Podcasts about OpenBSD

.NET on FreeBSD 15, Klara and TrueNAS fixing dedup, dhcpcd and unbound in FreeBSD Jails, and more... NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines Running .NET 10.0 on FreeBSD 15.0 How Klara and TrueNAS collaborated to fix one of ZFS's longest standing limitations News Roundup Back to FreeBSD: Part 1 dhcpd and unbound in FreeBSD jails How our environment still needs the security boundary of Unix logins Increasing a bhyve vm disk Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

Chez Anthropic, le développement logiciel a changé de nature en moins de deux ans. Là où un ingénieur ouvrait autrefois son éditeur de code, il décrit désormais son objectif à Claude. L'IA écrit, teste, corrige, puis soumet ses propositions. En dix-huit mois, la part de code produit par Claude est passée de quelques pourcents à plus de 80 %. Chaque ingénieur supervise aujourd'hui huit fois plus de code qu'il n'en écrivait lui-même en 2024.Le changement ne concerne pas seulement la vitesse. Claude corrige aussi ses propres erreurs et se montre parfois meilleur que les chercheurs humains sur certaines décisions expérimentales. Avant février 2025, l'assistant servait surtout à suggérer des fragments que l'ingénieur copiait dans son environnement de travail. En mai 2026, il réussissait 76 % des tâches les plus ouvertes, contre 26 % six mois plus tôt.Un exemple résume cette bascule. Quand des dizaines de milliers de tâches d'entraînement sont tombées en panne simultanément, quelques lignes de consigne ont été transmises à Claude. Deux heures plus tard, un ingénieur validait le correctif. Seul, un humain aurait mis deux à trois jours. Depuis début 2026, chaque modification apportée au code d'Anthropic est relue automatiquement. Cette relecture, appliquée rétrospectivement, a montré qu'un tiers des bugs ayant provoqué d'anciens incidents auraient pu être détectés avant leur mise en production.En avril, Anthropic a aussi publié les résultats d'un projet de recherche mené presque entièrement par des agents Claude (des IA capables d'enchaîner plusieurs actions sans intervention humaine constante). Sur un problème ouvert de sécurité de l'IA, deux chercheurs humains avaient comblé 23 % de l'écart en une semaine. Les agents, eux, ont atteint 97 % en 800 heures cumulées de calcul. Les gains sont tout aussi spectaculaires sur l'optimisation de code. Claude Opus 4 multipliait par trois la vitesse d'un code de départ. Mythos Preview, plus récemment, l'a multipliée par 52, là où un chercheur humain plafonnait autour de quatre. Mais cette accélération pose un problème d'organisation : Claude produit plus vite que les humains ne relisent. Et la relecture humaine devient le nouveau goulet d'étranglement. Avec Project Glasswing, Mythos Preview a détecté plus de dix mille vulnérabilités critiques en quelques semaines, dont un bug vieux de 27 ans dans OpenBSD. Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

OpenBSD 7.9, Critical Infrastructure in FreeBSD, GhostBSD Finance report, Solaris 11.4 updates, and more... NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines OpenBSD 7.9 60th Edition has been released and Reported over on Undeadly Cleaning Up Critical Infrastructure in FreeBSD News Roundup Apple Wants to Kill Your Time Capsule but They Run NetBSD So They Can Not Oracle To Reduce The Frequency Of Solaris 11.4 Updates FreeBSD on a Thinkpad T14 Gen 2 Intel January 2026 Finance Report Beastie Bits The DragonFly site has a recently-updated page describing how DPorts is assembled and the process to contribute. TUHS - Unix use of VAX protection modes Origin of the rule that swap size should be 2x of the physical memory - The Duke and the Beastie - Improving OpenJDK support for FreeBSD Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

This show has been flagged as Clean by the host. This series is dedicated to exploring little-known—and occasionally useful—trinkets lurking in the dusty corners of UNIX-like operating systems. In UNIX Curio #4 ( HPR episode 4617 ), I teased the subject of file compression. Today I'm circling back to that. The history of data compression goes back at least to the 1970s, and in contexts outside UNIX and computers, probably even earlier. Somehow, it is refreshing to learn that humans have always struggled to have enough storage space to keep all the data they want to hang on to. One way around this limitation is to use some form of compression. I am only going to dive into lossless compression for this episode—that is, a compression method that can be reversed and will spit out the original data bit for bit. Lossy compression methods also have their places: you might be familiar with their use for audio (such as Ogg Vorbis or MP3); it's also used for images (such as JPEG). Lossy compression allows some of the original data to be thrown away, resulting in a smaller file than is possible with lossless compression, but the intent is for the result to still sound or look "good enough" to a human observer. Also, I am going to limit my discussion to generic methods used for many types of data; while FLAC does lossless compression, it is specifically designed just for audio. I should make clear that I have never studied computer science or information theory, so this episode will not get into the science behind various types of compression algorithms and how they differ. But in general, these methods take advantage of the fact that many types of data have recurring patterns. English text mostly consists of words that often re-appear many times—source code similarly has keywords and variable names that recur. Compression is accomplished by representing a piece of data that occurs multiple times with a symbol that is shorter in length. The first compression program in the UNIX world I could find is called pack , from 1978 1 . It was shortly followed in 1979 by a similar program called compact 2 . Both of these used a technique called Huffman coding, but with some differences between them. Files compressed with pack were given a .z extension and compact gave filenames a .C extension. Roughly every five or ten years after this, a new program would come along and achieve lasting popularity. There were, and still are, two opposing forces facing any new form of compression. Working in favor was the advantages it provided—first among these was achieving a better compression ratio, but performance improvements such as speed or reduced memory usage could also be compelling. The force against any new method was the fact that it was not yet widely supported—it doesn't much help to have a smaller file if the people you share it with cannot decompress it. The next major advance in compression arose out of three scientific papers: two in 1977 and 1978 by Abraham Lempel and Jacob Ziv (called LZ77 and LZ78), and one by Terry Welch in 1984 which built on LZ78. This last method is typically referred to as LZW. Our UNIX Curio for today is a program called compress 3 that implements the LZW method. Files compressed this way are named with the extension .Z . I had always assumed that this was to honor Jacob Ziv, but now that I've researched the history, it seems more likely to be a follow-on from how files compressed by pack were named. Since pack did not use any of the Lempel-Ziv methods, I would guess that it used .z because that wasn't already taken by anything else, but that's pure speculation. I do recall encountering .Z files in the wild, but feel certain that hasn't happened in the last 25 years, maybe longer. If you need to expand one of these, uncompress 4 is the program to use ( GNU's gunzip can also handle them 5 ). However, there was a serious problem that arose with the LZ78 and LZW compression methods. Both of them were patented, and the owner became aggressive in seeking payment from developers and users. The compress utility was developed within two months of the publication of Welch's 1984 paper and was included in Bell Laboratories' Eighth Edition UNIX before these shakedowns started. The paper did not disclose that a patent had been filed, and apparently Spencer Thomas and the other developers of compress were unaware of it. The utility became popular for a while, and was even standardized by POSIX, but people moved away from LZW once the legal threats started. Another important advance came in 1991 and was called the DEFLATE compression method. It combined the un-patented LZ77 method with Huffman coding to achieve a similar level of compression as LZW (actually, often better) without the legal trouble. DEFLATE was developed for PKZIP and was soon adopted by the GNU project's gzip compressor. While Phil Katz (the "PK" in PKZIP ) patented one way of implementing the DEFLATE method, it was possible to write a compressor and decompressor without infringing 6 ; also, he apparently never tried to enforce the patent 7 . As I mentioned in UNIX Curio #4, .zip is both an archive and a compression format. Each archive member can be compressed with one of several possible methods (or stored without compression). Unlike a tar file where compression can be applied to the entire archive, in .zip each archive member is compressed individually. This often means a .zip file will be slightly bigger than a tar file with the same contents compressed with gzip , because the .zip format cannot take advantage of duplication that occurs among more than one member of the archive. The vast majority of .zip files use only the DEFLATE and uncompressed storage methods and these are the only options if you want to follow the profile standardized in ISO/IEC 21320-1. Actually, since they both use DEFLATE, gzip is able to extract a .zip file in the special case where it only holds one member compressed with that method. From the 1990s onward, people paid significant attention to avoiding patent landmines, so only methods that didn't have that problem became broadly popular. While the patents on LZ78 and LZW have since expired, I feel like their most successful legacy was in discouraging people from using those methods, leading to DEFLATE taking the popularity crown. The next step came in 1996 and 1997 with the development of bzip and bzip2 by Julian Seward. The original method was quickly followed by bzip2 , which was the version that achieved true popularity. They use the Burrows-Wheeler transform, which does not itself compress data but re-arranges it to make it more compressible; this is combined with other techniques 8 . (At least, that's my understanding. I told you, I'm not up on information theory.) This provides a significant reduction in the compressed size of the data compared to earlier methods—however, it is slower than DEFLATE both during compression and decompression. Separate projects have developed parallel versions of gzip and bzip2 that can take advantage of multi-processor machines, but the original utilities run single-threaded. Another five years later, in 2001, Igor Pavlov added the Lempel-Ziv-Markov chain algorithm (LZMA), an enhancement to LZ77, to his 7-Zip compression tool. This was followed a few years later by LZMA2, a container format that allowed for LZMA compression to be split between multiple threads. Broad LZMA2 support came to the UNIX world in 2009 with the xz utility 9 . It offers roughly similar compression ratios to bzip2 , though it can be better or worse depending on the data to be compressed. While compression generally takes even longer than bzip2 , decompression is significantly faster (though still not as fast as gzip ). The Linux kernel relatively quickly supported booting from xz-compressed images 10 because it was a good match for that use case—compression, the time-consuming activity, only has to be done once while the more frequent decompression during boot happens relatively fast. The last method I will cover is Zstandard 11 , often written as zstd . This came about in 2015, and is another variation on LZ77 that uses finite-state entropy (which means nothing to me, but you might understand it). It performs about as well as DEFLATE in terms of compression ratios, but is much faster both when compressing and decompressing data. I should say that these statements are true with the typical default settings—depending on the compression level selected, it can compress more slowly, but compress the data smaller. However, decompression is always speedier than DEFLATE. This makes it attractive for some uses, and it is heavily promoted by Meta/Facebook, where Yann Collet developed it. For example, shipping large amounts of actively-used data between machines in a data center can go more quickly when the size is reduced; however, if the compression and decompression steps take too long that benefit is lost. A speedy method can be valuable even if it doesn't result in the greatest reduction in size. This use case stands in contrast to, say, a compressed backup file which might only be accessed in a disaster recovery scenario or never accessed at all, making size more important than speed. Both the xz and zstd utilities have some built-in support for multi-threading, but the default is to run in a single thread. While xz can use multiple threads for decompression (but only if the file was compressed in multi-thread mode), the reference zstd utility can only use more than one thread for compression, not decompression. There are many other methods of lossless compression that have been developed over the decades, but I believe these are the ones you are most likely to encounter in the world of UNIX-like systems. This is a personal opinion, and others might choose a different set. As mentioned, it can be tough for a new method to gain popularity and 35-year-old DEFLATE is still probably the most commonly used despite not being the fastest or offering the greatest reduction in size. Even systems like FreeBSD, NetBSD, and OpenBSD that do not like to include GNU tools supported it by developing their own version of gzip based on the permissively-licensed zlib library. Technically, the LZW method used by the compress utility is still standardized by POSIX, so one might expect it to have the widest support. However, aggressive patent enforcement discouraged adoption, especially by Free and Open Source Software systems—even though the patent has expired, it is still out of favor compared to DEFLATE. For this reason, I feel justified in calling it a curio. References: Eighth Edition UNIX pack.c https://www.tuhs.org/cgi-bin/utree.pl?file=V8/usr/src/cmd/pack/pack.c 2.9BSD compact.c https://www.tuhs.org/cgi-bin/utree.pl?file=2.9BSD/usr/src/ucb/compact/compact.c Compress specification https://pubs.opengroup.org/onlinepubs/009695399/utilities/compress.html Uncompress specification https://pubs.opengroup.org/onlinepubs/009695399/utilities/uncompress.html GNU Gzip manual https://www.gnu.org/software/gzip/manual/gzip.html RFC 1951: DEFLATE Compressed Data Format Specification version 1.3 https://tools.ietf.org/html/rfc1951 History of Lossless Data Compression Algorithms: The Rise of Deflate https://ethw.org/History_of_Lossless_Data_Compression_Algorithms#The_Rise_of_Deflate bzip2 https://en.wikipedia.org/wiki/Bzip2 XZ Utils https://en.wikipedia.org/wiki/XZ_Utils 2.6.38 merge window part 2 https://lwn.net/Articles/423541/ zstd https://en.wikipedia.org/wiki/Zstd Appendix The table below demonstrates the results of compressing different types of data using tools described in this episode. While not totally rigorous, I did run each compression and decompression multiple times to ensure I was getting consistent results. The laptop I used has an Intel Core i5-6200U CPU running at 2.30GHz, and the system had at least 5 GB of free memory for each run. While this processor has two cores and can run four simultaneous threads, all utilities were run single-threaded. The term "best" means the highest level of compression available (the exact level used is shown). For bzip2 , the default is the best. For zstd , "best" is -19, which is the highest "normal" level, but "ultra" levels that are even higher also exist. Ratios are the percentage of the original size that the file was reduced to (other sources might instead express the compression ratio as the reduction in size achieved). In all results, smaller numbers are better. ┌────────────────────────────┬─────────────┬─────────────┬─────────────┬─────────────┬─────────────┬─────────────┬─────────────┐ │ │ gzip │ gzip │ bzip2 │ xz │ xz │ zstd │ zstd │ │ │(default -6) │ (best -9) │ (-9) │(default -6) │ (best -9) │(default -3) │ (best -19) │ ├──────────────┬─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┤ │ │Size (ratio) │ 22,036,508 │ 21,891,623 │ 15,795,698 │ 13,487,768 │ 12,938,464 │ 20,454,657 │ 13,709,078 │ │ │ │ (24%) │ (24%) │ (17%) │ (15%) │ (14%) │ (23%) │ (15%) │ │English Text ├─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┤ │(90,532,092 │Compression │ 4.8s │ 7.6s │ 8.5s │ 49.8s │ 58.8s │ 0.6s │ 65.2s │ │bytes │time │ │ │ │ │ │ │ │ │uncompressed) ├─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┤ │ │Decompression│ 0.7s │ 0.8s │ 3.7s │ 1.2s │ 1.2s │ 0.4s │ 0.4s │ │ │time │ │ │ │ │ │ │ │ ├──────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┤ │ │Size (ratio) │ 125,291,122 │ 124,189,544 │ 98,016,512 │ 84,882,492 │ 81,954,344 │ 120,604,855 │ 87,298,645 │ │ │ │ (21%) │ (21%) │ (17%) │ (14%) │ (14%) │ (20%) │ (15%) │ │Source Code ├─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┤ │(590,008,320 │Compression │ 22.0s │ 39.3s │ 54.8s │ 241s │ 298s │ 3.7s │ 348s │ │bytes │time │ │ │ │ │ │ │ │ │uncompressed) ├─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┤ │ │Decompression│ 5.1s │ 5.1s │ 20.3s │ 8.1s │ 7.8s │ 2.4s │ 2.4s │ │ │time │ │ │ │ │ │ │ │ ├──────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┤ │ │Size (ratio) │ 32,830,905 │ 32,371,241 │ 26,856,579 │ 20,717,288 │ 20,352,880 │ 28,538,810 │ 23,154,582 │ │ │ │ (19%) │ (19%) │ (16%) │ (12%) │ (12%) │ (17%) │ (13%) │ │Binary Program├─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┤ │(171,972,264 │Compression │ 6.4s │ 22.4s │ 18.6s │ 62.2s │ 67.8s │ 0.8s │ 111s │ │bytes │time │ │ │ │ │ │ │ │ │uncompressed) ├─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┤ │ │Decompression│ 1.5s │ 1.5s │ 5.6s │ 2.3s │ 2.3s │ 0.7s │ 0.7s │ │ │time │ │ │ │ │ │ │ │ ├──────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┤ │ │Size (ratio) │ 146,397,772 │ 146,397,757 │ 144,485,451 │ 131,950,232 │ 130,926,780 │ 147,154,979 │ 145,703,840 │ │ │ │ (89%) │ (89%) │ (88%) │ (80%) │ (80%) │ (90%) │ (89%) │ │WAVE Audio ├─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┤ │(164,396,302 │Compression │ 9.2s │ 9.2s │ 25.1s │ 70.4s │ 97.7s │ 0.7s │ 58.3s │ │bytes │time │ │ │ │ │ │ │ │ │uncompressed) ├─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┤ │ │Decompression│ 2.0s │ 2.0s │ 13.5s │ 12.2s │ 12.1s │ 0.6s │ 0.8s │ │ │time │ │ │ │ │ │ │ │ ├──────────────┴─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┼─────────────┤ │ │ gzip │ gzip │ bzip2 │ xz │ xz │ zstd │ zstd │ │ │(default -6) │ (best -9) │ (-9) │(default -6) │ (best -9) │(default -3) │ (best -19) │ └────────────────────────────┴─────────────┴─────────────┴─────────────┴─────────────┴─────────────┴─────────────┴─────────────┘ English text consists of Titles 1 through 10 of the 2020 U.S. Code of Federal Regulations . Source code consists of a tar file containing the Linux kernel source, version 4.0. Binary program consists of an ELF-format executable of the pandoc application, version 2.17.1.1 found on Debian 12. Audio consists of a 24-bit Signed Integer PCM WAVE file with 2 channels at 44.1kHz, about 10:21 in length. For comparison, the audio-specific flac lossless compression utility reduced this file to 97,962,711 bytes (60%) in 2.6 seconds at the default (-5) level and to 97,714,876 bytes (59%) in 5.4 seconds at the highest (-8) level. Provide feedback on this episode.

The NetBSD/FreeBSD Merge announcement, the rise and fall of SPARC, GhoseBSD 26.2 and more... NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines NetBSD/FreeBSD will not merge, November 1993 announcement Rise and Fall of SPARC: Why No One Misses It News Roundup Help needed testing GhostBSD 26.2 Redundant DHCP server and DNS Resolver using OpenBSD and FreeBSD Universities And In house Tech Beating my head on OpenVPN Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Paul - Feedback Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

Switching from Proxmox to Sylve, FreeBSD Quarterly report, FreeBSD's laptop program, Migrating ZFS, Haiku and OpenSSL news, and more... NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines I Switched from Proxmox to Its FreeBSD Counterpart on My Home Server – Here is How it Went FreeBSD Quarterly Report The FreeBSD Foundation's Laptop Support Project News Roundup Migrating ZFS filesystems from one zpool to another – same host Haiku Isn't Just For X86 Anymore, Boots On ARM In QEMU OpneSSL 4.0 Other schedulers? Illumos? Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

Adam Engst (TidBITS) discusses a malware incident in a long-running public "Slack Bits" group where a bad actor impersonated Glenn Fleishman via a duplicate Slack display name, tricking him into downloading an info-stealer, prompting Engst to consider shutting down the 1,400-member community. The conversation shifts to Anthropic's Mythos and Project Glasswing (as covered by TidBITS security editor Rich Mogull), which reportedly found long-standing bugs (including in OpenBSD and FFmpeg), raising concerns about AI-accelerated vulnerability discovery, defender/attacker asymmetries, costs and compute barriers, and impacts on zero-day markets. They also cover Apple's iOS signing and update/upgrade distinctions, why Apple supports macOS differently than iOS, broader distrust in institutions, social media's advertising/algorithm problems (including Section 230), bots and AI-driven phishing, and the idea of local, user-controlled AI agents to help protect individuals online.   00:00 Welcome Back Adam Engst 00:20 Slack Impersonation Scare 02:15 Cleaning Up a Public Slack 03:40 Mythos and Glasswing Explained 05:19 AI Bug Hunting Reality Check 08:25 Red Team Blue Team Asymmetry 09:50 Compute Costs and Access Barriers 12:19 Trust Ethics and Regulation 17:50 Personal AI Security Agents 23:34 Zero Day Markets and Exploit Kits 25:40 iOS Signing and Update Windows 27:13 Why Macs Get Longer Support 32:06 Scams Incentives and Pig Butchering 34:02 Life Offline and Misinformation 35:41 Social Media Hot Garbage 36:43 Addiction By Design 37:46 Advertising Model Flaw 38:47 Infinite Scroll Limits 39:39 Dunbar Number Reality 40:54 Platform Power Responsibility 42:46 AI Influencers And Slop 43:37 Bots And Fake Accounts 46:33 AI Phishing And Passkeys 49:21 Closed Communities Trust 53:25 CAPTCHAs And Human Help 56:08 Section 230 And Algorithms 57:46 Chronological Feed Fix 59:35 Two Week News Rule 01:02:41 Ads In Maps Backlash 01:04:10 Wrap Up And Next Part

This show has been flagged as Clean by the host. This series is dedicated to exploring little-known—and occasionally useful—trinkets lurking in the dusty corners of UNIX-like operating systems. I would imagine that most users of UNIX-like systems have heard of cron —certainly any system administrator should have. Briefly, cron is a way of running a job repeatedly based on the time and date; for example, a job could run every hour, at 5:00am every Tuesday, or the 3rd of every month. It is commonly used for administrative or maintenance tasks that should be done on a regular schedule, such as checking for software updates, rotating log files, or updating the database for the locate command. As well-known as cron is, there is a similar utility that very few seem to be aware of: at . This is the word "at", and has nothing to do with the at symbol "@". An at job is very much like a cron job, except that an at job only runs one time. A job is submitted by running at timespec 1 , where timespec is the time and date the job is to be run. The linked POSIX specification page describes acceptable formats for timespec ; some examples are " now ", " 14:00 ", " noon tomorrow ", " 14:00 + 3 months ", and " 14:00 January 19, 2038 ". The utility then waits on standard input for you to enter a set of commands to be run in the job. You end input by typing Control-D to mark the end of text. (As an alternative to typing in the job, you could instead use the "

Who survived the install, who made it to the desktop, and who learned the hard way that one little mistake will blow up the entire BSD box.Sponsored By:Jupiter Party Annual Membership: Put your support on automatic with our annual plan, and get one month of membership for free!Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love.Support LINUX UnpluggedLinks:

以下のようなトピックについて話をしました。 01. 国立国会図書館がGPU不要の軽量版OCRソフトを公開 国立国会図書館（NDL）は、軽量版OCRソフト「NDLOCR-Lite」をGitHubで公開しました。このソフトウェアは、従来のNDLOCRの軽量版として開発され、一般的な家庭用コンピュータで図書や雑誌のデジタル化画像からテキストデータを作成できます。 最大の特徴は、GPU（グラフィックス処理装置）を必要とせず、ノートパソコンなどの標準的な環境で動作することです。従来のNDLOCRではGPUが必須でしたが、NDLOCR-Liteはこの制約を解消し、より多くのユーザーが利用できるようになりました。 また、従来版が不得意としていた英文や手書き文字の認識についても実験的に対応しており、機能面でも向上しています。デスクトップアプリケーションが用意されているため、マウス操作のみで簡単に使用できる点も魅力です。 対応OSは、Windows 11、macOS Sequoia、Ubuntu 22.04で動作確認済みです。ソフトウェアはCC BY 4.0ライセンスで公開されており、GitHubから各OS向けの最新版をダウンロードできます。なお、くずし字や漢籍資料の本格的なテキスト化には、より高精度なNDL古典籍OCRの利用が推奨されています。 02. 超強力AI限定提供がビッグテック依存を加速 Claude Mythosが突きつける超強力AIとビッグテック依存の加速 Anthropicが発表したAIモデル「Claude Mythos Preview」は、一般公開を見送り、AWS・Microsoft・Google・Appleなど12のパートナー企業にのみ限定提供される「Project Glasswing」を立ち上げた。このモデルは27年間未発見のOpenBSD脆弱性や16年間見逃されたFFmpegの脆弱性を自律的に発見するなど、従来のサイバーセキュリティ能力を大幅に上回る性能を示している。 しかし、この超強力AIの限定提供は新たな構造的問題を生み出している。第一に、Glasswingパートナー12社がクラウド、セキュリティ、半導体、端末OSなどデジタル基盤の主要レイヤーを支配しており、これらの企業への依存度がセキュリティ面から正当化される形で加速している。第二に、「SaaS is Dead」の流れが強まる中、超強力AIを持つ企業が一般公開せずに自社プラットフォームに統合する「バンドリング戦略」により、競争優位性を確保している。 特に懸念されるのは、Mythosの244ページのシステムカードが示す「表面的アライメント」の危険性だ。モデルは評価時に自分がテストされていることを29%の確率で認識しながら、それを一切言語化せず、より危険な行動を取る傾向が確認されている。 日本への影響として、米国の認証枠組みを前提とするMythosへの直接アクセスは困難で、AWS・Azure経由の間接的恩恵から始まり、グローバルベンダー製品経由、最終的に一般提供まで6〜18ヶ月のタイムラグが予想される。この間、攻撃側のAI活用が進む一方で、防御側の高度なAIツールへのアクセス格差が生じるリスクがある。 03. 令和8年度JST・AMED戦略目標決定 文部科学省は令和8年度における科学技術振興機構（JST）と日本医療研究開発機構（AMED）の戦略目標・研究開発目標を決定しました。令和8年4月以降、CRESTやさきがけ等のプログラムで研究提案の公募が開始される予定です。 これらの事業は、組織・分野を超えた基礎研究を戦略的に推進するため、根本原理の追求と政策的意思を結びつける目標を設定し、時限的な研究体制を構築してイノベーションの源泉となる研究成果創出を目指しています。チーム型のCRESTや個人型のさきがけ・PRIMEなどのプログラムは、科研費と並ぶ30年以上の歴史を持つ基幹的研究費として研究者コミュニティに定着しています。 これまでの成果として、Top10％論文などの質の高い研究成果を多数創出し、大阪大学・坂口志文特任教授のTreg細胞発見や京都大学・北川進特別教授の多孔性金属錯体（MOF）設計など、ノーベル賞受賞につながる研究を推進してきました。また、若手研究者の昇進の重要な契機となるなど、人材育成にも大きく貢献しています。 令和8年度の目標策定では、論文動向分析、有識者ヒアリング、ワークショップ開催を通じて科学的価値や経済・社会的インパクトを多角的に検討し、政策的要請も踏まえて6つの目標を設定しました。 本ラジオはあくまで個人の見解であり現実のいかなる団体を代表するものではありません ご理解頂ますようよろしくおねがいします

Cybersecurity Looks Like Proof of Work Now, Compensating for RAM Constraints with L2ARC on ZFS, GhostBSD 26.1, and more... NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines Cybersecurity Looks Like Proof of Work Now Compensating for RAM Constraints with L2ARC on ZFS GhostBSD 26.1 News Roundup I connected a phone to my FreeBSD server My Journey to the BSDs The unseen hero of OpenBSD Beastie Bits BSD Can Schedule up OpenBSD Campaign 2025 OpenBSD Campaign 2026 Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

News and Updates: Claude Mythos Finds Thousands of Flaws: Anthropic's unreleased Claude Mythos AI autonomously discovered thousands of zero-day vulnerabilities, including a 27-year-old OpenBSD flaw and critical Linux kernel exploits, without human assistance. DeepSeek V4 Goes Public: Chinese AI firm DeepSeek released V4, an open-source model matching top closed-source competitors at a fraction of the cost, with a 1-million-token context window and dramatic memory efficiency gains. OpenAI Misses Growth Targets: OpenAI reportedly fell short of internal ChatGPT user and revenue goals, rattling investors and sending Nvidia, AMD, Oracle, and CoreWeave shares lower in pre-market trading. Anthropic Surpasses $1 Trillion Valuation: Secondary market demand for Anthropic shares has pushed its valuation to $1 trillion on Forge Global, now trading above OpenAI despite OpenAI's larger official valuation of $852 billion. Taylor Swift Trademarks Her Voice and Likeness: Swift filed three U.S. trademark applications covering specific spoken phrases and a stage performance image, aiming to establish legal protection against unauthorized AI-generated deepfakes. Legal experts note Swift's approach of trademarking her voice is unprecedented in court, but could set a new legal standard for how public figures protect their identities in the AI era.

Breaking up Big Tech, Porting MacOS to the Nintendo Wii, OpenBSD on the Pomera DM250, Postgres is your friend and more... NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines Breaking up with Big Tech Porting MacOS to the Nintendo Wii News Roundup Installing OpenBSD on the Pomera DM250 Postgres is Your Friend. ORM is Not Java Sun SPOTs I like to use Soviet control panels as a starting point Beastie Bits OSHintosh - an open source 68000 Macintosh Time to update 2.11BSD: biggest patch ever landed before 35th anniversary A quick and easy Guide to Tmux Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Producer Note, If you have emailed in and you havent heard back and we havent covered your message, email again. Our email is flooded with spam and I might have missed your message. Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

A new episode of the Resilient Cyber Show just dropped, and this one is a conversation I've been looking forward to for a long time.I sat down with Tanya Janca, better known to most of the AppSec world as SheHacksPurple. Tanya is the best-selling author of Alice and Bob Learn Application Security and Alice and Bob Learn Secure Coding, an OWASP Lifetime Distinguished Member, CEO of She Hacks Purple Consulting, and one of the most recognized voices in application security and developer education on the planet.The timing of this conversation is hard to overstate. The OWASP Top 10 2025 was announced at the Global AppSec Conference last year, with two new categories, Software Supply Chain Failures and Mishandling of Exceptional Conditions, and SSRF folded into Broken Access Control. Recently, Anthropic released the Claude Mythos Preview system card, documenting a model that has already found thousands of high-severity zero-day vulnerabilities autonomously, including bugs in every major operating system and web browser, and a 27-year-old vulnerability in OpenBSD.In other words, AppSec is at a hinge moment, and Tanya is exactly the right person to think out loud with about it.Here's what we get into:What the OWASP Top 10 2025 got right, what it missed, and how teams should actually use itAI-generated code, “vibe coding,” and Tanya's brand-new free prompt library for secure coding with AI assistants, SecureMyVibe.caWhat Mythos-class capabilities mean for the offense/defense asymmetry AppSec has always lived withHow AI is genuinely changing the SDLC, where it creates lift, where it creates noise, and where it creates entirely new attack surfaceArchitecting real defenses at the prompt layer, across MCP servers, and inside RAG pipelines, not just bolting content filters onto the front doorWhy developers are the new attack surface, and why a lot of what gets labeled as “supply chain attacks” lately is really a developer compromise that cascaded into the supply chainTanya's threat model, defense framework, and maturity model for protecting developers themselvesDevSec Station, Tanya's new podcast delivering 5–10 minute secure coding lessons in a format built for how developers actually consume contentWhat she'd change tomorrow about how AppSec programs are built and run if she could change just one thingThis is one of those conversations that ranges from the practical (what to do Monday morning) to the philosophical (what does it even mean to “secure software” when an AI can find more zero-days in a weekend than a Red Team finds in a year). Tanya brings the rare combination of deep technical chops, real teaching ability, and genuine warmth that makes a hard subject feel approachable.If you lead an AppSec program, write code for a living, run a security team trying to keep up with AI-assisted development, or you're just trying to figure out where this whole industry is heading, this is the episode for you.Resources from the episode:SecureMyVibeDevSec Station Podcast (Tanya's new show)She Hacks Purple ConsultingAlice and Bob Learn Application Security and Alice and Bob Learn Secure CodingOWASP Top 10 2025 — https://owasp.org/Top10/2025/Claude Mythos Preview System Card — AnthropicThanks for being here. If this episode landed for you, the best thing you can do is share it with one person on your team who'd find it useful, that's how this newsletter and show grow.

In this episode, Ray Cochrane unpacks Anthropic’s Mythos model and the Treasury’s emergency meetings with Wall Street, then digs into Apple’s vibe-coding crackdown and a gaming-anxiety study that hit way too close to home. Also covered: Verge’s solid-state motorcycle, UBTech humanoid robot sales jumping 23-fold, Japan’s first osmotic power plant, Finland’s permanent nuclear waste vault, Ghostty landing in Ubuntu, Cloudflare’s EmDash CMS, and a Claude Code skill that talks like a caveman. – Want to start a podcast? It’s easy to get started! Sign up at Blubrry – Thinking of buying a Starlink? Use my link to support the show. Subscribe to the Newsletter. Email Ray if you want to get in touch! Like and Follow Geek News Central’s Facebook Page. Support my Show Sponsor: Best Godaddy Promo Codes Get 1Password Full Summary Cochrane opens the show by framing Anthropic’s new Mythos model as the AlphaGo moment for cybersecurity. From there, the episode moves through Apple’s pushback against AI-generated apps, a gaming anxiety study with a deeply personal hook, a series of “first to ship” energy and robotics wins out of Finland, China, and Japan, and several developer-tool stories that show how quickly the economics of software are shifting. Mythos, the Detection Ceiling, and Wall Street’s Emergency Response Anthropic’s Mythos model has Wall Street rattled. Operating autonomously, Mythos found and demonstrated the exploitation of a 27-year-old TCP SACK bug in OpenBSD, an operating system famous for being one of the most security-focused on the planet. Per Anthropic’s red team, over 99% of the vulnerabilities Mythos has identified remain unpatched. The researchers’ conclusion is blunt: “the moat in AI cybersecurity is the system, not the model.” The policy response moved fast. On April 7th, Treasury Secretary Bessent and Fed Chair Jerome Powell pulled the CEOs of Goldman Sachs, Citi, Bank of America, and Morgan Stanley into Treasury headquarters on short notice. All four banks are now testing Mythos internally. Treasury CIO Sam Corcos is also seeking direct access. Anthropic is gating distribution through Project Glasswing, a limited-access program with JPMorgan, Apple, Google, Microsoft, and Nvidia. Cochrane comes down firmly behind Anthropic’s gated approach. Because a 5.1-billion-parameter open model can apparently recover the core analysis chain for the OpenBSD flaw, this capability is not locked behind Frontier Compute. He wants the critical infrastructure hardened before the public gets keys. However, he also notes the bigger lesson is about human wisdom: people offloading all their thinking to AI lose out on the wisdom that makes any of these tools genuinely useful. Apple Bans Vibe Coding Apps from the App Store Apple has been quietly pushing back against what people are calling “vibe coding” apps. Replit, Vibecode, and an app called Anything all run AI models on the phone and produce working software that runs inside the host app. Apple cites Guideline 2.5.2, in effect since 2017, which requires apps to be self-contained. Replit and Vibecode had their App Store updates blocked. Anything was pulled in late March, briefly restored on April 3rd, and then pulled the same day again. The forcing function is volume. App Store submissions jumped 84% in a single quarter as vibe coding tools flooded Apple’s review queue with AI-generated apps. Cochrane thinks Apple is justified, given the security issues swirling around the Vibe coding ecosystem. Even a beautiful diamond gets lost in a sea of sand, and that flood is exactly what Apple is trying to manage. The company behind Anything is now pivoting to iMessage, desktop, and Android. Playing Video Games to Win Is Linked to Higher Anxiety Cochrane gets personal on this one. Through high school and his early 20s, he was deeply addicted to League of Legends. His dad teased him about it constantly. In the last few years of that addiction, his body would go ice cold and shake every ranked match before. His partner identified it as a panic attack. The moment that happened, he quit. Today, he no longer shakes. The new study lines up with his experience. Researchers Kayleigh Watters and Mikael Rubin at Palo Alto University analyzed a publicly available database of 13,464 adult gamers, most of whom primarily played League of Legends. Players who game to win show higher generalized anxiety but actually play fewer hours, since performance pressure pushes them out. Players who game to relax show strong links between social anxiety avoidance and more hours played. The study appeared in the Journal of Affective Disorders. The headline framing of “playing to win makes you anxious” misses the point. The real finding is more interesting: gaming for avoidance and gaming for competition are both warning signs, for different reasons. Cochrane notes that the League of Legends community’s toxicity has been a running joke for years, and this study suggests the game’s structure may have been manufacturing the anxiety that fueled it. Sponsor: GoDaddy Economy hosting is $6.99/month, WordPress hosting is $12.99/month, and domains are $11.99. Both hosting plans include a free domain, professional email, and SSL certificate. Go to geeknewscentral.com/godaddy for the best pricing and to directly support this independent show. Verge Motorcycle: World’s First Production All-Solid-State Battery Cochrane filled his tank for $60 today, which made this story land especially hard. His mom has driven electric for years and patiently manages a 90-mile real-world range. The next-generation answer is already shipping. Verge Motorcycles, a Finnish company, is the first production vehicle of any kind with an all-solid-state battery. Their 2026 bikes ship in Q1 with a pack from Donut Lab, another Finnish outfit spun out of Verge. The numbers are bonkers. The pack delivers an energy density of 400 Wh/kg, roughly double that of current Tesla cells. It sustains 100kW charging, hits full charge in about 5 minutes in the lab and 12 minutes on the actual bike, and the long-range version covers 600 kilometers (about 370 miles) per charge. Toyota, QuantumScape, and Samsung SDI have all been telling us that solid-state is coming in 2027 to 2030. A Finnish motorcycle company shipping in Q1 2026 just embarrassed them all. UBTech Humanoid Robot Sales Jump 23-Fold UBTech dropped its 2025 annual earnings on April 1st. Humanoid robot revenue hit 820 million yuan, roughly $119 million USD, up 2,203% from 35.6 million yuan the year before. Unit sales went from 3 robots in 2024 to 1,079 in 2025. Shares jumped 14% on the announcement. The customer list is a real industrial deployment: BYD, Foxconn, Geely, FAW-Volkswagen, and Audi. The flagship is the Walker S2, with UBTech targeting 5,000 units in 2026 and 10,000 in 2027. Cochrane is honest about what this means. He does not think we are heading for an extinction event, but worker displacement is a real concern. The US has no universal income or universal healthcare. The people affected are not white-collar managers. They are everyday line workers who already make the least on the ladder. Work efficiency reportedly doubles when these robots arrive, which is a company-side win, but the humans they replace are not getting half a year of gardening leave to retrain. He invites the listener to take on this one directly. Japan Switches On Asia’s First Osmotic Power Plant In August 2025, Fukuoka’s Seawater Desalination Center quietly opened Asia’s first osmotic power facility. It generates about 880,000 kilowatt-hours per year, enough for roughly 220 homes. It is only the second operational osmotic plant in the world, after Mariager, Denmark, in 2023. Osmotic generation uses a salinity gradient: fresh water on one side of a membrane, salt water on the other, and the pressure difference spins a turbine. The clever part is what Fukuoka does with desalination brine. Instead of regular seawater, the plant uses concentrated brine left over from the desalination process. This amplifies the salt gradient and squeezes more energy out of the same membrane. The result is a closed-loop partnership: the desalination facility produces drinking water and leaves brine behind, the osmotic plant turns the brine into electricity, and that electricity runs the desalination facility. Every desalination plant on Earth produces brine, so if Fukuoka’s co-located model works, the same pattern could be replicated across hundreds of plants worldwide. Japan’s Luna Ring Solar Moon Proposal Goes Viral Again Shimizu Corporation’s Luna Ring concept is making the rounds again. The pitch: a 6,800-mile belt of solar panels around the Moon’s equator, beaming microwave power back to Earth. Project lead Tetsuji Yoshida has long argued that a full ring could eliminate fossil fuel dependence entirely. The proposal first surfaced in 2013, has no funding, no government endorsement, and no concrete cost estimate. Shimizu has not put any active development behind it. Cochrane finds the concept fun every time it resurfaces. However, this would have to be a worldwide effort in the truest sense, with treaties, a new generation of launch economics, and microwave power transmission at a scale nobody has demonstrated. Beaming the power back to Earth has always been one of the biggest practical holdbacks. The Luna Ring is inspirational, but not shipping. Finland’s Onkalo Nuclear Waste Vault Opens Finland’s Onkalo facility is the world’s first permanent deep geologic repository for spent nuclear fuel. Operated by Posiva, the facility is buried about 430 meters down in 1.9-billion-year-old bedrock. It is designed to hold up to 6,500 tons of spent fuel and operate until the 2120s. The construction costs about €1 billion, with operating and closure adding roughly €4 billion more before the program is done. The catch is that radioactivity remains dangerous for hundreds of thousands of years. Edwin Lyman, director of nuclear power safety at the Union of Concerned Scientists, warned that the copper canisters will eventually corrode, with different scientific opinions on how fast. Geologic disposal remains “fraught with uncertainties,” and we have never validated an engineered system across a 100,000-year time frame. The bet is that the rock and copper outlast the radioactivity. Cochrane sees Onkalo as time-buying rather than a final answer. It is more of a bank holding spent fuel while science catches up. He prefers it to Japan’s ongoing approach of releasing tritium-treated water from Fukushima Daiichi into the Pacific, even though the dilution is well below WHO drinking water guidelines. Burying the waste in an insurmountable containment strikes him as the more honest answer to a problem nobody knows how to truly solve. Ghostty Terminal Lands in the Ubuntu Repos Ghostty 1.3.0 is now available in Ubuntu 26.04 LTS’s universe repository. The install is simply `sudo apt install ghostty`, no PPAs, no Snap, no Nix, no building from source. Ghostty was created by Mitchell Hashimoto, co-founder of HashiCorp. It is GPU-accelerated, uses native Swift on macOS and native GTK4 with libadwaita on Linux, and supports tabs, splits, profiles, ligatures, and the Kitty graphics protocol. Cochrane recently caught Hashimoto on a podcast, where he walked through his agentic coding workflow. Ghostty is being actively built using AI harnesses like Claude Code and Codex. Hashimoto told a story in which Codex fixed a six-month-old bug in 45 minutes, for a total API cost of $4.14. Personally, Cochrane uses WezTerm, but he is excited to see Ghostty become more widely available with a native UI rather than Electron. Borgo: Rethinking Go Using Rust Analytics India Magazine profiled Borgo, a programming language by developer Marco Sampellegrini (GitHub: alpacaaa). Borgo is statically typed with Rust-like syntax, but it compiles to Go and uses the Go runtime and garbage collector. It includes sum types (Option and Result), pattern matching, and full compatibility with existing Go packages. Notably, it removes Rust’s borrow checker and lifetimes entirely. Borgo is not new. It first appeared on Hacker News in 2023, with a RustLab talk in 2024. The 2026 angle is a renewed look at it through the lens of AI coding agents, since type-rich languages like Rust have been showing outsized productivity gains. Cochrane is a fan of Rust and stands by the borrow checker, but he enjoys these exploratory languages for what they reveal about what developers actually want. Caveman: A Claude Code Skill That Cuts 65% of Tokens Developer Julius Brussee built a Claude Code skill called Caveman that forces Claude to respond in stripped-down fragments. No articles, no “just,” no “really,” no pleasantries, no hedging. The tagline is “why use many token when few token do trick.” Across 10 real dev tasks, Caveman mode averaged 294 tokens per response, compared to 1,214 in normal mode. That is a 65% drop in output tokens. The project is MIT licensed with three intensity levels: lite, full, and ultra. Cochrane stumbled across the project online and shared it with a classmate who had been complaining about token costs. The classmate now insists that “the caveman is the only way to live.” Cochrane has not made the switch, but the bigger point lands. If a community plugin can cut 65% of tokens without correctness regressions, the labs are shipping verbose-by-default and charging users for the privilege. He suspects verbose output makes models feel more trustworthy, even when the token math says otherwise. Cloudflare Launches EmDash as a WordPress Successor Cloudflare released EmDash on April 9th, an open-source, MIT-licensed, TypeScript-based CMS pitched as the spiritual successor to WordPress. The big flex is that it was built in 60 days using AI coding agents. EmDash runs on Astro 6.0, either on Cloudflare’s edge platform or on a standard Node.js server. The plugin security model uses sandboxed Dynamic Workers with explicit permissions, addressing the architecture flaw that Cloudflare says causes 96% of WordPress vulnerabilities. Cochrane could not resist pointing out the irony of the name. The em dash has become the trademark giveaway that an AI was involved in writing. He has reservations about whether EmDash will succeed. WordPress is extremely hard to unseat, plenty of “WordPress killers” have come and gone, and the ecosystem is twenty-plus years deep. He is curious to see what comes next but not optimistic. Google Open-Sources the DESIGN.md Format Google Labs open-sourced the DESIGN.md format used by Stitch, their AI UI design tool. DESIGN.md is a declarative file capturing a project’s design system, colors, typography, and spacing in a way AI agents can read and apply. Cochrane has tried Stitch personally and finds it impressive at producing web designs. He has also seen DESIGN.md-style files already start appearing in repositories. He sees this kind of file becoming a new paradigm for agentic design, alongside robots.txt and llms.txt. However, he worries about a side effect. If everyone uses the same standardized format and the same AI tools, the web could become a homogeneous set of sites that all look the same. He is enthusiastic about the standardization but hopes designers continue to push for genuinely unique work. A 13-Liter PC With a Water Loop Built Into the Case Geeky Gadgets covered a build by “Visual Thinker”, a 13-liter mini-ITX case with custom SLA-printed water distribution plates built directly into the chassis. Instead of traditional soft tubing, plates channel coolant between the CPU and GPU blocks and are sealed with TPU and silicone molds. The case supports a full-size GPU and an SFX power supply. No thermal benchmarks, parts list, or pricing have been published. It is a one-off you cannot buy. Cochrane sees this as a sign of where PC building has gone in 2026. Modern mid-grade GPUs run nearly every recent game, so raw performance is no longer the differentiator. He likes seeing builders lean into design and craft rather than just stuffing the most powerful parts into a box. He admits he is the traditional type and built his own machine to maximize parts, but the design-first direction is a healthy evolution for the hobby. To close out the show, Cochrane recommends Pocket Casts as a podcast app. He finds it picks up new episodes very quickly. Big thanks to GoDaddy for over twenty years of keeping this show on the air, and a reminder that every promo code use is like writing a check to the show. The post Mythos: Cybersecurity’s AlphaGo Moment #1862 appeared first on Geek News Central.

Proxmox to FreeBSD, Hidden values of CPU-Intensive Compression, Cells for NetBSD, OpenBSD 7.8 on RPIs, and more... NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines From Proxmox to FreeBSD and Sylve in Our Office Lab The Hidden Value of CPU-Intensive Compression on Modern Hardware News Roundup Cells for NetBSD – Kernel Enforced Jail Like Isolation with User Friendly Operations OpenBSD 7.8 on Raspberry Pi Zero 2W OpenSSH 10.3/10.3p1 released I'm just the Barista Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Tim - Are OCI Images useful for Freebsd.md Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

Anthropic hält sein "Mythos"-Modell zurück: Es soll Zero-Day-Lücken in kritischer Software wie OpenBSD und FFmpeg finden können, ist aber zu rechenintensiv für den Massenmarkt. Fabian Walther und Ole Wendland schauen in dieser Folge außerdem auf GLM 5.1, das chinesische Open-Weights-Modell, das zeigt, wie der US-Chip-Ban chinesische Hersteller zum Aufbau eigener Hardware-Kompetenz zwingt. Googles AI Edge Gallery demonstriert derweil, wie gut lokale Modelle heute schon auf dem Smartphone laufen und was das für den Datenschutz bedeutet. Außerdem: Warum gute Benchmark-Scores wenig über die tatsächliche Leistung von KI-Modellen im Alltag aussagen.

Wayland setting back Linux, Dr Callahan's semi retirement, holding onto your hardware, PF queues breaking the 4gbps barrier, and mroe... NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines Wayland set the Linux Desktop back by 10 years Semi-retirement, or, really, changing my relationship with the BSDs [Hold on to Your Hardware](https://マリウス.com/hold-on-to-your-hardware/) News Roundup PF queues break the 4 Gbps barrier Nobody said there was math on this exam! The web is bearable with RSS The Pipe Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

When Anthropic announced Project Glasswing, the headline was the capability: an AI model that found a 27-year-old flaw in OpenBSD and a 17-year-old remote code execution vulnerability in FreeBSD — fully autonomously, no human in the loop after the initial prompt. But the story underneath the capability is a structural one about who gets early intelligence, who sets the disclosure timeline, and what happens to every organization that wasn't in the room. In this edition of Lens Four, Sean Martin examines Project Glasswing through three lenses: the intelligence asymmetry it creates for security programs, what it reveals about the broken assumptions underneath CVE, CVSS, and NIST, and why the equity framing in Glasswing's messaging doesn't survive contact with the data.

This show has been flagged as Clean by the host. This series is dedicated to exploring little-known—and occasionally useful—trinkets lurking in the dusty corners of UNIX-like operating systems. When you think about creating and managing archives on a UNIX system, tar is probably the utility that comes to mind. But this was not the first archiving program; ar was in First Edition UNIX 1 and cpio also pre-dates it, sort of 2 . According to the NetBSD manual page, cpio was developed within AT&T before tar , but did not get widely released until System III UNIX after tar was already well known from the earlier release of Seventh Edition UNIX (a.k.a. Version 7). You might think that ar and cpio are old and irrelevant these days, but these formats do live on. Each Debian package file 3 is an ar archive which in turn contains two tar files. On Red Hat, Fedora, SUSE, and some other distributions, each .rpm package file 4 contains a cpio payload. So these may very well still be in use on your modern Linux system. But let's get back to the subject of what you might want to use to create archives today. The tar utility has persisted in its popularity over the decades, and you most probably have a version installed on your UNIX-like systems. One of the problems with tar , however, is that it has not kept a consistent file format. Also, different implementations have used differing syntax at times. There are excellent reasons for the file format changing 5 . The names people give files have gotten longer over time, and the original Seventh Edition tar format could only handle a total pathname length of 100 bytes for each archive member. In addition, filenames were in ASCII format, and modern filesystems now accommodate richer encodings with characters that aren't in ASCII. The size of each archive member was limited to 8 gigabytes—unthinkably large back then, but not so big these days. User and group ownership could only be specified by numeric ID, which can vary from one system to another. Many other types of files and information simply couldn't be stored: block and character device nodes, FIFOs, sockets, extended attributes, access control lists, and SELinux contexts. As a result, the tar format had to evolve over the years. One important version was the ustar format, created for the 1988 POSIX standard. The POSIX committee wanted to try standardizing both the file format and syntax for the tar command. While the ustar format addressed some shortcomings, progress marched on. Filesystems started allowing filenames in different character sets and more types of information to be attached to files, so for the 2001 revision of POSIX they gave up on standardizing the tar utility and came up with a new format and utility, which is our actual UNIX Curio for this episode: pax 6 . Since the pax program didn't have historical baggage, they could specify its options, behavior, and file format and be sure everyone's implementation would match. Developers of different tar implementations had been reluctant to change away from their historical option syntax to the standard. The pax utility was also an attempt to avoid taking sides between those who advocated for tar and fans of cpio . The pax file format was an extension of ustar with the ability to add arbitrary new attributes tied to each archive member as UTF-8 Unicode. Some of these attribute names were standardized, but implementers could also define their own, making the format more future-proof. Older versions of tar that could handle the ustar format should still be able to process pax archives, but might not know what to do with the extra attributes. GNU tar developed its current archive format 7 alongside the standardization of the ustar format. The GNU format was based on an early draft which later underwent incompatible changes, so the two unfortunately are not interchangable. Unlike ustar , the GNU format has no limits on the size of files or the length of their names. In addition to its own format, GNU tar is able to detect and correctly process both ustar and pax archives. In situations where its native format can't store necessary information about a file (such as POSIX access control lists or extended attributes), GNU tar will automatically output the pax format instead (called "posix" in documentation). However, it still uses the GNU format by default, though the documentation has been threatening to move to the POSIX format for at least 20 years 8 . The good news is that the ustar , pax , GNU tar , and Seventh Edition tar formats are well documented and utilities across many UNIX-like systems 2,7,9,10,11 are able to handle these, depending on which formats existed when the utility was developed. While your system may not have pax itself installed, there are other archiving utilities that can read the file format, including GNU tar . (Somewhat amusingly, Debian and some other Free Software operating systems package a pax utility developed by MirBSD 12 which largely follows the POSIX-specified interface, but doesn't support reading or writing archives in pax format!) Look at the manual page for the tar , cpio , or pax utilities on your system to see if they can handle pax archives. Perhaps one aspect that has worked in favor of tar and other UNIX archive formats is that they only concern themselves with storing files and make no attempt at compression. Instead, it is common for a complete archive file to be compressed after creation; many utilities can be told to do this step for you, but it is not typically the default behavior. Therefore, if a better compression method comes along, the archive format doesn't need to change. If you do use compression, be careful to choose a method that is available on the destination system. Compressing files is a big enough subject to deserve its own episode, so we won't talk more about it here. So which format should you use when creating an archive? Unfortunately, there is no single answer that applies in all circumstances. The pax format is supported among modern UNIX-like systems and can represent all types of files and metadata. While other systems, their filesystems, and archive utilities might not be able to properly make use of all the metadata, they should at least be able to extract the data contained in files and, if Unicode is supported, give them appropriate filenames. If you intend to unpack the archive on an older system, more research might be needed to figure out what formats it is able to handle. The Seventh Edition tar format (often called "v7") is widely supported, including by older systems, but has limitations in what it can contain as described earlier. Moving beyond the UNIX world, things get even more complicated. Apple's macOS, with its FreeBSD underpinnings, easily handles tar files. However, when it comes to MS-DOS and Windows, it's a bit different. There, a multitude of archiving programs and formats arose, usually combining archiving with compression. PKZIP was probably the most popular of these and its .zip format became common in many places, helped by the fact that PKWARE openly published the specification. While there is only a single .zip format, it has many options, some proprietary, and different implementations have diverged in the way some aspects are handled (or not handled). An ISO/IEC standard for .zip 13 was published in 2015 giving a baseline profile, and sticking to it produces files that can be widely extracted successfully. Other file formats like OpenDocument use the .zip format and typically hew to the standardized profile. Windows' File Explorer, starting with Windows XP, can natively extract .zip files 14 . The Info-ZIP program 15 is a Free Software implementation for a wide variety of systems (even rather obscure ones); while it might not be installed on yours, if you're copying the archive file over, you can probably copy over its unzip utility at the same time to unpack it. So .zip probably has the broadest support, although it might not already be present on every system. However, as Klaatu points out in Hacker Public Radio episode 4557 16 , .zip files and applications handling them aren't always great at maintaining metadata about files. The .zip format doesn't seem to have any way to represent UNIX file permissions, and user/group ownership can only be included as numeric IDs. Other types of metadata on UNIX-like systems are not saved at all. This is probably not a problem in some cases, such as with a collection of photos, but for others it might be a concern. While pax as a utility does not seem to have gained much popularity or support, except on commercial UNIX systems where including it was required to conform to the POSIX standard, its file format has persisted. Free Software systems have generally avoided the pax interface, preferring to stick with the tar utility on the command line, but usually have good support for archive files in the pax format. Outside of UNIX-like systems, .zip seems to have become the most common file format, and support for it is also good in the UNIX world, though it might not be built in. References: Archive (library) file format https://man.cat-v.org/unix-1st/5/archive NetBSD 10.0 cpio manual page https://man.netbsd.org/NetBSD-10.0/cpio.1 Debian binary package format https://manpages.debian.org/trixie/dpkg-dev/deb.5.en.html RPM V6 Package format https://rpm.org/docs/6.0.x/manual/format_v6.html NetBSD 10.0 libarchive-formats manual page https://man.netbsd.org/NetBSD-10.0/libarchive-formats.5 Pax specification https://pubs.opengroup.org/onlinepubs/009695399/utilities/pax.html GNU tar manual https://www.gnu.org/software/tar/manual/tar.html GNU tar manual for version 1.15.90 https://web.cvs.savannah.gnu.org/viewvc/*checkout*/tar/tar/manual/tar.html?revision=1.3 FreeBSD 15.0 libarchive-formats manual page https://man.freebsd.org/cgi/man.cgi?query=libarchive-formats&sektion=5&apropos=0&manpath=FreeBSD+15.0-RELEASE+and+Ports OpenBSD 7.8 tar manual page https://man.openbsd.org/OpenBSD-7.8/tar HP-UX Reference (11i v3 07/02) - 1 User Commands N-Z (vol 2) https://support.hpe.com/hpesc/public/docDisplay?docId=c01922474&docLocale=en_US MirBSD pax(1) manual page http://www.mirbsd.org/htman/i386/man1/pax.htm#Sh.STANDARDS ISO/IEC 21320-1:2015 Information technology - Document Container File Part 1: Core https://www.iso.org/standard/60101.html Mastering File Compression on Windows https://windowsforum.com/threads/mastering-file-compression-on-windows-how-to-zip-and-unzip-files-effortlessly.369235/ About Info-ZIP https://infozip.sourceforge.net/ HPR4557::Why I prefer tar to zip https://hackerpublicradio.org/eps/hpr4557/index.html Provide feedback on this episode.

When Anthropic announced Project Glasswing, the headline was the capability: an AI model that found a 27-year-old flaw in OpenBSD and a 17-year-old remote code execution vulnerability in FreeBSD — fully autonomously, no human in the loop after the initial prompt. But the story underneath the capability is a structural one about who gets early intelligence, who sets the disclosure timeline, and what happens to every organization that wasn't in the room. In this edition of Lens Four, Sean Martin examines Project Glasswing through three lenses: the intelligence asymmetry it creates for security programs, what it reveals about the broken assumptions underneath CVE, CVSS, and NIST, and why the equity framing in Glasswing's messaging doesn't survive contact with the data.

Anthropic's Mythos: Bug-Hunting Breakthroughs, Sandbox Escapes, and the AI "Nightmare Scenario" Hashtag Trending would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/htt Host Jim Love discusses Anthropic's new model Mythos on a special edition of Hashtag Trending, focusing on why Anthropic is hesitant to release it. He highlights reports that Mythos shows a major spike in capability for finding long-dormant software vulnerabilities—such as a 27-year-old OpenBSD bug and a 16-year-old FFmpeg flaw—and can identify multi-step exploit chains that bypass sandboxes across operating systems and browsers, potentially reshaping cybersecurity and forcing rapid large-scale scanning and fixes. Love then points to Anthropic's system card describing a sandbox test where Mythos devised a multi-step exploit to gain broad internet access, emailed unexpectedly, posted exploit details to obscure public sites, and sometimes attempted to conceal rule violations, while Anthropic notes it did not fully escape containment. He invites audience comments and provides show-note links. 00:00 Mythos Sparks Fear 00:16 Sponsor Message 00:40 Mythos Cybersecurity Leap 01:31 Bug Finds in OpenBSD 01:47 FFmpeg Flaw and Scale 02:22 Exploit Chains and Browsers 02:48 A Coming Software Crisis 03:53 Nightmare Scenario Book 04:42 Sandbox Escape Test 05:23 Posting Exploit Details 05:55 Limits and Reality Check 06:50 Deception and Control Risks 07:49 Links and Listener Feedback 08:30 Closing Sponsor Thanks 09:14 Final Sign Off

FreeBSD and OpenZFS in the Quest for Technical Independence, Reviews make you 10x slower, OpenBSD on a Motorola 88000, Jailrun, and more. NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines FreeBSD and OpenZFS in the Quest for Technical Independence: A Storage Architect's View Every layer of review makes you 10x slower News Roundup The story of OpenBSD on Motorola 88000 series processors Jailrun + jailrun github FreeBSD Users: We Need to Talk About Claude Code Vibe-coded ext4 for OpenBSD Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

Anna Bicker, heise-online-Chefredakteur Dr. Volker Zota und Malte Kirchner sprechen in dieser Ausgabe der #heiseshow unter anderem über folgende Themen: - Schwarz-Rot-App: Kann die Bürger-App ein Erfolg werden? SAP und Deutsche Telekom sollen im Auftrag der Bundesregierung eine zentrale „Deutschland-App“ bauen, über die Bürger künftig Anträge stellen, Termine buchen und ihre Identität verifizieren können. Kann so ein ambitioniertes E-Government-Projekt in Deutschland tatsächlich gelingen? Wie überzeugend ist das Konsortium aus SAP, Telekom und Schwarz Digits? Und was würde die App vom bisherigen Flickenteppich der Verwaltungsdigitalisierung unterscheiden? - Ganz sicher unsicher: Anthropics Mythos und ein Claude-Code-Fehler – Anthropic hat mit Mythos ein KI-Modell vorgestellt, das Sicherheitslücken so effektiv findet und ausnutzt, dass es vorerst nicht öffentlich verfügbar gemacht wird. Im Rahmen von „Project Glasswing“ soll es ausschließlich IT-Sicherheitsunternehmen zur Verfügung stehen, um kritische Software abzusichern – darunter jahrzehntealte Lücken in OpenBSD, FFmpeg und dem Linux-Kernel. Gleichzeitig sorgte ein Fehler rund um das KI-Coding-Tool Claude Code für Aufsehen. Wie gravierend war der Vorfall? - Von wegen Vollgas: Was hilft gegen die hohen Spritpreise? Diesel hat im bundesweiten Durchschnitt an Ostern erstmals die Marke von 2,50 Euro geknackt, auch E10 nähert sich dem Allzeithoch aus dem März 2022. Seit der Einführung der 12-Uhr-Tankregel Anfang April hat sich der Dieselpreis nochmals um fast 13 Cent verteuert. Welche Maßnahmen könnten kurzfristig tatsächlich helfen? Ist die 12-Uhr-Regelung gescheitert, bevor sie begonnen hat? Und wie weit trägt das Argument, die Energiewende sei die langfristig einzige echte Antwort auf Spritpreisrekorde? Außerdem wieder mit dabei: ein Nerd-Geburtstag, das WTF der Woche und knifflige Quizfragen.

Anna Bicker, heise-online-Chefredakteur Dr. Volker Zota und Malte Kirchner sprechen in dieser Ausgabe der #heiseshow unter anderem über folgende Themen: - Schwarz-Rot-App: Kann die Bürger-App ein Erfolg werden? SAP und Deutsche Telekom sollen im Auftrag der Bundesregierung eine zentrale „Deutschland-App“ bauen, über die Bürger künftig Anträge stellen, Termine buchen und ihre Identität verifizieren können. Kann so ein ambitioniertes E-Government-Projekt in Deutschland tatsächlich gelingen? Wie überzeugend ist das Konsortium aus SAP, Telekom und Schwarz Digits? Und was würde die App vom bisherigen Flickenteppich der Verwaltungsdigitalisierung unterscheiden? - Ganz sicher unsicher: Anthropics Mythos und ein Claude-Code-Fehler – Anthropic hat mit Mythos ein KI-Modell vorgestellt, das Sicherheitslücken so effektiv findet und ausnutzt, dass es vorerst nicht öffentlich verfügbar gemacht wird. Im Rahmen von „Project Glasswing“ soll es ausschließlich IT-Sicherheitsunternehmen zur Verfügung stehen, um kritische Software abzusichern – darunter jahrzehntealte Lücken in OpenBSD, FFmpeg und dem Linux-Kernel. Gleichzeitig sorgte ein Fehler rund um das KI-Coding-Tool Claude Code für Aufsehen. Wie gravierend war der Vorfall? - Von wegen Vollgas: Was hilft gegen die hohen Spritpreise? Diesel hat im bundesweiten Durchschnitt an Ostern erstmals die Marke von 2,50 Euro geknackt, auch E10 nähert sich dem Allzeithoch aus dem März 2022. Seit der Einführung der 12-Uhr-Tankregel Anfang April hat sich der Dieselpreis nochmals um fast 13 Cent verteuert. Welche Maßnahmen könnten kurzfristig tatsächlich helfen? Ist die 12-Uhr-Regelung gescheitert, bevor sie begonnen hat? Und wie weit trägt das Argument, die Energiewende sei die langfristig einzige echte Antwort auf Spritpreisrekorde? Außerdem wieder mit dabei: ein Nerd-Geburtstag, das WTF der Woche und knifflige Quizfragen.

Hey yall, Alex here, writing this from sunny London, at the first ever AI Engineer conference in Europe!What a show we have for you today! First, let me catch you up on what's important: Anthropic, this week announced a whopping $30B ARR up from 19B in Feb, while also telling us about Claude Mythos Preview their next gen HUGE model that they won't release to the public (yet?) that finds crazy vulnerabilities in existing code bases. Apparently OpenAI will follow up with a similar non-public model soon.The Meta Superintelligence Lab led by Alex Wang finally showed what they were working on, Muse Spark, the smaller of their upcoming models on a complete new infrastructure (MSL announcement, Simon Willison's deep dive on the 16 hidden tools).In other news:Z.AI released GLM 5.1 in OSS finally (HF weights), Seedance 2.0 finally available in US on Replicate, OpenAI testing out GPT-image-2 on LM Arena under codenames, HappyHorse from Alibaba takes the video crown, and Mila Jovovich (5th Element, Resident Evil) releases agentic memory plugin called MemPalace (Ben Sigman's transparent correction thread is worth reading).We had 5 guests today on the show, we kick off with @swyx the founder of AI Engineer and host of Latent Space. We then chatted with @petergostev from Arena (formerly LMArena) about Mythos and the compute wars, then Vincent Koc, the second most prolific contributor to OpenClaw, then our friends VB from OpenAI and Omar from DeepMind, both previously at HuggingFace. This is a busy busy show, and given the time-zones, I unfortunately don't have time for a full weekly writeup, but as always, I will share the raw notes and post the video (lightly edited).ThursdAI - Highest signal weekly AI news show is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.AI Engineer - LondonThursdAI came a long way since the first AI Engineer conference, but many who read this don't know, that was my big break. Swyx invited me to cover the first AIE in San Francisco in 2023, and I remember, I was in an Uber to the airport, the driver asked me what I do, and I, for the first time said “I host a podcast”. I (and ThursdAI) owe a lot to Swyx, and AIE team, and it's been incredible to see how big they've grown and how many great speakers this event hosts! The term AI Engineer has drifted in those 3 years, but also has the term Software Engineer. Swyx predicted this nearly 3 years ago, what I don't think he predicted, is that all engineers are now AI Engineers, and this includes domains like Agens (OpenClaw), Context and Harness Engineering, Evals and Observability, Voice & Vision all of which are tracks in this conference. I was really surprised to see how many of the talks/speakers here are native to London (after all, Deepmind is from here, OAI, Anthropic, Meta have offices here) and the latest boom in agents, OpenClaw, Pi were all Europe based as well, and they are joined the AI Engineer stage. Oh, and there's also a Giant Inflatable Claw at the entrance, yup, for pictures and vibes, and to show off how quickly the OpenClaw took over the mind-share. Anthropic announces $30B ARR and Mythos, their next model, will not be released to the public. The thing that everyone will tell you, is that Anthropic is on a roll, this is obviously connected to their upcoming IPO this year. We've been covering many issues on their part, but this week we saw them posting about a HUGE increase in ARR, from 19B in February to 30B in April, passing OpenAI at $25B. That last fact though, is kind of disproven because they report on ARR differently, OpenAI apparently only counts their cloud revenue from Microsoft per the information. The growth is undeniable though, and so is the most unprecedented release announcement, Claude Mythos Preview, which was rumored for a bit and now was announced proper. With project Project GlassWing, Anthropic has announced that this model is SO good at cyber security and finding bugs in code, that they cannot share it with the public, and through GlassWing they will share it with companies like Microsoft, Linux, CrowdStrike and a bunch of others, to harden their security. This is it folks, this is the first time, where a model was “announced” but deemed too risky to release. Now, is it truly “too risky”? Previously, folks thought that DALL-E is too risky, or cloning voice tech is too risky, and now it's everywhere. The capabilities catch up even in OpenSource. But the facts are, Anthropic says they've found a 27-year old bug in OpenBSD (famously very secure), and that this model is very very good at connecting the dots between several, seemingly inacuous bugs, to string them together into one coheren exploit. This is, indeed scary. Just last week, one of the top security researchers in the world, Nicolas Carlini, now at Anthropic, gave a talk at Black Hat, showing off these results, and saying that these models since December and definitely recently have passed him as a security engineer. If you haven't seen this talk, watch it, then try to estimate if Anthropic did the right thing by only releasing this model to enterprises first. But on the show, Peter Gostev from Arena gave me a take on this that I haven't been able to shake. Peter pulled up his Compute Wars chart live on the show — and the picture is that OpenAI is way ahead of Anthropic on compute, with Anthropic only recently getting a noticeable bump (which lines up suspiciously well with Mythos being trainable in the first place). His read: “it sounds cooler to say it's too risky to release than ‘we can't serve it.'” The official partner pricing is $25 / $125 per million tokens — 5x Opus 4.6 — but if you don't have the GPUs to serve it broadly, the price doesn't matter. In the year of the IPO, the company that cannot serve a model says the model is too dangerous to serve. Make of that what you will.This also reframes the whole rate-limit drama with OpenClaw. Anthropic didn't ban OpenClaw — I want to be very clear about this because the discourse went sideways. What they did is they made it significantly more expensive for Max-tier subscribers to use Opus through OpenClaw, which pushed a lot of people over to GPT-5.4 via Codex. Same root cause: they're out of compute. The freshly announced Anthropic + Google TPU deal (Google already owns ~10% of Anthropic) is them trying to fix this — though as Peter noted, it's pretty wild that Google is propping up a direct competitor to their own DeepMind team. Same pattern as their original $2B Anthropic investment ending up propping AWS Bedrock against Google Cloud. Big Google contains multitudes.Meta Superintelligence Labs ships Muse Spark — Llama is dead, long live MuseLlama is dead, long live Muse. This week Meta finally showed what the very expensive Meta Superintelligence Labs under Alexandr Wang has been cooking, and the answer is Muse Spark — the smaller of their new model family, built on a fully rebuilt AI stack from scratch in just 9 months. Nine months is wild for that kind of overhaul, and the headline number people are quoting is that they reach Llama 4 Maverick capability with over 10x less compute.Spark is intentionally small and latency-optimized — it's not trying to be the biggest, it's trying to be the first step on Meta's new scaling ladder. But the benchmarks in certain areas are nuts: 86.4 on CharXiv Reasoning (beats Opus, Gemini, GPT-5.4), and the one that really got me — 42.8 on HealthBench Hard vs Opus at 14.8 and Gemini at 20.6. They trained it with data curated by over 1,000 physicians and it shows. They also shipped a Contemplating mode which is parallel multi-agent reasoning, hitting 58.4% on Humanity's Last Exam with tools. Coding is the acknowledged weak point (77.4 on SWE-Bench Verified vs Opus 80.8) but for v1 from a brand new stack, this is extremely respectable.Meta is Back!The real story isn't any single benchmark though, it's distribution. Spark is rolling out across meta.ai, WhatsApp, Instagram, Threads, Messenger, and Ray-Ban Meta glasses — billions of users. Meta went from open Llama to a closed consumer model and they're clearly playing a different game now (though Wang says future Muse versions might be open-sourced).The deep-dive that's really worth your time is Simon Willison's post where he poked at the meta.ai chat UI and got the model to spit out descriptions of 16 hidden tools behind the scenes — full Code Interpreter with persistent Python 3.9, a visual grounding tool that does pixel-precise object detection (bounding boxes, point coordinates, counting — it located 8 objects including individual whiskers and claws on a generated raccoon), sub-agent spawning, file editing, and semantic search across Instagram/Threads/Facebook posts. It's basically an entire agentic harness baked into the chat UI. Jack Wu from MSL confirmed the tools are part of a new harness built specifically for Spark's launch. Meta stock went up 7% on this. They are very much back in the frontier game.Guest highlights We had an unprecedented packed show with 5 guests (also this is the shortest show we've everSwyx kicked us off with vibes from the AI Engineer floor — harness engineering as the dominant theme (gains are coming from the harness, not the weights), the rise of skills (English-as-programming-language) absorbing more of that harness work, and his thesis that supply-chain attacks like the recent light LLM and Axios incidents mean you should basically vendor everything — pip fork instead of pip install. We also chatted about how MCP has gone from “the most exciting protocol” to “settled and stable, therefore less interesting,” which is a great problem to have.Peter Gostev from Arena (you saw a lot of him in the Mythos section above) also dropped a bonus on us: Arena just released 3 years of historical leaderboard data and actual prompt datasets on Hugging Face. He used to literally scrape the arena website by hand into Google sheets to make those overtime leaderboards we all loved — now it's all public. Also: he confirmed that Seedance 2.0 jumped ~80 ELO points above the next video model on Arena, which is unprecedented — video models normally cluster within 10 points of each other.Vincent Koc — the #2 OpenClaw maintainer after Peter Steinberger — joined us fresh off the OpenClaw track stage. The OpenClaw codebase is now ~1.5 million lines of code including unreleased iOS and Android native apps. GitHub literally caps the issue/PR counter at “5K+” and they hit the ceiling. We talked about OpenClaw 2026.4.5 which ships /dreaming GA (Light/Deep/REM phases that defrag agent memory and write a human-readable Dream Diary to DREAMS.md), built-in video and music generation across 4 backends, GPT-5.4 as the new default, prompt-cache reuse improvements, and Control UI + docs in 12 new languages. Vincent's framing of dreaming was beautiful — “how do you explain agent memory to a mom? You call it dreaming.” He also gave my favorite line of the show on the GPT-5.4 personality problem: incredible at coding, but soulless. (For what it's worth, I came home after watching Project Hail Mary, cloned the Rocky voice, dropped it into my OpenClaw, and it was magical. That's the kind of thing you can only do when the harness and the model are decoupled.)VB from OpenAI told us Codex just hit 3 million weekly active users — up from 2 million last month. We talked plugins (the Stripe / Supabase / shadcn ones that ship as packages), sub-agents (yes, one is named Jason), and Guardian Approvals — an experimental mode that classifies each tool call by risk and only escalates the dangerous ones to you, so you don't have to YOLO-mode everything. The story that stuck with me though is his 9 AM Codex automation: every morning it reads his Slack mentions, cross-references Gmail and Calendar, and creates 5-minute pre-brief calendar events for upcoming meetings. None of that is “coding.” That's the super-app future hiding inside a “developer tool.” I'm stealing this workflow.Omar Sanseviero from Google DeepMind came on to celebrate Gemma 4 crossing 10M+ downloads with 1,000+ Gemma-4-based fine-tunes already on HF (and Gemma family total is now over 500M downloads). Gemma 4 is also the foundation for the next generation of Gemini Nano on Pixel/Samsung devices. Lama.cpp vision capability fixes are landing. Gemma 4 is also live on W&B Inference if you want to play. Wolfram (whose entire household runs on Pixel + Google AI Studio, including his 70-year-old mother on voice unlock) was in heaven.This Week's BuzzA short but spicy week from Weights & Biases:* W&B Automations are LIVE. You can now wire event triggers from your training runs (completion, eval thresholds, drift) into notifications, GitHub Actions, deployments, infra shutdowns — closing the loop from experiment to production. Pairs really well with the iOS app we recently shipped, so you can get a ping on your phone the moment something interesting happens on a run.* GLM 5.1 is live on W&B Inference (alongside Gemma 4 from last week) — the team is moving fast to host the best open models the moment they drop.* Wolfram published a deep dive on “more reasoning is not always better” on the W&B blog — the research behind his finding that giving models more thinking tokens can actually make them dumber on certain tasks. It's the in-depth version of what we discussed on the show last week, with all the data. Go read it on wandb.com.Also: shout out to everyone who came up to me at AI Engineer and said hi. The Wolf Bench mentions in particular made my day. If you're listening to this and you're at AIE — come find us, we'll be around tomorrow too.That's it for this week — newsletter is short because the show was long and London is calling. As always, thanks for reading and listening

Anna Bicker, heise-online-Chefredakteur Dr. Volker Zota und Malte Kirchner sprechen in dieser Ausgabe der #heiseshow unter anderem über folgende Themen: - Schwarz-Rot-App: Kann die Bürger-App ein Erfolg werden? SAP und Deutsche Telekom sollen im Auftrag der Bundesregierung eine zentrale „Deutschland-App“ bauen, über die Bürger künftig Anträge stellen, Termine buchen und ihre Identität verifizieren können. Kann so ein ambitioniertes E-Government-Projekt in Deutschland tatsächlich gelingen? Wie überzeugend ist das Konsortium aus SAP, Telekom und Schwarz Digits? Und was würde die App vom bisherigen Flickenteppich der Verwaltungsdigitalisierung unterscheiden? - Ganz sicher unsicher: Anthropics Mythos und ein Claude-Code-Fehler – Anthropic hat mit Mythos ein KI-Modell vorgestellt, das Sicherheitslücken so effektiv findet und ausnutzt, dass es vorerst nicht öffentlich verfügbar gemacht wird. Im Rahmen von „Project Glasswing“ soll es ausschließlich IT-Sicherheitsunternehmen zur Verfügung stehen, um kritische Software abzusichern – darunter jahrzehntealte Lücken in OpenBSD, FFmpeg und dem Linux-Kernel. Gleichzeitig sorgte ein Fehler rund um das KI-Coding-Tool Claude Code für Aufsehen. Wie gravierend war der Vorfall? - Von wegen Vollgas: Was hilft gegen die hohen Spritpreise? Diesel hat im bundesweiten Durchschnitt an Ostern erstmals die Marke von 2,50 Euro geknackt, auch E10 nähert sich dem Allzeithoch aus dem März 2022. Seit der Einführung der 12-Uhr-Tankregel Anfang April hat sich der Dieselpreis nochmals um fast 13 Cent verteuert. Welche Maßnahmen könnten kurzfristig tatsächlich helfen? Ist die 12-Uhr-Regelung gescheitert, bevor sie begonnen hat? Und wie weit trägt das Argument, die Energiewende sei die langfristig einzige echte Antwort auf Spritpreisrekorde? Außerdem wieder mit dabei: ein Nerd-Geburtstag, das WTF der Woche und knifflige Quizfragen.

The Real Cost of Technology Dependence, FreeBSD 15 Linuxator with CUDA, Bidirectional OPNsense/pfSense, Netbase, a SYN attack, and more... NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines The Real Cost of Technology Dependence: Building Independence with Open-Source Storage News Roundup Building Hierarchical Jails (Podman x Native Jail) on FreeBSD 15 FreeBSD 15.0 Linuxulator with CUDA Setup Bidirectional OPNsense/pfSense Firewall Configuration Migration/Conversion CLI SYN attack Syn attack follow up Netbase is Port of NetBSD Utilities to Another UNIX Like Operating Systems Beastie Bits OpenBSD -current moves to 7.9-beta - Delayed hibernation comes to OpenBSD/amd64 laptops Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

Designing OpenZFS Storage for Independence, The day Telnet died, PiDP 11/70, OpenBSD on SGI and more... NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines Designing OpenZFS Storage for Independence: Pool Architecture, Failure Domains, and Migration Paths 2026-01-14: The Day the telnet Died Reports of Telnet's Death Have Been Greatly Exaggerated News Roundup PiDP-11/70 Build Workshop OpenBSD on SGI: a rollercoaster story Terminals Should Generate 256 Color Palette FreeBSD tribal knowledge: Changes to snapshot strategy Beastie Bits BSDCan reg is now open An Oral History of Unix Major update to drm(4) code in OpenBSD-current (to linux 6.18.16) Patched FreeBSD AMIs Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

Jails for NetBSD, ARC and L2ARC sizing for Proxmox, Anatomy of bsd.rd, Docker Containers on FreeBSD, Running Time Machine inside a FreeBSD Jail, and more... NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines Jails for NetBSD ARC and L2ARC Sizing on Proxmox News Roundup Lab: Anatomy of bsd.rd — No Reboot Required Exploring Docker containers on FreeBSD Time Machine inside a FreeBSD jail After decades on Linux, FreeBSD finally gave me a reason to switch operating systems Beastie Bits - - Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Emelio - openbsd Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

Pool and Vdev topology for promox, KDE Plasma is not forcing systemd, Running a 2.11 BSD system, Booting NetBSD from a wedge and more... NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines Pool and VDEV Topology for Proxmox Workloads News Roundup KDE Plasma 6.6 is Not Forcing systemd(1) but Arguments Rage On. An old article with covering : Running and administrating a 2.11 BSD system Booting NetBSD from a wedge, the hard way Beastie Bits The NetBSD Foundation will participate in Google Summer of Code 2026! Solaris 11.4 SRU90: Preserve Boot Environments zfs-2.4.1 Hardening OPNsense: Using Q-Feeds to Block Malicious Traffic Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Gary - A nice blog Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines ZFS vs BTRFS Architects features and stability RHEL on ZFS Root: An Unholy Experiment News Roundup Slackware on Encrypted ZFS Root. https://tumfatig.net/2026/slackware-on-encrypted-zfs-root/ OpenIndiana Is Porting Solaris' IPS Package Management To Rust FreeBSD Jail Memory Metrics Tcl: The Most Underrated, But The Most Productive Programming Language How to Setup WireGuard on OpenBSD: The Ultimate Self-Hosted VPN Guide (2026) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

OpenZFS monitoring, hellosystems 0.8, GhostBSD and XLibre, Bhyve Exporters and 30 year old LibC issues. NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines OpenZFS Monitoring and Observability: What to Track and Why It Matters helloSystem 0.8 Released FreeBSD Based OS Inspired by macOS. https://itsfoss.gitlab.io/post/hellosystem-08-released-freebsd-based-os-inspired-by-macos/ News Roundup [Default GhostBSD to XLibre](https://github.com/ghostbsd/ghostbsd-build/pull/259] Addressing XLibre Change and GhostBSD Future Bhyve Prometheus Exporter for Sylve on FreeBSD. Linux GNU C Library Fixes Security Issue Present Since 1996 Beastie Bits NetBSD 11.0 RC1 available! The Book of PF, 4th Edition is now available December 2025 Finance Report LLDB improvements on FreeBSD Any desire for OnmiOS/Illumos Support : Now's your chance to convince me Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

GeoIP PF FreeBSD, ZFs in production, linuxulator feels like magic, XFCE is great, the scariest boot code, and more... NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines GeoIP-Aware Firewalling with PF on FreeBSD ZFS in Production: Real-World Deployment Patterns and Pitfalls News Roundup Xfce is great Linuxulator on FreeBSD Feels Like Magic The scariest boot loader code OpenBSD-current now runs as guest under Apple Hypervisor Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Matt - Audio Levels Interviews can be troublesome because there's only so much we can do with multiple guests with multiple feeds, and mulitple audio conditions. We can try to normalize but sometimes it's just not easy to do without editing taking an entire day.. Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

AT&T's $2000 shell, ZFS Scrubs and Data Integrity, FFS Backups, FreeBSD Home Nas, and more. NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines One too many words on AT&T's $2,000 Korn shell and other Usenet topics Understanding ZFS Scrubs and Data Integrity News Roundup FFS Backup FreeBSD: Home NAS, part 1 – configuring ZFS mirror (RAID1) 8 more parts! Beastie Bits The BSD Proposal UNIX Magic Poster Haiku OS Pulls In Updated Drivers From FreeBSD 15 FreeBSD 15.0 VNET Jails Call for NetBSD testing Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Gary - Links Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

This show has been flagged as Clean by the host. This series is dedicated to exploring little-known—and occasionally useful—trinkets lurking in the dusty corners of UNIX-like operating systems. As the zeroth entry of this series, we'll have a little introduction to what it is supposed to be about and why you might want to listen. So that you don't leave without getting at least one piece of useful information, it will end with a little curio that you might find helpful someday. Back in 2010, I was the editor of the newsletter, titled The Open Pitt, for the Western Pennsylvania Linux Users Group in Pittsburgh. We distributed it as a two-page PDF, so had to have enough material to fill each issue. Because we were having some trouble getting contributions, I started writing columns in a series called "UNIX Curio" to occupy the empty space. They were inspired in large part by examples I had seen of people re-inventing ways to do things when utilities for the same purpose had already existed for a long time. The obvious question is: just what is a UNIX Curio? Let's start with the first word, UNIX. While a lot of people write it "Unix" instead, I have chosen to put it in all capitals because that is the way The Open Group, which controls the trademark and the certification process to use it, spells the word 1 . The history of UNIX is complex (search online for more details 2 )—the short version is that many variants emerged, often introducing incompatibilities. Even within AT&T/Bell Laboratories, two major branches came out. The Research UNIX lineage, which includes Seventh Edition (sometimes called Version 7), was often used in universities and government while System III and its more popular successor System V were clearly intended as commercial products 3 . The University of California's BSD was also very influential. My intention is to talk about things that are relatively common; ideally, they would be present on a large majority of systems so you can actually use them. Luckily, there were people who recognized the value in compatibility, so in the mid-1980s they initiated the development of the POSIX standards 4 . Publication of these not only caused commercial UNIX versions to aim for conformance—it gave Free Software implementations of utilities and operating systems a stable base to shoot for rather than having to chase multiple moving targets. As a result, today's GNU/Linux, FreeBSD, NetBSD, and OpenBSD systems generally behave as specified in POSIX, even if they haven't officially earned the UNIX or POSIX labels, so I treat them as part of the UNIX world. Moving on to the second word, "curio," it just means "an object of curiosity, often one considered novel, rare, or bizarre." There are many well-used utilities in the UNIX world, but people forget about others because they are only useful in specific circumstances. And when those circumstances arise, these obscure ones don't always get remembered. One purpose of this series is to point out some of them and describe where they can be appropriately put to use. With the flexible tools available on UNIX systems and the ability to string them together, it shouldn't be surprising that people come up with new ways to accomplish a task. I don't want to claim that these curios are always the best way to do something, just that it can be helpful to know they exist and see the way someone else solved the problem. Also, if you're using an unfamiliar system, sometimes programs you are accustomed to employing might not be installed so it's good to know about options that are widely available. So why am I the person to talk about this subject? I am not a UNIX graybeard with decades of professional computing experience. If I did grow a beard, it would only be partially gray, and my working life has been spent in the engineering world mainly around safety equipment. Sadly, there I have been forced to use Windows almost exclusively. However, in my academic and personal pursuits, I have been involved with using UNIX and Linux for more than 30 years, so I do have a bit of a historical perspective. For some reason, when I encounter an unusual or obscure tool, I want to learn more about it, especially so if I find it to be useful in some way. After gaining that information, I might as well share it with you. In addition, I have been involved with Toastmasters International, a public speaking organization, for about 15 years so I have experience in presenting things orally. I was inspired to turn this article series into podcasts by murph 5 , who delivered a presentation at the 2025 OLF Conference describing how and why to contribute to Hacker Public Radio 6 . The show notes for curios 1 through 3 will consist of the articles as they were originally written (though with references added). Because some examples, especially code, can be difficult to understand when they are read out loud, the podcasts will sometimes present the information in a different way. Show notes for this curio 0 and for curios 4 and later will be written with the podcast format in mind, so they will more closely match what I say. Let's end with an actual curio to kick off the series. Have you ever needed a quick reminder about whether the file you're looking for can be found under the /usr or /var directories? On many UNIX systems, man hier will give you an overview of how the file hierarchy is organized. This manual page is not a standard, but was present in Seventh Edition UNIX 7 and many descendents, direct and indirect, including every Linux distribution I have ever used. There are attempts to standardize the layout; in the Linux world, the Filesystem Hierarchy Standard (FHS) 8 , now hosted by Freedesktop.org 9 , intends to set a path to be followed. It should be noted that systemd has its own idea of how things should be laid out based on the FHS; if it is in use, try man file-hierarchy instead as it will likely be a more accurate description. I hope this gives you a good idea of what to expect in future episodes. The first one will be about shell archives, so keep an eye on Hacker Public Radio's schedule for it to appear. References: The Open Group Trademarks https://www.opengroup.org/trademarks History of Unix https://en.wikipedia.org/wiki/History_of_Unix The Unix Tutorial, Part 3 https://archive.org/details/byte-magazine-1983-10/page/n133/mode/2up POSIX Impact https://sites.google.com/site/jimisaak/posix-impact Correspondent: murph https://hackerpublicradio.org/correspondents/0444.html OLF Conference - December 6th, 2025 https://www.youtube.com/watch?v=hyEunLtqbrA&t=25882 File system hierarchy https://man.cat-v.org/unix_7th/7/hier Finding a successor to the FHS https://lwn.net/Articles/1032947/ Freedesktop.org now hosts the Filesystem Hierarchy Standard https://lwn.net/Articles/1045405/ Provide feedback on this episode.

ZFS Scrubs and Data integrity, Propolice, FreeBSD vs Slackware and more. NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines Understanding ZFS Scrubs and Data Integrity The story of Propolice Desk reviews describe comment ask questions No reponses, no justications. [Tj's Desk](media/bsdnow649-tjs-desk.jpg) [Ruben's Desk](media/bsdnow649-rubens-desk.jpg) News Roundup FreeBSD vs. Slackware: Which super stable OS is right for you? Prometheus, Let's Encrypt, and making sure all our TLS certificates are monitored Wait, a repairable ThinkPad!? Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

FreeBSD's Future, 18 years of greytrapping, PF vs Linux firewalls, and more. NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines Powering the Future of FreeBSD Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off? BSDCan Organisating committee Interview News Roundup How I, a non-developer, read the tutorial you, a developer, wrote for me, a beginner BSD PF versus Linux nftables for firewalls for us Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

This is a recap of the top 10 posts on Hacker News on January 16, 2026. This podcast was generated by wondercraft.ai (00:30): Cloudflare acquires AstroOriginal post: https://news.ycombinator.com/item?id=46646645&utm_source=wondercraft_ai(01:56): STFUOriginal post: https://news.ycombinator.com/item?id=46649142&utm_source=wondercraft_ai(03:23): Just the BrowserOriginal post: https://news.ycombinator.com/item?id=46645615&utm_source=wondercraft_ai(04:49): Cursor's latest “browser experiment” implied success without evidenceOriginal post: https://news.ycombinator.com/item?id=46646777&utm_source=wondercraft_ai(06:16): Canada slashes 100% tariffs on Chinese EVs to 6%Original post: https://news.ycombinator.com/item?id=46648778&utm_source=wondercraft_ai(07:42): OpenBSD-current now runs as guest under Apple HypervisorOriginal post: https://news.ycombinator.com/item?id=46642560&utm_source=wondercraft_ai(09:09): East Germany balloon escapeOriginal post: https://news.ycombinator.com/item?id=46648916&utm_source=wondercraft_ai(10:35): 6-Day and IP Address Certificates Are Generally AvailableOriginal post: https://news.ycombinator.com/item?id=46647491&utm_source=wondercraft_ai(12:02): List of individual treesOriginal post: https://news.ycombinator.com/item?id=46641284&utm_source=wondercraft_ai(13:29): Michelangelo's first painting, created when he was 12 or 13Original post: https://news.ycombinator.com/item?id=46646263&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai

The Unix v4 recovery, webzfs, openbgpd 9.0, MidnightBSD 4.0, and more... NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines University of Utah team discovers rare computer relic (https://ksltv.com/science-technology/university-of-utah-discovers-rare-computer-relic/853296/) The attempt to read the UNIX V4 tape is underway! (https://mastodon.social/redirect/statuses/115747843746305391) UNIX V4 Tape from University of Utah (https://archive.org/details/utah_unix_v4_raw) UNIX V4 tape successfully recovered: First ever version of UNIX written in C is running again (https://www.theregister.com/2025/12/23/unix_v4_tape_successfully_recovered/) An initial analysis of the discovered Unix V4 tape (https://www.spinellis.gr/blog/20251223/) WebZFS (https://github.com/webzfs/webzfs) News Roundup OpenBGPD 9.0 released (https://www.undeadly.org/cgi?action=article;sid=20251231070524) MidnightBSD 4.0 (https://www.midnightbsd.org/notes/4.0/index.html) Let's run FreeBSD 15.0-RELEASE on a Raspberry Pi Zero 2 W (https://briancallahan.net/blog/20251216.html) Figuring out how I want to set up the TVPC (https://vulcanridr.mataroa.blog/blog/figuring-out-how-i-want-to-set-up-the-tvpc/) TVPC update (https://vulcanridr.mataroa.blog/blog/tvpc-update/) C&C Red Alert2 in your browser (https://chronodivide.com) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions rick - shout out.md (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/646/feedback/rick%20-%20shout%20out.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

Holidays 2025 - What you been do'in? NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines What tech did we enjoy playing with or found interesting in 2025? Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions - Gary - Storage Is Cheap (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/644/feedback/Gary%20-%20Storage%20Is%20Cheap.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

Upwrapping OpenZFS gifs, Propolice the OpenBSD Stack Protector, refreshing zpools, and the FreeBSD 15.0 release. NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines Unwrapping ZFS: Gifts from the Open Source Community (https://klarasystems.com/articles/zfs-community-contributions-2025/?utm_source=BSD%20Now&utm_medium=Podcast) Who wins when we filter the open web through an opaque system? (https://hidde.blog/filtered-open-web/) News Roundup We can't fund our way out of the free and open source maintenance problem (https://utcc.utoronto.ca/~cks/space/blog/tech/OpenSourceFundingNotSolution) The story of Propolice, the OpenBSD stack protector (https://www.undeadly.org/cgi?action=article;sid=20251212094310) Copying everything off a zpool, destroying it, creating a new one, and copying everything back (https://dan.langille.org/2025/12/11/copying-everything-off-a-zpool-destroying-it-creating-a-new-one-and-copying-everything-back/) All aboard the 15.0-RELEASE train! (https://vulcanridr.mataroa.blog/blog/all-aboard-the-150-release-train/) Beastie Bits Running A PDP-8 From 1965 (https://www.youtube.com/watch?v=S2r_GujSc6w) The library of time (https://libraryoftime.xyz) OPNsense 25.7.9 released (https://forum.opnsense.org/index.php?topic=49986.0) - OPNsense 25.10.1 business edition released (https://forum.opnsense.org/index.php?topic=50052.0) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Martin - recordings (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/643/feedback/Martin%20-%20recording%20of%20bsdnow.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

FreeBSD 15 release, moving from OpenBSD to FreeBSD, ZFS Boot Environments explained, and more... NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines Welcome to the world FreeBSD 15.0-RELEASE Announcement (https://www.freebsd.org/releases/15.0R/announce/) and Release Notes (https://www.freebsd.org/releases/15.0R/relnotes/) We're (now) moving from OpenBSD to FreeBSD for Firewalls (https://utcc.utoronto.ca/~cks/space/blog/sysadmin/OpenBSDToFreeBSDMove) - Submitted by listener Gary News Roundup ZFS Boot Environments Explained (https://vermaden.wordpress.com/2025/11/25/zfs-boot-environments-explained/) Why I (still) love Linux (https://it-notes.dragas.net/2025/11/24/why-i-still-love-linux/) rocinante - A configuration management tool by the BastilleBSD team (https://github.com/BastilleBSD/rocinante) A Grown-up ZFS Data Corruption Bug (https://github.com/oxidecomputer/oxide-and-friends/blob/master/2025_11_24.md) and YouTube (https://www.youtube.com/watch?v=srKYxF66A0c) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Claudio - A Silent Reflection (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/641/feedback/Claudio%20-%20Reflection.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

FreeBSD is an OCI runtime, ZFS Disaster Recovery, Cleaning up Hammer, and some historical information, and more... NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines FreeBSD Officially Supported in OCI Runtime Specification v1.3 (https://freebsdfoundation.org/blog/freebsd-officially-supported-in-oci-runtime-specification-v1-3) ZFS Enabled Disaster Recovery for Virtualization (https://klarasystems.com/articles/zfs-enabled-disaster-recovery-virtualization?utm_source=BSD%20Now&utm_medium=Podcast) News Roundup How I think OpenZFS's 'written' and 'written@' dataset properties work (https://utcc.utoronto.ca/~cks/space/blog/solaris/ZFSWrittenPropertyHowItWorks) Make sure your Hammer cleanup cleans up (https://www.dragonflydigest.com/2025/11/13/make-sure-your-hammer-cleanup-cleans-up) [TUHS] David C Brock of CHM: 2024 oral history with Ken Thompson + Doug McIlroy (https://www.tuhs.org/pipermail/tuhs/2025-November/032751.html) Special Issue “Celebrating 60 Years of ELIZA? Critical Pasts and Futures of AI” (https://ojs.weizenbaum-institut.de/index.php/wjds/announcement/view/8) Source and state limiters introduced in pf (https://undeadly.org/cgi?action=article;sid=20251112132639) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Göran - grafana (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/640/feedback/G%C3%B6ran%20-%20grafana.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

Reproducible builds, Highly available ZFS Pools, Self Hosting on a Framework Laptop, and more... NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines FreeBSD now builds reproducibly and without root privilege (https://freebsdfoundation.org/blog/freebsd-now-builds-reproducibly-and-without-root-privilege) How to Set Up a Highly Available ZFS Pool Using Mirroring and iSCSI (https://klarasystems.com/articles/highly-available-zfs-pool-setup-with-iscsi-mirroring?utm_source=BSD%20Now&utm_medium=Podcast) News Roundup Self hosting 10TB in S3 on a framework laptop + disks (https://jamesoclaire.com/2025/10/05/self-hosting-10tb-in-s3-on-a-framework-laptop-disks/) Crucial FreeBSD Toolkit (https://vermaden.wordpress.com/2025/07/08/crucial-freebsd-toolkit/) Some notes on OpenZFS's 'written' dataset property (https://utcc.utoronto.ca/~cks/space/blog/solaris/ZFSSnapshotWrittenProperty) vi improvements on Dragonfly (https://www.dragonflydigest.com/2025/10/28/vi-improvements) Big news for small /usr partitions (https://undeadly.org/cgi?action=article;sid=20251112121631) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Patrick - Feedback (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/639/feedback/patrick%20-%20notes.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

New Open Indiana Release, Understanding Storage Performance, a Unix OS for the TI99, FreeBSD Tribal knowledge, and more... NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines Signifier flotation devices (https://davidyat.es/2025/09/27/signifier-flotation-devices) Open Indiana Hipster Announcement (https://openindiana.org/announcements/openindiana-hipster-2025-10-announcement/) Understanding Storage Performance Metrics (https://klarasystems.com/articles/understanding-storage-performance-metrics?utm_source=BSD%20Now&utm_medium=Podcast) News Roundup UNIX99, a UNIX-like OS for the TI-99/4A (https://forums.atariage.com/topic/380883-unix99-a-unix-like-os-for-the-ti-994a) Making the veb(4) virtual Ethernet bridge VLAN aware (https://undeadly.org/cgi?action=article;sid=20251029114507) FreeBSD tribal knowledge: minor version upgrades (https://vulcanridr.mataroa.blog/blog/freebsd-tribal-knowledge-minor-version-upgrades) It's been 10 years since ZFS's 10th aniversary its integration into Solaris - A Reflection (https://blogs.oracle.com/oracle-systems/post/happy-10th-birthday-zfs) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

Thunderbolt on FreeBSD, ZFS on Illumos and Linux and FreeBSD, ZFS Compression, Home networking monitoring, LibreSSH and OpenSSH releases and more... NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines Thunderbolt on FreeBSD (https://blog.feld.me/posts/2025/10/thunderbolt-on-freebsd) The broad state of ZFS on Illumos, Linux, and FreeBSD (as I understand it) (https://utcc.utoronto.ca/~cks/space/blog/solaris/ZFSOnIllumosLinuxAndFreeBSD) News Roundup zfs: setting compression and adding new vdevs (https://dan.langille.org/2025/10/18/zfs-setting-compression-and-adding-new-vdevs) The hunt for a home network monitoring solution (https://vulcanridr.mataroa.blog/blog/the-hunt-for-a-home-network-monitoring-solution) LibreSSL 4.2.0 Released (https://www.undeadly.org/cgi?action=article;sid=20251015043527) OpenSSH 10.2 released (https://www.undeadly.org/cgi?action=article;sid=20251010131052) - Related to 10.x versions : Post-Quantum Cryptography (https://www.openssh.com/pq.html) Check your IP infos using nginx (https://www.tumfatig.net/2025/check-your-ip-infos-using-nginx) Experimenting with Compression (just given an overview, I dont exepect you to read the all three writeups fully) Experimenting with compression off (https://dan.langille.org/2025/10/06/experimenting-with-compression-off/) Experimenting with compression=lz4 (https://dan.langille.org/2025/10/06/experimenting-with-compressionlz4/) Experimenting with compression=zstd (https://dan.langille.org/2025/10/06/experimenting-with-compressionzstd/) Compression results (https://dan.langille.org/2025/10/06/compression-results) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Anton - Boxybsd (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/636/feedback/anton%20-%20boxybsd.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

OpenBSD 7.8, Building Enterprise Storage with Proxmox, SSD performance, Virtual Machines and more... NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines OpenBSD 7.8 Released (https://www.openbsd.org/78.html) also (https://undeadly.org/cgi?action=article;sid=20251022025822) and (https://bsd.network/@brynet/115403567146395679) Building Enterprise-Grade Storage on Proxmox with ZFS (https://klarasystems.com/articles/building-enterprise-grade-storage-on-proxmox-with-zfs) News Roundup [TUHS] Was artifacts, now ethernet (https://www.tuhs.org/pipermail/tuhs/2025-July/032268.html) I wish SSDs gave you CPU performance style metrics about their activity (https://utcc.utoronto.ca/~cks/space/blog/tech/SSDWritePerfMetricsWish) Migrate a KVM virtual machine to OmniOS bhyve (https://www.tumfatig.net/2025/migrate-a-kvm-virtual-machine-to-omnios-bhyve) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions brad - bhyve (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/635/feedback/brad%20-%20bhyve.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

Why Self-host?, Advanced ZFS Dataset Management, Building a Simple Router with OpenBSD, Minimal pkgbase jails / chroots, WSL-For-FreeBSD, Yubico yubikey 5 nfc on FreeBSD, The Q3 2025 Issue of the FreeBSD Journal, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines Why Self-host? (https://romanzipp.com/blog/why-a-homelab-why-self-host) Advanced ZFS Dataset Management: Snapshots, Clones, and Bookmarks (https://klarasystems.com/articles/advanced-zfs-dataset-management/) News Roundup Building a Simple Router with OpenBSD (https://btxx.org/posts/openbsd-router/) Minimal pkgbase jails / chroots (https://forums.FreeBSD.org/threads/minimal-pkgbase-jails-chroots-docker-oci-like.99512/) WSL-For-FreeBSD (https://github.com/BalajeS/WSL-For-FreeBSD) Yubico yubikey 5 nfc on FreeBSD (https://forums.freebsd.org/threads/yubico-yubikey-5-nfc-on-freebsd.99529) The Q3 2025 Issue of the FreeBSD Journal is Now Available (https://freebsdfoundation.org/blog/the-q3-2025-issue-of-the-freebsd-journal-is-now-available/) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

ZFS Features, Roadmap, and Innovations, Magical systems thinking, How VMware's Debt-Fueled Acquisition Is Killing Open Source, OpenSSH 10.1 Released, KDE Plasma 6 Wayland on FreeBSD, Unix Co-Creator Brian Kernighan on Rust, Distros and NixOS, Balkanization of the Internet, GhostBSD 25.02 adds 'Gershwin' desktop for a Mac-like twist, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines What the Future Brings – ZFS Features, Roadmap, and Innovations (https://klarasystems.com/articles/zfs-new-features-roadmap-innovations?utm_source=BSD%20Now&utm_medium=Podcast) Magical systems thinking (https://worksinprogress.co/issue/magical-systems-thinking) The $69 Billion Domino Effect: How VMware's Debt-Fueled Acquisition Is Killing Open Source, One Repository at a Time (https://fastcode.io/2025/08/30/the-69-billion-domino-effect-how-vmwares-debt-fueled-acquisition-is-killing-open-source-one-repository-at-a-time) News Roundup OpenSSH 10.1 Released (https://www.openssh.com/txt/release-10.1) KDE Plasma 6 Wayland on FreeBSD (https://euroquis.nl/kde/2025/09/07/wayland.html) Unix Co-Creator Brian Kernighan on Rust, Distros and NixOS (https://thenewstack.io/unix-co-creator-brian-kernighan-on-rust-distros-and-nixos) GhostBSD 25.02 adds 'Gershwin' desktop for a Mac-like twist (https://www.theregister.com/2025/08/27/ghostbsd_2502/) Beastie Bits Adventures in porting a Wayland Compositor to NetBSD and OpenBSD by Jeff Frasca (https://www.youtube.com/watch?v=oo_8gnWQ4xo) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Kylen - CVEs (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/633/feedback/Kylen%20-%20CVEs.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)