#LowBandwidthMemes

There used to be a time when building out a botnet required *some* work – writing exploits, taking over devices, obscuring the purpose of the executable, etc.

Not any more!

Instead of "malware", call it an "AI agent" and people will just happily install it on their devices with full root privileges!
https://github.com/jgamblin/OpenClawCVEs/

Bam! RCE by asking nicely.

🧵

#OpenClaw #AI #Hype #InfoSec

Testing cameras on Nexus 7 / asus-grouper (2012) with Linux 7.0-r6 #postmarketOS #linuxmobile #mainine

GET: motorola-vicky

It’s a surprisingly nice device. MediaTek G99 (same SoC as Zinwa Q25), 8GB LPDDR4x, 128GB UFS, 120Hz OLED and apparently a pretty nice Samsung sensor.

Didn’t expect that, it’s gonna be fun (especially since SoC is likely vulnerable, so we should be able to replace LK with U-Boot)

on this laptop, I have a choice of many WSL distros, such as Round Ubuntu and also Square Ubuntu

when I was young, we were still transitioning away from Roman numerals, but at least we didn’t have to deal with shrinkflation. that’s why instead of saying 6-7 we said X11

Them: if you set aside all the ethical concerns…

Me: this is what evil is. This is how evil talks.

#Microsoft sent an email to everyone saying they're listening to people now and they will definitely not pushing AI to everything anymore.

Also Microsoft enabled github to collect all your "inputs, outputs and associated context to train and improve AI models". This new tickbox is enabled by default, even if you explicitly disabled Copilot before.

Actions speak more than words.

You can disable the option at https://github.com/settings/copilot/features

Pinephone Beta running PostmarketOS Edge update:

++Camera++
* faster ✅
* Rear camera access ✅
* front camera access ✅
* take photo rear camera ✅ (crash 60% of the time)
* take photo front camera ✅ (crash 75% of the time). Only registered photo capture after system restart.

Good update none-the-less.

#PinephoneBeta #Pine64 #PostmarketOS #Megapixels

@krzk incredible. If one ever wanted AI review on their patch, I'm sure they would've asked one already? (nice reply btw)

also incredible they said "might be useless" .. if it's useless, why send it to lkml?

Review on mailing list:

Copyright (C) 2026 Variscite Ltd. AI bot review and may be useless.

Copyright year is 2026, which is in the future. Should be 2024 or current year.

Great, now everyone will get to read useless AI agent reviews.

https://lore.kernel.org/all/20260303210131.2966214-8-Frank.Li@nxp.com/

I'm behind on reading LWN weekly issues, so I only now got to the article about the AI bot that flamed matplotlib mainainers. Choice quote: "We should note that LWN is still entirely written by people and makes its mistakes the old-fashioned, human-powered way."

Well said, @lwn

Quickly skimmed through Lunduke's video, I gotta say he's terrible at actually sharing real news.

All he shows is devuan's tweet, *HIS* tweet, and a small part of the summary blog post brought completely out of context (which doesn't even mention systemd). Not very convincing overall. Then he's talking about age verification and doing stupid irrelevant comments all over the place.

Where's the actual proof that the vulnerability is in systemd? He and Devuan are just modifying facts to point fingers at systemd, but once you actually look into it in more detail you realize that all he says is complete meaningless garbage, then you can quickly figure out that he has absolutely no idea what he's even talking about.

Surprise surprise, when I lookup "systemd root vulnerability" on youtube, all I see is that idiot whose name starts with L.

To anyone who thinks there is a systemd root privilege escalation vulnerability discovered recently. Please read the technical details instead of listening to idiots on youtube and reddit.

https://cdn2.qualys.com/advisory/2026/03/17/snap-confine-systemd-tmpfiles.txt

Because, if you actually read the technical details of this vulnerability, you'll know that it is a *snapd* vulnerability (which involved misconfiguration in systemd-tmpfiles). It is *NOT* a systemd vulnerability, and anyone who's telling you the opposite does not have a single idea what they're talking about.

I am specifically looking at that complete idiot on youtube who keeps bringing up things completely out of context, is a literal nazi, and whose name starts with L.

Please, don't listen to idiots who don't know anything about the subject they're bringing up.

@justsoup Slowly starting to feel the same way for age verification and uspol..

I mean, I do care about these subjects, but at some point it's kind of getting unhealthy.

seems this pdf is hardcoded to tell me to use a newer version of adobe reader, even if i'm not using adobe reader. incredible innovation in the pdf space

As the number of LLM-generated patches in my inbox increases, I am starting to experience the sort of maintainer stress that has long been predicted. But there's another aspect of this that has recently crossed my mind.

Just over a week ago, a new personality showed up with a whole pile of machine-generated patches claiming to fill in our memory-management documentation. A few reviewers had some sharp questions, the response to which has been ... silence. This person doesn't seem to have cared enough about that work to make an effort to get past the initial resistance.

Once upon a time, somebody who had produced many pages of MM documentation would be invested enough in that work to make at least a minimal attempt to defend it.

Kernel developers often worry that a patch submitter will not stick around to maintain the code they are trying to push upstream. Part of the gauntlet of getting kernel patches accepted can be seen as a sort of "are you serious?" test.

When somebody submits a big pile of machine-generated code, though, will they be *able* to maintain it? And will they be sufficiently invested in this code, which they didn't write and probably don't understand, to stick around and fix the inevitable problems that will arise? I rather fear not, and that does not bode well for the long-term maintainability of our software.

Stop using AI, people. I don't care if it makes things easier for you. You're sucking up water, burning the planet, models were trained on stolen data, and you're making the rich even richer. And I didn't even list all of the issues with AI.