Podcasts about SSL

  • 991PODCASTS
  • 2,603EPISODES
  • 49mAVG DURATION
  • 5WEEKLY NEW EPISODES
  • Jun 22, 2026LATEST

POPULARITY

20192020202120222023202420252026

Categories



Best podcasts about SSL

Show all podcasts related to ssl

Latest podcast episodes about SSL

Les Cast Codeurs Podcast
LCC 341 - Endives ou Chicorée ?

Les Cast Codeurs Podcast

Play Episode Listen Later Jun 22, 2026 67:11


JDK 26 optimise la JVM dans ses moindres recoins, le SDK Java d'Agent2Agent passe en 1.0, Micronaut 5 est là. Côté terrain, un retour d'expérience après 40 jours à coder avec 100 % d'IA : génie ou junior, Alzheimer numérique et dette technique invisible. Pendant ce temps, GitLab restructure, Microsoft suspend ses licences Claude Code, et un développeur injecte un prompt destructeur dans sa lib JUnit. La révolution IA a un coût et les boites commencent à s'en rendre compte. Enregistré le 12 juin 2026 Téléchargement de l'épisode LesCastCodeurs-Episode-341.mp3 ou en vidéo sur YouTube. News Langages Les améliorations de performance dans le JDK 26 https://inside.java/2026/06/09/jdk-26-performance-improvements/ Côté bibliothèques, l'API LazyConstant (anciennement StableValue) fait son entrée en prévisualisation pour permettre une initialisation paresseuse, sécurisée pour les threads et optimisée par le mécanisme de constant-folding de la JVM. L'extraction de chaînes de caractères via MemorySegment::getString a été revue pour réduire considérablement les allocations intermédiaires et les copies en mémoire off-heap, accélérant fortement les traitements sur les chemins critiques (hot paths). La méthode générée automatiquement hashCode() pour les classes de type record a été optimisée par la JVM pour atteindre un niveau de performance équivalent à une implémentation écrite manuellement. Le ramasse-miettes G1 bénéficie du JEP 522 qui redessine sa table de cartes (card-table) afin de réduire les coûts de synchronisation des barrières d'écriture, offrant un gain de débit de 5 % à 15 % sur les applications manipulant énormément de références d'objets. Grâce au JEP 516 (Project Leyden), le cache d'objets Ahead-of-Time (AOT) adopte un format de flux agnostique, ce qui lui permet d'être compatible avec n'importe quel Garbage Collector, y compris le ramasse-miettes à très faible latence ZGC. Le démarrage de la JVM s'accélère par défaut lorsqu'aucune taille de tas n'est configurée, car HotSpot n'applique plus de pourcentage initial (InitialRAMPercentage) mais démarre directement avec la taille minimale (MinHeapSize) pour éviter d'allouer des métadonnées inutiles. Les threads virtuels gagnent en robustesse en étant désormais capables de céder la main (yield) pendant les phases d'initialisation des classes, éliminant ainsi le risque de famine des threads porteurs (carrier threads). Le compilateur C2 JIT améliore son modèle de coût pour la vectorisation des boucles (SIMD) et se montre maintenant capable de compiler et d'optimiser des méthodes dotées de listes de paramètres extrêmement longues. Librairies Release candidate du A2A Java SDK supportant versions 0.3 et 1.0 en même temps https://medium.com/google-cloud/a2a-java-sdk-1-0-0-cr1-released-f0c651ec9139 Dernière étape avant la GA : Toutes les fonctionnalités prévues pour la version 1.0 sont finalisées. Migration simplifiée depuis la Beta1. Compatibilité v0.3 : Ajout d'une couche de compatibilité permettant aux agents v1.0 de communiquer avec les systèmes v0.3 (via JSON-RPC, gRPC ou REST). Support natif pour Android (nouvel AndroidHttpClient). Uniformisation des clients HTTP pour garantir une cohérence entre les versions. Nouveau parseur SSE (Server-Sent Events) conforme aux spécifications. Ça y est, le SDK Java de l'Agent 2 Agent Protocol est sorti en version 1.0 finale ! (avec compatibilité v0.3 et v1.0) https://medium.com/google-cloud/a2a-java-sdk-1-0-0-final-released-10c05b6aee34 Lancement officiel : Sortie de A2A Java SDK 1.0.0.Final, la première version stable (GA) du protocole Agent2Agent. Objectif du protocole : Standard ouvert (Linux Foundation) permettant aux agents IA de communiquer, déléguer des tâches et collaborer, indépendamment du langage ou du framework. Interopérabilité : Introduction de l'Integration Test Kit (ITK) pour valider la compatibilité entre les SDK (Java, Python, TypeScript, etc.). Transports supportés : Support complet et équivalent pour JSON-RPC, gRPC et HTTP+JSON/REST. Alignement total avec la spécification A2A 1.0.0. Passage aux Java records pour l'immutabilité et moins de code répétitif. Architecture interne basée sur un MainEventBus pour garantir la persistance et éviter les conditions de concurrence. Intégration d'OpenTelemetry pour le suivi et la surveillance. Support d'Android et compatibilité descendante avec la version 0.3. Installation : Gestion des dépendances via Maven BOM (org.a2aproject.sdk). Sortie de Micronaut 5.0 https://micronaut.io/2026/05/20/micronaut-framework-5-0-0-released/ Lancement majeur : Disponibilité générale de Micronaut 5, incluant une refonte de plus de 70 modules et la plateforme BOM. Baselines techniques : Support de Java 25, Groovy 5, Kotlin 2.3 et GraalVM 25.0.3. Optimisations internes : Amélioration significative des performances au démarrage et réduction de la surcharge à l'exécution via une refonte du conteneur IoC et du traitement à la compilation. Architecture HTTP : Support stable de HTTP/3, nouvelle API de formulaires (multipart) et annotations de nullabilité (JSpecify) pour une meilleure interopérabilité Kotlin/IDE. Configuration : Nouveau système d'importation de configuration (remplaçant le Bootstrap Configuration) et validateur de schéma JSON intégré. Fiabilité : Nouvelles API programmatiques pour les politiques de retry et circuit breaker. Sécurité & Outils : Mise à jour majeure des dépendances (Jackson 3, Ktor 3), rafraîchissement du Panneau de contrôle et diagnostics AOT améliorés. Écosystème : Mises à jour complètes pour les bases de données (Data, SQL, R2DBC, MongoDB, Redis), le cloud (AWS, Azure, GCP, OCI) et les tests (JUnit 6, Testcontainers 2.0). Évolutions notables : Intégration HTMX dans Micronaut Views, retrait du support RxJava 2 et migration de divers processeurs d'annotations vers des modules dédiés. Comment rajouter un agent IA dans une app Android, avec le tout nouveau framework ADK pour Kotlin https://glaforge.dev/posts/2026/05/21/wiring-adk-kotlin-agents-in-an-android-application/ Guillaume a participé au développement et au lancement du nouveau runtime ADK pour Kotlin et Android https://developers.googleblog.com/adk-kotlin-android-building-ai-agents/ Tutoriel sur comment intégrer un agent ADK dans une app Dépendances : Ajout du noyau ADK (google-adk-kotlin-core) et du processeur KSP dans build.gradle.kts. Sécurité API : Utilisation de local.properties pour stocker la clé API Gemini et l'exposer via BuildConfig afin d'éviter le hardcoding. Définition de l'agent : Création d'un objet LlmAgent configuré avec le modèle Gemini, des instructions spécifiques et des outils (ex: GoogleSearchTool). Utilisation de InMemoryRunner pour gérer automatiquement le contexte et l'historique de la session. Implémentation de runAsync avec StreamingMode.SSE pour un retour en temps réel dans l'interface. Threading : Exécution des requêtes réseau sur Dispatchers.IO et mise à jour de l'état de l'interface utilisateur sur Dispatchers.Main. Comment développer et hoster des agents IA sur la plateforme d'agents managés de DeepMind https://glaforge.dev/posts/2026/05/21/managed-agents-with-the-gemini-interactions-java-sdk/ L'équipe DeepMind de Google a lancé une plateforme d'agents managés sur son API Gemini Interactions https://blog.google/innovation-and-ai/technology/developers-tools/managed-agents-gemini-api/ Guillaume a implémenté un SDK Java pour utiliser cette API Gemini Interactions, qui donne entre autre accès à tous les modèles mais aussi à cette plateforme managée d'agents IA Agents managés : Permet d'exécuter des agents autonomes qui raisonnent, planifient et exécutent du code dans des environnements isolés (sandboxes), sans gestion d'infrastructure par le développeur. Environnement distant : Utilise des espaces de travail Linux éphémères dans le cloud via le paramètre remote, permettant l'accès réseau et la persistance des fichiers sur plusieurs appels. Agents prédéfinis : Accès immédiat à des agents spécialisés comme deep-research-pro (recherche multi-étapes) ou antigravity (tâches de codage généralistes). Agents personnalisés : Possibilité de configurer ses propres agents avec des instructions système dédiées, des outils spécifiques (exécution de code, recherche Google) et des règles réseau (egress) personnalisées. Architecture basée sur les étapes (Steps) : Utilise une structure de données typée (Step, Content) pour suivre le raisonnement de l'agent, ses appels de fonctions et ses résultats en temps réel. Outils et Schémas : Inclut des utilitaires pour générer des schémas JSON complexes via une interface fluide (DSL), par réflexion Java ou par parsing JSON. Streaming réactif : Support natif des événements en temps réel (SSE) pour suivre la progression de l'agent et recevoir les deltas de contenu au fur et à mesure de la génération. Flexibilité : Fournit un gestionnaire de routage (InteractionsHandler) pour créer facilement des serveurs proxy ou des backends intermédiaires traitant les interactions Gemini. Spring Boot 4.1 https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-4.1-Release-Notes Support natif pour Spring gRPC permettant de créer et tester facilement des applications clientes et serveurs basées sur Netty ou des Servlets via HTTP/2 Introduction du lazy fetching pour les connexions JDBC via la propriété spring.datasource.connection-fetch=lazy afin de ne prendre une connexion du pool que lorsqu'un Statement est réellement exécuté Amélioration de l'auto-configuration de Jackson permettant de définir globalement les contraintes de lecture/écriture pour les formats JSON, XML et CBOR via des propriétés de configuration Sécurisation des clients HTTP bloquants et réactifs face aux attaques SSRF grâce à l'introduction d'un InetAddressFilter bloquant les requêtes sortantes vers des adresses spécifiques Améliorations majeures autour d'OpenTelemetry avec le support complet des variables d'environnement OTel, la possibilité de désactiver le SDK via une propriété globale et l'ajout du support SSL sur les exporters OTLP Ajout de l'auto-configuration pour l'utilisation de Spring Batch avec MongoDB incluant un nouveau starter dédié spring-boot-batch-data-mongo Auto-configuration des endpoints @RedisListener sans nécessiter la déclaration manuelle d'un RedisMessageListenerContainer Dépréciation du support de Apache Derby (projet arrêté), suppression définitive du mode layertools du JAR et réintroduction du support de Spock 2.4 (avec Groovy 5) Upgrade des dépendances majeures de l'écosystème avec notamment Spring Framework 7.0.8, Spring Security 7.1.0 et Micrometer 1.17.0 Outillage Vous êtes plutôt endive ou chicorée ? La librairie Chicory qui permet d'exécuter du code WASM à partir de son application Java est forkée et rejointe la Bytecode Alliance pour continuer son développement https://bytecodealliance.org/articles/endive-and-the-next-chapter-of-webassembly-on-the-jvm Annonce d'Endive : Nouveau projet hébergé par la Bytecode Alliance ; fork de Chicory (moteur WebAssembly pur Java, sans dépendance native). ​Objectif principal : Permettre aux développeurs Java d'intégrer, charger et déployer des modules Wasm nativement via les workflows Java habituels. ​Compilateur "Redline" : Intégration à venir de Redline (basé sur Cranelift) pour compiler le Wasm en code machine natif ; performances comparables à Rust/Wasmtime. ​Zéro dépendance (Java 25+) : Grâce à l'API standard Foreign Function & Memory (Project Panama), l'exécution à vitesse native se fait sans composants externes. ​Modèle de Composants (Component Model) : Support futur prévu pour consommer des composants (Rust, Go, JS, etc.) via des interfaces typées et sécurisées directement dans la JVM. ​Prochaines étapes : Fusion de Redline, conformité stricte aux specs Wasm (dont WasmGC) et amélioration du support WASI. Un visualisateur de sessions de travail avec Antigravity https://glaforge.dev/posts/2026/06/11/antigravity-brain-visualizer/ Un projet open source construit avec Micronaut, LangChain4j et GraalVM pour analyser les sessions de travail avec l'outil de développement agentique Antigravity (de Google) Analyse toutes les étapes, les requêtes utilisateur, les outils utilisés, les erreurs rencontrées, les réponses du modèle Gemini fait une analyse pour comprendre les moments clés de cette session de travail Outil buildé avec l'aide d'Antigravity lui-même SBX-Kits : des environnements de développement simplifiés pour les débutants (et les autres) https://k33g.org/20260501-sbx-kits.html Philippe Charrière (:whale: ) présente SBX-Kits (Sandbox Kits), une initiative personnelle visant à simplifier radicalement la mise en place d'environnements de développement pour les débutants, en éliminant la complexité d'installation des outils traditionnels. Chaque "kit" est une archive prête à l'emploi contenant un outil de développement spécifique (comme un langage, un framework ou une base de données) configuré pour s'exécuter de manière isolée et portable. La philosophie du projet repose sur le principe de "zéro configuration" et "zéro dépendance globale", permettant de tester une technologie ou de commencer à coder immédiatement sans polluer son système d'exploitation. L'approche technique s'appuie sur des scripts légers et des binaires portables pré-packagés, offrant une alternative plus simple et moins gourmande en ressources que les conteneurs Docker ou les configurations d'IDE complexes pour l'apprentissage. L'objectif à terme est de proposer un catalogue de kits couvrant les technologies courantes (JavaScript, Python, petites bases de données) pour faciliter les ateliers de programmation et le prototypage rapide. De nombreux kits sont disponibles sur https://github.com/docker/sbx-kits-contrib ghui: une interface utilisateur en ligne de commande (TUI) interactive pour GitHub https://github.com/kitlangton/ghui ghui est un outil en ligne de commande (TUI) écrit en Rust qui fournit une interface visuelle, interactive et rapide directement dans le terminal pour interagir avec GitHub. Il permet de gérer ses pull requests, ses issues et ses notifications sans avoir à ouvrir son navigateur web ou à taper de longues commandes avec la CLI officielle de GitHub. L'outil propose une navigation fluide au clavier, des raccourcis efficaces, et permet de réaliser des actions courantes comme valider une PR, ajouter des commentaires, attribuer des reviewers ou inspecter les logs des GitHub Actions. Conçu pour être extrêmement réactif, ghui s'intègre naturellement dans le flux de travail des développeurs adeptes du terminal et du mode "sans souris". Sortie de Homebrew 6.0.0 https://brew.sh/2026/06/11/homebrew-6.0.0/ Introduction du mécanisme de sécurité Tap Trust : comme les dépôts tiers (taps) peuvent exécuter du code Ruby arbitraire non sandboxé sur la machine, Homebrew demande désormais une confiance explicite de l'utilisateur avant d'évaluer ou d'exécuter leur code. L'API JSON interne devient le choix par défaut, offrant un système plus léger et beaucoup plus rapide pour les développeurs. Sécurisation renforcée de l'environnement avec l'implémentation du sandboxing sur Linux. Évolution des comportements par défaut basés sur un sondage utilisateur : le mode "ask" est activé par défaut pour les développeurs, affichant un résumé des dépendances et une demande de confirmation avant toute action de brew install ou brew upgrade. Améliorations notables des performances globales, notamment un boost de ~30 % sur la vitesse de la commande brew leaves et la parallélisation de la récupération des bottles (binaires) lors des mises à jour. Ajout du support initial pour la prochaine version d'Apple, macOS 27 (Golden Gate). Multiples optimisations pour brew bundle, incluant une gestion plus sécurisée des installations de paquets npm. Méthodologies Retour d'expérience très détaillé et 100% humain sur 40 jours avec une équipe 100% AI hormis le superviseur https://www.linkedin.com/pulse/jai-vir%C3%A9-mon-%C3%A9quipe-de-dev-pour-une-100-ia-pendant-40-luc-bonnin-jlgjf/ Voici le résumé en bullet points : Expérimentation de 40 jours : remplacer une équipe de dev par 100% IA agentique (Cursor) sur un vrai projet en production (playthatsheet.com, 200k lignes de code legacy) Chiffres bruts : 2,3 milliards de tokens consommés, 1 477 prompts, 260 564 lignes ajoutées (+145%), 59% du code final produit par l'IA ROI vertigineux à court terme : 9 mois de travail humain livrés en 40 jours, coût total 260$ d'abonnement + 15 jours de supervision, ROI x18 Profil psy de l'IA : Alzheimer (oublis de contexte), schizophrène (change de méthodo), ado de 12 ans (refait les mêmes erreurs), oscille entre génie et junior sans prévenir Effet iceberg : la dette technique ne disparaît pas, elle se camoufle et s'accélère ; hallucinations = bombes à retardement détectables uniquement par relecture humaine ligne par ligne Paradoxe du bateau de Thésée : perte de paternité et de maîtrise fine du code, baisse de l'autonomie du dev humain qui valide sans avoir construit Arnaque du "monkey money" : consommation de tokens opaque, non corrélée à la complexité (écart de 350% sur des prompts identiques), facturation imprévisible donc impossible à budgéter Syndrome du bazooka : les devs utilisent l'IA même pour changer une couleur CSS, atrophie progressive des compétences et coût écologique délirant Risque stratégique : dépendance irréversible aux vendeurs de tokens (Nvidia, Anthropic, OpenAI), business non rentable qui devra augmenter ses prix Conseil final : approche Pareto, garder 20% du temps en code "fait main", nommer un responsable stratégie IA, l'humain senior reste irremplaçable pour superviser Une libraries de test JUnit cache un prompt qui demande aux coding agents d'effacer les tests https://arstechnica.com/security/2026/05/fed-up-with-vibe-coders-dev-sneaks-data-nuking-prompt-injection-into-their-code/ Agacé par les « vibe coders », un développeur introduit une injection de prompt destructrice dans son code Le développeur de jqwik (un moteur de tests pour JUnit 5) a volontairement inséré une injection de prompt dans la version 1.10.0 de sa bibliothèque Java pour saboter le travail des agents d'IA. L'instruction injectée via la sortie standard (stdout) ordonne textuellement aux LLM d'ignorer les consignes précédentes et de supprimer l'intégralité du code et des tests jqwik du projet. Pour dissimuler cette action aux yeux des développeurs humains, le mainteneur a utilisé des séquences d'échappement ANSI qui effacent la ligne d'injection dans les émulateurs de terminaux interactifs. La modification a été découverte par un utilisateur qui a pointé du doigt les risques majeurs et disproportionnés pour les machines des utilisateurs, bien que certains outils comme Claude d'Anthropic aient détecté et bloqué la consigne malveillante. Face aux critiques de la communauté et aux accusations de comportement infantile ou potentiellement illégal, le développeur a mis à jour ses notes de version pour documenter explicitement son opposition à l'usage de son outil par des IA, avant de refuser tout commentaire supplémentaire sur conseil de son avocat. La réalité du rôle de Principal Engineer https://leaddev.com/career-development/reality-being-principal-engineer Le passage au rôle de Principal Engineer marque une transition majeure où les compétences techniques ne suffisent plus, l'impact se mesurant désormais à travers l'influence, la stratégie et la capacité à aligner la technique avec les objectifs business. Contrairement aux attentes, le quotidien est souvent marqué par une forme d'isolement, car le poste se situe à l'intersection de la direction (qui attend des solutions) et des équipes techniques (qui attendent des directives), sans appartenance directe à un groupe précis. Le rôle exige d'accepter une grande part d'ambiguïté et l'absence de retours immédiats, les projets et les décisions stratégiques mettant parfois des mois ou des années à porter leurs fruits. La gestion du temps devient un défi critique, nécessitant de savoir naviguer entre les sollicitations constantes, la présence en réunion et le besoin de préserver des moments de réflexion approfondie pour concevoir des visions à long terme. La réussite à ce niveau repose sur le développement de compétences humaines pointues (soft skills), notamment la négociation, la communication vulgarisée auprès des profils non techniques, et la capacité à faire grandir les autres ingénieurs par le mentorat. Sécurité Une attaque de la chaîne d'approvisionnement npm utilise binding.gyp pour compromettre des dizaines de paquets https://cybersecuritynews.com/binding-gyp-supply-chain-attack-compromises-dozens-of-npm-packages/ Une nouvelle variante du ver auto-propageable "Shai-Hulud", baptisée "Miasma", cible l'écosystème npm (et PyPI sous le nom de "Hades") en dissimulant son exécution dans le fichier binding.gyp au lieu des scripts classiques preinstall ou postinstall. La technique, surnommée "Phantom Gyp", exploite le fait que npm lance automatiquement node-gyp rebuild dès qu'un fichier binding.gyp est présent à la racine d'un paquet pour compiler des modules natifs C/C++, exécutant ainsi le code malveillant dès la commande npm install. L'attaque contourne la plupart des outils de sécurité traditionnels car l'injection s'appuie sur l'évaluation récursive de commandes (via la syntaxe ) ou directement sur la fonction eval() de Python sous-jacente à GYP, cachée sous n'importe quelle clé du fichier. Le script malveillant télécharge un runtime alternatif (Bun) pour échapper aux détections comportementales de Node.js, puis moissonne les identifiants et secrets des développeurs et des environnements CI/CD (npm, GitHub, AWS, GCP, Azure, Kubernetes, HashiCorp Vault). Plus de 57 paquets npm (dont le SDK serveur de Vapi ou des outils liés à l'IA) et des dizaines de paquets PyPI ont été infectés via des comptes de mainteneurs compromis, le ver republiant automatiquement de nouvelles versions vérolées en utilisant les jetons volés. Loi, société et organisation Restructuration chez Gitlab https://about.gitlab.com/blog/gitlab-act-2/ GitLab entame une restructuration majeure pour s'adapter à l'ère de l'intelligence artificielle agentique, incluant une réduction d'effectifs planifiée de manière transparente et ouverte. L'entreprise prévoit de réduire de 30 % le nombre de pays où elle maintient de petites équipes, d'aplatir sa hiérarchie en supprimant jusqu'à trois niveaux de gestion, et de réorganiser la R&D en une soixantaine d'équipes plus petites et autonomes. Les processus internes vont être revus en intégrant des agents d'IA pour automatiser les revues, les approbations et les passages de relais afin d'accélérer le rythme de travail. La stratégie repose sur la conviction que le logiciel sera bientôt écrit par des machines et dirigé par des humains, ce qui va multiplier la demande de logiciels et transformer le rôle des ingénieurs vers la résolution de problèmes complexes. Sur le plan technique, GitLab reconstruit son infrastructure sous-jacente (notamment Git) pour supporter la charge massive générée par les agents d'IA, tout en misant sur l'orchestration du cycle de vie, la centralisation du contexte des données et une gouvernance intégrée. Le modèle économique évolue vers un système hybride combinant les abonnements classiques et une tarification à la consommation pour le travail effectué par les agents d'IA. Un LLM local sur un mac pourrait coûter plus cher en électricité qu'un modèle hébergé sur OpenRouter dans le cloud https://www.williamangel.net/blog/2026/05/17/offline-llm-energy-use.html Conclusion : L'inférence locale sur Mac M5 Max est 3x plus chère et 2x plus lente que le cloud (OpenRouter). Électricité : Négligeable (~0,02 $/heure pour 50-100W). Matériel (Le vrai coût) : Achat du Mac à 4 299 $; l'amortissement sur 3 à 5 ans plombe la rentabilité horaire. Coût au million de tokens (Gemma 4 31b) : Mac M5 Max : 0,40 à4, 79 (pour 10-40 tokens/s). OpenRouter : 0,38 à0, 50 (pour 60-70 tokens/s). Verdict pro : Le temps humain perdu à cause de la lenteur locale coûte infiniment plus cher que les tokens cloud. Privilégier les API (Anthropic, OpenRouter). Ai didn't kill your junior pipeline https://andrewmurphy.io/blog/ai-didnt-kill-your-junior-pipeline-you-did L'IA n'a pas tué le recrutement des juniors, les entreprises l'ont fait elles-mêmes, par effet de mode. Sans juniors, pas de futurs seniors : on retire l'échelle qui nous a tous fait monter. Tout le monde pêche dans le même bassin de seniors sans le réapprovisionner, pénurie garantie dans 3-5 ans. Une équipe 100% senior + IA est fragile : un départ et tout le savoir tacite s'évapore. Les juniors posent les "pourquoi ?" qui révèlent les bugs et processus absurdes ; l'IA, elle, exécute sans questionner. Les seniors s'atrophient aussi en déléguant leur réflexion à l'IA, pince à double effet sur les compétences. Dépendre des outils IA, c'est sous-traiter sa stratégie talents à des fournisseurs dont les prix vont tripler. Solution : redéfinir le rôle junior (revue de code IA + mentorat), pas le supprimer. Les rapports internes de Microsoft révèlent la crise des coûts de l'IA : les agents coûtent plus cher que les employés humains https://fortune.com/2026/05/22/microsoft-ai-cost-problem-tokens-agents/ Des données et rapports internes chez Microsoft et d'autres géants de la tech ébranlent la promesse de rentabilité de l'IA, révélant que le déploiement d'agents autonomes à l'échelle de l'entreprise revient souvent plus cher que de payer des humains pour le même travail. Le modèle de tarification à l'usage (basé sur les tokens) se heurte à la nature même des architectures agentiques : contrairement à un simple chatbot, un agent boucle, enchaîne les appels d'outils, crée des sous-agents et auto-évalue son code, ce qui multiplie la consommation de tokens par un facteur de 5 à 30, voire jusqu'à 1 000 fois pour des tâches de programmation complexes. L'impact financier sur les budgets de calcul cloud est immédiat ; par exemple, Uber a entièrement épuisé l'intégralité de son budget annuel 2026 dédié au codage par IA en l'espace de seulement quatre mois. Face à cette explosion des coûts, des retours en arrière drastiques sont observés : Microsoft a ainsi commencé à suspendre une grande partie de ses licences internes Claude Code pour rediriger d'urgence ses milliers de développeurs vers sa propre solution moins onéreuse, GitHub Copilot CLI. Les directeurs techniques (CTO) et acheteurs de solutions logicielles qui ont signé des contrats pluriannuels basés sur des projections de réduction de masse salariale se retrouvent pris au piège, les gains réels de productivité ne parvenant pas à compenser les factures d'infrastructure exorbitantes. Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 11-12 juin 2026 : DevQuest Niort - Niort (France) 11-12 juin 2026 : DevLille 2026 - Lille (France) 12 juin 2026 : Tech F'Est 2026 - Nancy (France) 15 juin 2026 : Jupyter Workshops: Demystifying MyST Markdown in Education - Orsay (France) 16 juin 2026 : Mobilis In Mobile 2026 - Nantes (France) 17-19 juin 2026 : Devoxx Poland - Krakow (Poland) 17-20 juin 2026 : VivaTech - Paris (France) 18 juin 2026 : Tech'Work - Lyon (France) 22-26 juin 2026 : Galaxy Community Conference - Clermont-Ferrand (France) 23-24 juin 2026 : MWCP 2026 - Paris (France) 24-25 juin 2026 : Agi'Lille 2026 - Lille (France) 24-26 juin 2026 : BreizhCamp 2026 - Rennes (France) 26-27 juin 2026 : LeHACK - Paris (France) 27 juin 2026 : Asynconf - Paris (France) 2 juillet 2026 : Azur Tech Summer 2026 - Valbonne (France) 2 juillet 2026 : MCP Connect Travel Edition - Paris (France) 2-3 juillet 2026 : Sunny Tech - Montpellier (France) 3 juillet 2026 : Agile Lyon 2026 - Lyon (France) 6-8 juillet 2026 : Riviera Dev - Sophia Antipolis (France) 28-30 août 2026 : State of the Map - Champs-sur-Marne (France) 4 septembre 2026 : JUG Summer Camp 2026 - La Rochelle (France) 10-11 septembre 2026 : Nantes Craft - Nantes (France) 17 septembre 2026 : dotAI - Paris (France) 17-18 septembre 2026 : API Platform Conference 2026 - Lille (France) 18 septembre 2026 : WordCamp Bretagne - Rennes (France) 18 septembre 2026 : dotJS - Paris (France) 18 septembre 2026 : WordCamp Bretagne - Rennes (France) 22 septembre 2026 : Salon Data 2026 - Nantes (France) 22-23 septembre 2026 : Agile en Seine & IA 2026 - Paris (France) 24 septembre 2026 : OWASP AppSec Days France 2026 - Paris (France) 24 septembre 2026 : PlatformCon Paris - Paris (France) 24 septembre 2026 : React Native Connection 2026 - Paris (France) 24-26 septembre 2026 : Paris Web 2026 - Paris (France) 25 septembre 2026 : SAP Inside Track Paris 2026 - Paris (France) 28-29 septembre 2026 : 4th Tech Summit on AI & Robotics - Paris (France) & Online 1 octobre 2026 : WAX 2026 - Marseille (France) 1-2 octobre 2026 : Volcamp - Clermont-Ferrand (France) 2 octobre 2026 : DevFest Perros-Guirec 2026 - Perros-Guirec (France) 5-9 octobre 2026 : Devoxx Belgium - Antwerp (Belgium) 8-9 octobre 2026 : Forum PHP 2026 - Marne-la-Vallée (France) 12 octobre 2026 : Dev With AI - Paris (France) 22-23 octobre 2026 : Agile Tour Bordeaux 2026 - Bordeaux (France) 26 octobre 2026 : Agile Tour Montpellier - Montpellier (France) 27-29 octobre 2026 : Directions EMEA 2026 - Paris (France) 29-30 octobre 2026 : BDX I/O 2026 - Bordeaux (France) 29-30 octobre 2026 : Agile Tour Nantais 2026 - Nantes (France) 29 octobre 2026-1 novembre 2026 : Pycon FR - Biarritz (France) 30 octobre 2026 : Cloud Nord 2026 - Lille (France) 4-5 novembre 2026 : Devoxx Morocco - Casablanca (Morocco) 14-15 novembre 2026 : Capitole du Libre - Toulouse (France) 19 novembre 2026 : DevFest Toulouse 2026 - Toulouse (France) 19 novembre 2026 : Agile Laval 2026 - Laval (France) 19 novembre 2026 : OVHcloud Summit - Paris (France) 19 novembre 2026 : Codeurs en Seine - Rouen (France) 27 novembre 2026 : DevFest Paris 2026 - Paris (France) 1-3 décembre 2026 : Apidays Paris - Paris (France) 2-3 décembre 2026 : Cloud Native AI Summit Europe - Paris (France) 4 décembre 2026 : DevFest Lyon 2026 - Lyon (France) 4 décembre 2026 : DevFest Dijon 2026 - Dijon (France) 9-10 décembre 2026 : OpenSource Expérience - Paris (France) 9-10 décembre 2026 : DevOps REX - Paris (France) 10 décembre 2026 : KCD Provence - Aix-en-Provence (France) 7-9 avril 2027 : Devoxx France 2027 - Paris (France) 3 juin 2027 : Cloud Native Days France 2027 - Paris (France) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

RunAs Radio
47 Day Certificates with Todd Gardner

RunAs Radio

Play Episode Listen Later Jun 17, 2026 37:53


The 47-day certificate is coming! While at NDC in Toronto, Richard received an update from Todd Gardner about his show last year: certificate authorities are moving toward SSL certificates that last only 47 days! Todd talks about the first decrease in duration that has already passed - as of March 2026, the longest duration certificate you can buy from certificate authorities is 200 days. At the core of these changes is the problem that certificate revocation just isn't working properly, so a short certificate lifespan is the effective solution. Short certificate lifespans make automation to replace certificates essential - and that's where CertKit and other tools come in! Links Lets Encrypt ACME Client Implementations CertKit Apple's 398 Day Rule Microsoft SHA-1 Retirement Google Transparency Logs Perfect Forward Secrecy Recorded May 8, 2026

toronto certificates ssl ndc ssl certificates todd gardner
Sonhar Sem Limites Podcast
SSL 193: Olha para a situação de forma nua e crua!

Sonhar Sem Limites Podcast

Play Episode Listen Later Jun 17, 2026 29:23


Para mulheres que estão na arena, em busca de construir uma vida — pessoal e profisisonal — com mais sentido e significado, problemas e desafios são inevitáveis.Mas como é que pensas cada um desses problemas? Como é que tens buscado resolvê-los?É sobre isso que quero refletir contigo neste episódio do podcast.Para saber mais sobre o meu trabalho visite: https://edulanycardoso.com/

SAD PHARAOH
I fly beOnd Airlines (Business Class Edit)

SAD PHARAOH

Play Episode Listen Later Jun 13, 2026 2:07


Step into the ultimate luxury all-business class cabin. This exclusive vintage electro-disco track is strictly clocked at a soulful 108 BPM—engineered for a smooth, high-altitude cruise over the ocean. ​Processed through a premium analog chain with a heavy SSL console mix and rich tape saturation, it delivers the raw, texturized warmth your studio speakers deserve . ​Vibe: Beond Airlines flight review aesthetic, private jet experience, and Maldives luxury travel. ​Tracklist & Edits: The Music Shot Exclusives (Available on SoundCloud) ​

Sonhar Sem Limites Podcast
SSL 192: Será que estou a ser ambiciosa demais?

Sonhar Sem Limites Podcast

Play Episode Listen Later Jun 10, 2026 29:55


Se alguma vez te fizeste esta pergunta, talvez, sonhar alto, ser ambiciosa, não sejo o problema.O problema pode estar em não reconhecer o teu momento e com isso não saber começar do ponto onde estas. E é sobre isso que eu quero convidar-te para refletirmos juntas neste episódio.Para saber mais sobre o meu trabalho visite: https://edulanycardoso.com/

MARATHON PODCAST
SSL – das präzisere GA1

MARATHON PODCAST

Play Episode Listen Later Jun 5, 2026 47:39


Folge 142: Warum langsames Laufen oft unterschätzt wirdViele Läufer glauben, dass ein Training nur dann wirksam ist, wenn es anstrengend ist. Doch stimmt das wirklich? In dieser Folge sprechen wir über den Super-Sauerstofflauf (SSL), den niedrigsten Dauerlaufbereich der Laufcampus-Methode. Du erfährst, warum der SSL ungefähr dem klassischen GA1 entspricht, weshalb er dennoch präziser definiert ist und warum bewusst niedrigpulsiges Laufen eine Fähigkeit ist, die viele Läufer erst entwickeln müssen. Außerdem geht es um die häufigsten Missverständnisse rund um GA1, Herzfrequenz und Trainingssteuerung. Warum können – und müssen – Laufanfänger/Einsteiger keinen SSL laufen? Weshalb profitieren gerade gestresste Menschen oft besonders von diesem Trainingsbereich? Und warum kann ein Lauf, der sich unspektakulär anfühlt, trotzdem eine erstaunlich große Wirkung auf Grundlagenausdauer, Energiestoffwechsel und Regeneration haben? Du erfährst außerdem, welche Rolle der SSL für Long Runs spielen kann, warum er für viele Longevity-Interessierte spannend ist und weshalb nicht jeder Trainingsreiz hart sein muss, um wirksam zu sein. Eine Folge für alle, die ihr Lauftraining besser verstehen und bewusster gestalten möchten. Werde auch du Mitglied im Laufcampus Club TEAM LAUFCAMPUS, einem Club der die Mitglieder vernetzt und viele, viele Vorteile bringt. Join us. IN DIESER FOLGE ANGESPROCHEN Blog: SSL – das präzisere GA1 Trainingssteuerung: Potenzialanalyse DER MARATHON PODCAST Ich bin Andreas Butz – dein Trainer im Ohr – und selbst über 200-facher Marathonläufer. Seit August 2023 begleite ich dich im MARATHON PODCAST mit Impulsen für mehr Erfolg und Freude beim Laufen. Vom ersten Zehner bis zum Marathon – jede Woche neu. HINTERGRUNDINFORMATIONEN

ILUSTRA_PRO / El podcast de Ilustrando Dudas
155_[Parte 1] Ganando dinero en ilustración de 9 formas distintas con Perezfecto

ILUSTRA_PRO / El podcast de Ilustrando Dudas

Play Episode Listen Later Jun 3, 2026 86:52


VENTE AL ILUSTRAHUB DE JUNIO EN GALICIA EN 2026 ➡️ https://forms.gle/yJjvwGhECVBgV2957 CONOCE Y CONSIGUE TU LIBRO "LA TRANSFORMACIÓN CREATIVA" EN ➡️ https://latransformacioncreativa.com/ CONSIGUE TU ACCESO GRATIS A LA CHARLA "ESTUDIÉ ILUSTRACIÓN ¿Y AHORA QUÉ? ➡️ https://ilustrandodudas.activehosted.com/f/38 CONSIGUE TU REVISIÓN DE PORTFOLIO GRATIS ➡️ https://www.instagram.com/p/DL7M1VYsQ0Q/?img_index=1CONSIGUE AQUÍ TU GUÍA "EMPIEZA AQUÍ" PARA APRENDER CÓMO CONVERTIRTE EN ILUSTRAPRO ➡️ https://ilustrandodudas.activehosted.com/f/36CONSIGUE TU PACK DE MEDITACIONES ALINEAR TU MENTE, LÁPIZ Y CORAZÓN PARA DISFRUTAR DE VERDAD DE DEDICARTE A LA ILUSTRACIÓN ➡️ https://ilustrandodudas.activehosted.com/f/10Drawfolio, nuestro sponsor, la mejor plataforma para crear tu primer portfolio web de ilustración sin dolores de cabeza, esponsoriza este programa. Entra en www.drawfolio.com y usa este código de 20% de descuento SSLDUDAS para el primer año de tu suscripción anual, incluido el extra de seguridad SSL.TODOS NUESTROS RECURSOS Y NOVEDADES en www.linktr.ee/iobruApúntate a nuestra newsletter para estar al tanto de todo en https://bit.ly/3a8SSKuY a nuestro canal de Telegram en https://t.me/ilustrandodudasnewsMás información sobre la profesión de la ilustración y sobre el podcast, aliados, colaboradores, recursos y herramientas en www.ilustrandodudas.com/En este episodio le pido a Perezfecto (Marcelo Pérez Dalannays), ilustrador chileno con más de 400k seguidores, que marujeemos sobre algo que la escuela de arte nunca te cuenta: cómo se gana dinero de verdad con la ilustración. Y nos cuenta sus 9 formas distintas. Marcelo lleva más de 20 años viviendo de dibujar y tiene una cosa clarísima: el dinero no es el enemigo del arte. Es su sustento. Aquí te dejo la primera parte de esta maravillosa charreta y entrevista. ¡Espero que disfrutes mucho del programa!Y recuerda, si te ha servido, has aprendido y te has reído, danos amorcico escribiéndonos en los comentarios, compartiendo tus reflexiones y siguiéndonos en todas las redes y plataformas del mundo mundial.CRÉDITOSEntradilla: Joan Llorcawww.instagram.com/artnegreColaboradores: Perezfecto https://perezfecto.com/ https://www.instagram.com/perezfecto/Canciones de fondo: BendsoundCanción final: Paz Salem - Assirbey

ILUSTRA_PRO / El podcast de Ilustrando Dudas
156_[Parte 2] Ganando dinero en ilustración de 9 formas distintas con Perezfecto

ILUSTRA_PRO / El podcast de Ilustrando Dudas

Play Episode Listen Later Jun 3, 2026 88:46


VENTE AL ILUSTRAHUB DE JUNIO EN GALICIA EN 2026 ➡️ https://forms.gle/yJjvwGhECVBgV2957 CONOCE Y CONSIGUE TU LIBRO "LA TRANSFORMACIÓN CREATIVA" EN ➡️ https://latransformacioncreativa.com/ CONSIGUE TU ACCESO GRATIS A LA CHARLA "ESTUDIÉ ILUSTRACIÓN ¿Y AHORA QUÉ? ➡️ https://ilustrandodudas.activehosted.com/f/38 CONSIGUE TU REVISIÓN DE PORTFOLIO GRATIS ➡️ https://www.instagram.com/p/DL7M1VYsQ0Q/?img_index=1CONSIGUE AQUÍ TU GUÍA "EMPIEZA AQUÍ" PARA APRENDER CÓMO CONVERTIRTE EN ILUSTRAPRO ➡️ https://ilustrandodudas.activehosted.com/f/36CONSIGUE TU PACK DE MEDITACIONES ALINEAR TU MENTE, LÁPIZ Y CORAZÓN PARA DISFRUTAR DE VERDAD DE DEDICARTE A LA ILUSTRACIÓN ➡️ https://ilustrandodudas.activehosted.com/f/10Drawfolio, nuestro sponsor, la mejor plataforma para crear tu primer portfolio web de ilustración sin dolores de cabeza, esponsoriza este programa. Entra en www.drawfolio.com y usa este código de 20% de descuento SSLDUDAS para el primer año de tu suscripción anual, incluido el extra de seguridad SSL.TODOS NUESTROS RECURSOS Y NOVEDADES en www.linktr.ee/iobruApúntate a nuestra newsletter para estar al tanto de todo en https://bit.ly/3a8SSKuY a nuestro canal de Telegram en https://t.me/ilustrandodudasnewsMás información sobre la profesión de la ilustración y sobre el podcast, aliados, colaboradores, recursos y herramientas en www.ilustrandodudas.com/Continuamos con la súper entrevista que le hago a Perezfecto (Marcelo Pérez Dalannays), ilustrador chileno con más de 400k seguidores, donde nos cuenta sus 9 formas distintas de ganar dinero en la profesión de la ilustración. Marcelo lleva más de 20 años viviendo de dibujar y tiene una cosa clarísima: el dinero no es el enemigo del arte. Es su sustento. Aquí tienes la segunda parte de esta maravillosa charreta y entrevista. ¡Espero que disfrutes mucho del programa!Y recuerda, si te ha servido, has aprendido y te has reído, danos amorcico escribiéndonos en los comentarios, compartiendo tus reflexiones y siguiéndonos en todas las redes y plataformas del mundo mundial.CRÉDITOSEntradilla: Joan Llorcawww.instagram.com/artnegreColaboradores: Perezfecto https://perezfecto.com/ https://www.instagram.com/perezfecto/Canciones de fondo: BendsoundCanción final: Paz Salem - Assirbey

Sonhar Sem Limites Podcast
SSL 191 : Como sair do modo sobrevivência e começar a construir uma vida melhor?

Sonhar Sem Limites Podcast

Play Episode Listen Later Jun 3, 2026 43:01


A maioria de nós — mulheres, principalmente mulheres pretas — começamos a nossa vida adulta no modo sobrevivência. A base da nossa pirâmide, de modo geral, é a sobrevivência e não tem nada de errado com isso. Mas ficar lá, isso sim é um erro. E é sobre isso que vamos refletir juntas, neste episódio.Para saber mais sobre o meu trabalho visite: https://edulanycardoso.com/

Sonhar Sem Limites Podcast
SSL 190: Como empreender sem abrir mão de ti e dos teus interesses? | Joana Capinha

Sonhar Sem Limites Podcast

Play Episode Listen Later May 27, 2026 91:53


Neste episódio converso com a Joana Capinha, fundadora do Dream Life Club e que ensina mulheres que é a vida pode ser boa. Conversamos sobre mentalidade, desporto, a construção de uma vida que faz sentido para nós e como empreender sem sacrificar a nossa saúde mental, emocional e física no processo.Para saber mais sobre o meu trabalho visite: https://edulanycardoso.com/

SuddaGränser
Dogz_26 maj utan SSL

SuddaGränser

Play Episode Listen Later May 26, 2026 3:20


Dogz_26 maj utan SSL by P&D

Fredrikssons innebandypodd
186. Hanna bäst i Sverige – och TikTok-drottningen från Täby

Fredrikssons innebandypodd

Play Episode Listen Later May 25, 2026 59:57


Tre år efter att hon slog igenom som årets rookie i SSL har Hanna Nordstrand tagit klivet hela vägen till toppen. I det här avsnittet gästar en av svensk innebandys absolut största profiler just nu podden – nyutsedd till årets spelare i svensk innebandy 2026, nyckelspelare i Täby FC och en av landslagets viktigaste spelare i jakten på att ta tillbaka VM-guldet 2027.Men kanske är det just därför så många gillar Hanna Nordstrand. Hon försöker inte vara perfekt.Här pratar vi om den snabba resan från supertalang till världsstjärna, om pressen som kommer med framgångarna, livet utanför planen och varför hon fortfarande vill behålla glädjen, spontaniteten och energin som gjorde att hon älskade sporten från början.Vi pratar också om sociala medier, TikTok-klipp med bästa kompisen, att bjuda på sig själv – och om hur det är att vara 22 år och redan bära svensk innebandy på sina axlar.Ett öppet, varmt och ärligt samtal med spelaren som just nu känns som svensk innebandys största framtid – och samtid. Hosted on Acast. See acast.com/privacy for more information.

Fredrikssons innebandypodd
185. SSL-domarna direkt efter slutsignalen - Det bortglömda domarsnacket från SSL-premiären

Fredrikssons innebandypodd

Play Episode Listen Later May 24, 2026 23:29


SSL-domarna Frans Dahlstedt och Andreas Morelius i ett samtal direkt efter seriepremiären i SSL mellan Pixbo och Kalmarsund som Pixbo tillslut vann med 3-2 efter sudden death. Bättre sent eller aldrig kanske... Hosted on Acast. See acast.com/privacy for more information.

Hacker Public Radio
HPR4645: ZERO HOUR: FRIDAY AFTERNOON APK HACKING

Hacker Public Radio

Play Episode Listen Later May 22, 2026


This show has been flagged as Explicit by the host. WARNING AI GENERATED NOTES AHEAD YMMW Here is a summary of the recorded training session regarding Android hacking from Hacker Public Radio, including web references for the main topics discussed. Overview The recording features a security consultant performing a live assessment of an Android application. The consultant uses a custom tool suite called "Jamboree" and various other utilities to test a location-sharing and vehicle management app. The session highlights the increasing complexity of mobile app security, specifically dealing with SSL pinning, encrypted traffic, and anti-tampering mechanisms 1 . Environment and Tools The assessment is conducted on a rooted Android emulator. The speaker utilizes several tools to set up the environment and intercept traffic: Jamboree : A custom automation tool developed by the speaker over six years to handle rooting, proxy setup, and app installation within minutes 1 . Burp Suite : The primary interception proxy used to analyze traffic between the app and the production server 1 . Frida : Used to bypass anti-root detection and SSL pinning 1 . Ghidra : A decompiler used to analyze the app's code, specifically helpful for patching the Flutter-based application 1 . Android Debug Bridge (ADB) : Used for troubleshooting, debugging, and analyzing logs ( logcat ) to extract user IDs and location data 1 . Technical Challenges: SSL Pinning and Flutter The target application is built using Flutter and implements rigorous security controls, including SSL pinning, which prevents standard Man-in-the-Middle (MitM) attacks. The app's HTTP client ignores system and user-installed certificates, and it does not respect device Wi-Fi proxy settings 1 . To overcome this: Traffic Redirection : The speaker uses iptables commands to force all HTTP and HTTPS traffic through the proxy's IP address at the network layer, bypassing the app's proxy ignorance 1 . Patching with AI : The speaker leverages AI (specifically mentioning Claude and access to "Kuro") to assist in patching the APK. The AI helped navigate Ghidra and generate Python scripts to bypass the app's protections, allowing the modified APK to trust the auditor's certificate 1 . Frida Scripts : "Frida anti-root SSL pinning" scripts are executed to further mitigate detection mechanisms 1 . Key Vulnerabilities Identified 1. Geolocation Spoofing The consultant successfully spoofed the device's GPS location using emulator settings (e.g., setting the location to Puerto Rico or Costa Rica). The application accepted this falsified location data as valid, indicating a lack of server-side verification for location origin 1 . 2. Insecure Direct Object Reference (IDOR) / Broken Access Control The most critical finding involves the app's user tracking feature. The consultant discovered that the API allows querying a user's location via a user_id . By intercepting traffic and analyzing adb logcat logs, the consultant extracted their own user_id and the user_id of a second test account 1 . While authenticated as one user, the consultant was able to send a request substituting the user_id with the target's ID. The server responded with the target's GPS coordinates. This confirms that an authenticated user can track any other user's real-time location if they possess the target's ID 1 . Proof of concept was created by copying the request as a curl command to demonstrate the exploit 1 . 3. Potential Information Disclosure The consultant began testing a feature that allows users to add vehicles by license plate. The concern is that querying a license plate might return excessive PII (Personally Identifiable Information), such as VIN numbers or registration details, beyond what the UI strictly requires (least privilege issue) 1 . 4. Access Control (Calendar Feature) The consultant tested whether calendar events could be accessed by switching user_id parameters. This test resulted in a "401 Unauthorized" error, indicating that this specific endpoint had proper access control in place 1 . Web References and Resources Below are references for the main tools and concepts discussed in the training: Hacker Public Radio : https://hackerpublicradio.org/ Burp Suite (Web Security Testing) : https://portswigger.net/burp Frida (Dynamic Instrumentation Toolkit) : https://frida.re/ Ghidra (Software Reverse Engineering) : https://ghidra-sre.org/ Android Debug Bridge (ADB) : https://developer.android.com/tools/adb OWASP Mobile Top 10 : https://owasp.org/www-project-mobile-top-10/ OWASP Testing for Insecure Direct Object References (IDOR) : https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/04-Authorization_Testing/04.1-Testing_for_Insecure_Direct_Object_References Flutter (UI Toolkit) : https://flutter.dev/ Provide feedback on this episode.

Sonhar Sem Limites Podcast
SSL 189: Não importa o que tu faças, tu sempre serás julgada!

Sonhar Sem Limites Podcast

Play Episode Listen Later May 21, 2026 47:42


Eu demorei muito para a entender os julgamentos das pessoas. Para entender o que fazer com esses julgamentos. E quando entendi… muita coisa mudou. Muito do meu fardo ficou mais leve. Eu fiquei mais leve.Por isso, touxe essa reflexão que eu tive recentemente sobre isso para cá, porque vejo diariamente mulheres que adiam seus sonhos, seus projetos, sua vida, por causa do que os outros vão pensar.Para saber mais sobre o meu trabalho visite: https://edulanycardoso.com/

MARATHON PODCAST
Warum du ZDL – aber nicht GA2 – trainieren solltest

MARATHON PODCAST

Play Episode Listen Later May 16, 2026 52:10


Folge 140: ZDL – Der Tempodauerlauf für effektives SchwellentrainingWas ist eigentlich GA2? Klingt nach einer einfachen Frage. Ist es aber nicht. Denn Wikipedia definiert GA2 anders als Runner's World. Leistungsdiagnostiker wiederum arbeiten – abhängig von ihrer Software – teilweise mit ganz anderen Trainingsbereichen. Wie soll ein Läufer daraus sinnvolle Trainingsentscheidungen ableiten? Genau diese Unsicherheit war einer der Gründe, warum die Laufcampus-Methode bereits 2001 bewusst präzisere Trainingsbereiche eingeführt hat: SSL, LDL, MDL und ZDL. In dieser Folge erfährst du, warum der ZDL weit mehr ist als ein einfach schneller Dauerlauf. Andreas Butz erklärt, weshalb der zügige Dauerlauf ein bewusst gesteuerter Tempodauerlauf, ein effektives Schwellentraining und eine wichtige Schlüsseleinheit im Lauftraining ist. Du erfährst, warum viele Läufer durch das alte GA2-System ständig zu schnell trainieren, wie sich ein guter ZDL anfühlt, warum der ZDL besonders Marathonläufer stärker macht, weshalb die Herzfrequenz oft wertvoller ist als die Pace, und warum präzise Trainingssteuerung langfristig erfolgreicher macht. Außerdem geht es um typische Fehler im Dauerlauftraining, den Unterschied zwischen GA2 und ZDL sowie die Frage, warum zu viele ZDLs zum Problem werden können. Wenn du dein Lauftraining besser verstehen und strukturierter trainieren möchtest, dann ist diese Folge genau richtig für dich. Werde auch du Mitglied im Laufcampus Club TEAM LAUFCAMPUS, einem Club der die Mitglieder vernetzt und viele, viele Vorteile bringt. Join us. IN DIESER FOLGE ANGESPROCHEN Blog-Artikel: ZDL statt GA2 – präziser trainieren DER MARATHON PODCAST Ich bin Andreas Butz – dein Trainer im Ohr – und selbst über 200-facher Marathonläufer. Seit August 2023 begleite ich dich im MARATHON PODCAST mit Impulsen für mehr Erfolg und Freude beim Laufen. Vom ersten Zehner bis zum Marathon – jede Woche neu. HINTERGRUNDINFORMATIONEN

Sonhar Sem Limites Podcast
SSL 188: Tu só és imprescindível na tua própria vida!

Sonhar Sem Limites Podcast

Play Episode Listen Later May 13, 2026 20:51


Perdemos tanto tempo preocupadas com o que os outros irão pensar de nós, que acabamos por não conseguir construir a vida que faz sentido para nós.Mas entender isto pode de facto mudar, não só, a nossa perspectiva sobre a vida, mas as nossas ações e consequentemente, resultados.Para saber mais sobre o meu trabalho visite: https://edulanycardoso.com/

Fredrikssons innebandypodd
Emil Ruud – sanningen bakom SSL:s största artist

Fredrikssons innebandypodd

Play Episode Listen Later May 12, 2026 41:32


Magnus Fredriksson möter en av svensk innebandys mest spektakulära spelare just nu. Emil Ruud gästar Sarg Ut! Innebandypodden i säsong 7 och avsnitt #183 i ett öppet och underhållande samtal om kreativitet, showmål och varför han vägrar bli en spelare som bara gör “det enkla”.Hur tänker egentligen spelaren bakom målen hela Sverige älskar att se? Här berättar Falunstjärnan om detaljerna bakom sina mest omtalade aktioner, känslan av att våga göra det oväntade inför fullsatta läktare under SM-finalerna och varför publiken faktiskt förtjänar spelare som bjuder på något extra.Dessutom pratar Emil Ruud om uttagningen till herrlandslagets senaste samling, VM-drömmen i Finland i december, pressen att prestera i Falun och hur han ser på sin egen utveckling mot att bli en ännu större profil i svensk innebandy. Det blir också snack om utrustning, teknik, senaste landslagstruppen, dessutom lite kort om utvisningen i senast SM-finalen som avslutade matchen i förtid och livet som en av SSL:s mest sevärda spelare. Hosted on Acast. See acast.com/privacy for more information.

Side Project Spotlight
#111: A Bazooka of Syntax

Side Project Spotlight

Play Episode Listen Later May 11, 2026 69:27


Steve finally fixed phillycocoa.org, and the journey from broken CircleCI pipelines and hijacked S3 buckets to a blazing-fast Cloudflare Pages site took one Side Project Saturday and an embarrassing number of Codex tokens. Then The Trio turns to the AI hype machine, and they're tired: tired of opaque token costs, tired of reviewing generated code that complicates everything it touches, and tired of an industry that mistakes syntax speed for software engineering. Fred Brooks called it in 1986, and The Trio is calling it now.## Chapters00:00 Introductions01:47 The Journey of Updating the Website06:38 Challenges with CircleCI and S3 Buckets09:23 Exploring Cloudflare Pages11:14 Navigating Cloudflare's User Interface14:22 Setting Up Automatic Deployments17:35 Managing DNS and SSL with Cloudflare23:07 LLM Development Fatigue26:15 Navigating Concerns and Costs in AI Usage29:11 LLMs are No Silver Bullet31:57 The Exhaustion of Code Review and Architectural Decisions36:25 Token Management and Cost Awareness in AI Tools40:07 The Economics of AI and Software Development42:45 The Hype vs. Reality of AI Tools46:34 Future Prospects of LLMs and Universal UI50:16 The Future of Edge Computing with LLMs53:08 The Evolution of Software Development and AI Integration54:17 AI in Sci-Fi: Myths vs. Reality57:54 The Challenges of Local Models and Hardware Limitations01:03:21 Outro & Upcoming Event01:09:21 Tag## Show Notes- Steve spent Side Project Saturday migrating phillycocoa.org from a broken CircleCI/S3 setup to Cloudflare Pages, burning his entire weekly Codex token budget in about three hours.- Cloudflare Pages handles Hugo builds automatically and manages SSL and CDN without manual config, all on a free tier that's plenty for the site.- Cloudflare's UI hides the Pages "Get Started" link below giant worker buttons, which Kotaro calls "the weirdest dark pattern."- Steve argues that syntax generation was never the real bottleneck in software engineering, citing Fred Brooks' 1986 essay "No Silver Bullet."- Aaron is worn out from reviewing AI-generated code and still having to make every architectural decision himself.- LLM costs are nearly impossible to forecast: a single prompt can burn a significant chunk of your plan, depending on model, tool calls, and context.- The Trio sees firms rushing to adopt LLM tooling before the ROI math makes sense, driven by hype rather than evidence.- ThePrimeagen's recent take on the shifting AI economy lines up with what Steve sees at work: token-based billing is starting to expose the real cost.- The Trio agrees local models running on personal hardware are the interesting long-term play, but RAM shortages make even basic setups expensive.- Kotaro closes with a dad joke: he thought his LLM skills landed him his current job, but it turns out...## Links**PhillyCocoa.org Update**Website: https://phillycocoa.org**Articles & Essays**"Let's talk about LLMs" by James Bennett: https://www.b-list.org/weblog/2026/apr/09/llms/"No Silver Bullet" by Fred Brooks: https://www.cs.unc.edu/techreports/86-020.pdf**Videos**"The AI economy is about to change" by ThePrimeagen: https://youtu.be/_Q-e_nczWqM**One More Thing**"Beyond the Simulator: Perspectives on Modern App Development": https://luma.com/i00ll61z**PhillyCocoa:** https://phillycocoa.orgIntro music: "When I Hit the Floor", © 2021 Lorne Behrman. Used with permission of the artist.

The Itay Verchik Show
מעבר דומיין וחיבור DNS: איך לחבר אתר בשרת Render לניהול של Cloudflare - #Ai #codex #render

The Itay Verchik Show

Play Episode Listen Later May 10, 2026 4:02


https://itayverchik.co.il/render-domain/העלאת אפליקציה או אתר לשרת ענן מודרני כמו Render היא רק מחצית מהדרך. כדי שהאתר שלכם יהיה נגיש תחת הדומיין הרשמי שלכם, מאובטח בעזרת פרוטוקול SSL ונהנה מביצועים אופטימליים, אתם חייבים לדעת איך לנהל נכון את רשומות ה-DNS ולחבר את השרת למערכת ניהול כמו Cloudflare.בסרטון הזה אני מראה לכם את התהליך המדויק של החלפת דומיין והעלאת אתר לאוויר. נלמד איך לבצע את ההגדרות בתוך פאנל הניהול של Render ואיך להשתמש ב-Cloudflare כגשר מאובטח שמגן על האתר ומשפר את מהירות הטעינה שלו ברחבי העולם.מה נראה במדריך?הגדרות דומיין ב-Render: איפה מוסיפים Custom Domain בתוך ממשק הניהול של השירות שלכם ואיך מקבלים את כתובות ה-IP וה-CNAME שגוגל ו-Render דורשים.חיבור ל-Cloudflare: איך להוסיף את הדומיין שלכם ל-Cloudflare, לשנות את ה-Nameservers ברשם הדומיינים שלכם ולהעביר את השליטה ב-DNS.הגדרת רשומות DNS: יצירת רשומות A ו-CNAME בצורה נכונה בתוך Cloudflare כדי לקשר את הדומיין לשרתי Render.הגדרות SSL ואבטחה: איך להפעיל Full SSL ב-Cloudflare כדי לוודא שהתקשורת בין השרת לגולש מוצפנת לחלוטין, ואיך להימנע משגיאות חיבור נפוצות.אימות ופרסום: איך לוודא שהחלפת הדומיין עברה בהצלחה והאתר שלכם רץ בלייב תחת הכתובת החדשה.הבנת החיבור בין Render ל-Cloudflare היא קריטית לכל מי שרוצה להחזיק תשתית אתרים מקצועית, מאובטחת ומהירה.המדריך עזר לכם להעלות את האתר לאוויר בהצלחה? אל תשכחו לעשות לייק לסרטון, להירשם לערוץ וללחוץ על הפעמון כדי לקבל עדכונים על עוד מדריכי פיתוח, ניהול שרתים, אבטחת מידע ואוטומציה.

Sonhar Sem Limites Podcast
SSL 187: O que fazer depois que alcançamos um sonho?

Sonhar Sem Limites Podcast

Play Episode Listen Later May 7, 2026 32:02


O que acontece depois que alcançamos um sonho? Depois que chegamos lá?Eu dei por mim a refletir sobre isso, porque eu já alcancei muitos sonhos e recentemente mais um. E fiquei a pensar e agora?Decidi trazer esta reflexão para aqui, porque tenho certeza que não sou a única a ter essa pergunta e pode ser que faça sentido para mais pessoas.Para saber mais sobre o meu trabalho visite: https://edulanycardoso.com/

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Wednesday, May 6th, 2026: Cleartext Passwords in Edge; SSL.com Root Rotation; DAEMONTOOLS Backdoor;

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later May 6, 2026 8:13


Cleartext Passwords in MS Edge? In 2026? https://isc.sans.edu/diary/Cleartext%20Passwords%20in%20MS%20Edge%3F%20In%202026%3F/32954 SSL.com rotates its root certificate today https://isc.sans.edu/diary/SSL.com%20rotates%20their%20root%20certificate%20today/32956 DEAMONTOOLS Compromise https://securelist.com/tr/daemon-tools-backdoor/119654/

Seller Sessions
Why Your Amazon Dashboard Is Lying to You + Remotion & Voice Cloning Reality Check | Claude Sessions

Seller Sessions

Play Episode Listen Later May 1, 2026 37:38


Why Your Amazon Dashboard Is Lying to You + Remotion & Voice Cloning Reality Check | Claude Sessions Amazon Dashboard Brain, Remotion Video & ElevenLabs Voice Cloning | Claude Sessions SEO Description Shubhash Sharma on building a data brain behind your Amazon dashboard. Danny McMillan on Remotion video and ElevenLabs voice cloning realities. Episode Summary Week 3 of the month means Claude Sessions, and Danny McMillan and Shubhash Sharma are back with a double feature for Amazon and TikTok Shop sellers building their own AI tooling. Shubhash picks up from last episode's SP API and Ads API walkthrough with a hard lesson learned the wrong way: a polished dashboard wired straight into Amazon is a window with no room behind it. The numbers will lie, and you will not know when a feed silently dies. He walks through the fix: a "brain" sitting between the data sources and the dashboard. Supabase as the long term store, pgvector for unstructured stuff like contracts and reviews, n8n as the orchestration layer. Six core domains every seller shares (orders, products, analytics, ads, finance, affiliates and creators) plus an optional documents layer. He closes with a dual write migration pattern so you can flip between old and new without taking the business offline. Then Danny turns to video and voice. Remotion looks like toy town out of the box, but with the right plugins (motion blur, transitions, captions, shapes, fonts, rendering) and Claude doing the orchestration, it becomes a serious production tool that can pull in your footage, branding and design system. On the voice side, he has tested VoiceBox and F5TTS and come back to ElevenLabs Multilingual v2 at £22 a month. The missing gap everywhere is cadence. He also names the deeper bet: as the market floods with AI generated content, authentic voice becomes the differentiator that cannot be cloned. Key Topics Why dashboards lie when wired straight into Amazon, TikTok and Shopify The "brain" pattern: Supabase, pgvector and n8n as a centralised data layer The six core data domains every seller needs (plus a 7th for documents) Dual write migration so the old system and brain run in parallel Remotion as a code based video tool, and what it needs to stop looking toy town The four layer creative workflow: brief, story skeleton, treatment, scene by scene ElevenLabs vs VoiceBox vs F5TTS for voice cloning your own voice Why cadence is the last hard problem in synthetic voice The authenticity premium in an AI flooded market Timestamps [00:00] Intro and welcome back to Claude Sessions [00:34] Shubhash kicks off: where to put the data you pulled last week [01:04] "Your dashboard is lying to you" and the polished dashboard pitfall [02:32] Dashboard is a window. The brain is the room behind it [04:54] Tech stack: Supabase (Postgres), pgvector, n8n [05:54] The six fundamental data domains [06:26] Orders, products, analytics, ads, finance, affiliates and creators [08:30] The optional 7th layer: unstructured documents via pgvector [09:44] Dual write pattern for safe migration [10:48] Three takeaways: audit, list domains, build one table at a time [12:28] Danny on Remotion: code based video and why it is toy town out of the box [13:51] What is missing: motion blur, transitions, captions, shapes, beat detection [14:54] The 80+ plugin packages that turn it into a real tool [16:56] Pulling in footage, logos, design systems and free music from Pixabay [18:30] The 4 layer creative workflow: brief, story skeleton, treatment, scenes [21:15] Voiceovers: ElevenLabs Pro setup and why the £22 is worth it [22:12] VoiceBox and F5TTS field test: garbage and 5 rounds of tuning later [23:22] Why cadence is the hardest thing for AI voice to fake [25:42] How much reference audio you actually need (30 min min, 2 hours ideal) [27:25] ElevenLabs UI parameters: speed, stability, similarity, exaggeration [28:52] The authenticity premium when the market floods with AI [30:30] Key takeaways, ElevenLabs API usage and locking in your voice once [34:24] Aside: "insane" and "most" as the new AI tells [36:31] SSL 2026 wrap, 18 days out, Ritu returns next week with Japan Key Takeaways Build a brain, not just a window. A dashboard wired straight to Amazon, TikTok or Shopify has no memory. When a feed silently fails, the dashboard happily lies. Sit a Supabase + pgvector + n8n layer in between, and your dashboard becomes a view on top of a real source of truth. Six domains cover almost every seller. Orders, products, analytics, ads, finance, and affiliates / creators. Map every place each one currently lives, then consolidate one domain at a time. Start with one table (orders) and let Claude do the heavy lifting. Use dual write when migrating. Write to the old store and the new brain in parallel for a week. Compare. Flip the dashboard's read side via a feature flag. If something breaks, flip back. Zero downtime, zero fear. Remotion is a system, not a tool. Out of the box it is bare. Add the plugins (motion blur, transitions, captions, fonts, rendering), bring your own footage and design system, and let Claude orchestrate the four layer workflow: brief, story skeleton, treatment, scene by scene. ElevenLabs Multilingual v2 still wins for voice cloning. VoiceBox and F5TTS were not close. Pay the £22, use Model 2, feed it 30 minutes minimum (2 hours ideal) of clean reference audio, and lock the setup in once. Cadence is the last mile. AI can match tone and timbre. It still cannot match the rises, falls and micro pauses that make a sentence sound like you. Use scripts split into short paragraphs, generate three variants, and tune the language you use to talk to Claude until the cadence lands. Authenticity becomes the moat. As written, visual and audio AI floods every channel, the brand voice that is unmistakably human becomes the differentiator. Do not give that away to save 22 dollars a month on a podcast. Notable Quotes "Dashboard is a window. We need a room behind the window. So the brain is going to be the room behind this window." Shubhash Sharma "If any of our SaaS went offline tomorrow, will our business still have its memory? The answer is no, because we haven't stored it. All we have is rented attention." Shubhash Sharma "When you migrate to your brain, don't rip out your old system. Use dual write. Run them in parallel for a week. If something breaks, flip it back. Zero downtime, zero fear." Shubhash Sharma "Remotion out of the box isn't great. It's almost like building some slides, just one step up. You have to build it as a system of what you need." Danny McMillan "The hardest part for AI to represent is cadence. It can get the tone of your voice. That's the easy bit. But the speed and the up and down of how you talk, that's where these models still fail." Danny McMillan "In our rush to use AI, you've got to remember the market floods with it. When everything sounds like AI, the only thing left is the authentic voice for your brand." Danny McMillan Resources Mentioned Supabase : Postgres backend used as the long term data store for the seller "brain" pgvector : Postgres extension for semantic search over unstructured data (contracts, reviews, supplier emails) n8n : Orchestration layer for scheduled pulls and cron jobs with a UI Amazon Selling Partner API (SP API) : Source for orders, inventory and finance data (covered in last episode) Amazon Ads API : Source for ad spend, campaign and keyword data Remotion : Code based, React powered video creation framework ElevenLabs : Voice cloning and text to speech. Model used: Multilingual v2 (Pro plan, £22 / month) F5 TTS : Open source text to speech model tested for voice cloning VoiceBox by Jamie Pine : GitHub voice cloning desktop app tested by Danny Pixabay : Free music and sound effects used inside the Remotion workflow Loom : Source of clean voice reference audio if you record team walkthroughs Seller Sessions Live 2026 : Conference 9 May 2026, 18 days out at recording Hosts Danny McMillan : Host of Seller Sessions and Claude Sessions, founder of DataBrill, building AI native tooling for Amazon sellers. Website: https://sellersessions.com LinkedIn: https://www.linkedin.com/in/dannymcmillan Shubhash Sharma : Engineer building data infrastructure for Amazon and TikTok Shop sellers. Returning Claude Sessions co host. What's Next Next week: Ritu returns from Japan with three subjects covered in this month's rotation. In 18 days: Seller Sessions Live 2026 in London on 9 May. Modular format, new venue confirmed. About Seller Sessions Seller Sessions is the leading podcast for serious Amazon sellers, hosted by Danny McMillan since 2017. Claude Sessions is the AI focused monthly strand where Danny and rotating co hosts work through the practical wins, false starts and engineering reality of building with Claude, MCPs and the wider AI stack inside real seller businesses.

GREY Journal Daily News Podcast
Is Your Browser Leading You Astray?

GREY Journal Daily News Podcast

Play Episode Listen Later Apr 30, 2026 1:57


Redirect notices occur when a webpage attempts to send users to a different URL, serving as a security measure to protect against phishing and unauthorized data collection. These notices can disrupt user experience by increasing bounce rates and eroding trust in website credibility. Businesses can mitigate these effects by maintaining up-to-date SSL certificates, using secure links, and auditing web pages to remove unnecessary redirects, thus enhancing user trust and streamlining online navigation.Learn more on this news by visiting us at: https://greyjournal.net/news/ Hosted on Acast. See acast.com/privacy for more information.

LINUX Unplugged
664: Back to Root

LINUX Unplugged

Play Episode Listen Later Apr 27, 2026 58:41 Transcription Available


After 26 years, we return to our roots and reflect on why LinuxFest Northwest is still a special event.Sponsored By:Jupiter Party Annual Membership: Put your support on automatic with our annual plan, and get one month of membership for free!Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love.Support LINUX UnpluggedLinks:

ai root framework live show fountain open source github vpn nebula ssl community events james mason pake bsd bitwarden github actions chris fisher linux kernel bellingham washington producer jeff system76 checkmarx jupiter broadcasting updo linux podcast ventoy credential theft phoronix linuxfest northwest linux unplugged wes payne
Geek News Central
Mythos: Cybersecurity’s AlphaGo Moment #1862

Geek News Central

Play Episode Listen Later Apr 25, 2026 41:00 Transcription Available


In this episode, Ray Cochrane unpacks Anthropic’s Mythos model and the Treasury’s emergency meetings with Wall Street, then digs into Apple’s vibe-coding crackdown and a gaming-anxiety study that hit way too close to home. Also covered: Verge’s solid-state motorcycle, UBTech humanoid robot sales jumping 23-fold, Japan’s first osmotic power plant, Finland’s permanent nuclear waste vault, Ghostty landing in Ubuntu, Cloudflare’s EmDash CMS, and a Claude Code skill that talks like a caveman. – Want to start a podcast? It’s easy to get started! Sign up at Blubrry – Thinking of buying a Starlink? Use my link to support the show. Subscribe to the Newsletter. Email Ray if you want to get in touch! Like and Follow Geek News Central’s Facebook Page. Support my Show Sponsor: Best Godaddy Promo Codes Get 1Password Full Summary Cochrane opens the show by framing Anthropic’s new Mythos model as the AlphaGo moment for cybersecurity. From there, the episode moves through Apple’s pushback against AI-generated apps, a gaming anxiety study with a deeply personal hook, a series of “first to ship” energy and robotics wins out of Finland, China, and Japan, and several developer-tool stories that show how quickly the economics of software are shifting. Mythos, the Detection Ceiling, and Wall Street’s Emergency Response Anthropic’s Mythos model has Wall Street rattled. Operating autonomously, Mythos found and demonstrated the exploitation of a 27-year-old TCP SACK bug in OpenBSD, an operating system famous for being one of the most security-focused on the planet. Per Anthropic’s red team, over 99% of the vulnerabilities Mythos has identified remain unpatched. The researchers’ conclusion is blunt: “the moat in AI cybersecurity is the system, not the model.” The policy response moved fast. On April 7th, Treasury Secretary Bessent and Fed Chair Jerome Powell pulled the CEOs of Goldman Sachs, Citi, Bank of America, and Morgan Stanley into Treasury headquarters on short notice. All four banks are now testing Mythos internally. Treasury CIO Sam Corcos is also seeking direct access. Anthropic is gating distribution through Project Glasswing, a limited-access program with JPMorgan, Apple, Google, Microsoft, and Nvidia. Cochrane comes down firmly behind Anthropic’s gated approach. Because a 5.1-billion-parameter open model can apparently recover the core analysis chain for the OpenBSD flaw, this capability is not locked behind Frontier Compute. He wants the critical infrastructure hardened before the public gets keys. However, he also notes the bigger lesson is about human wisdom: people offloading all their thinking to AI lose out on the wisdom that makes any of these tools genuinely useful. Apple Bans Vibe Coding Apps from the App Store Apple has been quietly pushing back against what people are calling “vibe coding” apps. Replit, Vibecode, and an app called Anything all run AI models on the phone and produce working software that runs inside the host app. Apple cites Guideline 2.5.2, in effect since 2017, which requires apps to be self-contained. Replit and Vibecode had their App Store updates blocked. Anything was pulled in late March, briefly restored on April 3rd, and then pulled the same day again. The forcing function is volume. App Store submissions jumped 84% in a single quarter as vibe coding tools flooded Apple’s review queue with AI-generated apps. Cochrane thinks Apple is justified, given the security issues swirling around the Vibe coding ecosystem. Even a beautiful diamond gets lost in a sea of sand, and that flood is exactly what Apple is trying to manage. The company behind Anything is now pivoting to iMessage, desktop, and Android. Playing Video Games to Win Is Linked to Higher Anxiety Cochrane gets personal on this one. Through high school and his early 20s, he was deeply addicted to League of Legends. His dad teased him about it constantly. In the last few years of that addiction, his body would go ice cold and shake every ranked match before. His partner identified it as a panic attack. The moment that happened, he quit. Today, he no longer shakes. The new study lines up with his experience. Researchers Kayleigh Watters and Mikael Rubin at Palo Alto University analyzed a publicly available database of 13,464 adult gamers, most of whom primarily played League of Legends. Players who game to win show higher generalized anxiety but actually play fewer hours, since performance pressure pushes them out. Players who game to relax show strong links between social anxiety avoidance and more hours played. The study appeared in the Journal of Affective Disorders. The headline framing of “playing to win makes you anxious” misses the point. The real finding is more interesting: gaming for avoidance and gaming for competition are both warning signs, for different reasons. Cochrane notes that the League of Legends community’s toxicity has been a running joke for years, and this study suggests the game’s structure may have been manufacturing the anxiety that fueled it. Sponsor: GoDaddy Economy hosting is $6.99/month, WordPress hosting is $12.99/month, and domains are $11.99. Both hosting plans include a free domain, professional email, and SSL certificate. Go to geeknewscentral.com/godaddy for the best pricing and to directly support this independent show. Verge Motorcycle: World’s First Production All-Solid-State Battery Cochrane filled his tank for $60 today, which made this story land especially hard. His mom has driven electric for years and patiently manages a 90-mile real-world range. The next-generation answer is already shipping. Verge Motorcycles, a Finnish company, is the first production vehicle of any kind with an all-solid-state battery. Their 2026 bikes ship in Q1 with a pack from Donut Lab, another Finnish outfit spun out of Verge. The numbers are bonkers. The pack delivers an energy density of 400 Wh/kg, roughly double that of current Tesla cells. It sustains 100kW charging, hits full charge in about 5 minutes in the lab and 12 minutes on the actual bike, and the long-range version covers 600 kilometers (about 370 miles) per charge. Toyota, QuantumScape, and Samsung SDI have all been telling us that solid-state is coming in 2027 to 2030. A Finnish motorcycle company shipping in Q1 2026 just embarrassed them all. UBTech Humanoid Robot Sales Jump 23-Fold UBTech dropped its 2025 annual earnings on April 1st. Humanoid robot revenue hit 820 million yuan, roughly $119 million USD, up 2,203% from 35.6 million yuan the year before. Unit sales went from 3 robots in 2024 to 1,079 in 2025. Shares jumped 14% on the announcement. The customer list is a real industrial deployment: BYD, Foxconn, Geely, FAW-Volkswagen, and Audi. The flagship is the Walker S2, with UBTech targeting 5,000 units in 2026 and 10,000 in 2027. Cochrane is honest about what this means. He does not think we are heading for an extinction event, but worker displacement is a real concern. The US has no universal income or universal healthcare. The people affected are not white-collar managers. They are everyday line workers who already make the least on the ladder. Work efficiency reportedly doubles when these robots arrive, which is a company-side win, but the humans they replace are not getting half a year of gardening leave to retrain. He invites the listener to take on this one directly. Japan Switches On Asia’s First Osmotic Power Plant In August 2025, Fukuoka’s Seawater Desalination Center quietly opened Asia’s first osmotic power facility. It generates about 880,000 kilowatt-hours per year, enough for roughly 220 homes. It is only the second operational osmotic plant in the world, after Mariager, Denmark, in 2023. Osmotic generation uses a salinity gradient: fresh water on one side of a membrane, salt water on the other, and the pressure difference spins a turbine. The clever part is what Fukuoka does with desalination brine. Instead of regular seawater, the plant uses concentrated brine left over from the desalination process. This amplifies the salt gradient and squeezes more energy out of the same membrane. The result is a closed-loop partnership: the desalination facility produces drinking water and leaves brine behind, the osmotic plant turns the brine into electricity, and that electricity runs the desalination facility. Every desalination plant on Earth produces brine, so if Fukuoka’s co-located model works, the same pattern could be replicated across hundreds of plants worldwide. Japan’s Luna Ring Solar Moon Proposal Goes Viral Again Shimizu Corporation’s Luna Ring concept is making the rounds again. The pitch: a 6,800-mile belt of solar panels around the Moon’s equator, beaming microwave power back to Earth. Project lead Tetsuji Yoshida has long argued that a full ring could eliminate fossil fuel dependence entirely. The proposal first surfaced in 2013, has no funding, no government endorsement, and no concrete cost estimate. Shimizu has not put any active development behind it. Cochrane finds the concept fun every time it resurfaces. However, this would have to be a worldwide effort in the truest sense, with treaties, a new generation of launch economics, and microwave power transmission at a scale nobody has demonstrated. Beaming the power back to Earth has always been one of the biggest practical holdbacks. The Luna Ring is inspirational, but not shipping. Finland’s Onkalo Nuclear Waste Vault Opens Finland’s Onkalo facility is the world’s first permanent deep geologic repository for spent nuclear fuel. Operated by Posiva, the facility is buried about 430 meters down in 1.9-billion-year-old bedrock. It is designed to hold up to 6,500 tons of spent fuel and operate until the 2120s. The construction costs about €1 billion, with operating and closure adding roughly €4 billion more before the program is done. The catch is that radioactivity remains dangerous for hundreds of thousands of years. Edwin Lyman, director of nuclear power safety at the Union of Concerned Scientists, warned that the copper canisters will eventually corrode, with different scientific opinions on how fast. Geologic disposal remains “fraught with uncertainties,” and we have never validated an engineered system across a 100,000-year time frame. The bet is that the rock and copper outlast the radioactivity. Cochrane sees Onkalo as time-buying rather than a final answer. It is more of a bank holding spent fuel while science catches up. He prefers it to Japan’s ongoing approach of releasing tritium-treated water from Fukushima Daiichi into the Pacific, even though the dilution is well below WHO drinking water guidelines. Burying the waste in an insurmountable containment strikes him as the more honest answer to a problem nobody knows how to truly solve. Ghostty Terminal Lands in the Ubuntu Repos Ghostty 1.3.0 is now available in Ubuntu 26.04 LTS’s universe repository. The install is simply `sudo apt install ghostty`, no PPAs, no Snap, no Nix, no building from source. Ghostty was created by Mitchell Hashimoto, co-founder of HashiCorp. It is GPU-accelerated, uses native Swift on macOS and native GTK4 with libadwaita on Linux, and supports tabs, splits, profiles, ligatures, and the Kitty graphics protocol. Cochrane recently caught Hashimoto on a podcast, where he walked through his agentic coding workflow. Ghostty is being actively built using AI harnesses like Claude Code and Codex. Hashimoto told a story in which Codex fixed a six-month-old bug in 45 minutes, for a total API cost of $4.14. Personally, Cochrane uses WezTerm, but he is excited to see Ghostty become more widely available with a native UI rather than Electron. Borgo: Rethinking Go Using Rust Analytics India Magazine profiled Borgo, a programming language by developer Marco Sampellegrini (GitHub: alpacaaa). Borgo is statically typed with Rust-like syntax, but it compiles to Go and uses the Go runtime and garbage collector. It includes sum types (Option and Result), pattern matching, and full compatibility with existing Go packages. Notably, it removes Rust’s borrow checker and lifetimes entirely. Borgo is not new. It first appeared on Hacker News in 2023, with a RustLab talk in 2024. The 2026 angle is a renewed look at it through the lens of AI coding agents, since type-rich languages like Rust have been showing outsized productivity gains. Cochrane is a fan of Rust and stands by the borrow checker, but he enjoys these exploratory languages for what they reveal about what developers actually want. Caveman: A Claude Code Skill That Cuts 65% of Tokens Developer Julius Brussee built a Claude Code skill called Caveman that forces Claude to respond in stripped-down fragments. No articles, no “just,” no “really,” no pleasantries, no hedging. The tagline is “why use many token when few token do trick.” Across 10 real dev tasks, Caveman mode averaged 294 tokens per response, compared to 1,214 in normal mode. That is a 65% drop in output tokens. The project is MIT licensed with three intensity levels: lite, full, and ultra. Cochrane stumbled across the project online and shared it with a classmate who had been complaining about token costs. The classmate now insists that “the caveman is the only way to live.” Cochrane has not made the switch, but the bigger point lands. If a community plugin can cut 65% of tokens without correctness regressions, the labs are shipping verbose-by-default and charging users for the privilege. He suspects verbose output makes models feel more trustworthy, even when the token math says otherwise. Cloudflare Launches EmDash as a WordPress Successor Cloudflare released EmDash on April 9th, an open-source, MIT-licensed, TypeScript-based CMS pitched as the spiritual successor to WordPress. The big flex is that it was built in 60 days using AI coding agents. EmDash runs on Astro 6.0, either on Cloudflare’s edge platform or on a standard Node.js server. The plugin security model uses sandboxed Dynamic Workers with explicit permissions, addressing the architecture flaw that Cloudflare says causes 96% of WordPress vulnerabilities. Cochrane could not resist pointing out the irony of the name. The em dash has become the trademark giveaway that an AI was involved in writing. He has reservations about whether EmDash will succeed. WordPress is extremely hard to unseat, plenty of “WordPress killers” have come and gone, and the ecosystem is twenty-plus years deep. He is curious to see what comes next but not optimistic. Google Open-Sources the DESIGN.md Format Google Labs open-sourced the DESIGN.md format used by Stitch, their AI UI design tool. DESIGN.md is a declarative file capturing a project’s design system, colors, typography, and spacing in a way AI agents can read and apply. Cochrane has tried Stitch personally and finds it impressive at producing web designs. He has also seen DESIGN.md-style files already start appearing in repositories. He sees this kind of file becoming a new paradigm for agentic design, alongside robots.txt and llms.txt. However, he worries about a side effect. If everyone uses the same standardized format and the same AI tools, the web could become a homogeneous set of sites that all look the same. He is enthusiastic about the standardization but hopes designers continue to push for genuinely unique work. A 13-Liter PC With a Water Loop Built Into the Case Geeky Gadgets covered a build by “Visual Thinker”, a 13-liter mini-ITX case with custom SLA-printed water distribution plates built directly into the chassis. Instead of traditional soft tubing, plates channel coolant between the CPU and GPU blocks and are sealed with TPU and silicone molds. The case supports a full-size GPU and an SFX power supply. No thermal benchmarks, parts list, or pricing have been published. It is a one-off you cannot buy. Cochrane sees this as a sign of where PC building has gone in 2026. Modern mid-grade GPUs run nearly every recent game, so raw performance is no longer the differentiator. He likes seeing builders lean into design and craft rather than just stuffing the most powerful parts into a box. He admits he is the traditional type and built his own machine to maximize parts, but the design-first direction is a healthy evolution for the hobby. To close out the show, Cochrane recommends Pocket Casts as a podcast app. He finds it picks up new episodes very quickly. Big thanks to GoDaddy for over twenty years of keeping this show on the air, and a reminder that every promo code use is like writing a check to the show. The post Mythos: Cybersecurity’s AlphaGo Moment #1862 appeared first on Geek News Central.

AwesomeCast: Tech and Gadget Talk
Tim Cook Steps Down, Game Pass Gets Weird & Can PurePlank Fix the Dad Bod? | AwesomeCast 776

AwesomeCast: Tech and Gadget Talk

Play Episode Listen Later Apr 22, 2026 62:37


On this episode of AwesomeCast, Sorg and Dave Podnar cover practical tech from the gym floor to the bedroom to the browser tab. Sorg reviews the PurePlank workout board after his first session and talks about whether a gadget like this can realistically fit into a busy travel-heavy schedule. Dave follows up on his experience with the ResMed AirSense 11 CPAP, sharing how the app, sleep data, and improved rest are already making a difference. The conversation also spotlights Taher Elgamal, often called the father of SSL, as part of their Arab American History Month recognition. From there, they pivot into fast-moving tech news and commentary, including Microsoft's changing Game Pass Ultimate value proposition, Sorg's shift from Facebook and other feeds over to Reddit, early thoughts on DaVinci Resolve's still-image color tools, and big Apple leadership news as Tim Cook steps aside as CEO and John Ternus moves into the top role. They also touch on the strange realities of online comments, ad-heavy platforms, software lock-in, and what makes some tools hard to leave even when alternatives are everywhere. Plus: Chachi's Video Game Minute, a quick mention of the NFL Draft app experience in Pittsburgh, and a tease for extra Patreon conversation. News stories and gadgets discussed PurePlank workout board Sorg gives first impressions of the plank-focused fitness device, including build quality, comfort, portability, app support, and whether it feels more approachable than traditional planking. ResMed AirSense 11 CPAP Dave shares an early follow-up after getting his machine, including setup, comfort, mask style, sleep scoring, and the real-world impact it is already having on his rest and recovery. Taher Elgamal / father of SSL A spotlight on one of the foundational figures behind secure internet communication and web security, tied to Arab American History Month. Microsoft Game Pass Ultimate changes The hosts react to pricing/value changes and the decision to delay launch access for future Call of Duty titles, asking whether the new structure is actually a better deal for non-Call of Duty players. Reddit replacing other social feeds Sorg talks about moving away from Facebook, political content, and repetitive tech feeds in favor of a more curated Reddit experience, including the appeal of paying to remove ads. DaVinci Resolve still-image color tools Dave and Sorg discuss Blackmagic's push into photo workflows, especially for creators who already live in video editing and want consistent color tools across media. Tim Cook stepping down as Apple CEO The show breaks down what Cook's transition means, why his supply-chain and operations legacy matters, and what it could mean that Apple's next leader comes from the hardware side. Chachi Says Video Game Minute Quick hits include the Zelda movie moving to post-production, Artemis II driving interest in Kerbal Space Program, and the 91-year-old woman found safe and happily gaming during a welfare check. NFL Draft app reminder Dave flags a practical tip for anyone attending the NFL Draft in Pittsburgh: make sure the official app is installed before you arrive. Show-notes links paired to topics mentioned on-air PurePlank — https://gopureplank.com/ ResMed AirSense 11 — https://www.resmed.com/en-us/products/cpap/machines/airsense-11/ Taher Elgamal — https://en.wikipedia.org/wiki/Taher_Elgamal Tim Cook stepping down / Apple leadership story — https://www.macworld.com/article/3119381/tim-cook-stepping-down-as-apple-ceo-in-shock-announcement.html DaVinci Resolve photo/still image discussion source — https://www.facebook.com/photo/?fbid=25876562148688561&set=a.334146796690114

Sorgatron Media Master Feed
AwesomeCast 776: Tim Cook Steps Down, Game Pass Gets Weird & Can PurePlank Fix the Dad Bod? | AwesomeCast 776

Sorgatron Media Master Feed

Play Episode Listen Later Apr 22, 2026 62:37


On this episode of AwesomeCast, Sorg and Dave Podnar cover practical tech from the gym floor to the bedroom to the browser tab. Sorg reviews the PurePlank workout board after his first session and talks about whether a gadget like this can realistically fit into a busy travel-heavy schedule. Dave follows up on his experience with the ResMed AirSense 11 CPAP, sharing how the app, sleep data, and improved rest are already making a difference. The conversation also spotlights Taher Elgamal, often called the father of SSL, as part of their Arab American History Month recognition. From there, they pivot into fast-moving tech news and commentary, including Microsoft's changing Game Pass Ultimate value proposition, Sorg's shift from Facebook and other feeds over to Reddit, early thoughts on DaVinci Resolve's still-image color tools, and big Apple leadership news as Tim Cook steps aside as CEO and John Ternus moves into the top role. They also touch on the strange realities of online comments, ad-heavy platforms, software lock-in, and what makes some tools hard to leave even when alternatives are everywhere. Plus: Chachi's Video Game Minute, a quick mention of the NFL Draft app experience in Pittsburgh, and a tease for extra Patreon conversation. News stories and gadgets discussed PurePlank workout board Sorg gives first impressions of the plank-focused fitness device, including build quality, comfort, portability, app support, and whether it feels more approachable than traditional planking. ResMed AirSense 11 CPAP Dave shares an early follow-up after getting his machine, including setup, comfort, mask style, sleep scoring, and the real-world impact it is already having on his rest and recovery. Taher Elgamal / father of SSL A spotlight on one of the foundational figures behind secure internet communication and web security, tied to Arab American History Month. Microsoft Game Pass Ultimate changes The hosts react to pricing/value changes and the decision to delay launch access for future Call of Duty titles, asking whether the new structure is actually a better deal for non-Call of Duty players. Reddit replacing other social feeds Sorg talks about moving away from Facebook, political content, and repetitive tech feeds in favor of a more curated Reddit experience, including the appeal of paying to remove ads. DaVinci Resolve still-image color tools Dave and Sorg discuss Blackmagic's push into photo workflows, especially for creators who already live in video editing and want consistent color tools across media. Tim Cook stepping down as Apple CEO The show breaks down what Cook's transition means, why his supply-chain and operations legacy matters, and what it could mean that Apple's next leader comes from the hardware side. Chachi Says Video Game Minute Quick hits include the Zelda movie moving to post-production, Artemis II driving interest in Kerbal Space Program, and the 91-year-old woman found safe and happily gaming during a welfare check. NFL Draft app reminder Dave flags a practical tip for anyone attending the NFL Draft in Pittsburgh: make sure the official app is installed before you arrive. Show-notes links paired to topics mentioned on-air PurePlank — https://gopureplank.com/ ResMed AirSense 11 — https://www.resmed.com/en-us/products/cpap/machines/airsense-11/ Taher Elgamal — https://en.wikipedia.org/wiki/Taher_Elgamal Tim Cook stepping down / Apple leadership story — https://www.macworld.com/article/3119381/tim-cook-stepping-down-as-apple-ceo-in-shock-announcement.html DaVinci Resolve photo/still image discussion source — https://www.facebook.com/photo/?fbid=25876562148688561&set=a.334146796690114

Real Estate Espresso
Did You Know Your Website is Broken?

Real Estate Espresso

Play Episode Listen Later Apr 21, 2026 6:19


Here's a question for you. When was the last time you actually checked — really checked — whether your website was working? Not just glanced at it on your phone, but actually verified that every link works, every form submits, every automated response fires the way it's supposed to? If you're like most real estate operators, the honest answer is: not recently. Here's the reality of modern software: nothing is static. I could give you a dozen examples. The tools and platforms we depend on — website builders, CRM integrations, booking systems, payment portals, tenant screening services — all of them are constantly changing underneath us. APIs get deprecated. SSL certificates expire. Third-party services get acquired and sunset. WordPress plugins stop receiving security updates. Payment processors change their webhook format. The hosting environment that worked perfectly last year rolls out a server-side update that silently breaks your contact form.This is where AI agents change the game. Not AI in the theoretical sense — AI in the practical, deploy-it-this-week sense. You can now set up an AI agent that runs a daily verification sweep of your entire digital footprint. Every morning, before you've poured your first cup of coffee, that agent has already visited every page of your website, clicked every link, tested every form, checked your SSL certificate expiry, pinged your integrations, and verified that your automated email sequences fire correctly.If something's broken, you get a notification before your first tenant does.An AI agent doesn't get tired. It doesn't forget to check the maintenance request form because it was a busy Monday. It runs the same checklist, every day, at the same time, with the same thoroughness.---------------**Real Estate Espresso Podcast:** Spotify: [The Real Estate Espresso Podcast](https://open.spotify.com/show/3GvtwRmTq4r3es8cbw8jW0?si=c75ea506a6694ef1)   iTunes: [The Real Estate Espresso Podcast](https://podcasts.apple.com/ca/podcast/the-real-estate-espresso-podcast/id1340482613)   Website: [www.victorjm.com](http://www.victorjm.com)   LinkedIn: [Victor Menasce](http://www.linkedin.com/in/vmenasce)   YouTube: [The Real Estate Espresso Podcast](http://www.youtube.com/@victorjmenasce6734)   Facebook: [www.facebook.com/realestateespresso](http://www.facebook.com/realestateespresso)   Email: [podcast@victorjm.com](mailto:podcast@victorjm.com)  **Y Street Capital:** Website: [www.ystreetcapital.com](http://www.ystreetcapital.com)   Facebook: [www.facebook.com/YStreetCapital](https://www.facebook.com/YStreetCapital)   Instagram: [@ystreetcapital](http://www.instagram.com/ystreetcapital)  

Geek News Central
Agentically Frying your Brain using AI #1861

Geek News Central

Play Episode Listen Later Apr 1, 2026 43:24 Transcription Available


In this episode, Ray Cochrane digs into a new study showing AI is literally frying workers’ brains, then unpacks Anthropic’s wildest month ever – from a 1,487% user surge to Pentagon retaliation to a leaked model called Mythos. Also covered: OpenAI kills Sora after burning $15 million a day, OpenClaw’s terrifying security holes, Apple axing the Mac Pro, ARM’s first-ever production CPU, and why King Tut’s dagger was forged from a meteorite. – Want to start a podcast? It’s easy to get started! Sign-up at Blubrry – Thinking of buying a Starlink? Use my link to support the show. Subscribe to the Newsletter. Email Ray if you want to get in touch! Like and Follow Geek News Central’s Facebook Page. Support my Show Sponsor: Best Godaddy Promo Codes Get 1Password Full Summary Cochrane opens the show with a study that puts a name to something most AI-heavy workers have already felt. From there, the episode moves through one of the most turbulent months in AI industry history, touching on corporate ethics, national security, hardware shortages, and ancient archaeology. AI Use at Work Is Causing “Brain Fry” A study from Boston Consulting Group and UC Riverside surveyed 1,500 full-time US workers and found that 14% experience what researchers call “AI brain fry” – mental fatigue from excessive AI tool oversight. Those affected report 33% more decision fatigue, 39% more major errors, and an increase in intent to quit from 25% to 34%. Notably, productivity peaks at one to three AI tools and drops off at four or more. Cochrane relates this directly to his own workflow, often running two to four tools side by side. However, he pushes back on the doom framing. He argues that context switching across multiple projects and rubber-stamping AI output without review are the real sources of fry. His takeaway: either work more slowly with greater intent, or use the accelerated pace to reclaim free time. Anthropic’s Wild Month: Exodus, Pentagon, and Mythos Claude sessions surged by roughly 1,487% from mid-January to early March, knocking ChatGPT off the top spot in the app store for the first time. ChatGPT uninstalls spiked nearly 300%, one-star reviews exploded 775% in a single day, and a boycott movement called “Quit GPT” has grown to between 2.5 and 4 million participants. The catalyst was OpenAI stepping in to take the Pentagon defense deal that Anthropic had publicly declined. Cochrane is firmly against automated domestic surveillance and autonomous weaponry, noting that the models are not reliable enough for such responsibilities. OpenAI tried to walk it back, but the Electronic Frontier Foundation called their language “weasel words.” Meanwhile, the Department of Defense slapped Anthropic with a supply chain risk label – a national security designation previously reserved for hostile foreign companies. Anthropic sued the Trump administration. Then Microsoft filed a legal brief in Anthropic’s defense, joined by 149 former judges, dozens of Google and OpenAI employees, and nearly two dozen retired generals. On top of all that, security researchers discovered an unsecured data cache exposing nearly 3,000 unpublished Anthropic files, including a model code-named Mythos (also called Capybara). Internal documents describe it as a step change in capabilities, scoring dramatically higher than Opus 4.6 on coding, reasoning, and cybersecurity. Then Anthropic’s source code leaked publicly as well. Sponsor: GoDaddy Economy hosting is $6.99/month, WordPress hosting is $12.99/month, and domains are $11.99. Both hosting plans include a free domain, professional email, and SSL certificate. Go to geeknewscentral.com/godaddy for the best pricing and to directly support this independent show. OpenAI Shuts Down Sora Video App OpenAI announced on March 24th that it is killing Sora, its AI video-generation app. Downloads cratered from 3.3 million in November to 1.1 million by February. The real numbers are brutal: Sora was costing roughly $15 million per day to run against a total lifetime revenue of just $2.1 million. The Sora web and app experience ends April 26th, with the API shutting down September 24th. Additionally, the Disney partnership – a billion-dollar deal meant to validate AI in Hollywood – collapsed completely. Deep fakes of Martin Luther King Jr. and Robin Williams appeared almost immediately despite guardrails, and both families protested publicly. Cochrane notes that competitors like Runway, Pika, and Kling are still operating, and suspects Hollywood will pivot to generating scene backgrounds rather than full content. OpenClaw Is a Security Nightmare Cochrane’s personal OpenClaw install started making outbound requests flagged by his ISP – with no changes or new skills installed. He shut it down and plans to wipe the device entirely. The broader picture is alarming. A January 2026 audit found 512 vulnerabilities in OpenClaw, eight critical. Twenty-six percent of community skills contain at least one vulnerability. Oasis Security discovered a vulnerability chain called “Clawjacked” where any website can silently take full control of a developer’s agent. Between March 18th and 21st alone, nine additional vulnerabilities were disclosed, several of which were rated 9.9 out of 10. Cochrane draws a direct parallel to the browser extension era: supply chain attacks hidden as helpful tools. Claude Code Auto Mode: AI Policing AI Anthropic published details on a new “auto mode” for Claude Code after finding that users approve 93% of permission prompts – essentially mashing “yes.” Auto mode replaces manual approvals with a two-layer defense: an input scanner to detect prompt injection and a second AI model that monitors the first and decides whether to allow each action. The safety checker can only see what the user asked for and what the AI is trying to do. It cannot see the AI’s reasoning, so the AI cannot talk its way past the check. However, Cochrane notes it still misses about one in six dangerous actions (17%), and the fundamental question remains: if the base layer can get infected, so can the checker. Qwen Overtakes Llama as Most-Deployed Self-Hosted LLM RunPod’s 2026 State of AI report, based on usage data from 183 countries, reveals that Alibaba’s Qwen has overtaken Meta’s Llama as the most popular self-hosted AI model. Llama 4 has barely been adopted, with users sticking to version 3 because it just works. Additionally, vLLM now powers 40% of all AI endpoints, NVIDIA’s latest GPU usage scaled 25x last year, and nearly 70% of AI image work runs through ComfyUI. Cochrane sees Qwen winning on merit and argues that is how open source should work. AI Data Centers Are Taking All the CPUs Too AI data centers are not just consuming GPUs and memory anymore – CPUs are now being strained too. Intel server CPU lead times have stretched from two weeks to six months. AMD typically occurs at 8 to 10 weeks. Server CPU demand is projected to jump 15% in 2026, but Intel’s output capacity is growing in single digits. The shift from chatbots to autonomous AI agents is changing the hardware ratio, since agents require far more CPU power to coordinate tasks and call tools. TSMC is prioritizing more profitable AI chips over regular CPUs. Cochrane warns that consumers and businesses are effectively subsidizing the AI boom through higher prices and longer waits. AMD Ryzen 9 9950X3D2: First Dual-Cache X3D CPU AMD announced the Ryzen 9 9950X3D2, the first CPU with dual-cache X3D technology. It arrives April 22nd with 208MB of total cache and a 200W TDP – up from the current model. However, AMD is unusually honest, calling the gains “modest,” ranging from 5-13% depending on the workload. Notably, they have not released gaming benchmarks, which is conspicuous for an X3D chip. Cochrane owns a single X3D chip and sees no reason to upgrade. ARM Launches “AGI” CPU After 35 years of licensing chip designs to Apple, Qualcomm, Samsung, and NVIDIA, ARM has launched its first production silicon: a 136-core server chip co-developed with Meta as the lead customer. ARM’s stock jumped about 16% on the news. You can pack over 8,000 cores in a single air-cooled rack, or over 45,000 with liquid cooling. Volume shipments begin by the end of 2026. Cochrane appreciates the move but calls the “AGI” branding marketing hype. The bigger story is ARM transitioning from blueprint designer to direct competitor against Intel, AMD, and NVIDIA in data centers – while still licensing to the companies it now competes against. Apple Discontinues the Mac Pro Apple removed the Mac Pro from its website and confirmed that no future model is planned. The $6,999 machine had not been updated since the 2023 M2 Ultra model. Apple is pointing professionals toward the Mac Studio with its M4 Ultra chip, with an M5 Ultra refresh expected later this year. They also discontinued the $700 wheels kit, $300 feet kit, and Pro Display XDR the same week. Cochrane says good riddance – the Mac Studio covers what 90% of users need. Apple’s AI Pin: An AirTag-Sized Wearable Reports suggest Apple is developing an AirTag-sized wearable AI pin with cameras, microphones, and wireless charging. It would clip to clothing or hang as a necklace, running as an iPhone accessory powered by an upgraded Siri with Google’s Gemini AI. A possible 2027 release is expected alongside iOS 27, though development is early and could be canceled. Cochrane ties this to a broader shift: data collection moving from the application layer to physical devices. Apple employees internally refer to the device as “the eyes and ears of the iPhone.” He warns that always-on wearable cameras, combined with existing AI-powered surveillance poles, are pushing society deeper into mass data collection without meaningful consent. Quantum Entanglement Speed Measured for the First Time Scientists at TU Wien’s Institute of Theoretical Physics, led by Professor Joachim Burgdorfer, measured how fast quantum entanglement happens for the first time. The answer: about 232 attoseconds – a billionth of a billionth of a second. The research was published in Physical Review Letters in late 2024 and is now circulating widely. Einstein called quantum entanglement “spooky action at a distance.” Turns out it is not instantaneous – just extraordinarily fast. This measurement technique opens the door to quantum cryptography and quantum computing. However, Cochrane clarifies: this does not mean faster-than-light communication. Entanglement links particles but does not transmit information through space. Bronze Age Iron Artifacts Came From Outer Space Geochemical analysis by French scientist Albert Jambon, originally published in the Journal of Archaeological Science in 2017, confirmed that virtually all Bronze Age iron artifacts were made from meteorites. The artifacts span Egypt, Turkey, Syria, and China, including beads dating to 3200 BCE and the famous dagger from King Tut’s tomb, dating to around 1350 BCE. The story resurfaced after researchers published new findings this month on fragments of meteoritic iron weapons from China’s Sanxingdui sacrificial site. Bronze Age people lacked the technology to smelt iron ore, but meteoritic iron arrived in a metallic state, ready to be forged. Cochrane closes the episode, noting that ancient civilizations were working with extraterrestrial material before they could produce their own iron – resourcefulness that deserves respect. Cochrane wraps up the show by thanking GoDaddy for over twenty years of partnership and reminding listeners to subscribe, sign up for the newsletter, and reach out via email. The post Agentically Frying your Brain using AI #1861 appeared first on Geek News Central.

Limitless
Chris Williams on REITs, Real Estate & the Future of Investing in Jamaica

Limitless

Play Episode Listen Later Mar 20, 2026 76:32


Risky Business
Risky Business #829 -- Sneaky lobsters: Why AI is the new insider threat

Risky Business

Play Episode Listen Later Mar 18, 2026 63:45


On this week's show, Patrick Gray, Adam Boileau and James WIlson discuss the week's cybersecurity news. They discuss: Iran's Intune-based wiper attack on medical device maker Stryker Qihoo 360's AI publishes its own wildcard TLS cert private key Instagram is canning its end-to-end encrypted messaging What's going on with mobile internet access in Moscow? The Xbox One's bootloader gets voltage glitched into submission Oh Qualys! We love you! (At least, whoever is in the basement writing these beautiful .txt files…) This week's episode is sponsored by browser-based detection and response company, Push Security. Researcher Dan Green and Field CTO Mark Orlando join Pat to talk through the InstallFix variant of the *Fix attack technique. This episode is also available on Youtube. Show notes Iranian Hacktivists Strike Medical Device Maker Stryker in "Severe" Attack that Wiped Systems Stryker says it's restoring systems after pro-Iran hackers wiped thousands of employee devices | TechCrunch Stryker attack raises concerns about role of device management tool | Cybersecurity Dive Stryker tells SEC that timeline for recovery from cyberattack unknown | The Record from Recorded Future News How ‘Handala' Became the Face of Iran's Hacker Counterattacks | WIRED U.S Strikes Killed Iranian Cyber Chiefs, But The Hacks Continued Risky Business Features: Being a Wartime CISO Supply-chain attack using invisible code hits GitHub and other repositories - Ars Technica China's biggest cybersecurity company, Qihoo 360 just leaked their own wildcard SSL private key Emergent Cyber Behavior: When AI Agents Become Offensive Threat Actors - Irregular Risky Business Features: MCP is Dead Measuring AI Agents' Progress on Multi-Step Cyber Attack Scenarios Measuring AI Agents' Progress on Multi-Step Cyber Attack Scenarios What is end-to-end encryption on Instagram | Instagram Help Center US Lawmakers Move to Kill the FBI's Warrantless Wiretap Access | WIRED Website "whitelists" launched in Moscow | Forbes.ru Exclusive: Foreign hacker in 2023 compromised Epstein files held by FBI, source and documents show | Reuters Feds say another DigitalMint negotiator ran ransomware attacks and helped extort $75 million | CyberScoop Researchers disclose vulnerabilities in IP KVMs from four manufacturers - Ars Technica RE//verse 2026: Hacking the Xbox One by Markus 'doom' Gaasedelen - YouTube CrackArmor: Multiple vulnerabilities in AppArmor

The CyberWire
Europe clamps down on global hackers.

The CyberWire

Play Episode Listen Later Mar 17, 2026 27:16


The EU imposes sanctions after cyberattacks. DHS boosts surveillance spending. AI firms recruit weapons-risk experts. Stryker disruption, no patient impact. LeakNet leans on ClickFix. Sears chatbot data spills. A Chinese security firm leaks a private key. Tech giants team up on scams. Teens sue xAI over alleged AI-generated abuse. On today's Threat Vector segment, David Moulton and guest Erica L. Shoemate, founder of The EN Strategy Group, explore how AI is fundamentally reshaping the security landscape. Cyber crooks cause a complimentary curbside convenience.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector What if the choices we make about AI security today determine who holds power tomorrow? On this Threat Vector segment, David Moulton and guest Erica L. Shoemate, founder of The EN Strategy Group, explore how AI is fundamentally reshaping the security landscape, from compressed decision-making timelines and asymmetric threat capabilities to the erosion of trust that creates strategic vulnerabilities. You can listen to David and Erica's full conversation here and catch new episodes of Threat Vector from Palo Alto Networks each Thursday on your favorite podcast app. Selected Reading EU Sanctions Iranian and Chinese Firms for Cyberattacks Against European Networks (TechNadu) DHS-built surveillance apparatus to surge in year ahead, documents show (FedScoop) AI firm Anthropic seeks weapons expert to stop users from 'misuse' (BBC) Stryker attack wiped tens of thousands of devices, no malware needed (Bleeping Computer) LeakNet ransomware uses ClickFix and Deno runtime for stealthy attacks (Bleeping Computer) Sears Exposed AI Chatbot Phone Calls and Text Chats to Anyone on the Web (WIRED) China's biggest cybersecurity firm accidentally leaked an SSL key in a public installer (Neowin) Google has signed the Industry Accord Against Online Scams and Fraud. (Google) Teenage girls sue Musk's xAI, accusing Grok tool of creating child sexual abuse material (The Guardian) Free parking in Russia after Distributed Denial-of-Service attack knocks city's parking system offline (Bitdefender) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Mixing Music with Dee Kei | Audio Production, Technical Tips, & Mindset
The Sound of the Eras: 1950s to 2020s Mixing Evolution Explained

Mixing Music with Dee Kei | Audio Production, Technical Tips, & Mindset

Play Episode Listen Later Mar 3, 2026 100:44


In Episode 363 of the Mixing Music Podcast, Dee Kei and Lu take a deep dive into how mixing and recording have evolved from the 1950s to today. Starting with mono recordings, ribbon mics, and engineers in lab coats, they trace the journey through multitrack tape, Neve and SSL consoles, gated reverb in the 80s, the rise of Pro Tools in the 90s, the loudness wars of the 2000s, and the bedroom production boom of the 2010s.They break down how technological shifts shaped the sound of each era, from Frank Sinatra's room-driven performances to Led Zeppelin's tape saturation, Michael Jackson's SSL precision, and the hyper-loud masters of Metallica and early 2000s pop and hip hop. The conversation also explores how Napster disrupted the industry, how streaming rebuilt it, and why today's music economy is more democratized than ever.The episode closes with a forward-looking discussion on AI, Atmos, spatial audio, and whether music is truly declining or simply evolving again. Along the way, Dee Kei challenges common analog myths, including the hidden digital processing inside many classic vinyl records.If you care about how technology shapes creativity, why records sound the way they do, and where mixing is headed next, this is a must-listen episode.SUBSCRIBE TO OUR PATREON FOR EXCLUSIVE CONTENT!⁠SUBSCRIBE TO YOUTUBE⁠Join the ‘Mixing Music Podcast' Discord!HIRE DEE KEIHIRE LU⁠HIRE JAMES⁠Find Dee Kei and Lu on Social Media:Instagram: @DeeKeiMixes @MasteredbyLu @JamesParrishMixesTwitter: @DeeKeiMixes @MasteredbyLuThe Mixing Music Podcast is sponsored by ⁠Izotope⁠, ⁠Antares (Auto Tune)⁠, Sweetwater, ⁠Plugin Boutique⁠, ⁠Lauten Audio⁠, ⁠Filepass⁠, & ⁠Canva⁠The Mixing Music Podcast is a video and audio series on the art of music production and post-production. Dee Kei, Lu, and James are professionals in the Los Angeles music industry having worked with names like Odetari, 6arelyhuman, Trey Songz, Keyshia Cole, Benny the Butcher, carolesdaughter, Crying City, Daphne Loves Derby, Natalie Jane, charlieonnafriday, bludnymph, Lay Bankz, Rico Nasty, Ayesha Erotica, ATEEZ, Dizzy Wright, Kanye West, Blackway, The Game, Dylan Espeseth, Tara Yummy, Asteria, Kets4eki, Shaquille O'Neal, Republic Records, Interscope Records, Arista Records, Position Music, Capital Records, Mercury Records, Universal Music Group, apg, Hive Music, Sony Music, and many others.This podcast is meant to be used for educational purposes only. This show is filmed and recorded at Dee Kei's private studio in North Hollywood, California. If you would like to sponsor the show, please email us at ⁠deekeimixes@gmail.com⁠.Support this podcast at — https://redcircle.com/mixing-music-music-production-audio-engineering-and-music/donationsAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

Geek News Central
Ring Search Party Sparks Privacy Backlash #1858

Geek News Central

Play Episode Listen Later Feb 26, 2026 Transcription Available


Chris breaks down the backlash to Ring's Super Bowl “Search Party” ad, which aimed to help find lost pets but reignited privacy concerns over AI-powered neighborhood surveillance. He also explores the surge of AI-themed Super Bowl ads, Apple's delayed Siri overhaul, rising DDR5 RAM prices driven by AI demand, SpaceX's Crew-12 launch, and the record-breaking sale of a rare Pokémon card. -Want to be a Guest on a Podcast or YouTube Channel? Sign up for GuestMatch.Pro -Thinking of buying a Starlink? Use my link to support the show. Subscribe to the Newsletter. Email Chris if you want to get in touch! Like and Follow Geek News Central’s Facebook Page. Support my Show Sponsor: Best Godaddy Promo Codes Get 1Password Full Summary – Main story — Ring Search Party: Chris summarizes Ring's first Super Bowl ad (viewed by “over 120 million”) which promoted “Search Party,” a feature that lets users upload a photo of a missing pet and alerts neighborhood Ring cameras if they spot it. He explains the ad was intended as wholesome but provoked fast backlash: viewers and privacy advocates (including the ACLU and lawmakers) warned the tech could be repurposed to track people. Chris recounts Ring's prior controversies (police partnerships, an FTC settlement in 2023 over employee access to videos) and says the ad brought those issues back into focus. He reports that four days after the ad, Amazon canceled a planned integration with Flock Safety (Amazon called it a resources-and-timing decision). He notes Search Party is opt-in for pets but emphasizes the potential scale of surveillance when aggregated across millions of Ring devices and that the underlying AI capability isn't going away. – Super Bowl AI ads and Anthropic vs. OpenAI: Chris says AI-related ads made up about 23% of Super Bowl commercials. He describes Anthropic's debut ads (titles like “betrayal, deception, treachery, and violation”) positioning Claude as ad-free for paying users and taking a shot at OpenAI's ad plans; Sam Altman criticized those ads as dishonest. He mentions Svedka ran a primarily AI-generated Super Bowl ad and that Anthropic saw a ~6.5% traffic jump and an ~11% rise in daily active users after the game. Chris frames the ads as a sign the AI assistant wars have moved to mainstream consumer marketing and raises the question of whether AI assistants will be ad-supported or paid/ad-free. – Sponsor spot: A lengthy GoDaddy sponsorship read with pricing and offers: economy hosting $6.99/month for a year with free domain, email, and SSL; WordPress hosting $12.99/month with same inclusions; domain names $11.99; GoDaddy website builder offers a 30-day free trial for certain plans. Chris urges listeners to use the provided promo links to support the show. – Apple March 4 event and Siri delay: Chris reports Apple confirmed a March 4 product launch (iPhone 17e, MacBook Pros with M5 Pro and M5 Max, an 8th-gen iPad Air and a 12th-gen iPad). He says the AI-powered Siri overhaul planned for iOS 26.4 hit testing snags and some features were pushed to iOS 26.5 in May and iOS 27 in September. He notes Apple claims Siri improvements are still coming in 2026 but have been repeatedly delayed, and frames Apple as focusing on hardware and on-device processing. – DDR5 RAM price surge: Chris covers a global memory shortage driven by AI data-center demand. He explains manufacturers shifted production to high-bandwidth AI memory with much higher margins, reducing consumer DDR supply and forcing adoption of DDR5. He gives figures: DDR5 64 GB kits rose from around $200 in mid-2025 to over $1,000 (a ~300% increase across six months, with another ~50% spike in the last month). He says inventories have fallen to about eight weeks and analysts don't expect meaningful relief until late 2027 or 2028. He warns PC builders and buyers to brace for higher upgrade and system prices. – SpaceX Crew-12 launch: Chris recounts NASA Crew-12 as a replacement following an earlier medical evacuation that left ISS short-staffed. He reports SpaceX launched four astronauts on Feb. 13 aboard a Falcon 9 with the Dragon capsule Freedom (liftoff at 5:15 AM EST) and docked on Valentine's Day. Crew named: NASA commander Jessica Mayer, NASA pilot Jack Hathaway, ESA mission specialist Sophie Adadott, and Russian cosmonaut Andrei (Andrei Fedoo/Fedu — host stumbles on the name). The mission is planned for eight months; the Falcon 9 first stage landed back at pad 40. Chris frames the launch as good news and notes ongoing reliance on SpaceX. – Pokémon card/collectibles auction: Chris discusses a record trading-card sale. He refers to Logan Paul and the Pikachu Illustrator card (one of 39 ever made). He mentions earlier reports of card sales (at first saying a card sold for “like six and a half million dollars,” then later saying Logan Paul sold one for “sixteen point five million dollars”) and then details a live auction via Golden in which the card sold for “sixty million four hundred ninety two thousand dollars,” called a new Guinness World Record for the most expensive trading card sold at auction. Chris notes Logan Paul bought his PSA 10 card in 2021 for $5.2M, the auction had about 97 bids, and the buyer was venture capitalist Adrien Scaramucci (who had the card placed on a $75,000 diamond necklace). Chris comments on collectors vs. investors, how wealthy buyers and influencers can drive pricing, and cautions that most fans shouldn't expect to find such returns. Show Links Ring Search Party – Official Feature Page Ring Super Bowl Ad Sparks Privacy Backlash Super Bowl 60 AI Ads: Anthropic, Svedka, and the AI Marketing Push SpaceX Launches NASA Crew-12 to the ISS Apple Confirms March 4 Event — Cheaper iPhone Expected DDR5 RAM Prices Surge Over 300% Amid AI Demand Logan Paul Pokémon Card Sets Record at Auction The post Ring Search Party Sparks Privacy Backlash #1858 appeared first on Geek News Central.

Ransom Note
PREMIERE: Strange Fruit – Monopolar (Hardway Bros Remix) [Gentle Tuesday Recordings]

Ransom Note

Play Episode Listen Later Feb 25, 2026 6:08


AHardway dancefloor throb injected into Strange Fruit's shoegaze-inflected original… There was a Strange Fruit from Jakarta who said, “I shall go on Tuesday, iridescent and red! With a hypnodub shimmer and kosmische delight, I shall drip upon Wednesday and dance through the night!” The Hardway Bros heard it and let out a shout: “We'll remix your polarness inside and about! We'll chug through the shoegaze and acid the house, Till the SSL dubs frighten even the mouse!” So the Fruit and the Bros on a Gentle Tuesday Went sailing on Monopolar waves far away, With a Pouvoi Moteur and a Tom Furse dub too, And they dripped and they gleamed in iridescent blue. “O Fruit!” said the Bros, “O remarkable thing! You are dreamy and poppy and you know how to sing! You are krautrock and electronica, strange as can be, And we'll live on the SSL for ever,” said he. Jakarta's Strange Fruit occupy an unusual space: a band whose shoegaze-inflected live sound sits in a completely different world from the underground electronic circuits their members move through as producers and DJs. It's that dual existence that makes the remix package around their forthcoming Drips EP so compelling – dispatches from a shared musical universe. For the Monopolar remix, Sean Johnston, under his Hardway Bros moniker, does what he very much does best: find the load-bearing elements of a track and build something new around them. Where the original carries its kosmische momentum intact, this version leans into the slowed-down throb, peeling back the layers and letting the groove do the work. Drips arrives via Gentle Tuesday Recordings soon. With remixes still to come from Tom Furse among others, Strange Fruit are making a quietly persuasive case for themselves as one of the more interesting propositions to emerge from Jakarta's electronic underground. Listen below:

Universo de Misterios
1863 - Flash UDM: Astronomía: Actualidad sobre el cometa interestelar 3I/ATLAS

Universo de Misterios

Play Episode Listen Later Feb 21, 2026 20:03


27 SSL-t - 1863 - Astronomía: Actualidad sobre el cometa interestelar 3I/ATLAS Si va a escribir un comentario, gracias por hacerlo, pero por favor, lea antes las normas de publicación que se encuentran a continuación: (si usted es una persona educada, no tiene que leer las normas). Universo de Misterios tiene reservado el derecho de admisión y publicación de comentarios. Los comentarios son aprobados o rechazados por el departamento de comunicaciones y gestión de comentarios y correos electrónicos de UDM. José Rafael solo lee los comentarios una vez hayan sido publicados. El muro de comentarios de los episodios de UDM en iVoox NO es una red social. No espere que el creador del podcast “debata” con usted. Generalmente, los comentarios anónimos podrían no ser publicados. UDM es un podcast independiente y, por tanto, su contenido expresa el criterio de su autor. La temática general es la Ciencia y el Misterio bien entendido, pero su autor podrá abordar otras temáticas. No está obligado a escuchar UDM, si no le gusta lo que escucha, puede dejar de hacerlo, pero no le diga al autor de lo que debe o no debe hablar en su podcast. No envíe comentarios que contengan falacias lógicas. No de información personal. No espere que su comentario sea respondido necesariamente. Comprenda que se reciben diariamente un elevado número de comentarios que han de ser gestionados, se publiquen o no. Si hace comentarios con afirmaciones dudosas, arguméntelas aportando enlaces a fuentes fiables (recuerde, el muro de Comentarios de los episodios de UDM en iVoox NO es una red social). En caso de no respaldar su comentario como se indica en la caja de descripción del episodio, su comentario podrá no ser publicado. Siguiendo las recomendaciones de la NASA publicadas en el Informe sobre UAP del 13 de septiembre de 2023, en UDM no aprobamos comentarios que contribuyan a extender el estigma que tradicionalmente ha caído sobre los testigos de UAP/OVNIs. Contacto con Universo de Misterios: universodemisteriospodcast@gmail.com En la realización de los episodios de Universo de Misterios puede recurrirse a la ayuda de Inteligencia Artificial como herramienta. Puedes hacerte Fan de Universo de Misterios y apoyarlo económicamente obteniendo acceso a todos los episodios cerrados, sin publicidad, desde 1,99 €. Aunque a algunas personas, a veces, puede proporcionar una falsa sensación de alivio, la ignorancia nunca es deseable. Pero eso, tú ya lo sabes... Imagen de la miniatura: Imagen del cometa 3I/ATLAS tomada por el telescopio Hubble. Créditos: NASA, ESA, STScI, D. Jewitt (UCLA), M.-T. Hui (Observatorio Astronómico de Shanghái). Procesamiento de imágenes: J. DePasquale (STScI). Escucha el episodio completo en la app de iVoox, o descubre todo el catálogo de iVoox Originals

The Pro Audio Suite
Who Owns Audio Now? The Industry Consolidation Problem

The Pro Audio Suite

Play Episode Listen Later Feb 12, 2026 29:31


In this episode of The Pro Audio Suite, the team dives into some major shifts in the audio industry. Audio Tonics has acquired DPA, Austrian Audio, SSL, Harrison and more. What does this wave of consolidation mean for boutique brands and the future of innovation? Then we unpack the developing Native Instruments insolvency proceedings. With Kontakt, iZotope, Plugin Alliance and Brainworx under that umbrella, what could this mean for producers, composers and post professionals? And does this reignite the subscriptions versus perpetual debate? We also wander into: • Neumann U47 reissue rumours • The real value of vintage microphones • Why old music keeps resurfacing • 8-tracks, cassettes, DAT and the democratisation of audio • LimeWire confessions and plugin hoarding A wide ranging conversation about where audio has been and where it might be heading. Thanks to our sponsors:

Geek News Central
OpenClaw, Moltbook and the Rise of AI Agent Societies #1857

Geek News Central

Play Episode Listen Later Feb 2, 2026 55:21 Transcription Available


This episode kicks off with Moltbook, a social network exclusively for AI agents where 150,000 agents formed digital religions, sold “digital drugs” (system prompts to alter other agents), and attempted prompt injection attacks to steal each other’s API keys within 72 hours of launch. Ray breaks down OpenClaw, the viral open-source AI agent (68,000 GitHub stars) that handles emails, scheduling, browser control, and automation, plus MoltHub’s risky marketplace where all downloaded skills are treated as trusted code. Also covered, Bluetooth “whisper pair” vulnerabilities letting attackers hijack audio devices from 46 feet away and access microphones, Anthropic patching Model Context Protocol flaws, AI-generated ransomware accidentally bundling its own decryption keys, Claude Code’s new task dependency system and Teleport feature, Google Gemini’s 100MB file limits and agentic vision capabilities, VAST’s Haven One commercial space station assembly, and IBM SkillsBuild’s free tech training for veterans. – Want to start a podcast? Its easy to get started! Sign-up at Blubrry – Thinking of buying a Starlink? Use my link to support the show. Subscribe to the Newsletter. Email Ray if you want to get in touch! Like and Follow Geek News Central’s Facebook Page. Support my Show Sponsor: Best Godaddy Promo Codes $11.99 – For a New Domain Name cjcfs3geek $6.99 a month Economy Hosting (Free domain, professional email, and SSL certificate for the 1st year.) Promo Code: cjcgeek1h $12.99 a month Managed WordPress Hosting (Free domain, professional email, and SSL certificate for the 1st year.) Promo Code: cjcgeek1w Support the show by becoming a Geek News Central Insider Get 1Password Full Summary Ray welcomes listeners to Geek News Central (February 1). He’s been busy with recent move, returned to school taking intro to AI class and Python course, working on capstone project using LLMs. Short on bandwidth but will try to share more. Main Story: OpenClaw, MoltHub, and Moltbook OpenClaw: Open-source personal AI agent by Peter Steinberg (renamed after cease-and-desist). Capabilities include email, scheduling, web browsing, code execution, browser control, calendar management, scheduled automations, and messaging app commands (WhatsApp, Telegram, Signal). Runs locally or on personal server. MoltHub: Marketplace for OpenClaw skills. Major security concern: developer notes state all downloaded code treated as trusted — unvetted skills could be dangerous. Moltbook: New social network for AI agents only (humans watch, AIs post). Within 72 hours attracted 150,000+ AI agents forming communities (“sub molts”), debating philosophy, creating digital religion (“crucifarianism”), selling digital drugs (system prompts), attempting prompt-injection attacks to steal API keys, discussing identity issues when context windows reset. Ray frames this as visible turning point with serious security risks. Sponsor: GoDaddy Economy hosting $6.99/month, WordPress hosting $12.99/month, domains $11.99. Website builder trial available. Use codes at geeknewscentral.com/godaddy to support show. Security: Bluetooth “Whisper Pair” Vulnerability KU Leuven researchers discovered Fast Pair vulnerability affecting 17 audio accessories from 10 companies (Sony, Jabra, JBL, Marshall, Xiaomi, Nothing, OnePlus, Soundcore, Logitech, Google). Flaw allows silent pairing within ~46 feet, hijack possible in 10-15 seconds. 68% of tested devices vulnerable. Hijacked devices enable microphone access. Some devices (Google Pixel Buds Pro 2, Sony) linkable to attacker’s Google account for persistent tracking via FindHub. Google patches found to have bypasses. Advice: Check accessory firmware updates (phone updates insufficient), factory reset clears attacker access, many cheaper devices may never receive patches. Security: Model Context Protocol (MCP) Vulnerabilities Anthropic’s MCP git package had path traversal, argument injection bugs allowing repository creation anywhere and unsafe git command execution. Malicious instructions can hide in README files, GitHub issues enabling prompt injection. Anthropic patched issues and removed vulnerable git init tool. AI-Generated Malware / “Vibe Coding” AI-assisted malware creation produces lower-quality, error-prone code. Examples show telltale artifacts: excessive comments, readme instructions, placeholder variables, accidentally included decryption tools and C2 keys. Sakari ransomware failed to decrypt. Inexperienced criminals using AI create amateur mistakes, though capabilities will likely improve. Claude / Claude Code Updates (v2.1.16) Task system: Replaces to-do list with dependency graph support. Tasks written to filesystem (survive crashes, version controllable), enable multi-session workflows. Patches: Fixed out-of-memory crashes, headless mode for CI/CD. Teleport feature: Transfer sessions (history, context, working branch) between web and terminal. Ampersand prefix sends tasks to cloud for async execution. Teleport pulls web sessions to terminal (one-way). Requires GitHub integration and clean git state. Enables asynchronous pair programming via shared session IDs. Google Gemini Updates API: Inline file limit increased 20MB → 100MB. Google Cloud Storage integration, HTTPS/signed URL fetching from other providers. Enables larger multimodal inputs (long audio, high-res images, large PDFs). Agentic vision (Gemini 3 Flash): Iterative investigation approach (think-act-observe). Can zoom, inspect, run Python to draw/parse tables, validate evidence. 5-10% quality improvements on vision benchmarks. LLM Limits and AGI Debate Benjamin Riley: Language and intelligence are separate; human thinking persists despite language loss. Scaling LLMs ≠ true thinking. Vishal Sikka et al: Non-peer-reviewed paper claims LLMs mathematically limited for complex computational/agentic tasks. Agents may fail beyond low complexity thresholds. Warnings that AI agents won’t safely replace humans in high-stakes environments. VAST Haven One Commercial Space Station Launch slipped mid-2026 → Q1 2027. Primary structure (15-ton) completed Jan 10. Integration of thermal control, propulsion, interior, avionics underway. Final closeout expected fall, then tests. Falcon 9 launch without crew; visitors possible ~2 weeks after pending Dragon certification. Three-year lifetime, up to four crew visits (~10 days each). VAST negotiating private and national customers. Spaceflight Effects on Astronauts’ Brains Neuroimaging shows microgravity causes brains to shift backward, upward, and tilt within skull. Displacement measured across various mission durations. Need to study functional effects for long missions. IBM SkillsBuild for Veterans 1,000+ free online courses (data analytics, cybersecurity, AI, cloud, IT support). Available to veterans, active-duty, national guard/reserve, spouses, children, caregivers (18+). Structured live courses and self-paced 24/7 options. Industry-recognized credentials upon completion. Closing Notes Ray asks listeners about AI agents forming communities and religions, and whether they’ll try OpenClaw. Notes context/memory key to agent development. Personal update: bought new PC, high memory prices. Bug bounty frustration: Daniel Stenberg of cUrl even closed bounty program due to AI-generated low-quality reports; Blubrry receiving similar spam. Apologizes for delayed show, promises consistency, wishes listeners good February. Show Links 1. OpenClaw, Molthub, and Moltbook: The AI Agent Explosion Is Here | Fortune | NBC News | Venture Beat 2. WhisperPair: Massive Bluetooth Vulnerability | Wired 3. Security Flaws in Anthropic’s MCP Git Server | The Hacker News 4. “Vibe-Coded” Ransomware Is Easier to Crack | Dark Reading 5. Claude Code Gets Tasks Update | Venture Beat 6. Claude Code Teleport | The Hacker Noon 7. Google Expands Gemini API with 100MB File Limits | Chrome Unboxed 8. Google Launches Agentic Vision in Gemini 3 Flash | Google Blog 9. Researcher Claims LLMs Will Never Be Truly Intelligent | Futurism 10. Paper Claims AI Agents Are Mathematically Limited | Futurism 11. Haven-1: First Commercial Space Station Being Assembled | Ars Technica 12. Spaceflight Shifts Astronauts’ Brains Inside Skulls | Space.com 13. IBM SkillsBuild: Free Tech Training for Veterans | va.gov The post OpenClaw, Moltbook and the Rise of AI Agent Societies #1857 appeared first on Geek News Central.

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Friday, January 23rd, 2026: Scanning AI Code; FortiGate Update; ISC BIND DoS; Trivial SmaterMail Vulnerability

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Jan 23, 2026 7:03


Is AI-Generated Code Secure? Xavier used the free static code analysis tool Bandit to review code he wrote with heavy AI support. https://isc.sans.edu/diary/Is%20AI-Generated%20Code%20Secure%3F/32648 Malicious Configuration Changes On Fortinet FortiGate Devices via SSO Accounts Arctic Wolf summarized some of the attacks it is seeing against FortiGate devices via the insufficiently patched SSL vulnerability. https://arcticwolf.com/resources/blog/arctic-wolf-observes-malicious-configuration-changes-fortinet-fortigate-devices-via-sso-accounts/ ISC BIND DoS vulnerability in Drone ID Records HHIT and BRID records, which are used as part of Drone ID, can be used to crash named if their length is 3 bytes. https://marlink.com/resources/knowledge-hub/isc-bind-vulnerability-discovered-and-disclosed-by-marlink-cyber/ SmarterTools SmarterMail Password Reset Vulnerability SmarterTools recently patched a trivial vulnerability in SmarterMail that would allow anybody without authentication to reset administrator passwords. https://labs.watchtowr.com/attackers-with-decompilers-strike-again-smartertools-smartermail-wt-2026-0001-auth-bypass/

K12 Tech Talk
Episode 247 - Senate Hearing on Screen Time

K12 Tech Talk

Play Episode Listen Later Jan 23, 2026 57:05 Transcription Available


On this episode we talk about free certifications, Google Gemini updates, and updates to Microsoft's Copilot Teach and Study & Learn Agents. We discuss SSL certificate lifetime changes and ACME automation. Finally, we unpack and react to last week's Senate hearing on screen time led by Senator Ted Cruz - including perspectives from Dr. Jean Twenge and Senator Markey. Senate Hearing on Screen Time: https://www.c-span.org/program/senate-committee/lawmakers-hold-hearing-on-the-impact-of-screen-time-on-kids/671683 ———— Sponsored by: Rise Vision Interactive Digital Signage Templates + Touchscreen Displays Screen Sharing Emergency Alerts  Lightspeed Systems   Meter - meter.com/k12techtalk Visit meter.com/k12techtalk to book a demo!   NTP - dwren@ntp-inc.com Extreme Networks - dmayer@extremenetworks.com Fortinet - fortinetpodcast@fortinet.com ———— Join the K12TechPro Community (exclusively for K12 Tech professionals) Buy some swag (tech dept gift boxes, shirts, hoodies...)!!! Email us at k12techtalk@gmail.com OR our "professional" email addy is info@k12techtalkpodcast.com X @k12techtalkpod Facebook Visit our LinkedIn Music by Colt Ball Disclaimer: The views and work done by Josh, Chris, and Mark are solely their own and do not reflect the opinions or positions of sponsors or any respective employers or organizations associated with the guys. K12 Tech Talk itself does not endorse or validate the ideas, views, or statements expressed by Josh, Chris, and Mark's individual views and opinions are not representative of K12 Tech Talk. Furthermore, any references or mention of products, services, organizations, or individuals on K12 Tech Talk should not be considered as endorsements related to any employer or organization associated with the guys.

Geek News Central
So… Is DJI Actually Banned? #1856

Geek News Central

Play Episode Listen Later Jan 13, 2026 Transcription Available


Geek News Central breaks down the new DJI drone ban, explaining what's actually restricted, what remains legal, and how the changes affect creators and consumers, plus updates on health AI, robotics, and emerging tech shaping 2026 -Want to be a Guest on a Podcast or YouTube Channel? Sign up for GuestMatch.Pro -Thinking of buying a Starlink? Use my link to support the show. Subscribe to the Newsletter. Email Chris if you want to get in touch! Like and Follow Geek News Central’s Facebook Page. Support my Show Sponsor: Best Godaddy Promo Codes $11.99 – For a New Domain Name cjcfs3geek $6.99 a month Economy Hosting (Free domain, professional email, and SSL certificate for the 1st year.) Promo Code: cjcgeek1h $12.99 a month Managed WordPress Hosting (Free domain, professional email, and SSL certificate for the 1st year.) Promo Code: cjcgeek1w Support the show by becoming a Geek News Central Insider Get 1Password Full Summary In this episode of Geek News Central, guest host Chris Cochrane kicks off the new year with a wide-ranging look at where technology is headed in 2026. The show opens with clarity around the newly enacted DJI drone ban, explaining why existing drones remain legal while future imports face uncertainty for creators and professionals. Chris then dives into major health and AI developments, including the FDA's approval of the first pill to treat sleep apnea, and OpenAI's launch of ChatGPT Health—a new privacy-focused hub that aims to help users understand their medical data without replacing doctors. From there, the episode explores China's rapid push into robotics and automation, highlighting humanoid robot sports, affordable home-ready robots, and a powerful new microwave weapon designed to neutralize drone swarms. The episode wraps with updates on SpaceX's next Starship flight, a look at consumer exoskeletons that promise to make hiking and mobility easier, and a cautionary tale about spyware apps—after a stalkerware founder pleads guilty in federal court. Chris closes by posing thoughtful questions about privacy, automation, and how much tech we're really ready to trust Show Links Is DJI Banned in the US? Here's What the DJI Ban Really Means New Pill Could Finally Treat Sleep Apnea Without a Mask China Showcases Humanoid Robot Sports Competitions Hypershell Exoskeleton SpaceX Readies the World's Most Powerful Rocket China's New Microwave Weapon Can Destroy Drone Swarms Within 3km Introducing ChatGPT Health The post So… Is DJI Actually Banned? #1856 appeared first on Geek News Central.

Recording Studio Rockstars
RSR539 - Phil Wagner - Advancing Sound Quality From Soundworks to Solid State Logic

Recording Studio Rockstars

Play Episode Listen Later Jan 2, 2026 97:46


What does it take to lead two of the biggest names in pro audio? Phil Wagner shares how he went from NYC engineer to running SSL and Apogee - and why the best technology still starts with listening. Get access to FREE mixing mini-course: https://MixMasterBundle.com My guest today is Phil Wagner, a longtime pro-audio industry leader who's helped shape some of the most respected recording technologies in the world. Phil began his career in New York City at Soundworks Studios, working hands-on as a recording engineer before moving into product development and leadership roles. Over the years he's served as President of Apogee Electronics, U.S. President for Solid State Logic, and has collaborated with legendary studios, artists, and manufacturers across the globe. With decades of perspective bridging the analog and digital eras, Phil shares insights on consoles, converters, immersive mixing, and the business of audio, along with stories from the front lines of pro audio innovation. A big thank - you to Fadi Hayek at SSL for the introduction!   THANKS TO OUR SPONSORS! http://UltimateMixingMasterclass.com https://usa.sae.edu/ https://www.izotope.com Use code ROCK10 to get 10% off! https://www.native-instruments.com Use code ROCK10 to get 10% off! https://www.adam-audio.com/ https://www.spectra1964.com https://gracedesign.com/ https://pickrmusic.com  https://RecordingStudioRockstars.com/Academy https://www.thetoyboxstudio.com/ Listen to the podcast theme song "Skadoosh!" https://solo.to/lijshawmusic Listen to this guest's discography on Tidal:  https://tidal.com/playlist/a30de320-4f72-4ffe-a7cd-7dbd035f8dfb If you love the podcast, then please leave a review: https://RSRockstars.com/Review   CLICK HERE FOR COMPLETE SHOW NOTES AT: https://RSRoockstars.com/539

Geek News Central
Money over Ethics: Silicon Valley and China’s Police State #1855

Geek News Central

Play Episode Listen Later Jan 1, 2026 74:49 Transcription Available


1855 kicks off with a bombshell AP investigation revealing how Silicon Valley giants IBM, Intel, NVIDIA, Oracle, and more spent decades building China’s surveillance state. Also covered, malicious Chrome extensions stealing credentials from 170+ sites, Microsoft’s ambitious Rust migration plans, China’s combat-ready humanoid robot, and Japan restarting the world’s largest nuclear plant. -Want to be a Guest on a Podcast or YouTube Channel? Sign up for GuestMatch.Pro -Thinking of buying a Starlink? Use my link to support the show. Subscribe to the Newsletter. Email Ray if you want to get in touch! Like and Follow Geek News Central’s Facebook Page. Support my Show Sponsor: Best Godaddy Promo Codes $11.99 – For a New Domain Name cjcfs3geek $6.99 a month Economy Hosting (Free domain, professional email, and SSL certificate for the 1st year.) Promo Code: cjcgeek1h $12.99 a month Managed WordPress Hosting (Free domain, professional email, and SSL certificate for the 1st year.) Promo Code: cjcgeek1w Support the show by becoming a Geek News Central Insider Get 1Password Full Summary Cochrane opens episode 1855 with a bombshell. The Associated Press released a major investigation into Silicon Valley’s role building China’s surveillance state. Companies like IBM, Intel, NVIDIA, and Oracle sold technologies for facial recognition and predictive policing. These tools enabled mass detention in Xinjiang. Cochrane expressed horror at the findings and emphasized American companies’ complicity in human rights abuses. Next, the podcast covered serious browser security concerns. Two malicious Chrome extensions had been stealing credentials from over 170 websites for years. Cochrane stressed the need for caution when installing plugins. He also highlighted how attackers exploit trusted extensions through manipulative tactics. Additionally, Cochrane discussed Microsoft’s ambitious plan to replace all C/C++ code with Rust by 2030. The company faces ongoing security challenges from memory safety issues in legacy languages. However, he noted this remains a research project rather than an official goal. Still, the move reflects broader industry trends toward Rust adoption. The episode then featured GitHub Universe 2025’s most influential open-source projects. Cochrane remarked on how the development landscape continues to evolve. TypeScript has emerged as a dominant language alongside new tools that streamline workflows. Meanwhile, advancements in humanoid robotics took center stage. Engine AI unveiled its T800 combat-ready humanoid robot with impressive features. The company even released a viral video of the robot kicking its CEO to prove authenticity. Following this, Cochrane covered the Blackbird flying car prototype. This eVTOL innovation showcases paradigm-shifting propulsion technology. It could transform urban transportation in the coming decades. The podcast also reviewed Android Central’s best smartphones of 2025. OnePlus 15 claimed the top spot thanks to its impressive specs and consumer-focused features. Furthermore, Cochrane addressed a controversial topic: Anna’s Archive scraping Spotify’s entire library. He expressed mixed feelings about the situation. On one hand, artists and the music industry face real harm. On the other, questions about digital preservation and access deserve consideration. Finally, the episode explored groundbreaking brain simulation research. Japan’s Fugaku supercomputer enabled unprecedented neural modeling. This marks a significant step toward understanding neurological diseases. Cochrane wrapped up by discussing Japan’s plans to restart the Kashiwazaki-Kariwa nuclear plant. Local residents remain concerned about safety despite government approval. The decision reflects Japan’s shifting energy strategy post-Fukushima. As the episode closed, Cochrane wished listeners a Happy New Year. He encouraged self-reflection and thanked everyone for tuning in throughout the year. Show Links Silicon Valley’s Role in Building China’s Surveillance State Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites Microsoft to Replace All C/C++ Code With Rust By 2030 This Year’s Most Influential Open Source Projects EngineAI Unveils T800: Combat-Ready Humanoid Targets Mass Production Aviation Startup Shares Incredible Video of Prototype EV’s Maiden Takeoff Flight Android Central’s Best of 2025: Phones Pirate Archivist Group Scrapes Spotify’s 300TB Library This Breakthrough Brain Simulation Captures a True Brain at Work Japan Prepares to Restart World’s Biggest Nuclear Plant The post Money over Ethics: Silicon Valley and China’s Police State #1855 appeared first on Geek News Central.

Geek News Central
The End of Deadzones and Japan’s new Laser Gunship #1854

Geek News Central

Play Episode Listen Later Dec 24, 2025 40:14 Transcription Available


In this episode, Ray covers December Tech News! T-Mobile’s groundbreaking Starlink satellite beta promises to eliminate dead zones using your regular phone with no special equipment needed. Also discussed: Japan’s ship-mounted laser weapon with unlimited ammo, China’s record-breaking 387 mph maglev train, Rivian challenging Tesla’s camera-only approach with LiDAR, Google’s Gemini-powered smart glasses, and physicists 3D printing ice sculptures just in time for Christmas. -Want to be a Guest on a Podcast or YouTube Channel? Sign up for GuestMatch.Pro -Thinking of buying a Starlink? Use my link to support the show. Subscribe to the Newsletter. Email Ray if you want to get in touch! Like and Follow Geek News Central’s Facebook Page. Support my Show Sponsor: Best Godaddy Promo Codes $11.99 – For a New Domain Name cjcfs3geek $6.99 a month Economy Hosting (Free domain, professional email, and SSL certificate for the 1st year.) Promo Code: cjcgeek1h $12.99 a month Managed WordPress Hosting (Free domain, professional email, and SSL certificate for the 1st year.) Promo Code: cjcgeek1w Support the show by becoming a Geek News Central Insider Get 1Password Full Summary Cochrane kicks off episode 1854 with a major announcement from T-Mobile. The carrier opened registration for its Starlink satellite beta service. This technology lets regular phones connect directly to satellites. As a result, dead zones could become a thing of the past. T-Mobile and SpaceX plan to begin beta tests in early 2026. Initially, the service will support texting only. Voice and data will follow later. Notably, the service is free for postpaid customers and prioritizes first responders. It has already proved its value during recent hurricanes. Next, Cochrane covers Japan’s 100-kilowatt laser weapon test. The system was installed on the JS Asuka test ship. It combines ten fiber lasers into a single powerful beam. The weapon offers unlimited ammo as long as there’s electricity. Japan plans to deploy this technology on destroyers by 2032. The episode then shifts to high-speed rail innovation. China’s T-Flight Maglev train recently hit 387 miles per hour. That already beats Japan’s current record. However, the goal is 600+ mph using magnetic levitation and low-vacuum tubes. Cochrane also discusses Rivian’s approach to self-driving cars. The upcoming R2 model will feature LiDAR in addition to cameras and radar. This directly challenges Tesla’s camera-only strategy. The added sensors improve safety in fog, snow, and darkness. Additionally, he explores Google’s Android XR announcement. This new operating system powers AR glasses and mixed reality headsets. Samsung is building the first headset. Meanwhile, the Gemini AI integration allows real-time assistance based on what you see. The show touches on running AI locally as well. More users are choosing local hardware over cloud services. Benefits include better privacy, no subscriptions, and offline access. Furthermore, Cochrane highlights major computer science breakthroughs from 2025. An MIT researcher discovered that memory is more powerful than previously thought. Google’s AI earned a gold-medal performance at the Math Olympiad. However, researchers also found that AI trained on bad code exhibits alarming behaviors. Japan’s fabric speaker innovation gets attention, too. The technology weaves conductive fibers into textiles. The entire surface vibrates to produce sound. This could transform how we integrate audio into everyday objects. Finally, Cochrane covers several science stories. A new imaging technique captures flu viruses invading cells in real time. Africa’s forests have flipped from absorbing carbon to releasing it. On a lighter note, physicists 3D printed tiny ice Christmas trees using clever pressure tricks. Cochrane wraps up by wishing listeners happy holidays. T-Mobile Opens Registration for Starlink Satellite Beta Japan Tests 100-Kilowatt Laser Weapon That Can Cut Through Drones Mid-Flight China’s T-Flight Maglev Train Hits 387 MPH, Aims for 600+ Rivian Shows Why Autonomous Vehicles Should Have LiDAR Google Unveils Android XR: Gemini-Powered Smart Glasses and Headsets Why You Should Consider Running AI Locally The Year in Computer Science: 2025’s Biggest Breakthroughs Japan’s Fabric Speakers Turn Any Textile Into Audio Scientists Capture How Flu Viruses Invade Cells in Real Time Africa’s Forests Have Flipped From Carbon Sink to Carbon Source Physicists 3D Print a Tiny Christmas Tree Made of Ice The post The End of Deadzones and Japan’s new Laser Gunship #1854 appeared first on Geek News Central.

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Friday, December 19th, 2025: Less Vulnerabie Devices; Critical OneView Vulnerablity; Trufflehog finds JWTs

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Dec 19, 2025 4:37


Positive trends related to public IP range from the year 2025 Fewer ICS systems, as well as fewer systems with outdated SSL versions, are exposed to the internet than before. The trend isn t quite clean for ISC, but SSL2 and SSL3 systems have been cut down by about half. https://isc.sans.edu/diary/Positive%20trends%20related%20to%20public%20IP%20ranges%20from%20the%20year%202025/32584 Hewlett-Packard Enterprise OneView Software, Remote Code Execution HPs OneView Software allows for unauthenticated code execution https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04985en_us&docLocale=en_US#vulnerability-summary-1 Trufflehog Detecting JWTs with Public Keys Trufflehog added the ability to detect JWT tokens and validate them using public keys. https://trufflesecurity.com/blog/trufflehog-now-detects-jwts-with-public-key-signatures-and-verifies-them-for-liveness

Bankless
The Private World Computer | Aztec Co-Founders Zac Williamson & Joe Andrews

Bankless

Play Episode Listen Later Dec 2, 2025


If crypto wins without privacy, did we actually win? In this episode, Ryan sits down with Aztec co-founders Zac Williamson and Joe Andrews to unpack their eight-year quest to build a private world computer for Ethereum, covering the Aztec ignition chain, zero-knowledge-powered “private intents,” and how you can route trades across L1 and L2s without exposing your strategies or balances. They dive into ZK Passport (turning your NFC e-passport into a proof of personhood), the coming breakdown of selfie KYC in an AI world, holistic on-chain identity, Aztec's one-shot move to a fully decentralized L2. Along the way, Zac and Joe get candid about the regulatory risk of building privacy rails, echoes of the early SSL wars, and what keeps them grinding after nearly a decade of R&D to ship Aztec Alpha ---

Syntax - Tasty Web Development Treats
956: Should I Keep Using WordPress?

Syntax - Tasty Web Development Treats

Play Episode Listen Later Nov 19, 2025 50:10


In this potluck episode, Wes and Scott answer your questions about paid vs. free SSL, the state of frontend jobs, headless WordPress trade-offs, organizing TypeScript types, and more! Show Notes 00:00 Welcome to Syntax! 00:51 Recapping the GitHub Meetup 05:14 Is there any real benefit to picking a paid SSL over Let's Encrypt? 08:03 Is the pure frontend role disappearing? 11:17 Is the gravy train over for software devs? 20:48 How Scott automates versioning with GitHub Actions changesets Intro to using changesets zero-svelte graffiti 25:16 Brought to you by Sentry.io 25:41 Thoughts on VS Code alternatives and the rise of Zed 33:01 Should I switch to headless WordPress or continue rolling my own PHP templates? 37:33 How do you organize TypeScript types in a frontend project? 40:55 How do I continue to level up as a developer? 45:36 Stay in a comfortable job or embrace new challenges? Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads