equilibriumuk
@equilibriumuk.bsky.social
Writes Code · Breaks Hardware · 👹🎲 😇👀
🔑 Cyber Security
🐧 Linux
🧰 Electronics
⌨️ Programming
🖋️ Occasional Blogger @ equk.co.uk
🍵 Green Tea ☕ Black Coffee
🐮 Dairy Free
💀 RIP Firefox
Webdev · JS, TS, Go, Rust 🦀
🔑 Cyber Security
🐧 Linux
🧰 Electronics
⌨️ Programming
🖋️ Occasional Blogger @ equk.co.uk
🍵 Green Tea ☕ Black Coffee
🐮 Dairy Free
💀 RIP Firefox
Webdev · JS, TS, Go, Rust 🦀
Reposted by equilibriumuk
as promised, here is a repository that lets you quickly turn any random VPS into a Forgejo Actions runner in under 30 minutes, for use with Codeberg or your private forge! codeberg.org/whitequark/n...
nixos-forgejo-actions-runner
NixOS configuration for turnkey deployment of Forgejo Actions runners
codeberg.org
December 22, 2025 at 7:06 AM
as promised, here is a repository that lets you quickly turn any random VPS into a Forgejo Actions runner in under 30 minutes, for use with Codeberg or your private forge! codeberg.org/whitequark/n...
Frustrating to see this firefox post
if it just said "we're adding a ai killswitch"
cool, we'll believe it when we see it
instead it seems to make out users are idiots who don't know what opt-in is
also says "All AI features will be opt-in"
is this not something already meant to be true?
if it just said "we're adding a ai killswitch"
cool, we'll believe it when we see it
instead it seems to make out users are idiots who don't know what opt-in is
also says "All AI features will be opt-in"
is this not something already meant to be true?
December 19, 2025 at 2:39 PM
Frustrating to see this firefox post
if it just said "we're adding a ai killswitch"
cool, we'll believe it when we see it
instead it seems to make out users are idiots who don't know what opt-in is
also says "All AI features will be opt-in"
is this not something already meant to be true?
if it just said "we're adding a ai killswitch"
cool, we'll believe it when we see it
instead it seems to make out users are idiots who don't know what opt-in is
also says "All AI features will be opt-in"
is this not something already meant to be true?
Reposted by equilibriumuk
Not very opt-in when I see them by default.
December 18, 2025 at 7:03 PM
Not very opt-in when I see them by default.
Reposted by equilibriumuk
"The end of the kernel Rust experiment" is a hell of a way to announce Linux in the Kernel is here to stay, jesus
lwn.net/Articles/104...
lwn.net/Articles/104...
The end of the kernel Rust experiment
The topic of the Rust experiment was just discussed at the annual Maintainers Summit. The cons [...]
lwn.net
December 10, 2025 at 8:23 AM
"The end of the kernel Rust experiment" is a hell of a way to announce Linux in the Kernel is here to stay, jesus
lwn.net/Articles/104...
lwn.net/Articles/104...
Reposted by equilibriumuk
NEW: The classic anime "Ghost in the Shell" turned 30 years old this week.
Despite coming out at the dawn of the internet, it was incredibly prescient in terms of imaginig a future where governments use hackers for espionage, people use malware to spy on their loved ones, and much much more.
Despite coming out at the dawn of the internet, it was incredibly prescient in terms of imaginig a future where governments use hackers for espionage, people use malware to spy on their loved ones, and much much more.
How the classic anime 'Ghost in the Shell' predicted the future of cybersecurity 30 years ago | TechCrunch
The story of the Ghost in the Shell’s main villain the Puppet Master hinted at a future where governments use hackers for espionage, at a time when most of the world had never connected to the interne...
techcrunch.com
November 19, 2025 at 10:04 PM
NEW: The classic anime "Ghost in the Shell" turned 30 years old this week.
Despite coming out at the dawn of the internet, it was incredibly prescient in terms of imaginig a future where governments use hackers for espionage, people use malware to spy on their loved ones, and much much more.
Despite coming out at the dawn of the internet, it was incredibly prescient in terms of imaginig a future where governments use hackers for espionage, people use malware to spy on their loved ones, and much much more.
Reposted by equilibriumuk
#rustlang hot take: We should rename .unwrap() to .or_panic(). (And .expect() to .or_panic_with().) "Unwrap" is a terrible name for the panicking function, especially since we also have things like .unwrap_or() and .unwrap_or_default() which never panic.
November 19, 2025 at 7:32 AM
#rustlang hot take: We should rename .unwrap() to .or_panic(). (And .expect() to .or_panic_with().) "Unwrap" is a terrible name for the panicking function, especially since we also have things like .unwrap_or() and .unwrap_or_default() which never panic.
Reposted by equilibriumuk
Scientists and scholars in AI and its social impacts call on von der Leyen to retract #AIHype statement.
@olivia.science
@abeba.bsky.social
@irisvanrooij.bsky.social
@alexhanna.bsky.social
@rocher.lc
@danmcquillan.bsky.social
@robin.berjon.com
& many others have signed
www.iccl.ie/press-releas...
@olivia.science
@abeba.bsky.social
@irisvanrooij.bsky.social
@alexhanna.bsky.social
@rocher.lc
@danmcquillan.bsky.social
@robin.berjon.com
& many others have signed
www.iccl.ie/press-releas...
Scientists call on the President of the European Commission to retract AI hype statement
Experts in AI call on the President of the European Commission to retract unscientific AI hype statement she made in the budget speech.
www.iccl.ie
November 10, 2025 at 9:48 AM
Scientists and scholars in AI and its social impacts call on von der Leyen to retract #AIHype statement.
@olivia.science
@abeba.bsky.social
@irisvanrooij.bsky.social
@alexhanna.bsky.social
@rocher.lc
@danmcquillan.bsky.social
@robin.berjon.com
& many others have signed
www.iccl.ie/press-releas...
@olivia.science
@abeba.bsky.social
@irisvanrooij.bsky.social
@alexhanna.bsky.social
@rocher.lc
@danmcquillan.bsky.social
@robin.berjon.com
& many others have signed
www.iccl.ie/press-releas...
just added more prefs to firefox after noticing 'ask ai chatbot' appear in context menu after update
user_pref("browser.ml.chat.page", false);
user_pref("browser.ml.chat.menu", false);
...
user_pref("browser.ml.chat.page", false);
user_pref("browser.ml.chat.menu", false);
...
Comparing 79a32b3..a19bac6 · equk/ffox_profile_tools
🦊 linux firefox profiles with security presets & userchrome styles - Comparing 79a32b3..a19bac6 · equk/ffox_profile_tools
github.com
October 25, 2025 at 11:08 AM
just added more prefs to firefox after noticing 'ask ai chatbot' appear in context menu after update
user_pref("browser.ml.chat.page", false);
user_pref("browser.ml.chat.menu", false);
...
user_pref("browser.ml.chat.page", false);
user_pref("browser.ml.chat.menu", false);
...
Reposted by equilibriumuk
Omg, the solution to CIA's Kryptos being discovered by someone becoming a subject matter expert, going on location, and finding the plaintext sitting in a vault several miles away is the absolute *perfect* ending to Kryptos. You couldn't write it. Just absolutely A+ www.nytimes.com/2025/10/16/s...
A C.I.A. Secret Kept for 35 Years Is Found in the Smithsonian’s Vault
www.nytimes.com
October 17, 2025 at 12:49 AM
Omg, the solution to CIA's Kryptos being discovered by someone becoming a subject matter expert, going on location, and finding the plaintext sitting in a vault several miles away is the absolute *perfect* ending to Kryptos. You couldn't write it. Just absolutely A+ www.nytimes.com/2025/10/16/s...
Reposted by equilibriumuk
#ESETresearch has discovered #HybridPetya ransomware on VirusTotal: a UEFI-compatible copycat of the infamous Petya/NotPetya malware. HybridPetya is capable of bypassing UEFI Secure Boot on outdated systems. www.welivesecurity.com/en/eset-rese... 1/8
www.welivesecurity.com
September 12, 2025 at 9:02 AM
#ESETresearch has discovered #HybridPetya ransomware on VirusTotal: a UEFI-compatible copycat of the infamous Petya/NotPetya malware. HybridPetya is capable of bypassing UEFI Secure Boot on outdated systems. www.welivesecurity.com/en/eset-rese... 1/8
Reposted by equilibriumuk
You've probably heard about the supply chain attack that affected a number of widely-used npm packages today.
tl;dr: Don't panic. Notes:
1. Svelte, SvelteKit and their associated packages are not vulnerable to this attack, as they do not use any of the compromised dependencies in the browser
tl;dr: Don't panic. Notes:
1. Svelte, SvelteKit and their associated packages are not vulnerable to this attack, as they do not use any of the compromised dependencies in the browser
September 8, 2025 at 7:58 PM
You've probably heard about the supply chain attack that affected a number of widely-used npm packages today.
tl;dr: Don't panic. Notes:
1. Svelte, SvelteKit and their associated packages are not vulnerable to this attack, as they do not use any of the compromised dependencies in the browser
tl;dr: Don't panic. Notes:
1. Svelte, SvelteKit and their associated packages are not vulnerable to this attack, as they do not use any of the compromised dependencies in the browser
Reposted by equilibriumuk
you may have heard about a supply chain attack on a number of packages distributed on npm. a quick update:
1. nuxt is not vulnerable.
we do not ship code into client/server from these particular packages (this attack required running in the browser)
www.aikido.dev/blog/npm-de...
1. nuxt is not vulnerable.
we do not ship code into client/server from these particular packages (this attack required running in the browser)
www.aikido.dev/blog/npm-de...
npm debug and chalk packages compromised
The popular packages debug and chalk on npm have been compromised with malicious code
www.aikido.dev
September 9, 2025 at 7:54 AM
you may have heard about a supply chain attack on a number of packages distributed on npm. a quick update:
1. nuxt is not vulnerable.
we do not ship code into client/server from these particular packages (this attack required running in the browser)
www.aikido.dev/blog/npm-de...
1. nuxt is not vulnerable.
we do not ship code into client/server from these particular packages (this attack required running in the browser)
www.aikido.dev/blog/npm-de...
imagine going to great lengths to inject malware which runs on the browser into nodejs packages ...
September 9, 2025 at 10:28 AM
imagine going to great lengths to inject malware which runs on the browser into nodejs packages ...
Reposted by equilibriumuk
🚨 Breaking: npm author Qix compromised. Malicious package versions published in projects that typically see hundreds of millions of downloads each week.
Details: socket.dev/blog/npm-aut...
Details: socket.dev/blog/npm-aut...
npm Author Qix Compromised in Major Supply Chain Attack - So...
npm author Qix’s account was compromised, with malicious versions of popular packages like chalk-template, color-convert, and strip-ansi published.
socket.dev
September 8, 2025 at 3:23 PM
🚨 Breaking: npm author Qix compromised. Malicious package versions published in projects that typically see hundreds of millions of downloads each week.
Details: socket.dev/blog/npm-aut...
Details: socket.dev/blog/npm-aut...
Reposted by equilibriumuk
Humblebundle to support World Central Kitchen, and get a bunch of my books from @tordotcom.bsky.social including Murderbot and Witch King! #booksky
www.humblebundle.com/books/martha...
www.humblebundle.com/books/martha...
Humble Book Bundle: Martha Wells' Murderbot and More by TOR
Fall in love with Martha Wells’ The Murderbot Diaries series—the engine behind the hit AppleTV adaptation—and help support World Central Kitchen.
www.humblebundle.com
August 24, 2025 at 2:57 AM
Humblebundle to support World Central Kitchen, and get a bunch of my books from @tordotcom.bsky.social including Murderbot and Witch King! #booksky
www.humblebundle.com/books/martha...
www.humblebundle.com/books/martha...
Reposted by equilibriumuk
it is still incredibly funny to me how “GamersNexus” remains one of the hardest-hitting voices in contemporary investigative journalism
August 23, 2025 at 3:08 AM
it is still incredibly funny to me how “GamersNexus” remains one of the hardest-hitting voices in contemporary investigative journalism
Reposted by equilibriumuk
We've spent 3 weeks in Asia investigating the AI GPU Black Market. We need your help finalizing this crazy story: www.youtube.com/watch?v=ltgy...
Detained by a Government & Probably Blacklisted by NVIDIA for Our Next Investigation
YouTube video by Gamers Nexus
www.youtube.com
August 9, 2025 at 2:56 AM
We've spent 3 weeks in Asia investigating the AI GPU Black Market. We need your help finalizing this crazy story: www.youtube.com/watch?v=ltgy...
Reposted by equilibriumuk
I imagined the Chatsubo in 1984. 41 years later I opened its door. Neuromancer is in production.
July 1, 2025 at 7:14 PM
I imagined the Chatsubo in 1984. 41 years later I opened its door. Neuromancer is in production.
Reposted by equilibriumuk
Consider a programmer looking at code they themselves wrote a year ago, now having to identify and fix a bug. They have to rebuild the mental model of what is going on, which is easier if they have already had a mental model of what is going on.
June 24, 2025 at 6:37 AM
Consider a programmer looking at code they themselves wrote a year ago, now having to identify and fix a bug. They have to rebuild the mental model of what is going on, which is easier if they have already had a mental model of what is going on.
Reposted by equilibriumuk
Reposted by equilibriumuk
wat...?
New authd users logging in via SSH are members of the root group
### Impact
When a user who hasn't logged in to the system before (i.e. doesn't exist in the authd user database) logs in via SSH, the user is considered a member of the root group in the context o...
github.com
June 16, 2025 at 6:44 PM
wat...?
Reposted by equilibriumuk
"Over four months, LLM users consistently underperformed at neural, linguistic, and behavioral levels."
arxiv.org/abs/2506.08872
arxiv.org/abs/2506.08872
Your Brain on ChatGPT: Accumulation of Cognitive Debt when Using an AI Assistant for Essay Writing Task
This study explores the neural and behavioral consequences of LLM-assisted essay writing. Participants were divided into three groups: LLM, Search Engine, and Brain-only (no tools). Each completed thr...
arxiv.org
June 15, 2025 at 12:33 PM
"Over four months, LLM users consistently underperformed at neural, linguistic, and behavioral levels."
arxiv.org/abs/2506.08872
arxiv.org/abs/2506.08872
Reposted by equilibriumuk
The Rust GCC backend can now fully bootstrap the Rust compiler. Excellent work from FractalFir in their GSoC (which starts in one week XD).
More information here: www.reddit.com/r/rust/comme...
More information here: www.reddit.com/r/rust/comme...
From the rust community on Reddit: [Media] The GCC compiler backend can now fully bootstrap the Rust compiler!
Explore this post and more from the rust community
www.reddit.com
May 23, 2025 at 7:16 PM
The Rust GCC backend can now fully bootstrap the Rust compiler. Excellent work from FractalFir in their GSoC (which starts in one week XD).
More information here: www.reddit.com/r/rust/comme...
More information here: www.reddit.com/r/rust/comme...