Writing Task
This study explores the neural and behavioral consequences of LLM-assisted essay writing. Participants were divided into three groups: LLM, Search Engine, and Brain-only (no tools). Each completed thr...
arxiv.org
28 460 1K
Reposted by equilibriumuk
thejpster.org.uk
Jonathan Pallant @thejpster.org.uk · May 24
No notes.

deplet.ing/the-copilot-...
The Copilot Delusion
Disclaimer: This post was written May 2025, and the arguments apply to AI code capabilities at this time. The arguments around lack of competence are certainly likely to become less prevalent-while th...
deplet.ing
1 5 16
Reposted by equilibriumuk
imperioworld.bsky.social
imperio @imperioworld.bsky.social · May 23
The Rust GCC backend can now fully bootstrap the Rust compiler. Excellent work from FractalFir in their GSoC (which starts in one week XD).

More information here: www.reddit.com/r/rust/comme...
From the rust community on Reddit: [Media] The GCC compiler backend can now fully bootstrap the Rust compiler!
Explore this post and more from the rust community
www.reddit.com
2 13
Reposted by equilibriumuk
sturobson.com
Stuart Robson @sturobson.com · May 22
"AI's gonna take your jobs"
a screenshot of part of a comment on a GitHub issue … it reads "true = false" what 👀 @copilot delete that
2 5 30
Reposted by equilibriumuk
meredithmeredith.bsky.social
Meredith Whittaker @meredithmeredith.bsky.social · May 21
📣 The rush to add AI into everything is a big threat to privacy, as we've been saying.

MS Recall's screenshotting everything is a (not) great example of exactly why.

So, Signal took steps to protect everyone using Signal on Windows 11 from Recall's privacy invasion.👇

signal.org/blog/signal-...
By Default, Signal Doesn't Recall
Signal Desktop now includes support for a new “Screen security” setting that is designed to help prevent your own computer from capturing screenshots of your Signal chats on Windows. This setting is a...
signal.org
9 170 500
Reposted by equilibriumuk
sunshowers.io
rain 🌦️ @sunshowers.io · May 21
new #rustlang crate drop: iddqd! ID-based maps where keys are borrowed from values. Four maps are included: IdOrdMap, IdHashMap, a bijective (1:1) BiHashMap and a trijective (1:1:1) TriHashMap.

At Oxide we've found this pattern to be very useful. iddqd is no-std compatible, too!

docs.rs/iddqd
use iddqd::{IdOrdMap, IdOrdItem, id_upcast}; #[derive(Debug)] struct User { name: String, age: u8, } // Implement IdOrdItem so the map knows how to get the key from the value. impl IdOrdItem for User { // The key type can borrow from the value. type Key<'a> = &'a str; fn key(&self) -> Self::Key<'_> { &self.name } id_upcast!(); } let mut users = IdOrdMap::<User>::new(); // You must pick an insertion behavior. insert_unique returns an error if // the key already exists. users.insert_unique(User { name: "Alice".to_string(), age: 30 }).unwrap(); users.insert_unique(User { name: "Bob".to_string(), age: 35 }).unwrap(); // Lookup by name: assert_eq!(users.get("Alice").unwrap().age, 30); assert_eq!(users.get("Bob").unwrap().age, 35); // Iterate over users: for user in &users { println!("User {}: {}", user.name, user.age); }
15 36 170
Reposted by equilibriumuk
sosowski.bsky.social
Sos Sosowski @sosowski.bsky.social · May 21
Oh my god, Copilot is allowed to create and fix issues on Microsoft github repos and it goes exactly as you'd have imagined.

Try going into any of these PRs commits to see poor Microsoft engineers try to coerce Copilot into doing literally anything right.

www.reddit.com/r/Experience...
From the ExperiencedDevs community on Reddit: My new hobby: watching AI slowly drive Microsoft employees insane
Explore this post and more from the ExperiencedDevs community
www.reddit.com
25 340 840
Reposted by equilibriumuk
adamfortuna.com
Adam Fortuna @adamfortuna.com · May 3
I’m writing a series of posts about Hardcovers recent migration. The first one in the series was published yesterday!

Part 1: How We Fell Out of Love with Next.js and Back in Love with Ruby on Rails & Inertia.js

hardcover.app/blog/part-1-...
Part 1: How We Fell Out of Love with Next.js and Back in Love with Ruby on Rails & Inertia.js - Hardcover Blog
A look at how and why we migrated from Next.js to Ruby on Rails.
hardcover.app
4 7 33
Reposted by equilibriumuk
rustfoundation.org
The Rust Foundation @rustfoundation.org · May 15
Today marks a decade since the 1st stable release of #rustlang 🎉 To commemorate this milestone, we asked Karen Tölva (Ferris creator 🦀) to design a celebratory graphic & answer a few questions in our blog.

Congrats to EVERYONE who has made Rust what it is today 🧡

rustfoundation.org/media/celebr...
A joyful Ferris the crab throws confetti under text that reads "Happy 10th birthday, Rust 1.0!"
1 45 150
Reposted by equilibriumuk
eurorust.eu
EuroRust @eurorust.eu · May 15
🎉 Rust turns 10! What a decade for us all 🥳

To celebrate, we’ve curated 10 must-watch talks from EuroRust. Let’s kick things off 👇

🧵 1/11
1 3 9