- โ
- โ
- July 14, 2026
-
๐ r/reverseengineering Interactive documentation and visual reference for binary formats and system memory layouts. rss
submitted by /u/RubberDuck31337
[link] [comments] -
๐ tintinweb/pi-subagents v0.14.1 release
No content.
-
๐ smol-machines/smolvm smolvm v1.6.0 release
What's Changed
- docs(security): clarify workload isolation model by @Kevin-Liu-01 in #606
- fix(ci): serve the pacman repo from GitHub Pages and auto-publish it on release by @BinSquare in #611
- Publish official .deb and .rpm repos alongside the pacman repo by @BinSquare in #612
- Clean up deb/rpm packaging lintian and rpmlint findings by @BinSquare in #613
- Fix the deb/rpm build broken by a leftover LICENSE.txt copy by @BinSquare in #614
- Ship smolvm as a Nix flake package, auto-bumped on release by @BinSquare in #615
- CUDA-over-vsock: fork warm GPU VMs and run vLLM through the remoting by @BinSquare in #616
- feat: expose the guest Docker daemon socket to the host over vsock by @BinSquare in #618
- libkrun: vendor the vsock half-close fix (linux-x64 + macos) by @BinSquare in #619
- fix: honor TCP half-close in the virtio-net relay by @BinSquare in #620
- chore: re-vendor libkrun at f55362a for the TSI remote-half-close fix by @BinSquare in #622
- Kubernetes containerd-shim-v2 runtime by @BinSquare in #610
- Bump the workspace to 1.6.0 for the CUDA remoting, Docker-socket, and Kubernetes shim features by @BinSquare in #623
New Contributors
- @Kevin-Liu-01 made their first contribution in #606
Full Changelog :
v1.5.2...v1.6.0 -
๐ r/reverseengineering AntiVE-BehaviorWatch ( AI model Inside a EXE ) rss
submitted by /u/ObligationLucky842
[link] [comments] -
๐ @HexRaysSA@infosec.exchange ๐ข IDA 9.4 is here! mastodon
๐ข IDA 9.4 is here!
Huge thanks to our beta testers for spending the last several weeks refining this release.โข The Apple Dyld Shared Cache workflow has been rebuilt from the ground up.
โข The decompiler now speaks Swift, with proper ABI modelling for self, async context, and error paths.
โข Two new processor modules land โ Qualcomm Hexagon and MCore.
โข Navigation gets a major upgrade with Pathfinder and a redesigned Jump Anywhere.
โข The Teams add-on now runs on Git.
โข And idalib, previously Pro-only, now ships with IDA Home.๐ Read the blog for the full breakdown and/or jump ahead to the release notes, then grab your update in the Download Center.
https://hex-rays.com/blog/ida-9.4-release-a-new-dyld-shared-cache-swift- analysis-new-teams-add-on-and-more- -
๐ New Music Releases Saliva - Longshot rss
Saliva - a new release is available:
- 2026-07-14: Longshot (Single)
Amazon: Canada | Deutschland | France | United Kingdom | United States
Visit muspy for more information.
-
- July 13, 2026
-
๐ IDA Plugin Updates IDA Plugin Updates on 2026-07-13 rss
IDA Plugin Updates on 2026-07-13
New Releases:
Activity:
- augur
- d524797b: chore: update deps and lint allowlist
- christian-doctrine
- CTF-Tools
- a6a81ac5: Add webshell files for remote command execution
- disrobe
- c7571052: flutter aot: recover declared class and method names from a stripped โฆ
- 3f78fcc1: nspack: derive the per-image e8/e9 marker byte and only rewrite brancโฆ
- dd12bd14: py-decompile: recover an except-as-e handler's trailing else/sibling โฆ
- 7cac6275: update spin to 0.9.9 after 0.9.8 was yanked, keeping cargo-deny green
- f7afbac4: refresh the pinned python metric to 96.05 percent (6038 of 6286)
- 37f98183: mpress: reverse the packer's exact x64 e8/e9 and rip-relative branch โฆ
- haruspex
- ida-ins-hinter
- 3614c115: Initial release of IDA Instruction Hinter
- ida-llm-explainer
- f10d1c80: Batch dialog auto-apply-on-Done; reliable lvar rename/type fixes; v1.6.1
- ida-sdk
- d76bad44: docs: update ida-cmake acknowledgements
- IFSO-CYBER-FORENSICS-PROJECT
- rhabdomancer
- rikugan
- 5e91c3f6: fix(loop): scope traceback to execute_python + add integration test fโฆ
- 910148b5: docs: update CLAUDE.md docs-review gate section for post-error migration
- 3be1db8f: chore: apply ruff format to 5 files (clean up trailing newlines + minโฆ
- 4c02ab93: feat(ui): replace docs-gate checkbox with docs_review_mode combobox
- ecf001a6: test(loop): strengthen post-error reviewer guard tests
- 1284eb74: feat(loop): move docs-reviewer from pre-execute to post-error
- bb68b2f4: feat(reviewer): update docs-reviewer prompt for post-error role
- 20fea07b: test(prompts): tighten docs-review-section regression guard
- b4df042e: feat(prompts): add IDA API Module Quick Reference to system prompt
- 3ba4b6a0: refactor(config): replace require_ida_docs_for_complex_scripts with dโฆ
- 471f7c3b: feat(tools): add traceback_classifier for post-error docs gate
- ea383027: docs(plan): docs-review post-error implementation plan
- d40f4a9f: docs(spec): docs-review gate post-error hybrid design
- b0b6611f: Merge remote-tracking branch 'EliteClassRoom/master'
- 9c42ba9e: Refactor the code to make it faster to run
- ea05a552: chore(release): bump version to 1.10.3
- 227a0767: chore(deps): sync uv.lock with pyyaml dev dependency
- Spectra
- 87bd645f: Remove legacy CLI commands and simplify agent output
- b855330f: Stop spinner before approval prompt and clear UI
- 4707ced1: Improve CLI thinking spinner and line handling
- d363b24e: Simplify thinking animation in shell UI
- bbba5eb0: Improve markdown table parsing and rendering
- 859f78de: Update shell_ui.py
- 12ad1812: Enhance memory clearing in shell REPL
- 090fc3d4: Add /clear_memory command
- c34b88c3: Batch consecutive tool results and add check_tools
- 57b53707: Add session delete command parsing
- e776fb28: Add /history command to view session messages
- 23ef5a9c: Add loading spinner and tool progress indicators
- 49d102f4: Add input timeout and attempt limits to CLI
- 85ec13f2: Add vulnerability analysis skill; v1.3.0 release
- augur
-
๐ Hex-Rays Blog IDA 9.4 Release: A New Dyld Shared Cache, Swift Analysis, New Teams add-on, and more ... rss
After weeks of feedback and refinement from our beta testers, we are excited to introduce IDA 9.4!
Building on 9.3, this release reworks how IDA handles Apple's Dyld Shared Cache, teaches the decompiler to speak Swift, adds two brand-new processor modules, and reshapes everyday navigation with the new Pathfinder widget and a redesigned Xrefs Graph. There is also a change we are especially happy about for hobbyists: idalib, our headless automation library, now ships with IDA Home.

-
๐ r/reverseengineering A technical analysis of a LinkedIn scam spreading malware to developers rss
submitted by /u/FetchDEX
[link] [comments] -
๐ r/reverseengineering TTF2PFR: A Python script that converts TrueType TTF fonts to Bitstream's failed "Portable Font Resource" format used in Netscape 4. rss
submitted by /u/Smu1zel
[link] [comments] -
๐ r/reverseengineering /r/ReverseEngineering's Weekly Questions Thread rss
To reduce the amount of noise from questions, we have disabled self-posts in favor of a unified questions thread every week. Feel free to ask any question about reverse engineering here. If your question is about how to use a specific tool, or is specific to some particular target, you will have better luck on the Reverse Engineering StackExchange. See also /r/AskReverseEngineering.
submitted by /u/AutoModerator
[link] [comments] -
๐ r/reverseengineering LIEF v1.0.0: Brand-new Runtime API and DWARF/PDB -> C/C++ generation! rss
submitted by /u/rh0main
[link] [comments] -
๐ Rust Blog crates.io: development update rss
Another six months have passed since our last development update, and the crates.io team has been busy. Here's a summary of the most notable changes and improvements made to crates.io since then.
Source Code Viewer Crate pages now have a "Code" tab that lets you browse the contents of published crate versions directly on crates.io. This shows you the exact files that cargo downloads when you add a crate as a dependency, which might differ from the linked repository. This makes it much easier to audit your dependencies, including files that never appear in the repository, like the normalized Cargo.toml files that cargo generates. The viewer comes with a file tree sidebar with search functionality, syntax highlighting, and GitHub-style line selection, where clicking or dragging line numbers produces shareable #L10-L20 URLs. Under the hood, the server now builds a zip file for every published version. Since the .crate files that cargo consumes are gzipped tarballs without random access support, a background job re-packs each of them into a seekable zip archive plus a JSON manifest describing the contained files. Both are served from our static CDN. The frontend then fetches only the manifest and loads each file on demand with an HTTP range request. Because of this architecture, browsing crate sources essentially adds no load on the crates.io API servers. Existing crate versions have been backfilled, so this works for old releases too. The rendering library behind the code viewer is a diff renderer at heart, and that's no accident: a version-to-version diff viewer built on the same infrastructure is currently in the works. This will allow you to review exactly what changed between two published versions, right on crates.io. Stay tuned! Untangling crates.io Accounts from GitHub At the end of May, the crates.io team accepted . Crates.io accounts always
have been tightly coupled to GitHub: signing in means "Log in with GitHub", and your crates.io identity is your GitHub username. The RFC changes that. It introduces usernames that are native to crates.io and independent of linked GitHub accounts, as a prerequisite for eventually supporting login via other identity providers.
The implementation of crates.io usernames has started, but there is still a lot left to do, most visibly the ability to change your crates.io username. After that is complete, there will be future RFCs and implementation for signing in with identity providers other than GitHub. Since all of this touches authentication and account security, we are deliberately taking it slow and rolling these changes out in small, carefully reviewed steps.
Advisories and Suggestions
In our January update we introduced the "Security" tab, which shows security advisories from the RustSec database. We have since taken this integration one step further: crates that RustSec has flagged as unmaintained now show a warning banner directly on their crate pages, linking to the corresponding advisory for details and possible alternatives. Thanks to Dirkjan Ochtman for implementing this feature!

Related to this, some popular crates have been largely absorbed into the Rust standard library over the years, like
lazy_static, which has been superseded bystd::sync::LazyLocksince Rust 1.80. Crate pages of such crates now show a friendly "You might not need this dependency" banner describing the standard library replacement, and superseded crates in dependency lists get a small light bulb icon with a similar hint.
The dataset behind this feature lives in the new rust-lang/std-replacement- data repository, together with a documented inclusion policy: standard library replacements only, every entry must cite the stable
std,core, orallocAPI and Rust version, and crate maintainers get a notice-and-comment window before an entry is added. New entries can be proposed upstream and can benefit other tools too.Ferris
The most delightful change of this cycle: the Ferris on our error pages now follows your mouse cursor with its eyes:

Getting a 404 error on crates.io is now slightly less sad.
Svelte Frontend Migration Completed
In our January update, we announced that we were experimenting with porting the crates.io frontend from Ember.js to Svelte. This experiment has concluded successfully: the new frontend reached feature parity, went through a public testing phase in April, became the default at the beginning of May, and the Ember.js app has been removed from our repository.
We designed this change to be invisible for our users, since the new frontend is a 1:1 port of the previous design and functionality. For the team and our contributors, however, it is a big deal: the frontend is now built on a more modern framework, which should make it easier for new contributors to get started. It also allows us to iterate faster, as the source code viewer above demonstrates.
We want to thank the Ember.js team for a framework that served crates.io well for many years, and the Svelte team for making the transition so enjoyable.
Miscellaneous
These were some of the more visible changes to crates.io over the past six months, but a lot has happened "under the hood" as well:
-
Search performance : Relevance-sorted search queries previously ranked every crate matching the query, which could take 1-2 seconds for short or common search terms. Ranking is now bounded to the 1,000 matching crates with the highest recent download counts.
-
Reverse dependencies performance : The reverse dependencies endpoint no longer recomputes the full dependent set on every request. It is now served from a precomputed table kept in sync by database triggers, turning an expensive join into a bounded index scan and greatly reducing the chance of getting a timeout error.
-
New ARCHITECTURE.md : If you've ever wondered how crates.io actually works, our
ARCHITECTURE.mddocument got a complete rewrite. It is now organized around the high-level systems that make up crates.io and how they fit together, and includes walkthroughs of what happens when you runcargo publish, why a typical crate download never touches our API servers, and how download counts are derived from CDN access logs. -
Definition lists : READMEs now render Markdown definition lists, a widely used Markdown extension. Our markdown renderer comrak already supported them, the extension just wasn't enabled yet. Thanks to @mistaste for this contribution!
-
CDN cache tags : Files uploaded to our static CDN now carry cache-tag metadata, allowing us to invalidate all cached files of a crate or a specific release in a single operation, instead of issuing one invalidation per file URL.
-
Caching improvements : We removed a global
Vary: Cookieresponse header that was preventing our CDNs from caching public API responses and frontend assets effectively. Per-user responses now useCache-Control: no-storeinstead, resulting in better cache hit rates at the CDN edge. -
Accessibility : We have made crates.io friendlier to screen readers: decorative icons are now hidden from the accessibility tree, heading hierarchies have been fixed, and lists are marked up as proper lists. ARIA snapshot tests now ensure that regressions can't slip in unnoticed. We plan to continue to improve crates.io accessibility over the coming months.
-
Git index performance : The background worker's local clone of the git index is now a bare and shallow repository, eliminating roughly 250,000 checked-out files and the full commit history from its disk, improving its performance as we see increased rates of crate publication. The periodic index squashing now goes through the GitHub API instead of generating large git packs locally, which had previously caused out-of-memory failures on the production worker.
Feedback
We hope you enjoyed this update on the development of crates.io. If you have any feedback or questions, please let us know on Zulip or GitHub. We are always happy to hear from you and are looking forward to your feedback!
-
-
- July 12, 2026
-
๐ IDA Plugin Updates IDA Plugin Updates on 2026-07-12 rss
-
๐ tintinweb/pi-subagents v0.14.0 release
No content.
-
๐ r/reverseengineering Vulnerability in Realtek driver allows DMA controller abuse from user mode with no additional hardware or driver rss
submitted by /u/zwclose
[link] [comments] -
๐ r/reverseengineering Hand-crafted 974-byte Android 14 APK (API 34) โ Bypassing build-tool bloat by exploiting PackageInstaller structure. rss
submitted by /u/Same-Access-6799
[link] [comments] -
๐ smol-machines/smolvm smolvm v1.5.2 release
What's Changed
- Preserve sparseness when copying the storage template during pack creation by @BinSquare in #604
- cuda: llama.cpp + CUDA 13, correctness hardening, cuBLAS BLAS ops, and remote latency/coldstart cuts by @BinSquare in #607
- Bump the workspace to 1.5.2 for the storage-template sparse-copy fix by @BinSquare in #608
Full Changelog :
v1.5.1...v1.5.2 -
๐ r/reverseengineering Analysis of the Recent HTTP.sys 9.8 RCE: Kernel-Level Integer Overflow & WinDbg Reproduction rss
submitted by /u/Emergency_Stable_923
[link] [comments] -
๐ r/reverseengineering MaFrida v0.3.0 is out! rss
submitted by /u/DarkIce
[link] [comments] -
๐ r/reverseengineering Pocket Disasm โ parallel headless binary analysis through one IDALib MCP endpoint rss
submitted by /u/cxxM4n1ac
[link] [comments] -
๐ r/reverseengineering APKXHunter v1.0.0 โ an open-source Android Static Analysis Framework rss
submitted by /u/SyscallX-18113
[link] [comments] -
๐ smol-machines/smolvm smolvm v1.5.1 release
What's Changed
- Notify the Homebrew tap to bump its formula on each release by @BinSquare in #588
- cuda: pipelined async forwarding, CUDA graph capture/replay, and cross-connection ordering โ vLLM runs end-to-end with CUDA graphs by @BinSquare in #589
- Official Arch Linux pacman repository by @BinSquare in #591
- fix(boot): don't stall 5s when agent-rootfs is read-only by @BinSquare in #592
- Display init commands progress by @mart-e in #573
- cuda: cuBLASLt descriptor fast path โ eager decode 2x on loopback, in-VM eager beats native by @BinSquare in #593
- Preserve sparseness when copying disk templates during extraction by @BinSquare in #599
- release: smolvm 1.5.1 by @BinSquare in #594
New Contributors
Full Changelog :
v1.5.0...v1.5.1 -
๐ Kevin Lynagh KiCad helpers and caliper improvements rss
Hi friends,
This newsletter we're streamlining the process of creating circuit boards and revisiting the DIY electronic calipers project from two years ago.
Kevin's KiCad Helpers
I first started playing around with electronics via Arduino back in 2010, and I designed my first circuit board back in 2015 for my walnut and leather cell phone. Since then, I've made around a dozen PCBs, with a notable spike during the pandemic making weird mechanical keyboards.
Averaging roughly one PCB/year is a maximally frustrating frequency: I have 100's of hours of cumulative experience, but it's sufficiently spread across the forgetting curve that every time I start something the details are only vaguely familiar and I've got to re-orient myself again. It reminds me of filling out my taxes, where I also furiously consult my notes and attempt to interpret them against new versions of the UI where input boxes have been hidden across other forms and new sub-menus.
Anyway, armed with a coding agent, I externalized everything I kept forgetting how to do in a pile of scripts: Kevin's KiCad Helpers.
This is tailored to my needs -- designing PCBs in KiCad 10 to be manufactured by JLCPCB -- but if yours are similar you might find 'em helpful. Even if you don't make PCBs, it might be good inspiration for how to apply LLMs to sand down rough edges of whatever convoluted infrastructure is required for your projects.
A quick tour of the tools:
DXF import
I specify all of my mechanical stuff -- board outlines, mounting hole positions, etc. -- in Autodesk Inventor since it has a constraint solver and allows me to directly reference complex geometry driven by other objects.
KiCad's GUI has a DXF import tool, but it doesn't have a mechanism to replace already imported geometry, which makes it tedious to iterate.
This script:
- imports geometry from a DXF file into a board layer specified by the filename (
panel_Edge.Cuts.dxfimports a group ID'd "panel" to the Edge Cuts layer) - deletes any geometry previously imported with that ID
- polls the file for changes, so you get "live reload"
I combine this with a similar poll + export-to-file script in my mechanical CAD tool (shown above) to get live syncing to KiCad (shown below):
DXFs map into KiCad's origin at top-left of the page outline and the DXF positive Y direction points up, so most of my PCBs end up drawn outside of the page
ยฏ\_(ใ)_/ยฏ.STEP export
I also need the reverse direction: Import a 3D model of a circuit board and its components back into my mechanical CAD program so I can verify clearances, etc. KiCad has native STEP export, but unfortunately some of the parts have extremely detailed 3D models. My M1 Macbook Air running Windows CAD software in a virtual machine does not do well when every pin of every chip is a separate solid body.
This script generates a STEP export where all parts have been replaced with axis aligned bounding boxes:

Parts database
I design all of my boards to be assembled by JLCPCB, so it's extremely helpful to have a low-latency way to query their parts. This script downloads CDFER's daily JLCPCB parts sqlite database and consolidates everything into a single table with a numeric price column and lots of indexes so that searching is fast:
I use DB Browser for SQLite but you can of course use whatever interface you like.
It's also extremely useful to point LLM agents at this database:
My dude, I need an H-bridge that can drive +/- 30 Volts, please query ~/foo/bar/parts.db and give me a table with 5 options for integrated ones showing price / stock / description. Please also make a table showing options for drivers with external transistors. Include links to the datasheets.
JLCPCB (EasyEDA) schematic and footprint import
Shout out again to CDFER for their JLCPCB KiCad Library, which has all of the "basic" jellybean parts and some of the extended ones as well.
For the parts that are not already available in here, I need to import them. Rather than draw them entirely from scratch, I use uPesy's easyeda2kicad.py.
However I don't always want to create an entirely new symbol and footprint if the part actually corresponds to something that's in the KiCad standard library. So my import tool tries to match existing footprints (including 90 degree rotations) and spawns a terminal UI so you can interactively compare potential matches with the EasyEDA footprint:
Schematic analysis
The most interesting helper I've created so far is a general schematic analysis framework , which imports the KiCad netlist and schematic instance properties into a DataScript graph database to run various queries/checks.
For example, this lil' function calculates the capacitance (of all the explicit capacitors, anyway) on a given net:
(defn net-capacitance [db net-name] (some->> (d/q '{:find [?ref ?v] :in [$ ?net] :where [[?n :net/name ?net] [?n :net/nodes ?node] [?node :node/pin ?pin] [?i :instance/pins ?pin] [?i :instance/ref ?ref] [(clojure.string/starts-with? ?ref "C")] [?i :instance/value ?v]]} db net-name) (keep (comp parse-capacitance second)) seq (reduce + 0.0)))This function can then be used to check the total capacitance on, e.g., the power nets, and throw an error if it exceeds, e.g., the maximum 10uF allowed by the USB specification.
(defn check-total-capacitance! [db] (let [rows (->> ["VCC" "VBUS"] ;;TODO: make this configurable (keep (fn [net] (when-let [c (net-capacitance db net)] {:net net :total-uF (format "%.2f" (* c 1e6))}))))] (when (seq rows) (print "total capacitance:") (clojure.pprint/print-table rows) (doseq [{:keys [net total-uF]} rows] (assert (< (Double/parseDouble total-uF) 10) (str "Net " net " exceeds USB spec 10uF capacitance"))))))(It's easy to accidentally exceed this limit if you keep incrementally adding ICs and their recommended bypass capacitors.)
Since KiCad allows one to add arbitrary key/value pairs to schematic instances, it's easy to check and print other data as well. For example, I record the i2c address(es) of each chip this way (note
i2candmax_mAfields in property inspector on left):
Within the schematic text labels I reference using the KiCad text variable format. (E.g., the above
Addr: 0x49label is defined asAddr: ${U1:i2c}.)The analysis script throws an error if an address maps to multiple chips:
(defn i2c-addresses [db] (d/q '{:find [?hex-addr (distinct ?ref)] :where [[?instance :instance/ref ?ref] [?instance :instance/attributes ?attribute] [?attribute :attribute/name "i2c"] [?attribute :attribute/value ?addrs] [(clojure.core/identity ?addrs) [?addr ...]] [(clojure.core/format "0x%x" ?addr) ?hex-addr]]} db)) (defn check-i2c! [db] (let [refs-by-addr (i2c-addresses db)] (when (seq refs-by-addr) (print "i2c addresses") (clojure.pprint/print-table (sort-by :addr (for [[addr refs] refs-by-addr] {:addr addr :refs (clojure.string/join " " (sort refs))}))) (doseq [[addr refs] refs-by-addr :when (< 1 (count refs))] (throw (ex-info (str "Addr " addr " matches multiple refs: " refs) {:addr addr :refs refs}))) (println ""))))This also prints out a helpful table of everything on the bus every time I build the project:
| :addr | :refs | |-------+-------| | 0x20 | U3 | | 0x49 | U1 | | 0x60 | U2 | | 0x61 | U2 | | 0x62 | U2 | | 0x63 | U2 | | 0x64 | U2 | | 0x65 | U2 | | 0x66 | U2 | | 0x67 | U2 | | 0x68 | U2 | | 0x69 | U2 | | 0x6a | U2 | | 0x6b | U2 | | 0x6c | U2 | | 0x6d | U2 | | 0x6e | U2 |(In this example, U2 is an LED driver and exposes each channel on its own i2c address, so its
i2cproperty is specified as0x60..0x6F.)Check/build scripts
Speaking of builds, most of the functionality described above is packaged up as a script, so you just run
kkh buildin a folder and it'll create an output directory next to every*.kicad_proit finds in any subfolder. The outputs are named with the date, git revision, and also indicate whether there are unstaged changes in the repository working tree:2026-07-07-73c5c1 โโโ bom.csv โโโ designators.csv โโโ netlist.ipc โโโ positions.csv โโโ receiver-gerbers-2026-07-07-73c5c1.zip โโโ receiver.full.step โโโ receiver.simplified.step โโโ schematics โโโ receiver-pcb-back.pdf โโโ receiver-pcb-front.pdf โโโ receiver-sch.pdfSo one command runs DRC, ERC, and custom analysis checks and then builds all of the output files required to place a JLCPCB assembly order.
The build script also exposes the version string as a KiCad variable, so if you add
${KKH_VERSION_DATE}to your PCB silkscreen, the actual version will appear in the output Gerber files.I hope by making a proper build script I will never again relive the shame of forgetting to run ERC and having a PCB manufactured where I literally forgot to connect some IC pins entirelyโฆ
Caliper updates
About two years ago I had my first foray into digital signal processing and made some electronic calipers.
I haven't touched the project since I published that post, but a few folks recently asked me about it, and since I had some spare LLM credits I figured I'd spend five minutes sending off the little dude at the problem.
And I literally mean five minutes -- these are very rough, rambly dictated prompts that I didn't even bother to edit. I'm sharing here to remind everyone (especially myself!) that not everything needs to be A Big New Project and sometimes you can have great success from a quick, low-effort attempt.
I spawned a Claude session in the project repo, dictated the following prompt, and went to brush my teeth:
This is a project that I worked on a while ago and the accuracy that came out was alright but I'm wondering if there's anything I can do to improve the accuracy purely from a computational way rather than making new hardware. Be sure to read the blog post mentioned at the top of the read me to get a background
After I brushed my teeth, it had come up with a few plausible sounding ideas, so I replied with the following and went to sleep:
I'd like you to set this up and come up with a few different ideas. These are pretty good ones and what I want you to do is Wire them up so that I can test them out Individually as a series of experiments with a given protocol and I want you to set everything up as much as possible So I can do it Quickly on my end without having to get in and change the code or anything like that so what you can do is you can make a branch and then Have maybe different entry points or something for each of these different improvements and then Write like an overall program or something like that Which I can just run to test through it and then make it interactive I guess so that I can You know start it up in the hardware Let it sit still for a certain amount of time Move it a fixed amount and back and then You know or some protocol like that and then I'll tell you what I'm done and then we can just run through that program To test out all of the different ideas and potentially combinations of ideas in like a 10 or 15 minute setting and then We'll figure out from that which ones are working most effectively
Again, I'm really not trying that hard here.
I woke up the next morning and spent about 20 minutes setting up the caliper PCBs and then running the programs it generated to collect new measurement data. It tried the following improvement hypotheses (LLM-generated text):
knob | idea it tests
---|---
window size | longer coherent integration (noise โ 1/โN), incl. one 50 Hz line period
mean_sub | remove DC so ADC offset drift can't leak into the phase
hann | suppress spectral leakage from non-integer-cycle windows
smoothing | averaging in I/Q (phasor) space instead of phase space; EMA vs block
hysteresis | the current 0.1 rad dead-band vs smaller vs noneand based on the initial results and a bit more chatting, the agent proposed an improvement that is, of course, completely obvious in hindsight. My initial parameter sweep (two years ago) used a fixed 2kHz spacing. However, the actual signal and sampling timings generated by the microcontroller are driven by integer divisions of a fixed clock frequency -- so most of these sampled timings don't "line up" nicely in terms of an integer number of signal periods.
Thus, there's always a bit of DC bias in the signal, which causes undesired noise.
With this change, the LLM-generated experimental code reports a noise floor of around 50um, which is about 10x better than what I was getting before. I'm currently on holiday away from my lab, but I expect it'll take 30 minutes once I get back to code it up myself and validate.
Anyway, the main takeaways for me are:
- Write up your work in blog posts so that both people and LLMs can quickly get context and help you out
- There's still plenty of low-hanging fruit out there to pick, and with LLMs it's extremely cheap to just ask
Misc. stuff
-
Accidental anonymity "Sorry to say it but if you need your work to be polished and beyond reproach, that's a determination and character problem, not a skill problem."
-
High Performance Motor Control From the Ground Up || Field Oriented Control (FOC)
-
Bio-Rad Laboratories Heliosยฎ Gene Gun sounds like a joke, but it's absolutely real and I desperately want to use it.
-
I didn't build a Full Body Ultrasoundโฆ but I know the people that did
-
AgentsView is a very nice local web UI from my friend Wes McKinney that makes it easy to review transcripts and token usage across Claude Code, Codex, etc. I used it to quote some of my LLM sessions above.
- imports geometry from a DXF file into a board layer specified by the filename (
-
๐ New Music Releases Phish - 2026-07-12: Ruoff Music Center, Noblesville, IN, USA rss
Phish - a new release is available:
- 2026-07-12: 2026-07-12: Ruoff Music Center, Noblesville, IN, USA (Live)
Amazon: Canada | Deutschland | France | United Kingdom | United States
Visit muspy for more information.
-
- July 11, 2026
-
๐ IDA Plugin Updates IDA Plugin Updates on 2026-07-11 rss
IDA Plugin Updates on 2026-07-11
Activity:
- disrobe
- 793b20a2: refresh the pinned python metric to 95.64 percent (6012 of 6286) afteโฆ
- 30bc29cb: note smartassembly embedded-assembly recovery in the dotnet docs
- fcaa1d72: recover smartassembly compressed assembly resources
- b6ac40cd: py-decompile: recover a bare except-continue inside a for-loop whose โฆ
- e6b293fd: note obfuscar hidden-string recovery in the gauntlet manifest and dotโฆ
- ida-slides
- 04c18dc1: Add a screenshot of the plugin in use to the READMEs
- 63d9982b: Add the macOS standalone-test section to the Korean README
- a2c1abee: Document the loader DLL arch (x64-only) and update path in the READMEs
- 0247bc03: Close out the remaining verification-notes items (8, 9, smoke gaps)
- 30175e64: Fix the pnpm/yarn shim-orphan and node-discovery findings (notes 3, 4)
- e470d5b0: Apply the 2nd-review cleanup batch: dead code, doc drift, harness covโฆ
- 20fc9f27: Reconcile the mac static audit against the Windows-side review fixes
- d0002a8e: Fix the confirmed review findings in the WebView2 renderer
- e72ff31b: Record the Windows-stack static audit and its live-test checklist
- df3b150c: Close the macOS-standalone-test item: the harness now exists
- 95f79097: Add a standalone macOS renderer harness, mirroring the Windows one
- 12d42bd9: Record remaining verification items in CLAUDE.md
- 6d74821c: Add Windows support: native WebView2 renderer
- b53e3c77: Guard the lint against oversized hex tokens and BOM decks
- 1b044df4: Make the marp render wait stale-proof and settle failures cleanly
- 5757a528: Consolidate helpers and drop dead code from the review backlog
- 5e60c54c: Document the slidev save-path engine lock as an accepted behavior
- 10c46fcd: Harden rare deck-switch and recovery paths
- cebb063a: Surface marp render errors and harden the load path
- 7af50563: Ignore stale fileChanged signals for a previously watched path
- IDAExecFunctionsImporter
- 5efcc440: AI: improved readme.
- 2f3d5f04: AI updated readme.
- e7254856: Added build action for IDA 9.2, 9.3 and 9.4.
- 0ed4f179: Removed AI test scripts.
- 3393a933: Removed testfiles and directories.
- fc3ec2f5: Delete ida_batch_logs directory
- 1f2aad86: Merge pull request #12 from Fischsalat/IDA-Mappings-V2
- quokka
- 71e7180b: Merge pull request #129 from quarkslab/dm/ghidra-xref
- disrobe
-
๐ Register Spill Joy & Curiosity #91 rss
Last week, my 9-year-old started using iMovie on the iPad. She doesn't know anything about editing. She doesn't even know what editing is.
But we opened iMovie after I told her, "You can use this to cut out the part of the video where you see my hand." She said, "What do you mean, 'cut out'?"
So we cut the video up, removed some parts, moved others around. She then figured out how to add sounds and a soundtrack. Then, together (me, her, ChatGPT), we learned how to make the soundtrack play only at certain points in the video and so on.
While we were doing that, I kept thinking that a model or an agent could probably do that. Or maybe in a year. And then you could just say what you want and it would edit the video. Cut here, cut there, make this the first scene, move these around, and so on.
Then it hit me: she wouldn't know what to say, would she?
She doesn't know anything about editing. She's seen movies before, sure. That means she's seen J cuts, L cuts, jump cuts, other types of transitions, title screens, and end credits; but she doesn't know what those things are, does she? So how could she ask for them? By pointing at something else? "Make this look like that"? Would that work? Would that lead to the same results?
And that, of course, made me think about software engineering. I hope it does the same for you.
-
You can now remotely start Amp agents anywhere you can run
amp: Agents, Anywhere. We spent a lot of time this week talking to customers and after demoing the things in the Agents Anywhere post on Monday and Tuesday and one person saying "this is the best thing I've seen today, I need this" we decided to get it out as fast as possible. And here we are: agents, anywhere you want. -
We also launched The Dial which resonates a lot with people. I'm still surprised by what a difference it makes.
-
Mira Murati's Thinking Machines: The Future Worth Building Is Human. There is a lot to love here but I really, really, really, really liked these two paragraphs: "In 2014, Toyota, long a master of the automated plant, brought its expert craftsmen back onto the line with the explicit goal of growing craftsmanship and knowledge. The man who led this, Mitsuru Kawai, put the reason this way:'"To be the master of the machine, you have to have the knowledge and the skills to teach the machine.' The production of knowledge and application of intelligence lift each other; they are not substitutes. The work people do may change, and turn toward more of what only people bring, but the best organizations will make the fullest use of both. AI should enable each organization to be excellent in its own way, not to erase the differences between them." Read the whole thing and then compare it to basically everything Dario Amodei or anyone else from Anthropic has said publicly. When I make that comparison, I'd say that Thinking Machines seems to cherish humanity and Anthropic seems to fetishize Claude and would probably prefer a more human-like Claude over many humans. When I read this line in the article: "Human values, just like human knowledge, reside in the heads of individual people and resist consolidation. But today, the values and voice of AI are decided in a handful of places. A single locus of value alignment, however well run, becomes a locus of power to be captured." I can't help but think of Amodei twirling his hair in his fingers, nodding, saying that AI is going to wipe out however many double digit percent of all entry-level jobs.
-
There it is, finally: Rewriting Bun in Rust. Jarred's post on how he used Fable and "5.9 billion uncached input tokens, 690 million output tokens, and 72 billion cached input token reads -- around $165,000 at API pricing" to rewrite Bun in Rust. It's a very good, very interesting post. There's a lot to think about here, for example: "I think this would've taken 3 engineers with full context on the codebase about a year, during which time we wouldn't be able to improve Node.js compatibility, fix bugs, fix security issues or implement new features. We never would've done that. The realistic alternative was to do nothing and keep fixing the bugs at the top of this post forever." I agree with that. I think it's not something anyone would've done. But the question is: would a company that has to pay API pricing do it now? Read the whole post, this is just one part of it I found interesting, there's more in there.
-
I was this close to not linking to it, because ths newsletter is called Joy & Curiosity after all and not Jesus Christ, Man, Maybe You Shouldn 't Have Posted That? _but you _could argue that it is curious and if one of you hasn't been around for some Ruby or JavaScript drama 2010-2015 and is curious about it then this will give you a taste: Andrew Kelley's Thoughts on the Bun Rust Rewrite.
-
Half-Baked Product. If you've ever been at a startup for more than six months, you will nod to at least some of it. You could argue that the post is very cynical and I'm relatively sure it was even written to be cynical, but I don't know. I find it fascinating. Nearly 15 years of startups and when I read the post I don't how stupid the characters in the story are, but the things they experience are close to unavoidable, question is how to make the best of them.
-
Equally fascinating: How Successful Companies Go Blind. Man, I love reading stuff like this. How companies and organizations grow and change or not change, how incentives change -- I could read about that all day long.
-
If, so far, you made it through life without being neurotic about CO2 levels and air quality, but want to be, go and read this: The bottleneck might be the air in the room. I have only one critique and it's about this part: "And it is invisible from inside. Nobody in the room feels impaired. They feel a little tired, a little foggy, a little checked out, and they put it down to the length of the meeting, a bad night's sleep, or the person who won't stop talking. The one variable almost nobody checks is the air." Clearly the author has never been to Germany.
-
"The Art Institute of Chicago's API includes a
has_not_been_viewed_muchfield on artwork. It's a boolean that describes whether an art piece hasn't been visited on their website very much. [โฆ] what are these artworks? Why aren't they being viewed? I can't answer the latter, but, if you have a moment for the former, please take some time to browse." -
Maybe you should learn something: "You can learn new things. Pixel art, touch typing, 3d modelling, music, calligraphy, wood working, knitting, a language. Whatever is practical and calls to you, you can learn. In the long term, learning new things is fun and makes life richer in ways you can't even imagine, and it's a time investment that will pay dividends for life as these skills never really go away. There are even social aspects, as you'll quite literally become a more interesting person to talk to." Wonderful.
-
Okay, so we all know John Gruber, author of Daring Fireball, and we also all know that when he writes a post titled Claude's Criminally Bad Electron Mac App Is an Inside Job where it's going: he's going to shit on Electron and say that it's a disgrace to the Mac and that a proper, native macOS application is far better, etc. etc. etc. That's exactly what I expected when reading that post, but -- and excuse the language here -- holy fucking shit , those last three paragraphs? I don't think I've ever seen someone attack a programmer over chosing Electron like this. Hot damn. I mean, Gruber is a great writer and I'm sure that he went over the top like this for comedic effect, but man am I glad to not be Felix Rieseberg.
-
gingerBill: Good Tools Are Invisible. I think I would've vehemently disagreed with him a few years ago on the points re: TUI and Vim. Now? I think I agree with most of it. Good post.
-
"Julius Caesar was the first propagandist. When he was off in Gaul conquering provinces, he would journal and send back snippets to Rome. He wrote so much that in Latin classes today, you study his works. When he came back to Rome, he walked in and they basically handed him the crown. Tell your story, nobody else will do it for you." Good list.
-
Lost and Found: "When something turns up at a stadium or an airport, staff photograph it, log it, and wait. Hundreds of places use one software tool for managing lost items, and I scraped their archives: thousands of accidental portraits of lost stuff."
-
I've been sitting on this next link for a solid year, waiting for just the right moment to share it. I think it's now, but you need to do me a favor: ignore every bias or prejudice you might have and go into this open-minded, okay? Alright. So here it is. It's a one hour video of Tom Platz giving a workshop on barbell squatting in a German gym. You don't have to watch the whole thing, no. But if you've squatted before or seen Tom Platz's legs, you probably want to. What I want to show you are two segments. The first one starts here and goes on for 2-3 minutes. It shows Platz coaching German bodybuilder Hoffmann through a single set of very light squats. It's only 60kg, but the number of reps isโฆ well, insane. If you've never lifted before, yes, I know how ridiculous this looks and sounds. Platz screaming "dig! dig! one more! you're getting stronger!" I mean, it is ridiculous, grown-ass men lifting weights they don't need to lift and shouting at each other while doing so. But watch it! Watch how Hoffmann does "two more!" many, many times ; how he finds another rep somewhere and gets up again; the look he has on his face once he's done a rep and thinks he's done with the set and Platz says "two more!" again; how he then falls over and can't walk; and then how Platz says: "Congratulations, you have achieved failure." And then Hoffmann says "I think I lost the ability to go to 100%. [โฆ] I have all those doubts in my head." The other thing I want you to see is the ending. After squats, they also do leg extensions and then Hoffmann talks to the camera man and again talks about going to 100%: "If you're working out alone you have to constantly remind yourself that you might be training hard, but 95% or 98% isn't enough. Today I was close to 100%. But the real art is to not only do that when there's a camera, but to always do it, even when you're alone, even when it's a Saturday evening and you're alone in the gym and no one's watching. Then you still have to push through. And you have to do it over and over again. Whenever someone asks what the difference is between a normal bodybuilder and a champion: this is it."
Are you also wondering how much about software you have to know to direct someone else to build something correctly? You should subscribe:
-
-
๐ navidrome/navidrome v0.63.2 release
Changelog
Bug fixes
205c85d: fix(plugins): surface host service failures when loading plugins (#5756) (@deluan)7fa1376: fix(scanner): resolve file symlinks with the production local storage FS (#5755) (@deluan)e91687e: fix(smartplaylist): reject NSP mixing top-level 'any' and 'all' (#5759) (@deluan)
Build process updates
be10f89: ci: don't skip release jobs after the DB migration check on tag pushes (#5760) (@deluan)4381366: ci: validate DB migration order on pull requests (#5750) (@deluan)
Other work
Full Changelog :
v0.63.1...v0.63.2Helping out
This release is only possible thanks to the support of some awesome people!
Want to be one of them?
You can sponsor, pay me a Ko- fi, or contribute with code.Where to go next?
-
๐ Jeremy Fielding (YouTube) Engineer Vs Bee - Round 2: Building The Bee Chaser Base. rss
This work was supported by the Alfred P. Sloan Foundation, enhancing public understanding of science and technology in the modern era, in partnership with IMI: watch what matters. https://www.theimi.co/ & https://sloan.org/programs/public-understanding Check out Mitsuboshi belts ๐http://www.mblusa.com/jeremy-fielding Order custom parts Send Cut Send ๐ http://sendcutsend.com/jeremyfielding If you want to join my community of makers and Tinkers consider getting a YouTube membership ๐ https://www.youtube.com/@JeremyFieldingSr/join
If you want to chip in a few bucks to support these projects and teaching videos, please visit my Patreon page or Buy Me a Coffee. ๐ https://www.patreon.com/jeremyfieldingsr ๐ https://www.buymeacoffee.com/jeremyfielding
Social media, websites, and other channel
Instagram https://www.instagram.com/jeremy_fielding/?hl=en Twitter ๐https://twitter.com/jeremy_fielding TikTok ๐https://www.tiktok.com/@jeremy_fielding0 LinkedIn ๐https://www.linkedin.com/in/jeremy-fielding-749b55250/ My websites ๐ https://www.jeremyfielding.com ๐https://www.fatherhoodengineered.com My other channel Fatherhood engineered channel ๐ https://www.youtube.com/channel/UC_jX1r7deAcCJ_fTtM9x8ZA
Notes:
Check out the Formlabs 4L Printer ๐https://bit.ly/4vKl401
Technical corrections
Nothing yet
-
๐ r/reverseengineering Vidar Stealer 2.0: 1999 Timestamps, Explorer Hollowing & Copilot Injection rss
submitted by /u/StructBreaker
[link] [comments] -
๐ Anton Zhiyanov On interactive Go tours rss
Over the past two years, I've published interactive tours for five Go releases, from 1.22 to 1.26.
I know some of you have read them, and I've received a lot of kind words from you (even some core Go team members reached out) โ thank you so much for that!
Tour history: Go 1.22 โข 1.23 โข 1.24 โข 1.25 โข 1.26 + Go features by version
Unfortunately, at some point, writing these tours stopped being fun and started to feel like a part-time job. I'm not really excited about that, so I've decided to stop.
I still like Go (well, most of it). I read a lot of Go code, I write some Go code, and I write Solod code, which is also Go ๐ (Solod is a systems language with Go syntax and a Go-like stdlib).
I'm still pretty close to the language and will probably continue to write about it.
But the interactive tours story is over.
-
๐ smol-machines/smolvm smolvm v1.5.0 release
What's Changed
- Return 404 for a missing registry image and carry raw exec output bytes alongside the lossy text by @BinSquare in #565
- Brokered P2P layer-blob sharing (engine side) by @BinSquare in #566
- decompress zstd image layers in the guest agent, not just gzip by @BinSquare in #568
- nix/smolvm: Update to latest github release by @mmlb in #571
- Fix the clippy byte_char_slices lint failing CI on main by @BinSquare in #575
- Bump the libkrunfw submodule to 6.12.95 so overlay re-cuts carry the current guest kernel by @BinSquare in #567
- fix incomplete ssh-agent examples in the docs by @BinSquare in #576
- fix ssh-agent forwarding for non-interactive exec/run via the keep-alive container by @BinSquare in #578
- virtiofs: give user volumes and packed layers a DAX window by @BinSquare in #581
- fix: reliably kill _boot-vm child on start failure to prevent orphans by @geekgonecrazy in #583
- libkrun: bump to merged main (b982e75) and refresh all bundled libs by @BinSquare in #584
- CUDA support: forward-to-host-libs remoting with guest-RAM zero-copy by @BinSquare in #577
- cuda: auto-stage guest shims into --cuda containers and auto-discover host CUDA libraries by @BinSquare in #585
- Add Rosetta 2 x86_64 binary translation on Apple Silicon by @BinSquare in #580
- Rebuild the Windows krun.dll with disk exports and add a bundled-libkrun symbol check to CI by @BinSquare in #586
- release: smolvm 1.5.0 โ guest kernel 6.12.95, zstd image layers, ssh-agent exec/run fix by @BinSquare in #579
New Contributors
Full Changelog :
v1.4.7...v1.5.0 -
๐ New Music Releases Phish - 2026-07-11: Ruoff Music Center, Noblesville, IN, USA rss
Phish - a new release is available:
- 2026-07-11: 2026-07-11: Ruoff Music Center, Noblesville, IN, USA (Live)
Amazon: Canada | Deutschland | France | United Kingdom | United States
Visit muspy for more information.
-