Funniest thing I've read all year!

Several Venezuelan F-16s have reportedly taken-off from El Libertador Air Base in Maracay, heading north towards the Southern Caribbean.

Two US B-1 bombers are flying along the Venezuelan coastline, currently passing between isla la Orchilla and isla Tortuga #Venezuela

The word “retard” is not meant for people with handicaps. It’s meant for non-handicapped people who are stupid. If you don’t understand this, you’re a retard.

Getting off of Twitter enrolled keys so we can stop doing hacky things for domain trust. Physical security keys are cryptographically registered to Twitter’s domain and need to be re-enrolled under X.

Come on @youtube. Fix yourself!

I wish I was the Department of War.

YouTube @YouTube is down! What the fuck am I supposed to do now?!

"Doesn't log" doesn't mean "can't log". Threat model should cover what a potential attacker can do, not what it promises not to do. In case of SimpleX network, operators cannot log who communicates with whom, because they have no access to this information at any point.

SimpleX network has the world's most secure messaging. If you believe another messenger is more secure, share its threat model – so we can compare and improve. 👇

Here's one free month of Starlink service! Starlink high-speed internet is great for streaming, video calls, and gaming in even the most remote locations on Earth. starlink.com/residential?ref…

Roger that.

Today an unknown group of individuals created a domain to display individuals who mocked the death of American conservative Charlie Kirk. Attached image is from the websites landing page. The website asserts the domain is not for "doxxing", rather the website is designed to archive instances of people promoting political violence. The authors also assert the material is not illegal and has been aggregated by legal means (e.g. posted publicly on social media). The website displays (as of this writing) approx. 30,000 individuals who have (allegedly) mocked the death of Charlie Kirk. Details include: - First name - Last name - Approx. location (city and/or state) - Place of employment - Social media profiles - Photos from social media

It looks like Germany is opposing #ChatControl.

Apple and Google pretend as if they have omniscience and are aware of when their devices get exploited. They do not and they are not aware of the vast majority of exploits. The claims both companies make about rare exploits are outrageously false marketing disproven by evidence.

This law, if passed, would undermine individual security and expose millions of people to crime. Act now.

We have early access to Android Security Bulletin patches and will be able to set up a workflow where we can have releases already built and tested prior to the embargo ending. For now, we've still been doing the builds after the embargo ends. It will mainly help when they screw up pushing to AOSP. We're in the process of obtaining early access to the major quarterly and yearly releases. This is a much bigger deal and will substantially help us. There's an immense workload with a lot of time pressure for porting to new major releases without early access which gets worse the more we change. We did not have early access to Android 16 QPR1 and have not been able to start porting yet. We should have early access prior to Android 16 QPR2. We're going to need to make private repositories for working on this stuff internally. We can potentially make special preview releases based on these. Google recently made incredibly misguided changes to Android security updates. Android security patches are almost entirely quarterly instead of monthly to make it easier for OEMs. They're giving OEMs 3-4 months of early access which we know for a fact is being widely leaked including to attackers. We can't break the embargo ourselves but if someone posted the patches publicly we would be able to ship them months early, as would others. The patches are broadly distributed to OEMs where most of their engineers have access. Companies like NSO can easily obtain access. It's not a safe system. Google's existing system for distributing security patches to OEMs was already incredibly problematic. Extending 1 month of early access to 4 months is atrocious. This applies to all of the patches in the bulletins. This is harming Android security to make OEMs look better by lowering the bar. The existing system should have been moving towards shorter broad disclosure of patches instead of 30 days. Moving in the opposite direction with 4 months of early access is extraordinarily irresponsible. Google has also abandoned pretending it's private by allowing binary-only embargo breaches. Android's management has clearly overruled the concerns of their security team and chosen to significantly harm Android security for marketing reasons. Lowering the bar for OEMs to pretend things are fine while reducing security for everyone is a ridiculous approach and should be quickly reversed. Android is very understaffed due to layoffs/buyouts and insufficient hiring. This is impacting Linux kernel and Android security. Google hasn't fixed taptrap.click which is a serious issue privately disclosed to them in October 2024. We were informed in June 2025 and it took us a few hours to fix... Google does a massive portion of the security work on the Linux kernel, LLVM and other projects including implementing exploit protections, bug finding tools and doing fuzzing. They're providing the resources and infrastructure for Linux kernel LTS releases. Others aren't stepping up to the plate. We don't expect there to be much pushback against this via tech media despite how obscene it is to provide 4 months of patch access to sophisticated attackers. They can easily get it from OEMs or even make an OEM. Whistleblowers should publicly post the signed zips since attackers have it already. Security patch backports were pushed to the Android Open Source Project on September 2nd but it wasn't done properly. Android 16 QPR1 was also supposed to be pushed to the AOSP on September 3rd and it was even confirmed they'd still be doing that but it hasn't happened. Perhaps too many layoffs... Even if no whistleblowers leak the signed zips we can still bring this system down ourselves without breaking any embargo. Our plan is to make special releases with the patches which are otherwise identical to our regular releases. External developers can reverse it from that for regular GrapheneOS.

"Have you tried clearing your cookies" Yeah, have you tried building a web app that works?

Tired of seeing people online complain about their inability to lose weight. I lost 12lbs in just a few days all naturally. Let me tell you how. Saturday night I stopped at the gas station to get some energy drinks. They also sell really sketchy burritos there too. It was the end of the day and the cashier had commented to someone else they're going to throw away all of the food. I interjected and said, "If you're going to throw it away, can I have it? Im hungry as hell". He obliged and told me I could grab whatever I wanted. However, he told me the food had been out all day so he wasn't sure how good the food was. I told him it wasn't a problem. The food was delicious. A little greasy and crusty, but it was delicious. Subsequently, Sunday morning, I had extreme abdominal pain. It was crippling. I was unable to do anything other than sit on the toilet and be in pain due to the violent and painful diarrhea. The diarrhea lasted Sunday, Monday, Tuesday, and partially today. During that time I was unable to eat anything because it made me throw up. I successfully lost 12lbs. All natural, no shortcuts, no "ozempic", no fad diets. I lost weight the way our forefathers had historically — dysentery. What's your excuse?

It's very common for people to incorrectly claim GrapheneOS is not a privacy project but rather a security project because of our substantial work on exploit protections. Reality is we add major privacy AND security improvements. Our work on security is done to protect privacy.