@elly @justsoup @moses_izumi @stilic @weirdtreething also see: OpenBSD (lots of hardening, lots of mitigations, but for what?)

@weirdtreething @elly @justsoup @moses_izumi @stilic A lot of it depends on your threat model though. If you want *good* security for your usecase, you need to understand your threat model. It is useless to harden everywhere if you don't even know what you're protecting from.

@weirdtreething @elly @moses_izumi @justsoup @stilic Yeah I think Aster meant people just installing stock pmOS as-is with no changes anywhere and thinking they're completely secure. Of course if you're concerned and/or know what you're doing, you can harden it yourself somewhat easily. But also, no security is much better than a false sense of security.

@justsoup @weirdtreething @elly @stilic it isn't necessarily unmaintainable?

SECURITY ADVISORY: musl libc up through 1.2.6 (present version) is affected by CVE-2026-40200 affecting qsort with large arrays.

Unless you have a setup with at least tens of terrabytes of virtual memory, this does not affect 64-bit systems, only 32-bit ones. But all users should patch.

https://www.openwall.com/lists/musl/2026/04/10/3

@elly @justsoup @stilic doesn't mean you can't implement it yourself though

@elly @justsoup @stilic it is worth noting however that there are no integrity checks on boot in pmOS right now.

With that being said, I will admit there's one LLM I do use, but it is one that does not waste my VALUABLE time.

It's the STANDARD ed...LLMitor!!!!

$ ed
hi how are you?
?
please rewrite u-boot in python
?
????
?

Assisted-by: My own human brain cells

Assisted-by: My own human brain cells

And no, I am not limiting me mentally by not using AI. In fact, I think quite the opposite. Using LLMs to generate code, or really just having someone else write code, I wouldn't really know much how it all works exactly. Sure, I can study the code and better understand, but if I write it all myself, I then have a *MUCH* better landscape of how it works, I can visualize the overall structure in my head, it all makes sense and the feeling that I know exactly what it does because I wrote it is so good I can't let AI takeover.

Even if everyone around me would use AI, I still will not. Many people around me run Windows or MacOS, yet I'm a Linux user, have been one for years, and will remain a Linux user. The "everyone uses it so I should use it" argument is just worthless. Why use Linux then? Free Software? ActivityPub? IRC/Matrix/XMPP? Wayland? the list goes on

I want to reiterate, there is *NO* way I EVER use LLMs to write code. For me, programming is more than just a task, it's my dream hobby, and I can't afford having it taken by unethical dumb AI bots

RE: https://mastodon.social/@grimalkina/116341703108645603

Thats a sign that the software engineers need more psychology, not less

(signed a software engineer with a psychology degree)

@ariadne it's your account, so I am completely OK with personal content (alongside technical content if you want, but you don't have to be technical all day)

IQ and other psychometric assessments are not actually backed by hard science but vibes

so when someone brags about having a "genius level IQ", just write them off as a narcissist

sincerely, your local psychologist turned software engineer

@ariadne IMO the only place where Trump should be is in a psychiatric hospital

It's so cool that anthropic is setting up a double-sided protection racket where it will profit from the massive token burn of attackers and defenders with a tool specifically designed to generate exploits and their only observable mitigation is a clientside system prompt that sternly warns the LLM to be good and not do malware
https://red.anthropic.com/2026/mythos-preview/

I can confirm Creative Cloud has added to my /etc/hosts file.

Adobe secretly modifies your hosts file for the stupidest reason: https://www.osnews.com/story/144737/adobe-secretly-modifies-your-hosts-file-for-the-stupidest-reason/