Jarkko Sakkinen
jarkko
This version of reality is like inverse version of the movie "The Revenge of the Nerds"
0
0
2
Jarkko Sakkinen
jarkko
It's good to remind that markdown skills etc. are already being applied as attack vectors. They are the new macro virus.
0
0
1
Jarkko Sakkinen
jarkko
Goose and Gstack are the technological innovations from which I remember 2026.
0
0
1
Jarkko Sakkinen
jarkko
Refurbished zerocopy code from Fall and rebased it on top of tpm2-protocol main branch.
https://docs.rs/tpm2-protocol/0.17.0/tpm2_protocol/
I.e. 0.17.0 casts in-wire data instead parsing.
Rest of the related components are still using previous version of the crate (and will likely be for while).
It's the single best crate available to process TPM2 protocol data.
https://docs.rs/tpm2-protocol/0.17.0/tpm2_protocol/
I.e. 0.17.0 casts in-wire data instead parsing.
Rest of the related components are still using previous version of the crate (and will likely be for while).
It's the single best crate available to process TPM2 protocol data.
1
0
0
Jarkko Sakkinen
jarkko
Edited 16 days ago
There's now partial network sandboxing with a combination of Landlock rules and seccomp notify.
The irony is that I don't even have Claude Code installed. I had an account early Spring, which I asked my employer to remove later during Spring because, other reasons aside, I don't fully trust the company providing this great service. If something is way below the market price, that alone should rise suspicions, or at least it does for me.
As per sandbox, I just made the logical conclusion that it is best to pick the widest spread. And also make Landstrip "repeal and replace fit" to Anthropic's sandbox is one of the goals.
2027 is the year when there's no text to scan and further it is already feedback loop. Scanning images and videos is sort of like multiplying everything collected and required compute with an astronomical number. That year is like the expiration date of frontier LLMs in a way.
The irony is that I don't even have Claude Code installed. I had an account early Spring, which I asked my employer to remove later during Spring because, other reasons aside, I don't fully trust the company providing this great service. If something is way below the market price, that alone should rise suspicions, or at least it does for me.
As per sandbox, I just made the logical conclusion that it is best to pick the widest spread. And also make Landstrip "repeal and replace fit" to Anthropic's sandbox is one of the goals.
2027 is the year when there's no text to scan and further it is already feedback loop. Scanning images and videos is sort of like multiplying everything collected and required compute with an astronomical number. That year is like the expiration date of frontier LLMs in a way.
0
0
1
Jarkko Sakkinen
jarkko
this was low-hanging fruit matured nicely for sure:
https://lore.kernel.org/keyrings/20260531024914.3712130-1-jarkko@kernel.org/T/#u
https://lore.kernel.org/keyrings/20260531024914.3712130-1-jarkko@kernel.org/T/#u
0
0
0
Jarkko Sakkinen
jarkko
Edited 16 days ago
I made a PoC sandbox:
https://crates.io/crates/landstrip
Just wanted to demonstrate that there are other tools than namespaces to roadblock processes inside the file system space, which can be more effective. Probably many don't even know Landlock LSM.
https://crates.io/crates/landstrip
Just wanted to demonstrate that there are other tools than namespaces to roadblock processes inside the file system space, which can be more effective. Probably many don't even know Landlock LSM.
1
0
1
Jarkko Sakkinen
jarkko
I would not be surprised at all if pull requests would get charged at Github in future.
It's mostly conquered by agents, so it is pretty obvious continuation to the business narrative.
Let's see... :-)
It's mostly conquered by agents, so it is pretty obvious continuation to the business narrative.
Let's see... :-)
0
0
1
Jarkko Sakkinen
jarkko
Edited 17 days ago
AppImage also has signing:
https://docs.appimage.org/packaging-guide/optional/signatures.html
One could build a robust and end-user familiar (i.e. macOS alike) app ecosystem with a CA.
I recently thought that Flatpak has been around long enough time and has built a mature system and I should use it more.
FP2 pretty much throws down the toilet all that growth in maturity. E.g., an for an app vendor it's not a platform to invest in. Just super dissapointed about recent changes because of just getting into using Flatpak :-)
https://docs.appimage.org/packaging-guide/optional/signatures.html
One could build a robust and end-user familiar (i.e. macOS alike) app ecosystem with a CA.
I recently thought that Flatpak has been around long enough time and has built a mature system and I should use it more.
FP2 pretty much throws down the toilet all that growth in maturity. E.g., an for an app vendor it's not a platform to invest in. Just super dissapointed about recent changes because of just getting into using Flatpak :-)
0
0
0
Jarkko Sakkinen
jarkko
Edited 17 days ago
This can't be real. I'd recommend to delete all your forks at Github.
It $0.29 AI bill because of a fork.
It $0.29 AI bill because of a fork.
0
1
0
Jarkko Sakkinen
jarkko
Edited 18 days ago
It seems also that AppImage in real reality is dominating given that it always tends to work...
Flatpak 2 has goals of making it more obsolete.
There's "AI psychosis". Maybe this is "cloud psychosis" i.e., everything is AWS workload. Sounds super impractical app format at least.
And it's not addressing end user needs, it's also similar to AI i.e., decrease R&D costs, which is charged from user experience.
Flatpak 2 has goals of making it more obsolete.
There's "AI psychosis". Maybe this is "cloud psychosis" i.e., everything is AWS workload. Sounds super impractical app format at least.
And it's not addressing end user needs, it's also similar to AI i.e., decrease R&D costs, which is charged from user experience.
0
0
0
Jarkko Sakkinen
jarkko
It's mind-bogling to think that billions of over-spending is based on productivity metrics such as number of pull requests. Almost feels like Valley companies were operated by OpenClaw :-) Maybe they are... and gstack of course...
1
0
3
Jarkko Sakkinen
jarkko
Have not thought about this before but it has been not been very ergonomic to have both QEMU's and tmux prefix key mapped to CTRL-A, so I mapped tmux to CTRL-Q.
1
0
0
Jarkko Sakkinen
jarkko
One more thing and then I promise to move on :-)
When it comes to business and profit all I see is:
1. Steep increase of circulated debt backed only by hopes.
2. Constant reports of profilic companies loosing money due token maxxing.
3. Local LLM is getting better and also regular non-technical people have found tools such as LM Studio. SaaS has an expiration date.
SaaS companies paying back all that debt with purely B2B business, after the consumers are gone (and they will be gone) truly requires a leap of faith :-) They are so dead.
When it comes to business and profit all I see is:
1. Steep increase of circulated debt backed only by hopes.
2. Constant reports of profilic companies loosing money due token maxxing.
3. Local LLM is getting better and also regular non-technical people have found tools such as LM Studio. SaaS has an expiration date.
SaaS companies paying back all that debt with purely B2B business, after the consumers are gone (and they will be gone) truly requires a leap of faith :-) They are so dead.
0
0
1
Jarkko Sakkinen
jarkko
Edited 20 days ago
One business sector where AI has done huge wins is shitfluencer scene. Their number has at least quadrupled. Also, the vast majority of previous crypto currency influencers have now ingested AI as part of their portfolio.
I can't wait the ideas and inventions that will spun from this pool of amazing talent.
I can't wait the ideas and inventions that will spun from this pool of amazing talent.
0
0
1
Jarkko Sakkinen
jarkko
Edited 21 days ago
The reason I've been making now so much AI noise is the realiziation that
1. I have bad vibes only ;-)
2. It is probably better to start taking baby steps right now with sec.
3. Got postulated that guardrails for malicious stochastic actions should be based on algorithm, not AI.
There's a lot of popular lore of some kind of guardian LLMs that overwatch frontier model but the problem is the introduction infinite recursion of distrust. All LLMs have the same underlying problem.
1. I have bad vibes only ;-)
2. It is probably better to start taking baby steps right now with sec.
3. Got postulated that guardrails for malicious stochastic actions should be based on algorithm, not AI.
There's a lot of popular lore of some kind of guardian LLMs that overwatch frontier model but the problem is the introduction infinite recursion of distrust. All LLMs have the same underlying problem.
1
0
0
Jarkko Sakkinen
jarkko
OpenAI in-fact has both well maintained and documented security architecture from end-to-end. It's even more transparent than many of non-AI companies.
Anthropic's security architecture is literally based on a belief system of being able to contact to an actual entity by running a complex math operation.
Earthly opsec is left for the agents.
Anthropic's security architecture is literally based on a belief system of being able to contact to an actual entity by running a complex math operation.
Earthly opsec is left for the agents.
0
0
1
Jarkko Sakkinen
jarkko
I've refurbished rootns kernel patch set first time since February.
I was missing a workload for the feature but having container entrance without co-operative unmount makes a whole a lot more sense now than it made then :-)
https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git/log/?h=rootns
It's easiest to depict as "soft kexec" (as mental model).
#linux #kernel #container #security
I was missing a workload for the feature but having container entrance without co-operative unmount makes a whole a lot more sense now than it made then :-)
https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git/log/?h=rootns
It's easiest to depict as "soft kexec" (as mental model).
#linux #kernel #container #security
0
0
0