Michał Ordon

The AI chats fatigue is real. Meet chathpt.io – talk to a human. #buildinpublic

@blaiklockBP And not even red at this price!

Prices for real red Marlboro (not counterfeit) Vietnam £1.00 Turkey £1.40 Russia. £1.70 Germany £7.00

@0xNairolf I beg to differ: trump-o-meter.com

you can instantly tell when a website was vibecoded like really instantly

@FatherPhi Well, I’ve had Claude telling me to go to sleep.

I hate this Why is a chatbot telling me to do anything besides what was asked??

@levelsio @itsolelehmann I saw the OP in my feed and was like: “I bet there’s Levels responding to this!”

@itsolelehmann Average EU stay

wtf Just arrived at our appartment in Barcelona that cost me 4.3k and the first thing I see is that the floor is burned…. AC isn’t working (only one fan of 7) Smells like mold, horrible smell It was advertised with 128m2, it’s 95 at best No internet password, no one replying to my messages Not clean at all Booked with ukio, what a fucking scam Might just nuke it and return to Berlin for another month Really can’t believe the level of quality/service Sad :(

@zerohedge As if markets made any sense these days.

UK 30-YEAR YIELD RISES 11BPS TO 5.76%, HIGHEST SINCE 1998

@levelsio Very good two way audio. Ability to wire to a traditional or digital doorbell, and hooking up to Protect as 24/7 recording camera. Easy Home Assistant integration. I’ve tried a few over the years. This one ticks all the boxes you may want.

Anyone has the Unifi doorbell? Do you like it? I need two-way audio Right now I have a TAPO doorbell but you gotta keep charging it cause no power

@IntCyberDigest This, or we could simply stop pretending the Online Safety Act has anything to do with children, let alone safety.

🇬🇧 The first major assessment of the UK's Online Safety Act is out. Turns out kids are fooling the age checks by drawing moustaches on their faces. "I did catch my son using an eyebrow pencil to draw a moustache on his face, and it verified him as 15 years old." Mum of a 12-year-old, in a new report from Internet Matters, the UK's leading online-safety NGO. That single line tells you almost everything you need to know about how the UK's Online Safety Act is going. This is the law that: 🔴 Forced UK platforms to demand government IDs, facial scans, and credit-card checks from adults to access ordinary websites 🔴 Drove a 1,800%+ spike in VPN downloads the week the porn-site age checks went live in July 2025 🔴 Pushed millions of users into handing biometric data to private third-party verification vendors 🔴 Sits at the front of a global wave: Greece's anonymity ban, France's "VPNs are next" comments, Utah's VPN crackdown, and the EU's 27-state rollout deadline of December 2026 The headline numbers from the assessment: 🔴 46% of children say age checks are easy to bypass. Only 17% say they are difficult. 🔴 32% of children have already bypassed them in the past two months 🔴 49% of children still report experiencing harm online in the past month The bypass methods kids reported, in their own words: 🔴 Drawing on facial hair with eyebrow pencil to fool facial age estimation 🔴 Holding up a video game character's head turning during the face-scan 🔴 Submitting a video of a different person's face entirely 🔴 Using a parent's ID (often with parental consent) 🔴 Entering a fake birthday (still works on most platforms) 🔴 Using someone else's login or device 🔴 In a small minority of cases, VPNs One 12-year-old girl explained the system to researchers: "Every time I go live on TikTok, it tells me I have to be 18, but when the AI detects that I'm not 18 they ban me. But they only ban me for 10 minutes and then I can go live again." That is the entire enforcement model. A 14-year-old summed up the broader picture: "It's not practical because the more you restrict it, the more people are going to want to get past that age restriction." A 16-year-old, more bluntly: "I think it's a great idea in theory and I applaud its intentions, but I don't see how that's feasible, because kids will always find a way." Even when verification works, it works against the children. A 12-year-old boy on Roblox: "I put my face in and I got 15 when I'm 12, so I'm chatting with people older than me when I shouldn't be." A 13-year-old non-binary child: "Adults can very easily use a face they searched on the internet to trick it into thinking you're someone you're not, so there might be adults in kids' age groups trying to groom them." Recent reporting confirms exactly that. Underage Roblox accounts are now being sold online to predators precisely because they bypass the new "safety" measures. One detail in the report stops you cold. Multiple children described being unintentionally exposed through their feeds to the assassination of Charlie Kirk. A 14-year-old: "I saw it on Snapchat. I broke down into tears and then told my mum immediately." Violent content, racist content, content promoting unrealistic body types: all explicitly prohibited under the Children's Safety Codes. All still landing in feeds at scale. Parents told researchers about the day-to-day reality of trying to enforce the rules at home. A father of a 14-year-old: "What you'll find now is that the kids know more than we know in terms of how to disable [parental controls]. We've got the parental controls on, but they probably unlock them." A mother of a 13-year-old: "We do what we can, but our kids are all clever and savvy and they can get around stuff." A mother of a 12-year-old: "I can put all the checks and measures in, and I can be keeping an eye open on what she's watching, listening to, who she's chatting to. And then she could go to a house down the road and visit somebody whose parents don't care, and they've got zero checks and measures." Both children and parents expressed real concerns about handing over biometric data to verification platforms they do not trust. One father warned: "Kids don't know the difference between a genuine website and a website that isn't genuine. If all websites have facial verifications and they go on a website that is not genuine, their face and their documents could be used to do illegal stuff." The father is right. The Discord vendor breach in October 2025 already exposed roughly 70,000 government IDs uploaded purely for age verification. The EU's own age verification app was reportedly hacked within minutes of launch. The report's most uncomfortable finding sits inside the parental data. 26% of parents are not just aware their kids bypass age checks, they are actively complicit. Some logged into their child's account with their own ID to "go live" on TikTok. Others approved circumvention so their child could play a specific game. The reasoning is rarely malicious. Parents told researchers they only help when they personally judged the activity safe. But the structural problem is fatal: a verification system that treats parents as the last line of defence collapses the moment parents themselves become the bypass. Even children who follow the rules end up disadvantaged by them. A 15-year-old: "There are websites that are support websites to help with things such as eating disorders and suicide, and they've all been censored." A 12-year-old: "Before you could talk to anybody, but they added age group limits so you can only talk to people in your age group. So if my friends are younger or older than me I wouldn't be able to talk to them." The blunt instrument of age-gating breaks legitimate connection and support without measurably reducing harm.

@leodev Running trump-o-meter.com on Tanstack Start and it was a breeze to work with.

All you need to make any project:

@jackkuveke Ouch.

Startup bros when they make $15, after spending $2000 in tokens

@ctatedev Cloudflared sounds like a natural progression from this!

In the next version of Portless Tailscale sharing Share any local dev server with your tailnet or the public internet Works with zero-arg mode, monorepos

The Internet, UK Edition.

@tomhacks @GoogleCloudTech Yup!

Yo @GoogleCloudTech - have you heard of portless from Vercel? How am I supposed to set this?

@wesbos Open sourced, truly distributed.

what would a "better github" even look like?

@The_Propapanda @signalapp Wanna ban “Support Signal” too? 🙃

@signalapp Why would you even allow profile display names like "Signal Support"?!?

A response to recent reporting in Germany, in service of clarity and accountability: First, it’s important to be precise when it comes to critical infrastructure like Signal. Signal was not “hacked” — in that our encryption, infrastructure, and the integrity of the app’s code was not compromised. However, sophisticated attackers have engaged in a harmful phishing campaign, posing as “Signal Support” by changing their profile display name and using social engineering to trick people into handing over their credentials — information that allowed these attackers to take over some targeted Signal accounts. This is something that plagues any mainstream messaging app once it reaches the scale of Signal, but we know how high the stakes are given the trust people place in us. In the coming weeks, you’ll see us rolling out a number of changes to help hinder these kinds of attacks. Because we don’t collect user data, what we know about these attacks comes from the victims of phishing. And from what victims have told us, the attacks followed a broad pattern: after tricking people into revealing their Signal credentials, attackers then used those credentials to take over their account and also frequently changed the associated phone number. Because such a change results in de-registering your Signal accounts, attackers prepared people for this by telling them that being de-registered was intended behavior, and that all they would need to do is “re-register,” or, create a new account. When they moved to create a new Signal account — one that was now decoupled from their hijacked account — the victims thought they were logging back in to their primary account. As a result, many didn't notice the takeover. The compromised accounts were then weaponized to target the victims' contact lists by posing as the owners of the account. We understand the trust that people put in Signal, and how devastating this kind of social engineering can be. While it’s true that all messaging platforms are susceptible to scammers and phishing that betrays people’s trust and convinces them to “unlock the front door” where no backdoor exists, we are looking to do everything we can to help people avoid and detect such scams. For the time being, please stay vigilant against phishing and account takeover attempts. Remember that no one from Signal Support will ever send you a message request or ask for your registration verification code or Signal PIN. For an added layer of protection, you can enable Registration Lock in your Signal Settings (Account -> Registration Lock).

@ctatedev @evilrabbit_ Now let’s make Google auth testing sandbox respect it!

Portless killed :3000 Dev servers got stable names like myapp.localhost Agents could use worktrees in parallel without stepping on each other Now it's easier than ever in v0.11 Just run: portless Zero config. Zero args. Zero code changes.

@Polymarket LLMs are pretty good at introducing mistakes if you ask them nicely.

NEW: AI startup unveils "anti-Grammarly" tool that adds typos & grammatical errors to emails to make them seem human-written.

@denisyurchak I left Metro UK because they kept blocking my Cypriot client payments despite having copies of my business contracts (!) with them. Moved to another more forward thinking bank, only to experience a similar thing. There’s a ton of regulatory pressure that kills small business.

My Austrian bank demanded to see all the invoices I sent as a freelancer in 2 years Their system got triggered because I transferred money from my own Revolut to pay taxes Now I’m under full-blown bank audit I’ve already spent 2 hours fetching documents for them, and they just want more and more. Yesterday they demanded to see the transactions from my Revolut account. The European obsession with privacy is a hoax. A private bank, not even an accountable government institution, for some reason has a right to demand my invoices to clients and transactions from another private bank. Tech founders in Europe have to waste time getting audited not only by tax authorities but also by random private actors like banks, while Russian and Middle Eastern oligarchs are welcome to spend their money in the EU as they please I guess Europe is really cooked

@infinterenders You can’t get hacked if you have no security in the first place.

i have seen everyone praising VPSs in this situation lol they wouldn’t even know if their VPS was pwned lol

@benln trump-o-meter.com

What are you building this weekend? Drop a link, curious to see.

@tannerlinsley “Tanstack Carousel”