Business books are entertainment, not strategic tools
Article URL: https://theorthagonist.substack.com/p/why-reading-business-books-is-a-waste

Comments URL: https://news.ycombinator.com/item?id=43940747

Points: 500

# Comments: 233 ⌘ Read more

Bug Hunting in JS Files: Tricks, Tools, and Real-World POCs

Image

🗝️Free Article Link

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/bug-hunting-in-js-files-tricks-tools-and-real-world-pocs-70406e3eb72e?source=rss—-7 … ⌘ Read more

Tool Review — TraceWeb.io Extension ⌘ Read more

Tiliqua Brings FPGA-Based Audio and Visual Tools to Eurorack Systems
Tiliqua is a modular FPGA-based platform for Eurorack systems, launched on CrowdSupply. It supports real-time audio and video synthesis using open-source tools like Amaranth HDL, offering more flexibility and performance than typical microcontroller-based modules. The platform uses the “SoldierCrab” FPGA System-on-Module, which integrates an LFE5U-25F FPGA, PSRAM, a USB PHY, and SPI flash. This module […] ⌘ Read more

A Must-Have Tool for Bug Hunters: Find Open Redirect Vulnerabilities on Linux

Image

Automate open redirection detection, save hours of manual testing, and level up your bug bounty recon game.

[Continue … ⌘ Read more

Securing Model Context Protocol: Safer Agentic AI with Containers
Model Context Protocol (MCP) tools remain primarily in the hands of early adopters, but broader adoption is accelerating. Alongside this growth, MCP security concerns are becoming more urgent. By increasing agent autonomy, MCP tools introduce new risks related to misalignment between agent behavior and user expectations and uncontrolled execution. These systems also present a novel… ⌘ Read more

Announcing OpenReports: Standardized Kubernetes Reporting
The Kubernetes ecosystem, while powerful, is a sprawling landscape of tools. As organizations scale their deployments, ensuring compliance and security becomes paramount. But how do you effectively track and report on your Kubernetes policies and scanners… ⌘ Read more

2025 Mobile App Pentesting Guide: Tools, Techniques & Real-World Examples ⌘ Read more

Building your own Atomic (bootc) Desktop
Bootc and associated tools provide the basis for building a personalised desktop. This article will describe the process to build your own custom installation. ↫ Daniel Mendizabal at Fedora Magazine The fact that atomic distributions make it relatively easy to create custom “distributions” is s really interesting bonus quality of these types of Linux distributions. The developers behind Blue95, which we talked about a few weeks ago, based their entire … ⌘ Read more

Introducing Docker MCP Catalog and Toolkit: The Simple and Secure Way to Power AI Agents with MCP Tools
Model Context Protocols (MCPs) are quickly becoming the standard for connecting AI agents to external tools, but the developer experience hasn’t caught up. Discovery is fragmented, setup is clunky, and security is too often bolted on last. Fixing this experience isn’t a solo mission—it will take an industry-wide effort. A secure, scalable, and trusted MCP… ⌘ Read more

Bug Hunting for Real: Tools, Tactics, and Truths No One Talks About

Image

Let’s Skip the “Sign Up on HackerOne” Talk

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/bug-hunting-for-real-tools-tactics-and-truths-no … ⌘ Read more

$1000+ Passive Recon Strategy You’re Not Using (Yet)

Image

Still using subfinder & sublist3r tools for finding assets while recon??

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/1000-passive-recon-strategy-youre-not-using-yet-164f5b1e … ⌘ Read more

Limits of Malware Detection ⌘ Read more

Run x86-64 games on RISC-V with felix86
If RISC-V ever manages to take off, this is going to be an important tool in RISC-V users’ toolbox: felix86 is an x86-64 userspace emulator for RISC-V. felix86 emulates an x86-64 CPU running in userspace, which is to say it is not a virtual machine like VMware, rather it directly translates the instructions of an application and mostly uses the host Linux kernel to handle syscalls. Currently, translation happens during execution time, also known as jus … ⌘ Read more

I’m with @andros@twtxt.andros.dev and @eapl.me@eapl.me on this one. But I have also lost interest in twtxt lately and currently rethinking what digital tools truly add value to my life. So I will not spending my time on adding more complexity to Timeline. Still a big thanks to you @prologic@twtxt.net for all the great work you have done and all the nice conversations both here and on our video calls.

Docker Desktop 4.41: Docker Model Runner supports Windows, Compose, and Testcontainers integrations, Docker Desktop on the Microsoft Store
Docker Desktop 4.41 brings new tools for AI devs and teams managing environments at scale — build faster and collaborate smarter. ⌘ Read more

I also fundamentally do not believe in the notion that Twtxt should be readable and writable by humans. We’ve thrown this “argument” around in support of some of the proposals, and I just don’t buy it (sorry). As an analogy, nobody writes Email by hand and transmits them to mail servers vai SMTP by hand. We use tools to do this. Twtxt/Yarn should be the same IMO.

@lyse@lyse.isobeef.org Hahahaha 🤣 I mean it’s “okay” every now and then, but what’s the point of having good clients and tools if we don’t use ‘em 🤣

Are “AI” systems really tools?
Comments ⌘ Read more

Top 5 Open Source Tools to Scan Your Code for Vulnerabilities

Image

These tools help you find security flaws in your code before attackers do.

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/top-5-open-source-tools-to-s … ⌘ Read more

How to build and deliver an MCP server for production
In December of 2024, we published a blog with Anthropic about their totally new spec (back then) to run tools with AI agents: the Model Context Protocol, or MCP. Since then, we’ve seen an explosion in developer appetite to build, share, and run their tools with Agentic AI – all using MCP. We’ve seen new […] ⌘ Read more

Notation as a Tool of Thought (1979)
Comments ⌘ Read more

MCP Security: Tool Poisoning Attacks
Comments ⌘ Read more

How to Create a Botnet Using One Tool: A Proof of Concept for Educational Purposes Aspiring…

Image

Learn how attackers build and control botnets — safely and ethically — using … ⌘ Read more

CNCF Announces OpenObservabilityCon North America to Accelerate Open Source Innovation and Tame Infrastructure Complexity
New event will convene observability leaders, developers, and end users to advance open source observability tools and practices SAN FRANCISCO, April 22, 2025 — The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud… ⌘ Read more

Dockerizing MCP – Bringing Discovery, Simplicity, and Trust to the Ecosystem
Discover the Docker MCP Catalog and Toolkit, a new way to source, use, and scale with MCP tools. ⌘ Read more

5 Tools I Wish I Knew When I Started Hacking ⌘ Read more

@kat@yarn.girlonthemoon.xyz At the core, you need an ngircd.conf like this:

[Global]
    Name = your.irc.server.com
    Password = yourfancypassword
    Listen = 0.0.0.0
    Ports = 6667

    AdminInfo1 = Well, me.
    AdminInfo2 = Over here!
    AdminEMail = forget.it@example.invalid

[Options]
    Ident = no
    PAM = no

[SSL]
    CertFile = /etc/ssl/acme/your.irc.server.com.fullchain.pem
    KeyFile = /etc/ssl/acme/private/your.irc.server.com.key
    DHFile = /etc/ngircd/dhparam.pem
    Ports = 6669

Start it and then you can connect on port 6667. (The SSL cert/key must be managed by an external tool, probably something like certbot or acme-client.)

I’m assuming OpenBSD here. Haven’t tried it on Linux lately, let alone Docker. 😅

Seem like it’s a server-client thingy? 🤔 I much prefer tools in this case and defer the responsibility of storage to something else. I really like restic for that reason and the fact that it’s pretty rock solid. I have zero complaints 😅

Timeline of Evolution of Twtxt/Yarn.social:

• 2016 – Twtxt created by John Downey: plain text + HTTP = minimalist microblogging
  
• 2017–2019 – Community builds CLI tools, but adoption remains niche
  
• 2020 – Yarn.social launched by @prologic@twtxt.net with federation, threading, UI
  
• 2021–2023 – Pods sync, user mentions, blocking, search, and media support added
  
• 2024+ – Yarn.social becomes the reference Twtxt platform, with active federated pods

I do not agree with every decision the Internet Archive makes, but I consider it a very important tool, for Internet archival and preservation - to the point, it even influenced what licence I chose, for my media and websites.

Sadly they’re now facing another threat, in the form of litigious music labels, that they’re now trying to convince to stop, by collecting signatures here.

@kat@yarn.girlonthemoon.xyz pandoc is a joy! I haven’t used any Microsoft word processing tools since forever. They want a Word document? Pandoc to the rescue!

@movq@www.uninformativ.de there are many other similar backup tools. I would love to hear what will make you pick Borg above the rest.

What makes Slackware different?
I’m not entirely sure how to link to this properly, but what we have here is a simple, to-the-point text file describing some of the benefits of Slackware, the oldest still maintained Linux distribution. It’s still run by Patrick Volkerding, and focuses on conservative choices and simplicity over ease. I doubt I have to explain the benefits of Slackware to the average OSNews reader, but this simple little text file does serve as a great marketing tool. The fact it’s a … ⌘ Read more

@andros@twtxt.andros.dev how often do you send a private message on the Fediverse? How often do you send PGP/SMIME encrypted emails? Are there other tools that are more suitable for the task? If implementing direct/private messages on twtxt scratches an itch (you know, that hobbyist itch we all get from time to time), then don’t give up so easily. Worse comes to worse, and your feed becomes too noisy, people can simply unfollow/mute.

I really don’t care about direct messages here, but I might be on that bottom 1%!

@andros@twtxt.andros.dev Ahh I see 👌

@prologic@twtxt.net Yes, it is a security hole. All dm-echo messages are readable. I intend it to be a debugging tool. Maybe I can include a warning message. If many of you see that it is a serious problem, I can remove the links.

Fascinating read on the emerging Model Context Protocol — a new standard for integrating LLMs with agents and tools.

New plugin: vim-markdown-extras. Some extra tools to help you with your markdown files. ⌘ Read more

@lyse@lyse.isobeef.org Just needed to update the version of the tool I packaged as an OCI image 🤣

AI problems, top to bottom:

1: Open AI nerds, believe fine tuning a language model algorithm, will eventually produce an AGI god.

2: Subpar artists and techbros who can’t code, convinced AI image bashing and vibe coding, will help convince the dumber parts of Internet, they are a real deal.

3: Parasites, using AI to scam people, because they just want passive income, selling crap, made by an automated process.

Side: Adobe&co, killing Flash/old web, pricing new artists and developers out, to face learning curves of free tools, or use AI, peddled as solution.

Add support for skipping backup if data is unchagned · 0cf9514e9e - backup-docker-volumes - Mills 👈 I just discovered today, when running backups, that this commit is why my backups stopped working for the last 4 months. It wasn’t that I was forgetting to do them every month, I broke the fucking tool 🤣 Fuck 🤦‍♂️

FreeDOS 1.4 released
With FreeDOS being, well, DOS, you’d think there wasn’t much point in putting out major releases and making big changes, and you’d mostly be right. However, being a DOS clone doesn’t mean there isn’t room for improvement within the confines of the various parts and tools that make up DOS, and that’s exactly where FreeDOS focuses its attention. FreeDOS 1.4 comes about three years after 1.2. This version includes an updated FreeCOM, Install program, and HTML Help system. This also includes i … ⌘ Read more

Windows 9x QuickInstall simplifies installing Windows 98
If you’re elbow-deep in ’90s retrocomputing and maintain a fleet of your own personal seemingly identical but definitely completely different Windows 98 machines, Windows 9x QuickInstall is tailor-made just for you. It takes the root file system of an already installed Windows 98 system and packages it, whilst allowing drivers and tools to be slipstreamed at will. For the installer, it uses Linux as a base, paired with … ⌘ Read more

Hi, So i made a little MVP registry crawler tool for twtxt. It now has a basic UI to play with. It has a somewhat full history back to about 2018-ish. Plus some interesting bits that were timestamped to earlier.

Find it here: https://watcher.sour.is

Code base is found here: https://git.sour.is/sour-is/xt

Docker Desktop 4.40: Model Runner to run LLMs locally, more powerful Docker AI Agent, and expanded AI Tools Catalog
In Docker Desktop 4.40, we’re introducing new tools that simplify GenAI app development and support secure, scalable development. ⌘ Read more

Microsoft releases Windows 11 roadmap tool to help make sense of Windows 11’s development
I’ve complained about the utter inscrutability of the Windows release process for a long time, with Microsoft seemingly using channels, build numbers, code names, date-based version numbers, and so on interchangeably, making it incredibly hard to keep track of what is being released when. It turns out even Microsoft itself started losing track, because it … ⌘ Read more

Kaidan: Kaidan 0.12.1: Voice Message and Password Change Fixes
Kaidan 0.12.1 fixes some bugs.
Have a look at the changelog for more details.

Bugfixes:

• Do not highlight unpinned chats when pinned chat is moved (melvo)
  
• Fix deleting/sending voice messages (melvo)
  
• Fix crash during login (melvo)
  
• Fix opening chat again after going back to chat list on narrow window (melvo)
  
• Increase tool bar height to fix avatar not being recognizable (melvo)
  
• Fix width of sear … ⌘ Read more

A maintainer’s guide to vulnerability disclosure: GitHub tools to make it simple
A step-by-step guide for open source maintainers on how to handle vulnerability reports confidently from the start.

The post A maintainer’s guide to vulnerability disclosure: GitHub tools to make it simple appeared fir … ⌘ Read more

Reimagining Log Management Tools and Software: The Impact of AI and GenAI
Today’s distributed, cloud-native systems generate logs at a high rate, making it increasingly difficult to derive actionable insights. AI and Generative AI (GenAI) technologies—particularly large language models (LLMs)— are transforming log management tools by enabling teams… ⌘ Read more

RPI Image Gen Introduces Custom Raspberry Pi Image Creation
The Raspberry Pi team has introduced rpi image gen, a new tool for creating custom software images with detailed control over configuration. It is designed for embedded systems, industrial applications, and personalized projects. rpi image gen is an alternative to the existing pi gen tool, which is used to produce the official Raspberry Pi OS […] ⌘ Read more