Microsoft, Google, Red Hat, Grafana ve LlamaIndex public GitHub repolarına canlı verified credential pushladı. Pipeline'ı ben yazdım: Gemini 2.5 ile etiketle, regex'e distil et, TruffleHog'u active…

Microsoft, Google, Red Hat, Grafana and LlamaIndex all shipped verified live credentials to public GitHub. I built the pipeline that found them: Gemini 2.5 distilled into regex, then TruffleHog with…

>- Complete guide to securing your OpenClaw AI assistant. Learn how to implement firewall rules, file permissions, tool allowlisting, and automated security monitoring for production deployments.

I write a Flutter app in a container on a Hetzner box and build it on my Mac. Mutagen copies each change to the Mac over SSH, not Docker.

A post on X predicted that development would all move to remote sandboxes. Here is why I think that is a mirage, what makes the model attractive to executives and unappealing to developers, and where…

TL;DR. Testing a data plane at 100GbE line rate needs real NICs running VPP — which no cloud CI runner has. So an ephemeral GitHub Actions runner joins a private two-machine lab over Tailscale,…

Growing your own vegetables is fun and delicious to do, but when you go on vacation the plants still need water. Now we can ask a neighbor to take care of it, but we can also use a Sonoff water ...…

Over the years, we have received, read and handled way over one thousand vulnerability reports filed against curl. We have seen most kinds. It is time for me to try to help future reporters by…

Learn why store water at home is essential for family safety. Ensure you have enough drinking water during emergencies with our 2026 guide. The post Why Store Water at Home: Your 2026 Readiness Guide…

Welcome back to the weekly digest about the Cybersecurity & Threats in the wild. Below you will find a very subjective summary of Cybersecurity events for the prior week 1.An Income Tax…

I picked up a Palo Alto Cloudgenix ION 2000 off of eBay and decided to try and stick OPNsense on it. It has a ethernet ports, 4GB of RAM, 128GB SSD, and an Intel Atom CPU. What I hadn't considered…

How to write custom events from a Worker with Analytics Engine and query them later with SQL. Cheap, high-volume time-series data.

Discord is running a limited trial with Incode for facial age estimation and ID scanning. Here is what the vendor actually does, what are the privacy concerns This post first appeared at - The…

The Incus team is pleased to announce the release of Incus 7.2! It’s another pretty busy release for us with a varied set of new features across the board as well as the usual set of performance…

With 16 cores, ECC memory, and 40 watts of typical power consumption, the Loongson 3C3000 initially sounds like a highly efficient server processor. The small addition “at 1.5 GHz” is, however,…

A while back I wrote about how claiming to be Googlebot is now a bad idea , where I noted that there were (reports of) malicious crawlers out there impersonating Googlebot and other legitimate big…

Obsidian has been my primary personal knowledge management solution for years. S

As part of Britain’s new high-speed railway project (HS2), six tunnel-boring machines have been driving through clay, sand and ever-shifting ground beneath the streets of London. They are…

Adding self-hosted Mem0 memory to Hermes Agent with pgvector and Ollama, plus the footguns I hit along the way

Josh chats with Allan Friedman about all things Bill of Materials. Allan did a ton of work to help turn SBOM into what it is today. He has many thoughts and ideas around the new types of BOMs, a…

# Overview You add Redis for caching, Elasticsearch for search, and Sidekiq for jobs, and soon your app depends on many datastores. Each one needs its own deployment, backup, monitoring, and incident…

You can use eBPF in conjunction with OTel! Don't forget to filter out what you don't need, otherwise the storage would balloon up, and there will be too much noise.…

When I moved my Node apps over to Opalstack, I was having some issues with the apps failing, getting a 502 error. My account has 1GB of RAM, and I saw my Feed News Archive app reaching 700-800 Mb…

I quite enjoyed this talk from Bryan Cantrill where he discusses the difficult engineering problems they overcame while working on their company Oxide. Some of the problems they ran into were bugs.…

Agentic coding and Free Software - getting started with LLMs with WindSurf systemd for Linux SysAdmins - there is a book out about systemd - history and usage vmsync - released vmsync . A small…

Via: Engadget: Thanks to the rise of AI, a new kind of surveillance camera has rapidly proliferated across the United States. Typically referred to as automated license plate readers, or ALPRs,…

I am working on a project that combines Swift, Raylib, and Raygui. I don’t really know what the end-goal is here, but I am having fun. That’s enough for me to work occasionally on that. I…

How shady deals and unjustifiable tax incentives have allowed Big Tech to commandeer America's most precious land and resources

One of the pieces of bad advice I got while trying to diagnose the Let’s Encrypt problem was to reset my Nextcloud File Sync client connection. No big deal, they said, just recreate the…

A Docker container on a Gitea build runner can break out to root on the host, the setting built to stop that does nothing, and there is no patch yet. CVSS 9.9. A working proof of concept went public…

smallfawn sells JD.com login tools to other reward-farmers. By design, the buyer cannot log a victim in without calling smallfawn's own server, and the plaintext passwords are relayed there three…

Introduction A Late Nineties PC Assessing the Damage Installing a Video Card and Keyboard Locked CPU Fan Replace the BIOS Backup Battery Replacing the Motherboard Capacitors Replacing the Spinning…

Let’s recap what we know since April, when Anthropic’s marketing department started coal-rolling the industry with their nonsense about novelty. A model with 3.6 billion active parameters…

How to run a Cloudflare Worker on a schedule with Cron Triggers. Nightly jobs, periodic checks, and cleanups, with no server to keep running.

HP T1500 G3 UPS monitoring software 2026-06-28 | [misc] Another old UPS from the eWaste bin, but this is a nice one! It is pure sine wave output, and can do 950 Watts, from a 36V Lead acid cell. I…

My work here documents the transition from building features to building reliable, transparent interfaces. I've learned that the most important code I write is often the 'truth' I report to the…

﷽

I have an APC Smart UPS 1500 connected via USB cable to a BeagleBone Green running NUT 2.8.1-5 on Linux 6.18.36-bone40. Even on earlier Linux kernels and versions of NUT, during some sort of UPS…

y’allI’ve been to a few different styles of conferences, meetups, hackerspaces, hackathons, etc. over the years. Taco Sprint was entirely different.10~ people who use Nix and NixOS in…

Recently, my laptop (an Acer A315-23) decided to randomly enable secure boot and since my linux install is obviously not signed, it proceeded to not boot anymore. Given that I had work to do, I…

Someone sent me an MIT thesis this week. From Worm to Human: Scaling Brain Emulation, by Isaak Freeman, submitted March 2026 in the Boyden Lab. I read things like this fairly often. Brain emulation…

How Russian authorities used Cellebrite's UFED to extract data from a political activist's iPhone, even after the company had cancelled its Russian contracts.

A walkthrough of setting up Nous Research's Hermes Agent on a Hetzner CX23 box — OpenRouter, Telegram gateway, Obsidian sync, cron jobs, and the skills that make it feel like home

The more distributed a system, the harder it is to secure. Code crosses JVM boundaries. Objects are serialized across trust boundaries. Third-party proxies run inside your process. The usual answer…

i’m getting a bit allergic to the way Chat Box Generated Prose always overuses headings so i might just not put any headings at all in this post. we’ll see. make a terrible comic day might have been…

I wanted to do an analysis of where the Node ecosystem is going into the next few years, and in particular around the security layer Node provides. With the rise of AI, supply chain attacks are…

In an earlier post about gguf-runner I made a point that kept nagging at me afterwards. The point was this: prebuilt binaries are compiled for a conservative baseline so they run everywhere, and if…

Improving my self-hosted Laravel deployments. I updated a handful of Coolify-hosted Laravel apps recently to get zero-downtime updates. Gone are those few annoying seconds of “no server available” I…

6.28.26 - The End of Wonder Text message thread to a friend regarding his PLEX server below: *Friend — [City, State]* Today 12:16 PM *Me:* nice *Me:* fuckin hate old people *Me:* i logged onto ur…