Android 17 Drops For Pixel Phones and Watch
Google has begun rolling out Android 17, the June Pixel Feature Drop, and Wear OS 7 simultaneously across supported Pixel phones and watches. Highlights include floating app bubbles, improved foldable multitasking and gaming, tighter location and contact permissions, stronger lost-device protections, new Pixel AI tools, and up to 10% better Pixel Watch battery life. PhoneArena reports: … ⌘ Read more

@movq@www.uninformativ.de Hahaha. It could have been worse, though. I’ve heard stories from others that were many levels crazier than what I experienced. And I’m glad that I was very, very lucky with almost all of my teachers throughout all of school. One of my maths teacher, who was also my computer science teacher then, is the reason I do what I do for a living. It’s all his fault! ;-)

Ja, possibly a BaWü thing. The ministry of education and cultural affairs changes the rules, curriculums and details every one or two years, anyway.

Said teacher had to fight real hard that he was allowed to teach CS in class 12 and 13. As a real subject, that is, not just an extracurricular activity („AG“). At first, the ministry refused, because we’re just am „allgemeinbildendes Gmyi“, not an „informationstechnisches Gymi“. It’s insane, you’ve got super motivated (and technically as well as humanly excellent) teachers and then forbid them to offer a class. What the hell!? (Fun fact on top, he had a doctor in CS and was also teaching at the university of applied sciences.)

Eventually, they granted permission to only have a two hours a week class („zweistündig, wie Nebenfach“). One or two years later – too late for me, unfortunately – they allowed four hours a week („vierstündig, wie Hauptfach“). But each pupil had to sign upfont that they will not take CS class in the Abi. That was still exclusive to ITGs only. Completely ridiculous.

I reckon, you can talk to any random teacher and they will endlessly tell you about very dubious decicions from the ministry. :-/

Binance Set To Lose Permission To Operate In EU
Binance is expected to lose permission to serve EU customers in July after Greek regulators reportedly decided to reject its MiCA license application. Reuters reports: Under new EU rules, called MiCA, crypto firms have until the end of June to obtain a licence to allow them to keep servicing clients across the bloc. Binance’s application, made to Greece’s market regulator, is set … ⌘ Read more

Steven Spielberg Movie Could Be Rebooted Without Disclosure Day Director’s Approval
Steven Spielberg has revealed that Universal Pictures can reboot E.T. the Extra-Terrestrial if the studio wanted to without his permission.

The post [Steven Spielberg Movie Could Be Rebooted Without Disclosure Day Director’s Approval](https://www.comingsoon.net/movies/news/2147686-steven-spielberg-movie-could-be-rebooted-without-disclosure-day-directors-ap … ⌘ Read more

Linux Sees Patches For “Critical” Vulnerability Affecting Many Arm CPUs
Made public today is CVE-2025-10263 as a “critical” security vulnerability affecting many different Arm CPU cores. CVE-2025-10263 could allow for privilege escalation on affected systems due to a specific timing condition during a memory permission change. Fundamentally it comes down to completion of affected memory accesses might not be guaranteed by the completion of a TLBI… ⌘ Read more

Google Requests Permission to Release 32 Million Mosquitoes In California and Florida
Google has asked the EPA for permission to release up to 32 million sterile male mosquitoes in California and Florida over two years. The effort is part of the company’s Debug program, which uses Wolbachia-infected males to reduce populations of disease-spreading Aedes aegypti mosquitoes. Google cites a si … ⌘ Read more

Ubuntu 26.04 LTS released
Ubuntu 26.04 (“Resolute Raccoon”) LTS has been released
on schedule.

This release brings a significant uplift in security, performance,
and usability across desktop, server, and cloud environments. Ubuntu
26.04 LTS introduces TPM-backed full-disk encryption, expanded use of
memory-safe components, improved application permission controls, and
Livepatch support for Arm systems, helping reduce downtime and
strengthe … ⌘ Read more

Firefox 150 released
Version\
150 of the Firefox web browser has been released. Notable changes
include local-network-access\
restrictions being turned on for all users, the ability to
reorder, copy, delete, paste, and export pages from a PDF using
Firefox’s built-in viewer, as well as improvements in its split\
view feature, … ⌘ Read more

Conscription, réquisition, interdiction de partir : bienvenue en Europe
Depuis décembre 2025, un homme allemand de 17 à 45 ans doit demander la permission de l’État pour quitter le pays plus de trois mois… Et ce, en temps de paix. Auparavant, il existait un article (l’article 3) qui obligeait les hommes allemands entre 17 et 45 ans à demander l’autorisation aux autorités allemandes s’ils […] ⌘ Read more

Another AI rant:

One of the “key features” of LLMs is that you can use “natural language”, because that is supposed to be easier than having to learn a programming language. So, when someone says to me, “I automated this process using AI!”, what they mean is: They have written a very, very large Markdown document. In this document, they list what the AI is supposed to do.

In prose.

This is a complete disaster.

Programming and programming languages have one crucial property: They follow a well-defined structure and every word has a well-defined meaning. That is absolutely brilliant, because I can read this and I can follow the program in my head. I can build a mental model. I can debug this, down to the precise instructions that the CPU executes. This all follows well-defined patterns that you can reason about.

But with these Markdown files, I am completely lost. We lose all these important properties! No debugging, no reasoning about program flow, nothing. It’s all gone. It’s a magic black box now, literally randomized, that may or may not do what you wanted, in some order.

People now throw these Markdown files at me … and … am I supposed to read this? Why? It’s completely random and fuzzy.

Sadly, these AI tools are good enough to be able to mostly grasp the authors intentions. Hence people don’t see the harm they cause, because “it works”.

We already have a ton of automations like this at work: Tickets get piped through an LLM and these Markdown files / prompts determine what will happen with the ticket, and maybe they trigger additional actions as well, like account creation or granting permissions. All based on fuzzy natural language – that no two humans will ever properly agree on.

Jesus Christ, we’re now INTENTIONALLY bringing the ambiguity of legal texts and lawyers into programming.

Using natural language is NOT easier than using a programming language. It is HARDER. Have you people never read a legal contract? And that stuff can STILL be debated in a court room.

I can’t begin to comprehend why we, tech folks, push this so hard. What is wrong with you? Or me?

(And, once again, we’re ignoring other factors here. LLMs use a ton of energy and ressources, that we don’t have to spare. It’s expensive as fuck. It doesn’t even run locally on our servers, meaning we give all these credentials and permissions to some US company. It’s insane.)

@lyse@lyse.isobeef.org Hm, I’m not sure I would want to do that:

ForwardAgent
    ...

    Agent forwarding should be enabled  with  caution.   Users
    with  the ability to bypass file permissions on the remote
    host (for the agent's Unix-domain socket) can  access  the
    local agent through the forwarded connection.  An attacker
    cannot  obtain  key  material from the agent, however they
    can perform operations on the keys that enable them to au‐
    thenticate using the identities loaded into the agent.

Anyone else having trouble pulling from git.mills.io? 🤔

$ g clone ssh://git@git.mills.io:2222/yarnsocial/twtxt.dev.git
Cloning into 'twtxt.dev'...
git@git.mills.io: Permission denied (publickey).
fatal: Could not read from remote repository.

The key verification function on https://git.mills.io/user/settings/keys says I’m using the correct key.

This also looks good:

$ GIT_SSH_COMMAND="ssh -v" g clone ssh://git@git.mills.io:2222/yarnsocial/twtxt.dev.git
...
debug1: Authentications that can continue: publickey
debug1: Offering public key: /home/user/.ssh/keys/key-millsio ED25519 SHA256:nVNT... explicit
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
git@git.mills.io: Permission denied (publickey).
fatal: Could not read from remote repository.

Does it work for you, @lyse@lyse.isobeef.org @prologic@twtxt.net?

Grammarly Disables Tool Offering Generative-AI Feedback Credited To Real Writers
Grammarly has disabled its Expert Review feature after backlash from writers whose names were used to present AI-generated feedback without their permission. Superhuman (formerly Grammarly) CEO Shishir Mehrotra wrote in a LinkedIn post that the company will disable Expert Review while they “reimagine” the feature: Back … ⌘ Read more

Charter Gets FCC Permission To Buy Cox, Become Largest ISP In the US
An anonymous reader quotes a report from Ars Technica: Charter Communications, operator of the Spectrum cable brand, has obtained Federal Communications Commission permission to buy Cox and surpass Comcast as the country’s largest home Internet service provider. Charter has 29.7 million residential and business Internet customers compared t … ⌘ Read more

Microsoft Plans Smartphone-Style Permission Prompts for Windows 11 Apps
Microsoft is planning to bring smartphone-style app permission prompts to Windows 11, requiring apps to get explicit user consent before they can access sensitive resources like the file system, camera and microphone. The company’s Windows Platform engineer Logan Iyer said the move was prompted by applications increasingly overriding u … ⌘ Read more

eBay Bans Illicit Automated Shopping Amid Rapid Rise of AI Agents
EBay has updated its User Agreement to explicitly ban third-party “buy for me” agents and AI chatbots from interacting with its platform without permission. From a report: On its face, a one-line terms of service update doesn’t seem like major news, but what it implies is more significant: The change reflects the rapid emergence of what some are cal … ⌘ Read more

AI Agents ‘Perilous’ for Secure Apps Such as Signal, Whittaker Says
Signal Foundation president Meredith Whittaker warned that AI agents that autonomously carry out tasks pose a threat to encrypted messaging apps [non-paywalled source] because they require broad access to data stored across a device and can be hijacked if given root permissions.

Speaking at Davos on Tuesday, Whittaker said the deeper integrat … ⌘ Read more

Public Domain Day 2026 Brings Betty Boop, Nancy Drew and ‘I Got Rhythm’ Into the Commons
As the calendar flips to January 1, 2026, thousands of copyrighted works from 1930 are entering the US public domain alongside sound recordings from 1925, making them free to copy, share, remix and build upon without permission or licensing fees. The literary haul includes William Faulkner’s As I Lay D … ⌘ Read more

Apple Becomes a Debt Collector With Its New Developer Agreement
Apple released an updated developer license agreement this week that gives the company permission to recoup unpaid funds, such as commissions or any other fees, by deducting them from in-app purchases it processes on developers’ behalf, among other methods. From a report: The change will impact developers in regions where local law allows them to … ⌘ Read more

Lidar-Maker Luminar Files For Bankruptcy
Once a star of the self-driving hype cycle, lidar maker Luminar has filed for bankruptcy amid legal turmoil, layoffs, and a cooling autonomous-vehicle market. It plans to sell off its assets before shutting down entirely. The Verge reports: As part of its bankruptcy, Luminar is seeking permission to sell both its lidar and semiconductor businesses, the latter of which it has already agreed to … ⌘ Read more

The New York Times Is Suing Perplexity For Copyright Infringement
The New York Times is suing Perplexity for copyright infringement, accusing the AI startup of repackaging its paywalled reporting without permission. TechCrunch reports: The Times joins several media outlets suing Perplexity, including the Chicago Tribune, which also filed suit this week. The Times’ suit claims that “Perplexity provides commerci … ⌘ Read more

My file system when I try to edit a file without the proper permissions ⌘ Read more

Pope Francis’s Popemobile transformed into mobile clinic for Gaza children
A former “Popemobile” used by Pope Francis during his 2014 tour of the Holy Land has been transformed into a mobile health clinic for Gaza’s children, but Israeli authorities are yet to give permission for it to enter the war-ravaged strip. ⌘ Read more

Cloudflare Explains Its Worst Outage Since 2019
Cloudflare suffered its worst network outage in six years on Tuesday, beginning at 11:20 UTC. The disruption prevented the content delivery network from routing traffic for roughly three hours. The failure, writes Cloudflare in a blog post, originated from a database permissions change deployed at 11:05 UTC. The modification altered how a database query returned information about … ⌘ Read more

What’s your go-to strategy for giving engineers access to production?
I’ve been in this field for almost 15 years, and I don’t think I’ve ever seen two companies handle this the same way

Some other places just hand out just-in-time database access with short-lived credentials, others rely on rigid role-based permission, and others go all in on anonymized data dumps or shadow environments to avoid prod access altogether

What’s your go-to when it comes to giving access to engineers to access production app … ⌘ Read more

No sex, drugs or dangerous stunts: Instagram limits teens to PG-13 content
Teenagers on the social media app will be restricted to seeing PG-13 content by default and won’t be able to change their settings without a parent’s permission, Meta has announced. ⌘ Read more

No sex, drugs or dangerous stunts: Instagram limits teens to PG-13 content
Teenagers on the social media app will be restricted to seeing PG-13 content by default and won’t be able to change their settings without a parent’s permission, Meta has announced. ⌘ Read more

No sex, drugs or dangerous stunts: Instagram limits teens to PG-13 content
Teenagers on the social media app will be restricted to seeing PG-13 content by default and won’t be able to change their settings without a parent’s permission, Meta has announced. ⌘ Read more

** The Access Control Apocalypse: How Broken Permissions Gave Me Keys to Every Digital Door**

Image

Hey there😁

[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/th … ⌘ Read more

Fluentd to Fluent Bit: A Migration Guide
Fluentd was created over 14 years ago and still continues to be one of the most widely deployed technologies for log collection in the enterprise. Fluentd’s distributed plugin architecture and highly permissive licensing made it ideal… ⌘ Read more

@bender@twtxt.net That is a noble goal. We can talk about that – as long as it doesn’t mean giving up essential freedoms like choosing which software you can run on your device (without having to ask someone for permission).

@aelaraji@aelaraji.com I use Alt+. all the time, it’s great. 👌

FWIW, another thing I often use is !! to recall the entire previous command line:

$ find -iname '*foo*'
./This is a foo file.txt

$ cat "$(!!)"
cat "$(find -iname '*foo*')"
This is just a test.

Yep!

Or:

$ ls -al subdir
ls: cannot open directory 'subdir': Permission denied

$ sudo !!
sudo ls -al subdir
total 0
drwx------ 2 root root  60 Jun 20 19:39 .
drwx------ 7 jess jess 360 Jun 20 19:39 ..
-rw-r--r-- 1 root root   0 Jun 20 19:39 nothing-to-see

Can You Really Trust That Permission Pop-Up On macOS? (CVE-2025-31250)
Comments ⌘ Read more

i have been on a ROLL fixing server issues the other day i fixed my dead SFTP server which had a chroot permission issue

idfk where the error came from it just broke one day, maybe from one of my many server crashes which are becoming frequent and UGH i have to fix that too but i have a headache right now so one thing at a time. the error was ‘unexpected end of JSON input’ or something, for a while i thought oh permission error but turns out i can’t read the error that clearly indicated something syntax related (i did double check my env file though)

OpenAI doesn’t like it when you use “their” generated slop without permission
OpenAI says it has found evidence that Chinese artificial intelligence start-up DeepSeek used the US company’s proprietary models to train its own open-source competitor, as concerns grow over a potential breach of intellectual property. ↫ Cristina Criddle and Eleanor Olcott for the FT This is more ironic than writing a song called Ironic that lists situations that aren’t actually … ⌘ Read more

**(#dy3n2cq) @skinshafi Cool!

Iris leans heavily on convention. Iris’ security and message authentication is provided by filesystem permissions …**
@skinshafi @thunix.net Cool!

Iris leans heavily on convention. Iris’ security and message authentication is provided by filesystem permissions and message hashing. ⌘ Read more

[ANN] Monero Remote Node Monitoring project updates

Since my last post on Reddit in June 2024, there have been some major changes and new features.

* updated the license from GLWTS to a more widely recognized and permissive one (BSD-3-Clause)
* UI: switched from SvelteKit to Templ+HTMX to reduce external dependencies
* added support for monitoring both IPv6 and I2P nodes
* set up a Tor Hidden service for the web UI

Links:

• GitHub repository
  
• [Website](https://xmr.d … ⌘ Read more

Kubernetes RBAC: improve the K8s security posture
Member post originally published on the Devtron blog by Siddhant Khisty TL;DR: Secure your Kubernetes cluster with Role-Based Access Control (RBAC) to define granular permissions for users and applications. This guide explains how to implement RBAC… ⌘ Read more

Docker Desktop 4.29: Docker Socket Mount Permissions in ECI, Advanced Error Management, Moby 26, and New Beta Features
Docker Desktop 4.29 introduces enhancements to secure and streamline the development process and to improve error management and workflow efficiency. With the integration of Enhanced Container Isolation (ECI) with Docker socket mount permissions, the debut of Moby 26 within Docker Desktop, and exciting features such as Docker Compose enhancements via synchronized file shares reaching Beta, we’re equipp … ⌘ Read more

Fix “warning: unable to access /Users/Name/.config/git/attributes Permission Denied” Errors
If you’re at the command line and perhaps interacting with Homebrew, Git, or similar, you may run into an error message that says something like the following “warning: unable to access /Users/Name/.config/git/attributes” : Permission denied”. This error message sounds more alarming than it is in most cases, but regardless, you likely want to fix … ⌘ Read more

@lyse@lyse.isobeef.org its a hierarchy key value format. I designed it for the network peering tools i use.. I can grant access to different parts of the tree to other users.. kinda like directory permissions. a basic example of the format is:

@namespace
# multi
# line
# comment
root :value

# example space comment
@namespace.name space-tag 

# attribute comments
attribute attr-tag  :value for attribute

# attribute with multiple 
# lines of values
foo :bar
      :bin
      :baz

repeated :value1
repeated :value2

each @ starts the definition of a namespace kinda like [name] in ini format. It can have comments that show up before. then each attribute is key :value and can have their own # comment lines.
Values can be multi line.. and also repeated..

the namespaces and values can also have little meta data tags added to them.

the service can define webhooks/mqtt topics to be notified when the configs are updated. That way it can deploy the changes out when they are updated.

@prologic@twtxt.net

# ssh -p 2222 cas.run help                                                                                                                                                
The authenticity of host '[cas.run]:2222 ([139.180.180.214]:2222)' can't be established.
RSA key fingerprint is SHA256:i5txciMMbXu2fbB4w/vnElNSpasFcPP9fBp52+Avdbg.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[cas.run]:2222' (RSA) to the list of known hosts.
abucci@cas.run: Permission denied (publickey).

So you would have:

type ErrPermissionNotAllowed []Permission
func (perms ErrPermissionNotAllowed) Is(permission Permission) bool {
    for _, p := range perms {
        if p == permission { return true }
    }
    return false
}
var err error = errPermissionNotAllowed{"is-noob"}

if errors.Is(err, ErrPermissionNotAllowed{}) { ... } // user is not allowed

var e ErrPermissionNotAllowed
if errors.As(err, e) && e.Is("a-noob") { ... } // user is not allowed because they are a noob. 

You can have Error return just “permission not allowed” if the array is empty. It would print the same as the first.

New tool to secure your GitHub Actions
Introducing a new tool to monitor and control the permissions of the repository token for GitHub Actions. ⌘ Read more

Design’s journey towards accessibility
Design can have a significant impact on delivering accessible experiences to our users. It takes a cultural shift, dedicated experts, and permission to make progress over perfection in order to build momentum. We’ve got a long way to go, but we’re starting to see a real shift in our journey to make GitHub a true home for all developers. ⌘ Read more

Looks like Google’s using this blog post of mine without my permission. I hate this kind of tech company crap so much.

Image

The unbearable quirkiness of Linux group permissions ⌘ Read more