Tech · Culture · Fiction
Article The camera on your shelf handed out your GPS
A TP-Link Kasa camera returned home GPS over unauthenticated UDP for six years. The mechanism, the pattern it exposes, and what must now be true.
A grep job cost forty-seven dollars
A scheduled Claude Code skill shelled out to curl on its own and burned $47.30 in 19 minutes. The root cause, the commit 7a3b8d2 that fixed it, and the guardrails.
Absence is not proof
Vancouver PD's Quick Escape button erases its own browser-history record on execution, leaving a control that cannot be verified or reconstructed.
Grok packed your home folder into an API request
How AI assistants with filesystem access end up transmitting your home directory to vendor servers - and the concrete steps to scope, verify, and contain it.
TS-2026-009 turned an argument into root
TS-2026-009: Tailscale SSH permitted root through argument handling. When supplied input can reach the privilege context, argument handling is the access control.
Your image parser is a remote kill switch
Codex Micro's unvalidated image upload endpoint decodes attacker-controlled rasters in-band with a check-then-act race, enabling CWE-400/CWE-770 resource exhaustion.
Count Binface breaks your correlation rule
Count Binface names a detection-pipeline attack: targeted noise injection exploits data-aggregation bias to bury true positives and poison UEBA baselines.
The Wire — latest
All →- A tracker counts 105 ex-YC founders now inside OpenAI and Anthropic
- Agreeing With the LLM Critics and Using LLMs Anyway
- AI writes the code — humans do the reviewing, and it's burning them out
- Apple hits ~40 OpenAI staff with evidence-preservation letters in trade-secret fight
- Booting Arch Linux 32 onto a 2009 Eee PC netbook
- FAA restores Boeing's authority to self-certify 737 MAX and 787 airworthiness
- From hand-drawn leaflets to 3D software: how LEGO instructions evolved
- Hiding video inside a single JPEG by abusing progressive scans
- Kaiser call-center nurses say AI monitoring and call-time quotas erode patient care
- LG and Dell monitors auto-install bloatware via Windows Update, no consent asked
Stay in the loop
New writing delivered when it's ready. No schedule, no spam.