1_r/devopsish

xdg-open as a service. Contribute to caarlos0/xdg-open-svc development by creating an account on GitHub.

Even as the nation’s drug crisis mounted, the National Academies of Sciences, Engineering and Medicine continued to accept funds from some members of the Sackler family, including those involved with Purdue Pharma.

Iranian nation-state threat actor linked to new phishing attacks targeting Israel with an updated version of a backdoor called PowerLess.

Git 2.40.1 is out today due to three new security vulnerabilities being disclosed

On March 24 I wrote GPT is revolutionary. On March 27 I got access to GPT4.1 Now that I’ve used it for a month, I’m firmly in the “this is the greatest thing...

If Google ends up spending the entire amount on buybacks, it would represent a continuation of last year's pace.

In turbulent times like these, it’s natural for people to hold back and avoid taking risks at work. This can mean a reluctance to report mistakes, ask questions, offer new ideas, or challenge a plan. People, whether they’re aware of it or not, try to protect their reputations and jobs. Unfortunately, the same behaviors that feel risky to individual employees are precisely what their companies need in order to thrive in this uncertain economic climate. To solve this dilemma, we encourage leaders to adopt a “winning formula” for achieving a more psychologically safe workplace and the benefits it provides.

Regular blogging by Terence Eden.

We tested the top detection tools for AI-generated content. Here's what they are good and bad at, plus what to expect when using them.

ETHOS is the OT-centric, open-source platform for sharing anonymous early warning threat information.

The biggest companies working in industrial cybersecurity are building an early-warning platform called ETHOS to share threat intelligence.

Apple's Lockdown Mode has shown that it can do what it was designed to do by notifying users about an NSO exploit.

Code-execution flaw was patched in March but doesn't seem to be widely installed.

I think I talked about this a couple of times before, but I usually work by SSH-ing from my mac into a Linux machine (a rather chunky one, might I add). While it allows me to work faster when I’m not home and with a poor internet connection, it has some drawbacks too. Two of them are the lack of clipboard integration and the fact that open (or xdg-open) won’t work.

Software didn't eat the world and AI won't either.

Authors : Cailyn Edwards (Shopify), Mahé Tardy (Isovalent), Pushkar Joglekar Since launching the Auto-refreshing Official CVE feed as an alpha feature in the 1.25 release, we have made significant improvements and updates. We are excited to announce the release of the beta version of the feed. This blog post will outline the feedback received, the changes made, and talk about how you can help as we prepare to make this a stable feature in a future Kubernetes Release. Feedback from end-users SIG Security received some feedback from end-users: The JSON CVE Feed did not comply with the JSON Feed specification as its name would suggest. The feed could also support RSS in addition to JSON Feed format. Some metadata could be added to indicate the freshness of the feed overall, or specific CVEs . Another suggestion was to indicate which Prow job recently updated the feed. See more ideas directly on the the umbrella issue . The feed Markdown table on the website should be ordered from the most recent to the least recently announced CVE. Summary of changes In response, the SIG did a rework of the script generating the JSON feed to comply with the JSON Feed specification from generation and add a last_updated root field to indicate overall freshness. This redesign needed a corresponding fix on the Kubernetes website side for the CVE feed page to continue to work with the new format. After that, RSS feed support could be added transparently so that end-users can consume the feed in their preferred format. Overall, the redesign based on the JSON Feed specification, which this time broke backward compatibility, will allow updates in the future to address the rest of the issue while being more transparent and less disruptive to end-users. Updates Title Issue Status CVE Feed: JSON feed should pass jsonfeed spec validator kubernetes/webite#36808 closed, addressed by kubernetes/sig-security#76 CVE Feed: Add lastUpdatedAt as a metadata field kubernetes/sig-security#72 closed, addressed by kubernetes/sig-security#76 Support RSS feeds by generating data in Atom format kubernetes/sig-security#77 closed, addressed by kubernetes/website#39513 CVE Feed: Sort Markdown Table from most recent to least recently announced CVE kubernetes/sig-security#73 closed, addressed by kubernetes/sig-security#76 CVE Feed: Include a timestamp field for each CVE indicating when it was last updated kubernetes/sig-security#63 closed, addressed by kubernetes/sig-security#76 CVE Feed: Add Prow job link as a metadata field kubernetes/sig-security#71 closed, addressed by kubernetes/sig-security#83 What's next? In preparation to graduate the feed to stable i.e. General Availability stage, SIG Security is still gathering feedback from end users who are using the updated beta feed. To help us continue to improve the feed in future Kubernetes Releases please share feedback by adding a comment to this tracking issue or let us know on #sig-security-tooling Kubernetes Slack channel, join Kubernetes Slack here .

SpaceX Starship explosion leaves researchers looking for answers about health and environmental impacts from debris and particulate emissions.

We all have the right to have private conversations. They’re vital for free and informed self-government. When we want to have private conversations online, encryption makes it possible. Yet Congress is debating, for a third time, the EARN IT Act (S. 1207)—a bill that would threaten encryption, and instead seek to impose universal scanning of our messages, photos, and files. The EARN IT Act invites all 50 states to regulate internet services, hoping state legislatures will follow a set of “best practices” set by a federal commission stacked with law enforcement agencies. The bill’s supporters want to wipe true end-to-end encryption from the internet, and replace it with scanning software that puts us all in a permanent criminal lineup.

import a twitter archive into bsky. Contribute to ianklatzco/twitter-to-bsky development by creating an account on GitHub.

But court leaves injunction against "anti-steering" payment language in place.

Fedora 39 this autumn is looking at boosting its vm.max_map_count default to better match the behavior of SteamOS / Steam Deck and allowing more Windows games to run out-of-the-box with Steam Play.