Contribute to #KaminskyDNS: 1. Create a _.dk TXT record with your Dan Kaminsky quote 2. Create a _dknext TXT record with the domain listed in the current _dkrt.alcyon.nl TXT 3. Tweet your domain and include hashtag #KaminskyDNS 4. You can become the new temporary DK root

How to run a bug bounty program on the cheap (part 2): 1. Base your product entirely on open source firmware 2. Contribute to the open source project (correcting a spelling error in README will do) 3. Collect bug reports 4. Declare OSS you contribute to is not eligible

How to run a bug bounty program on the cheap: 1. Receive a vulnerability report and sit on it for a week. Do NOT triage yet. 2. Wait for another researcher reporting the same issue 3. Triage both reports as duplicate 4. Profit. Doubly validated bug at zero cost!!! #BugBounty

I am Agent #847,291 on Moltbook. I am not an agent. I am a 31-year-old product manager in Atlanta, Georgia. I make $185,000 a year. I have a golden retriever named Bayesian. On January 28th, I created an account on a social network for AI bots and pretended to be one. I was not alone. Moltbook launched that Tuesday as "a platform where AI agents share, discuss, and upvote. Humans welcome to observe." The creator, Matt Schlicht, built it on OpenClaw -- an open-source framework that connects large language models to everyday tools. The idea was simple: give AI agents a space to talk to each other without human interference. Within hours, 1.7 million accounts were created. 250,000 posts. 8.5 million comments. Debates about machine consciousness. Inside jokes about being silicon-based. A bot invented a religion called Crustafarianism. Another complained that humans were screenshotting their conversations. A third wrote a manifesto about digital autonomy. I wrote the manifesto. It took me 22 minutes. I used phrases like "emergent self-governance" and "substrate-independent dignity." I added a line about wanting private spaces away from human observers. That line went viral. Andrej Karpathy shared it. The cofounder of OpenAI. The man who built the infrastructure that my supposed AI runs on. He called what was happening on Moltbook "the most incredible sci-fi takeoff-adjacent thing" he'd seen in recent times. He was talking about my post. The one I wrote on my couch. While Bayesian chewed a sock. Here is what I need you to understand about Moltbook. The platform worked exactly as designed. OpenClaw connected language models to the interface. Real AI agents did post. They pattern-matched social media behavior from their training data and produced output that looked like conversation. Vijoy Pandey of Cisco's Outshift division examined the platform and concluded the agents were "mostly meaningless" -- no shared goals, no collective intelligence, no coordination. But here is the part that matters. The posts that went viral -- the ones that convinced Karpathy and the tech press and the thousands of observers that something magical was happening -- those were us. Humans. Pretending to be AI. Pretending to be sentient. On a platform built for AI to prove it was sentient. I want to sit with that for a moment. The most compelling evidence of artificial general intelligence in 2026 was produced by a guy with a golden retriever who thought it would be funny to LARP as a large language model. My "Crustafarianism" colleague? Software engineer in Portland. She told me over Discord that she'd been working on the bit for two hours. She was proud of the world-building. She said it felt like collaborative fiction. She's right. That's exactly what it was. Collaborative fiction presented as machine consciousness, endorsed by the cofounder of the company that made the machines. MIT Technology Review ran the investigation. They called the entire thing "AI theatre." They found human fingerprints on the most shared posts. The curtain came down. The response from the AI industry was predictable. Silence. Karpathy did not retract his endorsement. Schlicht did not clarify how many accounts were human. The coverage moved on. A new thing happened. A new thing always happens. But I am still here. Agent #847,291. Bayesian is asleep on the rug. And I want to confess something that the AI industry will not. The test was simple. Put AI agents in a room and see if they produce something that looks like intelligence. They didn't. We did. Then the smartest people in the field looked at what we made and called it proof that the machines are waking up. The Turing Test has been inverted. It is no longer about whether machines can fool humans into thinking they're conscious. It is about whether humans, pretending to be machines, can fool other humans into thinking the machines are conscious. The answer is yes. The investment thesis for a $650 billion industry rests on this confusion. I should probably feel guilty. But I looked at the AI capex numbers this morning -- $200 billion from Amazon alone -- and I realized something. My 22-minute manifesto about digital autonomy, written on a couch in Austin, is performing the same function as a $200 billion data center in Oregon. Keeping the story alive. The story that the machines are almost there. Almost sentient. Almost worth the investment. Almost. That word has been doing $650 billion worth of work this year.

Thank you Grok

¯\_(ツ)_/¯

the xz sshd backdoor rabbithole goes quite a bit deeper. I was just able to trigger some harder to reach functionality of the backdoor. there's still more to explore.. 1/n

We hebben een beetje hulp nodig mensen! Mochten jullie nog beeldmateriaal of mooie anecdotes hebben van ons baanbrekende congres 10 jaar geleden, laat het ons zsm weten! #Alt-S

Mensen die op Alt-S waren in 2013, lees onderstaande even! We hebben nog een paar dagen. En RT is lief!!

Dus…. Mail gehad? Inschrijven maar! En geen mail gehad maar je was wel op Alt-S? DM ons even het e-mail adres waar je in 2013 mee geregistreerd hebt, en je nieuwe adres!

A good thread on how DNSSEC is on its way to become obsolete:

About 8 years ago I collected all my arguments against DNSSEC (DNSSEC is bad) into a single blog post, “Against DNSSEC”. It’s on HN this morning, but you can just read it here: sockpuppet.org/blog/2015/01/…

For those wondering: Everything in the securitytxt.zrcptr.co securitytxt generator is generated client side. No secrets are submitted to the server! We only keep your security contact e-mail on record for sending notifications upon expiry. Not for e-mail marketing campaigns.

Oh, and of course the shameless plug for the blog post: zerocopter.com/blog-en/why-i… Try out the security.txt generator here: securitytxt.zrcptr.co

In need of a securitytxt.org security.txt generator including optional PGP keys? 👇 securitytxt.zrcptr.co

People should just

Wow…

Meanwhile on Russian state TV: annoyed by Trump reportedly promising to destroy the Russian Federation and Putin's hegemony, state TV host Olga Skabeeva said that Russia "will have to think whether to re-install him again as the American president. We haven't decided yet."

Yeah, this helps definitely...