For enabling Electron devtools in OpenAI Codex:

`BUILD_FLAVOR=dev /Applications/Codex.app/Contents/MacOS/Codex`

Happy Pi day, JavaScript users!

> new Date(2026, 3, 14)
2026-04-14T00:00:00.000Z

AI makes it easy to tell if a photo contains a bird, but impossible to know if it was really taken in a national park

With this hype about AIs that can hack anything, I decided to see how well LLMs can audit code today.
I ran an LLM on a known vulnerable version of a codebase.
It not only found the known issues, but seems to have found an issue that still isn't patched today.
Full thread: notnow.dev/notice/B5AcJ...

Unable to reject the null hypothesis?
That's so sad. Alexa, play "it's placebo"

GitHub - zhuowei/Starcruiser.py Contribute to zhuowei/Starcruiser.py development by creating an account on GitHub.

I can get through the initial handshake now (github.com/zhuowei/Star...) but haven't implemented app<->device auth yet: notnow.dev/notice/B3Ox2...

This is how I find out WebSockets are not subject to the same-origin policy?!

www.oasis.security/blog/opencla...
stackoverflow.com/questions/23...

The timeline forked in Sep 4, 1992 when the new Microsoft Research:

- did not take a trip to Bell Labs
- did not get a table at that diner
- did not bump into Rob Pike and Ken Thompson sketching on a placemat
- did not, in a Ballmer-peak fugue, pull out a 386 laptop and start porting WinNT to UTF-8

MacBook Neo · Geo

MAX 8192 MEGA
PRO–GEAR SPEC

Bluesky shows the `indexedAt` time instead of the `createdAt` time, so you can't backdate posts anymore.
www.reddit.com/r/BlueskySoc...
docs.bsky.app/docs/advance...
github.com/bluesky-soci...

Just bought $1.4 trillion of GPUs from OpenAI after they shut down Sora.
I can finally run Crysis on Medium settings.

This piece of code I'm researching is well-written enough and small enough that, after an hour of fuzzing, it reached full coverage with only a few harmless 1-byte over-reads detected.

So I guess all those commenters are right after all: you can write secure C code.

The `left-pad` incident was 10 years ago today.

en.wikipedia.org/wiki/Npm_lef...

Thankfully, we've completely solved software supply chains in the years since.

The "S" in "Vibe coding" stands for "Security"

I'm still amused that the Linux distro for Gamers is a Fedora remix.
You'd expect, like, Gentoo, or at least Arch like SteamOS - but no, Bazzite is a Fedora Atomic distro.

Sunday is the 10-year anniversary of the npm left-pad incident.
en.wikipedia.org/wiki/Npm_lef...

Get in the reboot, Shinji

__stack_chk_guard = U'🐤';

The manufacturer data is Lego Wireless Protocol 3 data for family 3, device 0: lego.github.io/lego-ble-wir...)
The UUID is what the app's source calls the WirelessDataExchange protocol.

This is as much as I can do before the real Lego Smart Brick releases tomorrow. I'll write up what I have.
#Lego

Screenshot: Lego Smart Assist app's "Searching" screen displaying a Smart Brick named "sdk_gphone64_arm64"

Screenshot: nRF Connect showing the "Edit advertising packet" screen

I can make a fake Lego Smart Brick show up in the Lego Smart Assist app, using this nRF Connect config:

Advertising data:
- Manufacturer data:
- Company ID: 0x0397
- Data: 006003FFFF00
- 16-bit service UUID: 0xfef6

Scan response data:
- Complete local name

Options: Connectable, Discoverable

Lego built the Smart Assist app (the firmware updater for the Lego Smart Brick) in... Unity.

The Lego Smart Assist app is out:
play.google.com/store/apps/d...
I expect homebrewers to run Doom on the Lego Smart Brick at 1x1 resolution, a week before its officially release.

Men's shirts: buttons on the right
Men's pants: buttons on the right
Women's pants: buttons on the right

Women's shirts: buttons on the left

buttons-on-the-left is big endian clothing

last call at the resizable bar

It shouldn’t have taken me 2 years to realize why the main character of "Wish" is named Asha.
www.behindthename.com/name/asha-1

Wait, mystery girl who fled from the royal ball at the stroke of midnight!
You dropped your...
left AirPod?

Note that Meta has an official SDK that lets you access the camera from a paired phone app (no running code on the glasses itself, unfortunately): developers.meta.com/wearables/
I don't think they've enabled it for the Display yet, though (it requires OS 21 and the Display's only up to OS 20?)

If you want to capture network traffic from the Meta AI app, you'll need a rooted Android with Frida: (notnow.dev/notice/AzcBs...)

There's an archive of firmwares in cocaine.trade/Ray-Ban_Disp... .
As far as I know, there's no way to install apps on real hardware yet.
You can emulate a Display in the Android Emulator with github.com/zhuowei/meta...

GORDON'S ALIVE?!
bsky.app/profile/thev...