Everyone knows that 10x engineers validate inputs and carefully manage dependencies; so clearly there's no risk of unexpected behavior.

It seems worth noting that one of the items in Wyden's rather pointed inquiry is the fact that the feasibility of doing this is known to have been demonstrated for the DoD by outside people familiar with it at least as early as 2016; so while this is the first confirmed case of adversarial use it's the outcome of at least a decade of just ignoring the problem; and a significantly longer period of failing to reasonably anticipate the problem. It's not like there's No Such Agency you could ask about "how could you spy on someone with the internet even?" if you wanted to know how well or poorly readily available information matched a nation state signals intelligence apparatus.

Purely as a matter of cellphones being expensive and somewhat tepidly capable in the before times I assume that there was a period within living memory when merely telling people not to Gordon Gekko on their DynaTAC where the russians can hear you was good enough; but that would have clearly and rapidly been getting less true for at least a quarter century.

Can we keep the Rust team busy with porting them?

We can't allow this to stand having MCA token ring drivers in C.

i386 arch will be around in some form approximately forever. This was a weird hybrid model for lowmem amd64 devices.

Your theory fits all of the strange behavior data we have.

Good thinking.

The whole 'responsible disclosure' preaching and the not-terribly-subtle threats seem particularly bad given that there's an entire industry of actively more dangerous people who are not only treated as legal but actively courted by state agents and cops(and often even less savory customers, though they tend to be cagey about those); the ones who actively seek to keep vulnerabilities quiet so that they can continue to sell exploit tools and services based on them. Throwing zero days on github isn't ideal vs. getting them fixed; but it gets them fixed faster than if Cellebrite wants to hang on to a bitlocker bypass or Trenchant, and L3Harris Technologies Company, wants to keep selling 'network investigative techniques' that can bypass default windows defender configurations or whatever the situation is.

From the outside it's hard to know whether MS actually mistreated the researcher badly enough to justify their displeasure(the consensus appears to be that MSRC was never the best to deal with and has actively gone downhill; but this person's position seems significantly angrier than average) or whether they are perhaps wound a little tight; but implying that their legal status is the same as people actively running attacks against user systems is blatantly false and totally ignores the class of researchers who do actively run attacks while being treated as respectable.

It's a particularly bad look when at least Facebook got into a public legal fight with the NSO group over their nerd-merc work against their users; not like that actually solved the problem of attacks on cellphones; but it was an all-too-rare case of industry pushing back against the 'respectable' arms dealers; and not one that MS has an analog to.

The music was incredibly tight on the trench run scene, perfectly choreographed with the action.

Imagine how different Williams's score would have been with bland editing.

We'll all pretend that nuclear-tipped VCs will remain cool-headed and cooperative when the AI debts start to go sour.

I'm not an expert on rebuilding massively exploded launch infrastructure; but I have a suspicion that a 2026-2029 plan is now going to involve less Blue Origin than previously believed.

They think center-left is ultra right-wing.

Some mostly sensible people consider themselves center-left and feel hurt that the he Valley types are calling them fascists.

It's all complicated by the 1D spectrum model of the French Parliament being applied to politics broadly.

The Left Authoritarians really hate the Right Authoritarians while the Left Libertarians and the Right Libertarians mostly get along.

It sort of makes sense becauae violence is inherent in the former while cooperation is inherent in the latter.

But the angry aren't usually educated im polisci at all and just operate on the Friend/Eny distinction of their tribe's momentary collective preferences, which can turn on a dime.

The Valley oligarchs will also switch allegiances instantaneously if they perceive advantage in profit or control with shifting winds.

They keep adding timing noise to these API's as attacks show up but this really speaks to the need to have the noise in the core I/O libraries, not inside each new API.

If it's writing to disk in any way it should go through a code path with timing noise.

It would be easier on the feature developers too.

Probably in the network API's too. Have a turbo mode in preferences at one end of a privacy slider, maybe. Default should be safe but the browser benchmark people incentivize the wrong thing. "You get what you measure" and stuff.

It's an overseas market too.

Lots of defects in the case.

Somebody said his legal defense is that if Congress can do it he can. If true it could be an impactful case.

How deep are the grooves?

Does a dirty car or airplane negate the benefit?

Oh, they know; it's more that you can't really put "fuck palantir!" in an encyclical; but you absolutely can choose which perfectly plausible catholic author to quote in your piece on how weaponized AI is bad; and going with Tolkien over the other options seems deliberate.

Why do you think Trump bragged about arming these 'protesters' with firearms months before while Bessent bragged about running a currency crash scheme?