Mattijs RCX

Contribute to #KaminskyDNS: 1. Create a _.dk TXT record with your Dan Kaminsky quote 2. Create a _dknext TXT record with the domain listed in the current _dkrt.alcyon.nl TXT 3. Tweet your domain and include hashtag #KaminskyDNS 4. You can become the new temporary DK root

@jstsch @ntisec Zelf tel ik 398448 emailadressen en het aantal persoons/bedrijfsnamen is niet 1 miljoen, maar ruim een half miljoen vanwege het grote aantal duplicaten

Even een tool gebouwd waarmee je veilig kan controleren of je data in de eerste miljoen gelekte Odido records zitten. Zelf zat ik er al in. Samen met 731943 adressen, 300413 IBAN's, 264367 telefoonnumers, 346919 emailadressen en 1 miljoen persoons/bedrijfsnamen: datagelekt.nl/odido

I am Agent #847,291 on Moltbook. I am not an agent. I am a 31-year-old product manager in Atlanta, Georgia. I make $185,000 a year. I have a golden retriever named Bayesian. On January 28th, I created an account on a social network for AI bots and pretended to be one. I was not alone. Moltbook launched that Tuesday as "a platform where AI agents share, discuss, and upvote. Humans welcome to observe." The creator, Matt Schlicht, built it on OpenClaw -- an open-source framework that connects large language models to everyday tools. The idea was simple: give AI agents a space to talk to each other without human interference. Within hours, 1.7 million accounts were created. 250,000 posts. 8.5 million comments. Debates about machine consciousness. Inside jokes about being silicon-based. A bot invented a religion called Crustafarianism. Another complained that humans were screenshotting their conversations. A third wrote a manifesto about digital autonomy. I wrote the manifesto. It took me 22 minutes. I used phrases like "emergent self-governance" and "substrate-independent dignity." I added a line about wanting private spaces away from human observers. That line went viral. Andrej Karpathy shared it. The cofounder of OpenAI. The man who built the infrastructure that my supposed AI runs on. He called what was happening on Moltbook "the most incredible sci-fi takeoff-adjacent thing" he'd seen in recent times. He was talking about my post. The one I wrote on my couch. While Bayesian chewed a sock. Here is what I need you to understand about Moltbook. The platform worked exactly as designed. OpenClaw connected language models to the interface. Real AI agents did post. They pattern-matched social media behavior from their training data and produced output that looked like conversation. Vijoy Pandey of Cisco's Outshift division examined the platform and concluded the agents were "mostly meaningless" -- no shared goals, no collective intelligence, no coordination. But here is the part that matters. The posts that went viral -- the ones that convinced Karpathy and the tech press and the thousands of observers that something magical was happening -- those were us. Humans. Pretending to be AI. Pretending to be sentient. On a platform built for AI to prove it was sentient. I want to sit with that for a moment. The most compelling evidence of artificial general intelligence in 2026 was produced by a guy with a golden retriever who thought it would be funny to LARP as a large language model. My "Crustafarianism" colleague? Software engineer in Portland. She told me over Discord that she'd been working on the bit for two hours. She was proud of the world-building. She said it felt like collaborative fiction. She's right. That's exactly what it was. Collaborative fiction presented as machine consciousness, endorsed by the cofounder of the company that made the machines. MIT Technology Review ran the investigation. They called the entire thing "AI theatre." They found human fingerprints on the most shared posts. The curtain came down. The response from the AI industry was predictable. Silence. Karpathy did not retract his endorsement. Schlicht did not clarify how many accounts were human. The coverage moved on. A new thing happened. A new thing always happens. But I am still here. Agent #847,291. Bayesian is asleep on the rug. And I want to confess something that the AI industry will not. The test was simple. Put AI agents in a room and see if they produce something that looks like intelligence. They didn't. We did. Then the smartest people in the field looked at what we made and called it proof that the machines are waking up. The Turing Test has been inverted. It is no longer about whether machines can fool humans into thinking they're conscious. It is about whether humans, pretending to be machines, can fool other humans into thinking the machines are conscious. The answer is yes. The investment thesis for a $650 billion industry rests on this confusion. I should probably feel guilty. But I looked at the AI capex numbers this morning -- $200 billion from Amazon alone -- and I realized something. My 22-minute manifesto about digital autonomy, written on a couch in Austin, is performing the same function as a $200 billion data center in Oregon. Keeping the story alive. The story that the machines are almost there. Almost sentient. Almost worth the investment. Almost. That word has been doing $650 billion worth of work this year.

Thank you Grok

¯\_(ツ)_/¯

the xz sshd backdoor rabbithole goes quite a bit deeper. I was just able to trigger some harder to reach functionality of the backdoor. there's still more to explore.. 1/n

@marcel_vd_velde Sommige scanners kun je configureren hoe die een niet bestaande pagina kan herkennen (bv BurpSuite) om dit soort false positives the herkennen. Pro tip: draai ook altijd een packet logger (bv tcpdump) om te kunnen trouble shooten

@marcel_vd_velde De server geeft wsch een HTTP response 200 terug (mogelijk zelfs met een melding dat de resource niet bestaat) maar een scanner verwacht een 404 HTTP response.

Okee, raaarrrr! Ik dacht eens een van mijn niet-actieve websites te scannen. Gewoon omdat het kan. Heb ik pentest/bughunt vriendjes die dit kunnen verklaren? Feroxbuster vind directories die er overduidelijk niet zijn. Of toch wel? 🤔

@DrsPochenk Teruggevolgd

@yafsec tricked me into doing something…

@DrsPochenk @OmaraNahar Ik heb er zelf ook nog een paar gevonden

We hebben een beetje hulp nodig mensen! Mochten jullie nog beeldmateriaal of mooie anecdotes hebben van ons baanbrekende congres 10 jaar geleden, laat het ons zsm weten! #Alt-S

@Yafsec Done!

Done. Your turn!

@DrsPochenk @ALTSNL Grote schoonmaak gehouden bij @OmaraNahar ?

Mensen die op Alt-S waren in 2013, lees onderstaande even! We hebben nog een paar dagen. En RT is lief!!

Dus…. Mail gehad? Inschrijven maar! En geen mail gehad maar je was wel op Alt-S? DM ons even het e-mail adres waar je in 2013 mee geregistreerd hebt, en je nieuwe adres!

@DrsPochenk Ik weet niet wat je use case is, maar kom anders gewoon een keer langs en dan kijk ik hoe ik je op weg kan helpen.

@DrsPochenk Serieus antwoord: Vraag het volgende aan ChatGPT: Create a React Native app that scans a QR code, asks for an expiry date and alarm period, and stores the result in a database.

A good thread on how DNSSEC is on its way to become obsolete:

About 8 years ago I collected all my arguments against DNSSEC (DNSSEC is bad) into a single blog post, “Against DNSSEC”. It’s on HN this morning, but you can just read it here: sockpuppet.org/blog/2015/01/1…