Nix

People often ask me, "Fred, I don't like you."

@taltalon @IntCyberDigest Hallucinations. Suspect.

@IntCyberDigest Someone fix the webpage. There is no such thing as RHEL 14.3. The kernel version shown is from RHEL 10.1. RHEL 10.x is the latest.

‼️🚨 BREAKING: An AI found a Linux kernel zero-day that roots every distribution since 2017. The exploit fits in 732 bytes of Python. Patch your kernel ASAP. The vulnerability is CVE-2026-31431, nicknamed "Copy Fail," disclosed today by Theori. It has been sitting quietly in the Linux kernel for nine years. Most Linux privilege-escalation bugs are picky. They need a precise timing window (a "race"), or specific kernel addresses leaked from somewhere, or careful tuning per distribution. Copy Fail needs none of that. It is a straight-line logic mistake that works on the first try, every time, on every mainstream Linux box. The attacker just needs a normal user account on the machine. From there, the script asks the kernel to do some encryption work, abuses how that work is wired up, and ends up writing 4 bytes into a memory area called the "page cache" (Linux's high-speed copy of files in RAM). Those 4 bytes can be aimed at any program the system trusts, like /usr/bin/su, the shortcut to becoming root. Result: the next time anyone runs that program, it lets the attacker in as root. What should worry most: the corruption never touches the file on disk. It only exists in Linux's in-memory copy of that file. If you imaged the hard drive afterwards, the on-disk file would match the official package hash exactly. Reboot the machine, or just put it under memory pressure (any normal system load that needs the RAM), and the cached copy reloads fresh from disk. Containers do not help either. The page cache is shared across the whole host, so a process inside a container can use this bug to compromise the underlying server and reach into other tenants. The original sin was a 2017 "in-place optimization" in a kernel crypto module called algif_aead. It was meant to make encryption slightly faster. The change broke a critical safety assumption, and nobody noticed for nine years. That bug then rode every kernel update from 2017 to today. This vulnerability affects the following: 🔴 Shared servers (dev boxes, jump hosts, build servers): any user becomes root 🔴 Kubernetes and container clusters: one compromised pod escapes to the host 🔴 CI runners (GitHub Actions, GitLab, Jenkins): a malicious pull request becomes root on the runner 🔴 Cloud platforms running user code (notebooks, agent sandboxes, serverless functions): a tenant becomes host root Timeline: 🔴 March 23, 2026: reported to the Linux kernel security team 🔴 April 1: patch committed to mainline (commit a664bf3d603d) 🔴 April 22: CVE assigned 🔴 April 29: public disclosure Mitigation: update your kernel to a build that includes mainline commit a664bf3d603d. If you cannot patch immediately, turn off the vulnerable module: echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf rmmod algif_aead 2>/dev/null || true For environments that run untrusted code (containers, sandboxes, CI runners), block access to the kernel's AF_ALG crypto interface entirely, even after patching. Almost nothing legitimate needs it, and blocking it shuts the door on this whole class of bug...

@dsottimano @mdancho84 This SO HARD. Also the "someone built" posts that dont credit the acutal coder. Its maddening. "Run OpenClaw completely local! All you need is a mac mini with 1TB ram."

@mdancho84 The reason why I'm going to end up blocking half of X. Mindless slop just for promotion, can't even add a link to the slop.

RIP document extractors. Google just released LangExtract: Open-source. Free. Better than $100K enterprise tools. Here’s what it does: 🧵

A MIT professor gave a 1-hour lecture in 2019 that has 18 million views. He died 5 months after recording it. It was his final gift to the world. Patrick Winston taught at MIT for 50 years. The smartest engineers on earth sat in his classroom. And he spent his last lecture teaching them the one skill their degrees never covered. How to speak. 15 lessons that will change how you communicate forever: Never open with a joke. Your audience is not ready to laugh yet. Open with a promise of what they will know by the end. Your ideas are like your children. You are too close to them. What is obvious to you is invisible to everyone else. Explain the obvious. The 5-minute rule: the first 5 minutes of any talk determine whether people will listen for the next 55. Spend more time on your opening than anything else. Repeat your most important idea 3 times in 3 different ways. Once is never enough. Build a fence around your idea. Tell people what it is NOT before you tell them what it IS. Verbal punctuation. Pause. Let the idea land before moving to the next one. Ask questions nobody will answer. Then wait 7 seconds. The silence is not awkward. It is processing. Never read your slides. Your audience can read. They cannot listen and read simultaneously. Use the board not the slides. Writing forces you to slow down. Slowing down forces clarity. Inspire before you inform. Nobody learns from someone they are not inspired by. End with a contribution not a summary. Tell them what you gave them. Not what you said. Never say thank you at the end. It is weak. End with something that lands. Stories make ideas stick. Data makes ideas understood. You need both. In that order. The quality of your communication determines the quality of your ideas in the eyes of the world. Not the ideas themselves. Practice is not preparation. Practice IS the skill. Patrick Winston understood something most people spend their entire careers missing. Your ideas are only as powerful as your ability to transfer them into someone else's mind. You can be the smartest person in the room and be completely invisible. Or you can master communication and make average ideas feel like breakthroughs. He chose to spend his last lecture teaching this. Watch it tonight. Bookmark this first. Follow @cyrilXBT for more lessons from the people who built the future.

@SSBMMELEECLIPS @oliviscusAI github.com/yt-dlp/yt-dlp

@oliviscusAI cobalt hasnt worked for youtube in damn near a year shits sad

This tool can download literally anything from link 🤯 100% free. open source. no ads.

@lady_valor_07 Barkly.

Vintage old Lady name for this dog please 🥺

@steipete Ghostty has had that leak for months.

I smell a leak.

@HRH_SHP Mental gymnastics. Red. Done.

@NixFred According to the comments you’re a psychopath if you don’t push the button to save everyone even if you end up sacrificing yourself to do it. It’s all virtue signaling, but it’s interesting that it extends into anonymous polls.

I’m picking red. No need for anonymity.

@Matt_Pinner 10/10 FTW!

I’ve done 7 How about you ?

@HRH_SHP Maybe I dont understand the thought experiment? Is "blue" and "red" code for Left or Right?

@NixFred Blue is leading in his poll.

@alphafox translate.google.com/?sl=auto&tl=fr…

French is an interesting language: 😮

@iris_seraphina And now I will call them "be-dard-do's" from now on.

Omg imagine craving a burrito for monthssss cause no one understands!🌯😩😭 #TacoTuesday

I’m joining X to share occasional updates about the work we do at the White House. We are relentlessly focusing on advancing President Trump’s agenda and delivering on promises to the American people. I welcome different viewpoints. Follow along for insights and information.

@AC_SL8TR Wow man...good memory...this philosophy has carried me years...

@NixFred It might not have been that long ago. A year seems like a decade these days. Who knows.

People want drastic changes in their lives but refuse to make drastic changes.

@fin_barclay_ @mattpocockuk I got a * for ya!

@mattpocockuk you inspired me to release mine github.com/robertbarclayy… Would love for you to check it out Matt. As a dev in corporate, I've been able to 10x my output with your videos. Thanks

The top trending repo in the world is mine Madness

@mattpocockuk github.com/mattpocock/ski…

Republicans will be hunted.

@AC_SL8TR Nothing is "good" or "bad" until your mind labels it such.

Make drastic changes —> See drastic changes It doesn’t happen all at once. It may take 10+ years. Quit crying. Start building. Make changes or make peace with your current situation. Otherwise, you never be content.

This is why this keeps happening...

He attended the WHCA dinner for the first time, in a room full of press that has spent the past 10 years calling him a nazi. His response to the gunfire was "let's finish dinner." The camera wasn't on him when he said it. He said it on his own Truth Social platform... after the fact... knowing the agents would never let it happen. The point of the statement is the statement. Will the Left celebrate this one too? 1981 same building. Reagan caught a round leaving the Washington Hilton and joked "I forgot to duck" on the way into surgery. 45 years later, same hotel, same exit, same energy. The venue did half the work for him. We have seen this script before. Butler, July 2024. Blood on his face, fist in the air, FIGHT FIGHT FIGHT. The man bleeding from the ear and rallying the crowd before the medics could reach him. Tonight was the same playbook in a tuxedo. This is not a fluke reaction. It is how he is wired. Will the Left celebrate this one too? The reporters in that ballroom got hustled to safety by the same Secret Service they spent the last administration demanding be investigated. The agents who shielded the press tonight will be cast as jackbooted thugs by that same press by Tuesday morning. Everyone safe to go home and resume calling the man Hitler over coffee. Every failed attempt that leaves him visibly more annoyed than shaken makes the next one less attractive. You cannot martyr a man who treats incoming rounds as an inconvenience between courses. The symbol gets harder to kill each time someone tries. Will the Left celebrate this one too? The man is 79 years old and has been shot at more times than some combat veterans. Whatever you think of him politically, his nervous system is calibrated differently.

WTF IS HAPPENING!