one of the least pleasant things to accidentally stumble over: some kind of signal (ios) app bug that just affects all (text/keyboard) input interaction

@froztbyte Can't guarantee it's related, but at dayjob our iOS people have been dealing with keyboard breakage in 26.x that has persisted for several minor releases. I'm not directly involved but I understand they've had to ship app updates that disable at least usage of the numbers-only keyboard completely

@davidgerard
More like defenestrable. My morning was ruined earlier this week when I opened a mailing list folder and some rando was posting weaselly gonna-be-left-behind bullshit of the same caliber on multiple threads

@bagder This suggests a fun exercise for someone interested in messing around with LLMs:

1. Put back all the curl security issues previously found by LLM tools by dropping the fix commits from history or otherwise obfuscating the revert.

2. Feed the re-vulnerabilized repo to a selection of models and see what are the cheapest ones (by memory, time and/or monetary cost) that can find, say, 50%/75%/100% of the issues found by the warehouse-scale "foundation models".

Feels like a large part of the current results should be doable with significantly smaller resources, because being trained on every tweet and reddit post and libgen book ever is not obviously related to the task.

Canonical's massive AI productivity gains don't appear to extend to shipping security updates to LTS kernels in a remotely timely manner

the IPv8 dude is now trying to push his wares on the nanog mailing list and that's some serious AI psychosis going on there

@wdormann The fix for Debian for users who don't need algif_aead (i.e. most of them): rmmod algif_aead ; find /lib/modules -name algif_aead.ko -exec rm '{}' \;

@javi Took a trip through searchfox and there's some pretty ominous stuff with "inferred interests" and "private new tab pings" going on especially around the top sites and sponsored suggestions functionalities since last May, see for example https://searchfox.org/firefox-main/source/browser/extensions/newtab/lib/TelemetryFeed.sys.mjs

I would recommend that people sticking with upstream FF disable sponsored everything, top sites, and use enterprise policies to set DisableTelemetry and DisableRemoteImprovements settings to true (sponsored everything can also be disabled through policies).

"Remote improvements" which is often referred to as Nimbus in the code is a facility which Mozilla uses to remotely twiddle your preferences for phased rollouts and perhaps some more nefarious purposes. In some cases the Nimbus preference will override things you have set in about:config. (This appears to use a component called Normandy to access its backend, which is a part of the older "Firefox Studies" thing.)