• Gigantic interactive board game recreating January 6

  ‘Fight for America!’: A New Immersive Theatre Show Allows You to Recreate the Storming of the US Capitol:

  the show is the brainchild of multimedia performance company The American Vicarious, with design by Games Workshop legend Alessio Cavatore. There are two teams: red – representing the attackers – and blue – representing the defenders. Up to 20 audience members can pay the higher ticket price to actually participate in the game, guided by a games master into making decisions that will shape the outcome of the assault as thousands of miniatures are moved around a gigantic 14-foot model of the building itself. The remaining audience members pay a much lower ticket price to spectate.

  Tags: insurrection maga january-6 boardgames games fight-for-america events theatre london

• Immersive Quarries

  Marie Foulston:

  Cavernous halls filled with the projected light of Van Gogh’s The Starry Night folding across every wall. Tall pillars dominate and dissect the space, tiled with the glow of iconic Sunflowers. Double height ceilings dwarf the people below. Nooks, ledges and passageways offer places to perch or wander through and observe the spectacle that surrounds.

  On the surface it made sense to me that Van Gogh somehow became the poster child for a certain type of immersive experience in the 2010s. The kind I mean are the ones in which vast repurposed venues are filled with ‘ken burns effect’ transitioning projections of coffee-table book friendly artists. Imagine Van Gogh, Van Gogh Exhibition: The Immersive Experience, Van Gogh Alive. In name, content, format and venue type these touring shows are almost indistinguishable from each other.

  If you’re looking to visually ‘immerse’ a space this way then I guess Van Gogh fits the bill… popular, highly recognisable, colourful bold impressionist visuals, works all handily out of copyright. But the intensely specific coincidence of his projected appearances around the world niggled at me and in a moment of procrastination I found myself typing into the search bar to see if there might be an answer to explain why.

  What my time down the google mines taught me was that yes, there is indeed an answer. But what I also learnt was that I had been asking the wrong question in the fist place, because this story isn’t really about the iconic visuals that adorned the walls and floors, instead it is a story about the shape of the spaces themselves.

  Tags: vincent-van-gogh art history quarries projection exhibitions immersive experiences

• SlimSocial for Facebook

  an Android wrapper app to insulate your phone from Meta's snooping, if you really have to use Facebook on a mobile device

  Tags: facebook meta privacy android f-droid apps

• Telegram is indistinguishable from an FSB honeypot

  This is not great -- prepending a cleartext device ID string alone is a very fishy decision

  Tags: encryption security infosec telegram messaging mtproto

• Debugging Azure Networking for Elastic Cloud Serverless

  Good writeup of fixing a Linux packet loss issue in Azure, using low-level access to the VMs running k8s nodes.

  Elastic's Site Reliability Engineering team (SRE) observed unstable throughput and packet loss in Elastic Cloud Serverless running on Azure Kubernetes Service (AKS). After investigation, we identified the primary contributing factors to be RX ring buffer overflows and kernel input queue saturation on SR-IOV interfaces. To address this, we increased RX buffer sizes and adjusted the netdev backlog, which significantly improved network stability.

  Tags: sr-iov linux networking bugs azure debugging ops sre drivers

• The Pentagon Disinformation That Fueled America’s UFO Mythology

  Some great stories from the Pentagon's investigation into decades of classified UFO documents.

  There's evidence around the already-known cases of fabricated UFO myths used to cover up advanced aircraft testing:

  An Air Force colonel visited a bar near Area 51, a top-secret site in the Nevada desert. He gave the owner photos of what might be flying saucers. The photos went up on the walls, and into the local lore went the idea that the U.S. military was secretly testing recovered alien technology. But the colonel was on a mission -- of disinformation. The photos were doctored, the now-retired officer confessed to the Pentagon investigators in 2023. The whole exercise was a ruse to protect what was really going on at Area 51: The Air Force was using the site to develop top-secret stealth fighters, viewed as a critical edge against the Soviet Union. Military leaders were worried that the programs might get exposed if locals somehow glimpsed a test flight of, say, the F-117 stealth fighter, an aircraft that truly did look out of this world. Better that they believe it came from Andromeda.

  There's also a bizarre Air Force hazing ritual:

  A former Air Force officer was visibly terrified when he told Kirkpatrick’s investigators that he had been briefed on a secret alien project decades earlier, and was warned that if he ever repeated the secret he could be jailed or executed. The claim would be repeated to investigators by other men who had never spoken of the matter, even with their spouses.

  It turned out the witnesses had been victims of a bizarre hazing ritual. For decades, certain new commanders of the Air Force’s most classified programs, as part of their induction briefings, would be handed a piece of paper with a photo of what looked like a flying saucer. The craft was described as an antigravity maneuvering vehicle.

  The officers were told that the program they were joining, dubbed Yankee Blue, was part of an effort to reverse-engineer the technology on the craft. They were told never to mention it again. Many never learned it was fake. Kirkpatrick found the practice had begun decades before, and appeared to continue still. The defense secretary’s office sent a memo out across the service in the spring of 2023 ordering the practice to stop immediately, but the damage was done.

  Investigators are still trying to determine why officers had misled subordinates, whether as some type of loyalty test, a more deliberate attempt to deceive or something else. After that 2023 discovery, Kirkpatrick’s deputy briefed President Joe Biden’s director of national intelligence, Avril Haines, who was stunned. Could this be the basis for the persistent belief that the U.S. has an alien program that we’ve concealed from the American people? Haines wanted to know, according to people familiar with the matter. How extensive was it? she asked.
  The official responded: “Ma’am, we know it went on for decades. We are talking about hundreds and hundreds of people. These men signed NDAs. They thought it was real.“

  And finally, straight out of the pages of the "Paranoia" RPG, there's secret tests of classified hardware on unwitting Air Force personnel:

  In 1967, Robert Salas, now 84, was an Air Force captain sitting in a walk-in closet-sized bunker, manning the controls of 10 nuclear missiles in Montana. He was prepared to launch apocalyptic strikes should Soviet Russia ever attack first, and got a call around 8 p.m. one night from the guard station above. A glowing reddish-orange oval was hovering over the front gate, Salas told Kirkpatrick’s investigators. The guards had their rifles drawn, pointed at the oval object appearing to float above the gate. A horn sounded in the bunker, signaling a problem with the control system: All 10 missiles were disabled. Salas soon learned a similar event occurred at other silos nearby. Were they under attack? Salas never got an answer. The next morning a helicopter was waiting to take Salas back to base. Once there he was ordered: Never discuss the incident.

  With a more prosaic explanation:

  The Air Force [had] developed an exotic electromagnetic generator that simulated [an EMP pulse] without the need to detonate a nuclear weapon. When activated, this device, placed on a portable platform 60 feet above the facility, would gather power until it glowed, sometimes with a blinding orange light. It would then fire a burst of energy that could resemble lightning. The electromagnetic pulses snaked down cables connected to the bunker where launch commanders like Salas sat, disrupting the guidance systems, disabling the weapons and haunting the men to this day. But any public leak of the tests at the time would have allowed Russia to know that America’s nuclear arsenal could be disabled in a first strike. The witnesses were kept in the dark.

  Tags: ufos myths cover-ups usaf mythology disinformation area-51 aliens emp paranoia hazing

• EU’s new rules will shake up Android update policies

  This is great:

  Starting from June 20, 2025, smartphones and tablets sold in the European Union must adhere to the following design requirements (via European Commission):

  • Resistance to accidental drops or scratches and protection from dust and water
  • Sufficiently durable batteries which can withstand at least 800 charge and discharge cycles while retaining at least 80% of their initial capacity
  • Rules on disassembly and repair, including obligations for producers to make critical spare parts available within 5-10 working days, and for 7 years after the end of sales of the product model on the EU market
  • Availability of operating system upgrades for longer periods (at least 5 years from the date of the end of placement on the market of the last unit of a product model)
  • Non-discriminatory access for professional repairers to any software or firmware needed for the replacement

  I'm really looking forward to the improvements in right-to-repair; some of the recent phone models have been an absolute shitshow, using glue etc.

  Tags: repair phones right-to-repair eu ireland smartphones mobile-phones devices hardware software-updates support

• Covert Web-to-App Tracking via Localhost on Android

  Meta -- never not At It.

  Facebook/Instagram used a sneaky localhost socket connection to correlate web visits with Meta user ids and track web/app user identity without any explicit permission.

  "the novel tracking method works even if the user:

  • Is not logged in to Facebook, Instagram or Yandex on their mobile browsers
  • Uses Incognito Mode
  • Clears their cookies or other browsing data

  This tracking method defeats Android's inter-process isolation and tracking protections based on partitioning, sandboxing, or clearing client-side state."

  Tags: privacy meta facebook instagram apps android

• Elon Musk and DOGE promised $2 trillion in savings. In reality, government spending is up

  Talk about clowns. Instead of delivering $2 trillion of savings, DOGE is instead set to increase overall government spending as a side effect of its brutal cuts.

  According to a model by the nonpartisan Penn Wharton Budget Model, using weekly Treasury data, spending climbed 6.3% (about $156 billion) since Trump took office, compared with the first four months of 2024 when Joe Biden was president.

  Many of Musk’s cuts will actually cost, including taxpayer funds going to an army of lawyers from the Department of Justice battling a cascade of court cases against the government’s dismantling that many judges have already said appears to be illegal. Damages from any illegal firings are likely also to be extremely pricey. So is the loss of critically important workers who earn far more than their salaries, or will have to be replaced for critical services by more expensive private-sector employees.

  Among the most massive costs will be the huge reduction in workers at the Internal Revenue Service, who are worth their weight in gold because of the taxes they collect or ferret out from cheats, the key source of income for the country.

  Tags: smash-and-grab elon-musk us-politics doge fail government

• Weather Strip

  A very pretty weather forecast app, for iPhone, iPad and Mac

  Tags: weather apple apps iphone ipad mac software ux

• Remote Prompt Injection in GitLab Duo Leads to Source Code Theft

  Yet another LLM prompt injection/exfiltration attack. "if your LLM system combines access to private data, exposure to malicious instructions and the ability to exfiltrate information (through tool use or through rendering links and images) you have a nasty security hole."

  Tags: llms security infosec holes exploits prompt-injection exfiltration gitlab pull-requests

• LLM Observability: How to use Elastic's LLM integrations in real-world scenarios

  A set of suggested metrics to monitor LLM integrations, from Elastic

  Tags: llms product metrics observability elasticsearch

• Model Context Protocol has prompt injection security problems

  wow, this is (still) terrible. LLM tool developers are not exactly covering themselves in glory

  Tags: security llms protocols mcp infosec prompt-injection shell-injection xss

• MemoryC.com

  Recommended as a local supplier of computer bits that isn't Amazon

  Tags: hardware shopping components storage hard-disks local

Back in the 1980s, I wrote quite a few demos on the Commodore 64. One of my favourite hacks from that period was a bit of code which uploaded a routine to the 1541 disk drive -- which itself contained a fully functional 6502 CPU -- and used pulse-width modulation and bit-banging to flash the disk drive light in time to the demo's music. It's not quite Freespin, but I was pretty happy with it.

(I should really have been studying for my Leaving Cert at the time. Don't tell my kids.)

Anyway.... as I mentioned on Mastodon this weekend -- massive respect to David Golden on ITC Slack, who managed to figure out which one of my Commodore 64 demos from back in the day was the one with this hack -- AND get it working on the VICE emulator!

Here's what it looks like running on a real Commodore 64 with a real 1541 disk drive:

It's a little slow -- the demo was never ported to run acceptably on an NTSC C64, as I lived in PAL-land and never even got to see one of the NTSC variety -- but for this feature, that actually improves the visibility of the drive light animation. Thankfully the 1541 disk drive didn't have an NTSC/PAL split to worry about. Míle buíochas to David Malone and Dr Dave for getting this running.

This is what it looks like, running in the VICE emulator (thanks to David Golden for recording this):

Back in 1989 -- 36 years ago! -- I didn't even know this trick was called pulse-width modulation, I just managed to bump into the concept by accident; I didn't have the benefit of Google or Wikipedia to quickly look up details of handy algorithms and wound up reinventing so many wheels along the way.

David was responsible for fixing a regression in the VICE PWM emulation. A recent refactor had broken it, but it was a one-liner fix. We then added a little more code to improve the realism of the modulated drive light intensity; human perception sees low levels of light as brighter than they would otherwise be, so low duty cycles need a higher intensity in the emulated form. This blog post explains it reasonably well. By comparison with my clumsy wheel-reinventions in 1989, I was able to dig up an incredibly detailed Wikipedia page on lightness and approximate a simple power curve in a few minutes, so the modern internet still has that going for it.

It's really impressive that someone in the VICE team (possibly Spiro Trikaliotis I think?) decided to implement the code to support accurate pulse-width modulation of the 1541 drive light, and indeed emulated the 1541 to such an extent that my hacky uploaded code actually runs correctly on the emulated drive's emulated 6502!

Here's the CSDb page for the demo, BTW. (If you want to try out the demo with the 3.10 version of VICE once it's released, or current SVN, note that "Trap Idle" needs to be active for the LED code to work.)

• Jetrelay

  This is a great little hack: "jetrelay, a pub/sub server compatible with Bluesky’s “jetstream” data feed. Using a few pertinent Linux kernel features, it avoids doing almost any work itself. As a result, it’s highly efficient: it can saturate a 10 Gbps network connection with just 8 CPU cores."

  Specifically, these are the tricks in question:

  • Trick #1: Bypassing userspace with sendfile();
  • Trick #2: Handling many clients in parallel with io_uring;
  • Trick #3: Discarding old data with FALLOC_FL_PUNCH_HOLE -- this is a nice way to avoid having to rotate between multiple files, nifty.

  Tags: sendfile io_uring linux kernel hacks tools jetrelay jetstream firehose bluesky pub-sub

• Octopus, solar & e-paper energy dashboards - Interaction Magic

  This UK product designer developed a really lovely home dashboard for his Octopus Energy subscription and solar panel setup. I'm already copying some of these ideas

  Tags: solar power energy octopus-energy dashboards home home-assistant

• O2 VoLTE: locating any customer with a phone call

  Using VoLTE to route phone calls via SIP from mobile phones, using O2 in the UK, exposed cell site triangulation info on both ends of the connection, allowing a remote phone number's location to be discovered.

  This was investigated using "an application known as Network Signal Guru (NSG) on [a] rooted Google Pixel 8".

  Tags: phone privacy security infosec o2 volte sip phones mobile