Yes I think this is an appropriate view today.

My only caveat would be that in some security fixes, the pure code delta, is not always indicative of the full exploit method. But LLMs could interpolate from there depending on context.

It is just as much the appropriate view now as it was in the 90s.

Attackers are not idiots. Once you have the commit, it is usually pretty easy to figure out, even just having the binary diff is usually enough.

The binary diff?

There are people who reverse engineer security vulns of closed source products by comparing the before and after of the compiled binary.

No. You operate AS IF they know your location.

In other words, it becomes part of your threat model.

this is exactly how the other side feels

don’t attach to a single AI provider when you can attach to cloudflare as your single AI gateway provider!

rant aside, they are greatly positioned network wise to offer this service, i wonder about their princing and potential markup on top of token usage?

i presume they wont let you “manage all your AI spend in one place” for free.

> i presume they wont let you “manage all your AI spend in one place” for free.

Of course they will. In return they get to control who they’re routing requests to. I wouldn’t be surprised if this turns I to the LLM equivalent of “paying for order flow”.

i got shivers thinking about a future ai dynamic pricing and automatic gateway choosing the cheapest provider available

shivers? as in it frightens you? i believe there is no way around tokens being prices like gasoline at the gas station - it changes every hour. Any other system means you are either over- or underspending.

Openrouter already does this, unless I've misunderstood the premise.

They can route between models but you pay the standard rate for whichever model is selected (plus 5% fee). Afaik all current model providers have fixed prices per tokens which don't vary depending on, say, demand or hardware availability.

Great PR piece by Strix, but I find mixed messages.

Cal.com folks are getting a red team for free, wouldn't that further convince them their closed source software is strong enough?

Isn't Strix's business companies paying for scans regardless of whether the software scanned is open source or closed?

who updates wikipedia with the new domains? how do they know the new ones?

They are published on the old ones. The old ones don't all get shut down simultaneously.

No idea how an MCP is relevant to the discussion, it still needs a working domain name to talk to the service.

But, https://github.com/iosifache/annas-mcp

His point is that you don't need a working domain name since the MCP can just hardcode the IPs of the servers or resolve them through any other method that isn't DNS.

Would be fairly easy for them to offer an onion service on which they publish the current list of domains, as one option among many, many options for distributing small strings on the internet in an uncensorable way.

the beauty of wikipedia as dns is its easy access, are there similarly easily accessible uncensorable ways?

Ideally it is common knowledge that the onion service exists, and then people can go look at the onion service and update Wikipedia based on what they see there.

Also onion doesn't require a domain register

While true, most people don’t (and won’t ever) know how to use it. But enough will to keep Wikipedia updated I suppose.

Does it matter? It's not illegal to update an article with a new domain.

Yes it does matter. Users need to know that the updated URL is correct and trustworthy.

This is Wikipedia.

For that type of publishing please use Encyclopedia Britannica.

You will get the url in the 2027 edition on print.

Oh how I wish the print editions were still being released.

If you are really interested we could try piping their [API](https://encyclopediaapi.com/products/index) to some printable format. Maybe we can even find a quality print on demand service or bind it by hand :)

300M come from: Statutory damages for circumvention of a technological measure for 120,000 music files

22M come from: Statutory damages for willful copyright infringement for 148 sound recordings from Sony, Warner and UMG.

Why is it only 148 sound recording with infringed copyright when the 'circunvention' is for 120,000?

Different burden of proof. Why waste years trying to get server logs that may not exist when you can get a quick win? It's not about the money anyway. It's about the PR and whatever justification they can derive along the way.

So this is where we find out the one end of e2e is the phone and not the app.

Semi-related, in whatsapp reading the text in the notification doesn't mark the message as read, so the OS is kinda mitm here.

Signal creates the notification, does it not? That's like claiming `echo "my_private_data" | notify-send` is insecure.

If piping encrypted content resulted in a plaintext notification then you'd have a right to be concerned.

What prevents the phone from taking screenshots of you reading the messages in the app?

The actual one end is the phone, not the app, period.

Exactly yes, and that is insecure here because the app relayed the message beyond its layer and ownership. Thus not making the app the end of the communication.

i like the efforts behind sigstore.dev project.

And while I do think code signing alone would’ve helped in the recent issues, what I’d like to see is a sort of automated package scanner that searches for this kind of malware and then publishes a signed report enumerating the things verified alongisde package pypi metadata.

Then I could verify both the package and the scanners result and decide to update or not.

i know this is day dreaming cause who would sponsor scanning and attesting every open source project, anthropic?

NYT has more than enough bandwidth and process to vet every ad they run, which must be in the order of 10s or 100s.

Meta runs ads in the order of hundreds of thousands or millions, and constantly allows very questionable things.