250 Photos and videos
Pinned Tweet
30 Dec 2025
In 2026, #Austin Texas will become the #Web5, #Bitcoin and #Nostr capital of the world.
See the beginning of it all on Jan 3rd. partiful.com/e/60iFoBUOILcwa…
Sync the nodes Anon.
2
11
624
Cashu Ecash is just a piece of data on your device.
You can send money over any medium:
- QR code
- Email
- Twitter DM
- Nostr
- Bluetooth
- Emojis
- Radio waves
- Satellites
- Tap to Pay NFC
- Sound waves
- Description field of bank tx
All of these have actually been done.
13
27
207
5,516
Polycarp Nakamoto priv/acc retweeted
‼️ UPDATE: It just doesn't stop: Almost 900 Arch Linux packages infected now.
lists.archlinux.org/archives…
🚨 BREAKING: More than 400 Arch Linux User Repository packages have been compromised with infostealer malware and a rootkit.
Attacker posed as a trusted maintainer and "adopted" orphaned packages.
Arch maintainers are purging infected packages now. Audit your AUR installs.
186
853
5,599
1,015,770
Polycarp Nakamoto priv/acc retweeted
Jun 11
The UK government spyware demand means that the government decides exactly what should be censored on every mobile device. They say they will start with nude pictures (if you don’t identify yourself as an adult). But it could at any time be expanded to anything the government disapproves of. Today, 30 people are arrested every day in the United Kingdom for writing something online that the government classifies as "grossly offensive". It is obvious that they will use this tool to restrict free speech.
Currently, there appears to be no requirement to report findings outside the device. However, with both legal and technological decision-making power taken away from individuals and transferred to the government, that is only a pen stroke away.
This means that the government could also use this system for total mass surveillance.
And they can do so in secret.
The government recently, in secret, tried to pressure Apple (which is now agreeing to client-side scanning) to build backdoors into its end-to-end encrypted cloud service. They can do this under the Investigatory Powers Act 2016, also known as the "Snoopers' Charter" – a law that makes it illegal for tech companies to disclose secret demands from the government.
105
1,433
6,350
179,088
Polycarp Nakamoto priv/acc retweeted
REMEMBER: KYC gets people kidnapped!
Not metaphorically. Literally.
Every crypto kidnapping you've read about - the wrench attacks, the abducted founders' kids, the millionaires tortured in rented villas - started the same way:
a KYC database leak (or similar)!
You didn't give that information to criminals. You gave it to a compliant, regulated platform.
KYC has never caught the kidnappers. It recruited their targets.
The most dangerous thing in crypto is a spreadsheet with your name and address on it.
There is exactly one defense: don't be on the list.
No account. No selfie. No proof of address.
Crypto should be held in a wallet that doesn't know who you and doesn't ask for your ID to trade assets.
We built that wallet. No accounts, no email, no tracking, no KYC.
The empty database is the only one that can't be leaked!
24
64
346
14,056
Polycarp Nakamoto priv/acc retweeted
6
35
1,705
Polycarp Nakamoto priv/acc retweeted
Jun 8
Our statement on the UK government’s demand that all content on all devices sold or used in the country be scanned, on the presumption of nudity, using a dystopian combination of age verification and content scanning. This proposal will not safeguard children. It endangers us all.
signal.org/blog/pdfs/2026-06…
744
8,574
41,400
2,756,070
Polycarp Nakamoto priv/acc retweeted
‼️🚨 BREAKING: Sony PlayStation's age-verification partner Yoti is reporting GrapheneOS users to authorities for using GrapheneOS, due to "past security concerns."
130
886
6,197
555,144
Polycarp Nakamoto priv/acc retweeted
A small handful of senators get briefed on classified surveillance programs the rest of us never hear about.
One of them is quietly sounding the alarm about VPNs.
Is the US government running a dragnet on VPN users?
38
176
557
13,171
many people misunderstand what "privacy" is
the essence of privacy is not that you never share your information, but that you have a choice to not share it
capitalism is a system of voluntary exchange and it can not function without the 'voluntary' part
May 15
Maybe it’s the Gen-Z in me, but i fully don’t care about privacy. I am post-privacy. I am giving OpenAI access to all of my finances, all of my health data, everything, I don’t care anymore
115
54
614
69,731
Age-verification laws designed for iOS & Android are creating headaches for the open-source world, and the Linux community is pushing back.
Our founder, Carl Richell, has been one of the voices engaging directly with lawmakers on this. As he testified before a Colorado House committee: "Open-source software ensures that everyone, regardless of age or background, can learn, experiment, and build at the most fundamental level."
Colorado just passed an open-source exemption, but similar bills are moving in CA, IL, and NY.
@verge has the full story. A gift link to the article is in the comments and is valid for the next 4 days.
34
172
1,215
40,831
Polycarp Nakamoto priv/acc retweeted
May 15
I strongly believe there are entire companies right now under heavy AI psychosis and its impossible to have rational conversations about it with them. I can't name any specific people because they include personal friends I deeply respect, but I worry about how this plays out.
I lived through the great MTBF vs MTTR (mean-time-between-failure vs. mean-time-to-recovery) reckoning of infrastructure during the transition to cloud and cloud automation. All those arguments are rearing their ugly heads again but now its... the whole software development industry (maybe the whole world, really).
It's frightening, because the psychosis folks operate under an almost absolute "MTTR is all you need" mentality: "its fine to ship bugs because the agents will fix them so quickly and at a scale humans can't do!" We learned in infrastructure that MTTR is great but you can't yeet resilient systems entirely.
The main issue is I don't even know how to bring this up to people I know personally, because bringing this topic up leads to immediately dismissals like "no no, it has full test coverage" or "bug reports are going down" or something, which just don't paint the whole picture.
We already learned this lesson once in infrastructure: you can automate yourself into a very resilient catastrophe machine. Systems can appear healthy by local metrics while globally becoming incomprehensible. Bug reports can go down while latent risk explodes. Test coverage can rise while semantic understanding falls. Changes happens so fast that nobody notices the underlying architecture decaying.
I worry.
512
1,903
15,329
1,587,416
Polycarp Nakamoto priv/acc retweeted
May 13
NOW - King Charles: "My ministers will also proceed with the introduction of Digital ID."
5,430
8,104
20,812
7,960,788
Polycarp Nakamoto priv/acc retweeted
May 12
The most radical thing you can do in 2026 is have an interior life the algorithm cannot read.
Become illegible.
Stay sovereign.
4
8
77
1,620
Polycarp Nakamoto priv/acc retweeted
May 10
Your air-gapped servers are covered by a faraday cage, you think you're safe from key exfiltration? You fool.
Low-frequency magnetic fields pass right through Faraday cages.
Researchers were able to extract data off an air-gapped shielded computer by spawning fake work loads spiking CPU power and generating magnetic signals.
115
296
2,765
244,870
Polycarp Nakamoto priv/acc retweeted
‼️🚨 The official JDownloader website was breached, attackers swapped the Windows and Linux installers with malware for over a day before anyone noticed.
JDownloader is a popular download manager with millions of users on Windows, macOS, and Linux.
Timeline:
▪️ May 5, 23:55 UTC: attacker tests the method on a dummy page.
▪️ May 6, 00:01 UTC: real attack goes live. Alternative download links for Windows and Linux are replaced with malicious installers.
▪️ May 7: a Reddit user notices Windows SmartScreen flagging the installer with a strange publisher ("Zipline LLC", "The Water Team", "Peace Team") instead of "AppWork GmbH".
▪️ Hours later, the JDownloader dev team confirms the breach and takes the site offline.
How they got in: an unpatched vulnerability let attackers modify the website's access control list (ACL), give themselves edit rights, and swap the download links. No further details on the bug have been shared.
What's compromised:
▪️ Windows installer (alternative download links).
▪️ Linux shell installer (alternative download links).
What's safe:
▪️ macOS installers (still validly signed).
▪️ The core JDownloader.jar file.
▪️ Flatpak, Winget, and Snap packages (separate infra, sha256 checksums unchanged).
▪️ In-app auto-updates (separate servers, end-to-end signed).
If you downloaded JDownloader from the website between May 6 and May 7, treat your machine as compromised.
This is the third trusted-software website breach in recent weeks, after Daemon Tools and CPU-Z / HWMonitor.
29
252
1,009
82,545
Polycarp Nakamoto priv/acc retweeted
American bought a brand new printer. She bought the ink for the printer, she bought the paper for the printer, now she’s at home and is ready to print
She can’t print
“They remotely shut off my printer until I paid $7.50 cents to print in my own home, to print on my printer, that I own in my home”
This is the new $7.50 subscription plan by HP Printers
Here’s how the plans work
HP’s Instant Ink and newer All-in Plan programs are subscription services options:
- You pay a monthly fee based on pages printed (not ink used).
- Plans start low, from $1.79–$7.99 per month for 10–100 pages
- $7–$8 per month plans are for around 100 pages
If your payment fails. HP will remotely shutoff your printer
6,630
14,636
44,990
4,033,910
Polycarp Nakamoto priv/acc retweeted
🚨 GIVEAWAY 🚨
We’re giving away a BitForge Nano Ghost Edition — a home-worthy Bitcoin miner designed to be seen, not hidden in a shed.
To enter:
Follow @TheSoloMiningCo
Repost this post
Reply with where you’d put it and why.
Winner announced 1st June 2026
The Solo Mining Co: Your Rigs, Your Rewards. ⚡
830
817
894
48,354
Polycarp Nakamoto priv/acc retweeted
May 3
1984
‼️🇺🇸 Utah is about to become the first US state to legally target VPN use as part of online age verification. The law goes into effect Wednesday, May 6, 2026.
🔴 If you are physically located in Utah, you count as a Utah user, regardless of whether you use a VPN, proxy, or any other tool to disguise your location. Websites are now legally responsible for age-verifying you anyway.
🔴 Sites that handle "material harmful to minors" are banned from sharing instructions on how to use a VPN, or from offering any means to bypass geofencing.
The EFF calls this a "liability trap." Websites cannot reliably tell where a VPN user actually is, so the safest legal move is either to block every known VPN IP outright, or to force ID-based age verification on every visitor worldwide. Either path subjects millions of users to invasive identity checks, regardless of where they actually live.
The Cato Institute put it bluntly. When a policy can be defeated by a privacy tool millions of people legitimately use, the policy is the problem.
The collateral damage is, as always, the people who actually need VPNs:
🔴 Journalists protecting sources
🔴 Domestic abuse survivors hiding from stalkers
🔴 Activists in hostile environments
🔴 Remote workers tunneling into corporate networks
🔴 Travelers banking from abroad
🔴 Anyone who simply does not want their ISP, employer, or data brokers reading their traffic
This is not staying in Utah. The UK's Children's Commissioner has called VPNs a "loophole that needs closing." France's Minister Delegate for AI and Digital Affairs has named VPNs as "the next topic on my list."
The EU is rolling out age verification across all 27 member states by end of 2026, with EVP Henna Virkkunen openly admitting they have no plan for VPN bypass yet.
Utah is leading by example.
EFF: "Attacks on VPNs are, at their core, attacks on the tools that enable digital privacy."
1
1
157
The Son of Anton scene will almost certainly be the most referenced Silicon Valley scene in age of AI:
“It’s possible that…the most efficient way to get rid of all the bugs, was to get rid of all the software.”
Apr 27
NEW: Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue — Tom's Hardware
49
984
13,391
1,590,231
Polycarp Nakamoto priv/acc retweeted
Apr 26
Localized compute will be the new buzz word after Ai.
Well, at least it should be...
Apr 25
Your smart home is not yours.
Amazon hired thousands of contractors to listen to Echo recordings from people's living rooms. Bloomberg broke the story. Amazon never asked.
Ring handed doorbell footage to police 11 times in a single year without a warrant and without telling the owner.
In March 2025, Amazon killed local voice processing on Echo. Every word you say to Alexa now goes to Amazon's cloud. By default. Forever.
Your Samsung TV watches what you watch. Your Roomba maps every room. Your thermostat knows when you leave home.
And now they want you to pay for it.
Alexa : $19.99/month.
Ring Protect Plus: $20/month.
Nest Aware Plus: $20/month, up 33% in 2025.
You pay them to spy on you. Monthly. Forever.
In 2022, Insteon shut down without warning. Lights, switches, thermostats, all bricked overnight. Ten years of hardware, dead.
There is one app that controls every smart device on the planet. Locally. On your hardware. Without a single byte sent to Amazon, Google, or Ring.
It is called Home Assistant. 86,200 stars on GitHub.
2,000 built-in integrations. Lights, locks, cameras, thermostats, vacuums, blinds, EV chargers, solar inverters, doorbells, sprinklers. If a smart device exists, Home Assistant probably controls it.
Here's what it does:
→ Works with Alexa, Google Home, Apple HomeKit, SmartThings, Matter, Thread, Zigbee, Z-Wave.
→ Voice control with your own local assistant. Wake word detection on your own hardware. Nothing sent to any cloud.
→ Build automations in 30 seconds. "When I leave home, lock the doors and turn off the lights."
→ Real-time energy dashboard. Spot the vampire devices.
→ Local AI cameras. Detect people, cars, animals. Footage stays on your drive.
→ Custom dashboards on any phone, tablet, or wall display.
Here's the wildest part:
When AWS goes down, Alexa stops working. When Google has an outage, Nest cameras go dark. When Ring servers throttle, your doorbell freezes.
Home Assistant runs on your hardware. The internet can be down. Your house still listens. Your lights still respond. Your locks still work.
The day Insteon shut down, Home Assistant users kept their lights on.
Owned by the Open Home Foundation. A Swiss non-profit. It cannot be sold. It cannot go subscription. It cannot paywall a feature. Ever.
Alexa Ring Nest: $720/year in subscriptions.
Home Assistant: $0. Forever. Every integration. Every automation. Every device.
Runs on a $50 Raspberry Pi. Runs on an old laptop. Runs in Docker on your NAS. The Home Assistant Green box is $99 once and never charges again.
86,200 stars. 37,300 forks. 425 contributors. Apache-2.0 license. Active since 2013.
Your home. Your data. Your rules.
100% Open Source.
(Link in the comments)
1
1
113