A layer against AI to make copyright right.

More about it at https://www.wired.com/story/matthew-butterick-ai-copyright-lawsuits-openai-meta/

Designed by Matthew Butterick

(via https://matthewbutterick.com/extinction-level-capitalism.html)

Demande pour RSS ✅

Jusqu’au 30 septembre 2026 : EDF versera une prime forfaitaire de 400€ par équipement,

Jusqu’au 30 juin 2027 : EDF versera une prime forfaitaire de 10 000€ par établissement pour les aider au financement de projets de rafraîchissement

Les demandes passent par https://www.jepassealelectrique.fr/index.html

Eh oui, EDF produit beaucoup d'électricité. C'est aussi dans leurs intérêts que le marché augmente en France, ainsi que de leur faire leur promotion.

The weekend PyPI wave showed how a compromised maintainer account could publish malicious wheels that abused Python startup behavior

It runs JS with Bun in a subprocess from a python program.

It includes a counter-measure to LLM analysis with a comment about biological und nuclear weapons.

another protocol to send data packets over multiple physical layers such as LoRa, IP, Bluetooth or Serial

(via https://shaarli.lyokolux.space/shaare/awt6bg)

YAGNI is not an excuse to never design as some critics have characterized it. If you need it, build it. YAGNI is a meditation on timing. Building structure too soon is as risky as building structure too late.

First bill: optionality

1. When you build structure before the feature arrives, you're committing on a guess.
2. The feature you prepared for usually isn’t the feature that shows up.

Second bill: NPV

3. Money has time value. Structure you build now for a feature due in three months is cost pulled forward and revenue pushed back.
4. The bill comes due even when your guess is right.
5. The cost of typing the code is not even considered. What about maintenance?

Une grande partie des communautés autour du logiciel libre, de Linux, du dev...etc sont devenues des endroits franchement hostiles.

Par exemple, une développeurse du pilote USB 3.0 a quitté explicitement le projet à cause de ces comportements.

En 2017, 79% des PR proposées par des femmes sont fusionnés, contre 75% pour les hommes; mais uniquement quand leur genre n'est pas identifiable. Étude: https://www.sciencedaily.com/releases/2017/05/170501094343.htm

La même année, Open Source Survey de Github annonçait qu'il y a vait 95% d'hommes, 3% de femmes et 1% de non binaire parmi les contributeurs.

Idem en 2018 sur un post de StackOverflow. Trop de gens vivent Stack Overflow comme un endroit hostile ou élitiste.

Le vrai problème, selon lui, ce n'est pas la communauté, c'est qu'on a appris aux utilisateurs à dire aux autres ce qu'ils font de travers sans jamais leur apprendre à le faire correctement. C'est ce bon vieux RTFM de connard balancé à la gueule des débutants qui après n'osent plus poser de question.

Une autre enquête Elephant in the Valley a montré que 60% des femmes de la Silicon Valley avec au moins 10 ans d'expérience avaient subi des avances sexuelles déplacées.

Korben signale que 100% des problèmes dans sa vie perso ou pro ou été causé par des hommes, et que 80% des personnes qui l'ont aidé après étaient des femmes.

I didn't know Debian had PPA (like Ubuntu) named "extrepo".

This system is definitely useful to get the latest releases of specific softwares.

headingoffset is a new HTML attribute to increase the upcoming heading levels. It's definitely not there yet https://caniuse.com/?search=headingoffset

How can I style an H3 when there's no H3 tag?
With the selector :heading(3).
But be aware of the browser support: inexistant (https://caniuse.com/mdn-css_selectors_heading)

In this post, I’ll walk through a set of common misconceptions that drive teams to introduce new infrastructure when they don’t need to. All of these can be solved with vanilla PostgreSQL 18 using standard extensions available on RDS, with no special infrastructure and no distributed-systems cosplay.

First files are awesome, because the file format is the API to understand the content.

You may create a file in one app, but someone else can read it using another app.

After this introduction, an everything folder for social media is the theory: the folder would include everything you've created across different social apps. In that world, a “Tumblr post” or an “Instagram follow” are social file formats.

Bluesky, Leaflet, Tangled, Semble, and Wisp are some of the new open social apps built this way.

The author then details a typical social media post in JSON format, and how to store them as files. Domain names can be used to split each social media.

Then how to store a like with identity files (and the standard DID).

An example of such architecture is available at https://pdsls.dev/at://did:plc:fpruhuo22xkm5o7ttr2ktxdo

The apps then reacts to the change made in the social filesystem.

Mindful Design is the responsible designer’s survival guide. Learn resilient and responsible design practices and own your early stage design — from idea to shipped and beyond.

It's a book and video course, but there is also a toolkit: https://mindfuldesign.xyz/toolkit/intro/

Privacy, Control, Longevity, Built for Mac, Fun. See details https://usebilly.app/en/features

Plans are 3€ per month, 25€ yearly or 80€ lifetime.

No way it's real: using specific URLs with a NO_ROLE provide access to the dashboard of the FIFA worldcup 2026.

The whole thing boils down to one architectural mistake: client-side authorization with no server-side enforcement.

FIFA's internal applications use Microsoft Entra for authentication and role-based access control. The Angular/React/Vue frontends check the JWT token for role claims and render access-denied pages accordingly. But the backend APIs trust any authenticated tenant member and serve data regardless of roles.

Rules to follow:

• Get a security.txt file. Seriously. It's 2026.
• Publish a VDP (Vulnerability Disclosure Policy). You're running the biggest sporting event on earth.
• Client-side authorization is not authorization. Every intern learns this.
• When a researcher has to call CISA and the FBI to reach you, something is wrong.
• Start a bug bounty program. Researchers shouldn't have to call the FBI to do you a favor.