to read (pdf)

1. I don't want your PRs anymore
2. JitterDropper | OALABS Research
3. DomainTools Investigations | DPRK Malware Modularity: Diversity and Functional Specialization
4. EXHIB: A Benchmark for Realistic and Diverse Evaluation of Function Similarity in the Wild
5. Neobrutalism components - Start making neobrutalism layouts today

generated: June 15, 2026 at 13:58:31

1. June 15, 2026
   1. 🔗 r/reverseengineering Need DRM Bypass on course website to download video , DM (paid) , rss

      submitted by /u/Lord-AMaN
      [link] [comments]

   2. 🔗 earendil-works/pi v0.79.4 release

      New Features

      • Automatic first-run theme selection - pi detects the terminal background on first run and defaults to the dark or light theme. See Selecting a Theme.
      • Standalone binary integrity checksums - GitHub release assets now include SHA256SUMS files for verifying standalone binary downloads. See Quickstart Install.

      Added

      • Added SHA256SUMS integrity files to standalone binary GitHub release assets (#5739).
      • Added first-run interactive theme detection from the terminal background (#5385 by @vegarsti).

      Fixed

      • Fixed bash tool output collection to keep draining stdout/stderr after the child exits while descendants still write, avoiding truncated late output (#5753 by @Mearman).
      • Fixed /tree help rendering to show compact wrapped controls instead of truncating them on narrow terminals (#5055).
      • Fixed SIGTERM/SIGHUP interactive shutdown to keep signal handlers installed until terminal cleanup completes, preventing signal-exit from re-sending the signal and leaving the terminal in raw/Kitty keyboard mode (#5724).
      • Fixed extensions documentation to clarify that pi.getActiveTools() returns active tool names while pi.getAllTools() returns tool metadata (#5729).
      • Fixed question and questionnaire extension examples to wrap long prompt, option, and help text instead of truncating it (#5708 by @xl0).
      • Fixed package commands such as pi list, pi install, and pi update to terminate after completing even if an extension leaves background handles open (#5687).
      • Fixed pi update for pnpm global installs whose configured global-bin-dir no longer matches the active pnpm home (#5689).
      • Fixed npm package specs that use ranges or tags (for example @^1.2.7) so installed package resources still load instead of being treated as mismatched exact pins (#5695).
      • Fixed inherited Anthropic 1-hour prompt-cache write cost accounting to price 1-hour cache writes at 2x input instead of the 5-minute cache-write rate (#5738 by @theBucky).
      • Fixed inherited GitHub Copilot Claude adaptive-thinking effort metadata to match manually checked Copilot model capabilities (#4637).
      • Fixed inherited OpenCode/OpenCode Go completion model metadata to omit long-retention cache fields for routes that reject prompt_cache_retention (#5702).
      • Fixed inherited overlay compositing over CJK wide characters so borders stay aligned when an overlay starts inside a full-width cell (#5297).
      • Fixed inherited WezTerm inline Kitty image rendering during full redraw fallbacks so image padding rows are reserved before the placement is drawn without regressing tall-image placement (#5618, #4415).
      • Fixed custom provider config so plain uppercase API key and header values remain literals instead of being treated as legacy environment references; use explicit $ENV_VAR syntax for environment variables (#5661).
   3. 🔗 VoidNullable/lific v1.6.0 release

      Lific gets a planning layer. Plans turn a goal into an ordered, arbitrarily- nestable tree of steps that persists across sessions and context compaction — the thing that separates an issue tracker from a project planner. Steps can mirror issues, so closing an issue checks its step and completing a step closes its issue, all recorded in the audit log.

      Plans

      • Persisted, nestable step trees. A plan is a first-class, project-scoped tree of steps (steps containing steps, any depth) that survives across agent sessions and compaction. Issues stay flat and lateral; the hierarchy lives on the plan.
      • Steps mirror issues, both ways. Link a step to an issue and the two stay in sync: closing the issue checks the step (anywhere it appears), and marking a step done closes its issue. Reopening an issue reopens its steps in active plans, stamped with the reason. Closing a plan's anchor issue auto-archives the plan. Done flows down from issues, never silently up from plans.
      • Authored in one call. Four MCP tools: create_plan builds a full nested tree at once, get_plan rehydrates it for the next session, and edit_plan_step / update_plan_step handle surgical edits, done toggles, issue links, and structure changes — with every side effect reported back in the result.
      • First-class in the web UI. A Plans tab alongside Issues, Board, Modules, and Pages: a list grouped by status and a detail view with a real nested tree — done toggles, per-step markdown descriptions, issue chips with provenance, an anchor issue, a progress bar, and an activity timeline. Built on the same shell as the issue and page views.
      • Fully audited. Every plan and step mutation lands in the audit log with actor attribution, including the issue-driven cascades (recorded as system-driven via the triggering issue). A new /api/plans/{id}/activity surface and plan support across list_resources and delete.
      • REST + CLI. Full /api/plans CRUD plus step operations, identifiers as PROJ-PLAN-n.

      Issue list

      • Accurate per-status tallies in the topbar. The count was previously filteredIssues.length over a fetch capped at 200, so it silently undercounted once a project grew past that. A new count_issues_by_status query (a single indexed GROUP BY) and GET /api/projects/{id}/issue-counts endpoint return true per-status counts and a real total.
      • Click a status count to toggle that filter , with narrowed views rendering "shown of total" so the number is always honest.
      • List fetch limit raised 200 → 1000 so rows don't truncate as early.
   4. 🔗 r/reverseengineering /r/ReverseEngineering's Weekly Questions Thread rss

      To reduce the amount of noise from questions, we have disabled self-posts in favor of a unified questions thread every week. Feel free to ask any question about reverse engineering here. If your question is about how to use a specific tool, or is specific to some particular target, you will have better luck on the Reverse Engineering StackExchange. See also /r/AskReverseEngineering.

      submitted by /u/AutoModerator
      [link] [comments]

2. June 14, 2026
   1. 🔗 IDA Plugin Updates IDA Plugin Updates on 2026-06-14 rss

      IDA Plugin Updates on 2026-06-14

      New Releases:

      • ffxiv_bossmod 7.5.1.5

      Activity:

      • augur
        • 71bde005: chore: update dependencies
      • ffxiv_bossmod
        • 2fcdc034: up to lc
        • 613692db: add packet stuff to repo
        • ab877294: version bump
        • 58a1497f: make knockback play along
        • 9a2b1e10: fix post tower shape hints
        • 37cd2fbc: bro what the FUCK did i just read
      • haruspex
        • d7da56e9: chore: update dependencies
      • rhabdomancer
        • 8f512ef2: chore: update dependencies
      • Rikugan
        • 00484159: Merge pull request #59 from buzzer-re/dev
        • b7e6e4b1: fix(ui): remove empty band in assistant bubble and tighten block spacing
        • 458b14b7: fix(ui): readable chat text and warmer assistant bubble
        • da1c3849: feat(ui): full GitHub-flavored markdown rendering in chat
   2. 🔗 HexRaysSA/plugin-repository commits sync repo: +1 release, ~2 changed rss

      sync repo: +1 release, ~2 changed
      
      ## New releases
      - [IDAGuides](https://github.com/libtero/idaguides): 1.1.0
      
      ## Changes
      - [IDASQL](https://github.com/allthingsida/idasql):
        - 0.0.10: archive contents changed
      - [xray](https://github.com/hexrays-plugin-contributions/xray):
        - 2025.9.24: archive contents changed
      

3. June 13, 2026
   1. 🔗 IDA Plugin Updates IDA Plugin Updates on 2026-06-13 rss

      IDA Plugin Updates on 2026-06-13

      Activity:

      • ida_scripts
        • 0263f607: Remove IDARunner from analyze
        • c51a16c6: Move IDARunner to separate package
        • 0f2eff29: Small changes in diff
      • Rikugan
        • 6f42c096: Merge pull request #58 from buzzer-re/dev
        • 75321fb1: feat(ui): add "Don't auto-load chats" option (#51)
        • 09fdfefb: Merge pull request #57 from buzzer-re/dev
        • d66fa7f2: fix(codex): fetch models live on Windows; smooth chat streaming & scroll
      • rikugan
        • 6632f82b: test(agent): port bulk_renamer, subagent_manager, pseudo_tool_schemas…
        • 4b2baca3: test(a2a): add HTTP and loop integration tests
        • 844ac60b: feat(agent): add /a2a slash command for explicit user delegation
        • bb8ddc10: feat(ui): add A2ABridgeWidget with 4-tab tools panel integration
        • a531509e: feat(agent): add delegate_external_task pseudo-tool for LLM-initiated…
        • 2bace4e1: fix(a2a): use background thread for responsive cancel in SubprocessBr…
        • bfaceb78: feat(a2a): add A2ADispatcher as single entry point for tool/widget/slash
        • 9eb6486b: feat(ui): backport IDAThemeWatcher from fork for live theme reload
        • afa5f58e: feat(core): add optional dependency detection helpers
        • ee842aba: chore: add .scratch/ to .gitignore
        • d81cb91f: fix(orchestra): subagent event poll loop runs once, loses events
        • a8e80600: test(isolation): add PySide6 dev dep + mark 5 pre-existing Qt test po…
        • 57caf5e8: fix(security): block argv injection in a2a SubprocessBridge
        • ed2f5175: docs: update PROJECT_MODIFICATION_PLAN with session progress and next…
        • 3b9b1d65: refactor(providers): tighten registry.py docstrings and method organi…
        • 51c19c7e: feat(providers,agent): port auth_compat and pseudo_tool_schemas from …
        • 9cd3985d: feat(providers): port codex_provider from upstream fork
        • b57c9739: fix(security): block path traversal in research_mode note writing
        • a5a2ceb8: docs: list 12 built-in skills in README, add evaluation workflow + mo…
        • 14c77c43: chore: remove binary archives and debug file from repo, sync .gitignore
      • ToCode
        • 3525f850: Merge pull request #4 from buzzer-re/dev
        • 4866aa32: Merge branch 'dev' of github.com:buzzer-re/ToCode into dev
        • a5ce3b6d: Fix Windows installer PATH handling and improve installer UX
        • a3d82f3e: Fix Windows installer PATH handling and improve installer UX
   2. 🔗 Simon Willison Publishing WASM wheels to PyPI for use with Pyodide rss

      The Pyodide 314.0 release announcement (via Hacker News) includes news I've been looking forward to for a long time:

      You can now publish Python packages built for Pyodide (or any Python runtime compatible with the PyEmscripten platform defined in PEP 783) directly to PyPI and install them at runtime.

      Previously, the Pyodide maintainers had to maintain, build, and host over 300 packages ourselves. This created a significant burden on our maintainers and became a major bottleneck for the community, as every new package required manual review.

      Moving forward, package maintainers can simply build and publish Pyodide wheels to PyPI, just as they do for native wheels on Linux, macOS, or Windows.

      Here's the PR to PyPI itself supporting this, which landed on April 21st.

      I adore Pyodide, and have been frustrated in the past by this limitation. It's possible to compile C or Rust extensions to WASM in a wheel file, but before now there was no easy way to distribute them.

      Thanks to the efforts of a whole lot of people, that's now been fixed!

      Trying it out with luau-wasm

      I decided to celebrate by finding something I could package. I have quite a few experimental Pyodide projects lying around, but the best fit for this looked to be my Luau WebAssembly research spike from 9th March.

      Luau is a "small, fast, and embeddable programming language based on Lua with a gradual type system", developed by Roblox and released under an MIT license.

      It's written in C++. I already knew it was possible to compile it to WebAssembly and get it running inside of Pyodide, so I set Codex + GPT-5.5 xhigh the task of packaging my experiment up and publishing it to PyPI using GitHub Actions.

      It took some iteration, but here's the result: luau-wasm is a brand new PyPI package which publishes a 276KB luau_wasm-0.1a0-cp314-cp314-pyemscripten_2026_0_wasm32.whl file which can be used in Pyodide like this:

      import micropip
      await micropip.install("luau-wasm")
      import luau_wasm
      print(luau_wasm.execute(r'''
      local animals = {"fox", "owl", "frog", "rabbit"}
      table.sort(animals, function(a, b) return #a < #b end)
      for i, name in animals do print(i .. ". " .. name .. " (" .. #name .. ")") end
      '''))

      You can run that code in the Pyodide REPL demo to see it in action.

      The GitHub repo for luau-wasm includes all of the build and deploy scripts (using the latest cibuildwheel) and also deploys an HTML demo page which loads Pyodide, installs luau-wasm and provides an interface for trying it out: https://simonw.github.io/luau-wasm/

      

      How many packages are using this so far?

      I was curious to see how many packages are currently publishing wheels for this platform.

      After some tinkering with ChatGPT I got to this BigQuery SQL which I ran against PyPI's public dataset on BigQuery. Here's the raw JSON of query results and here's a SQLite SQL query in Datasette Lite which dedupes packages by most recent upload date.

      If the query is right, there are currently 28 PyPI packages publishing with the new pyemscripten_202*_wasm32 tags:

      luau-wasm, uuid7-rs, cmm-16bit, pyOpenTTDAdmin, imgui-bundle, numbertoolkit, bashkit, geoarrow-rust-core, arro3-io, arro3-core, arro3-compute, onnx, powerfit-em, tcod, chonkie-core, tokie, robotraconteur, pydantic_core, yaml-rs, cadquery-ocp-novtk-OCP.wasm, uuid_utils, base64_utils, pycdfpp, lib3mf-OCP.wasm, typst, toml-rs, onnx-weekly, dummy-pyodide-ext-test

      Here's hoping we see a whole lot more of those showing up over the coming months and years.

      You are only seeing the long-form articles from my blog. Subscribe to /atom/everything/ to get all of my posts, or take a look at my other subscription options.

   3. 🔗 r/reverseengineering Reverse-engineered the WHOOP 4.0's Bluetooth protocol and open-sourced it. rss

      submitted by /u/Abdul_Saheel
      [link] [comments]

   4. 🔗 earendil-works/pi v0.79.3 release

      Fixed

      • Fixed inherited OpenAI GPT-5.4/GPT-5.5 and OpenAI Codex GPT-5.4/GPT-5.4 mini/GPT-5.5 context window metadata to use the observed 272k-token Codex backend limit, avoiding a billing hazard from prompts above Codex's accepted limit (reported by @trethore).
   5. 🔗 gchq/CyberChef v11.1.0 release

      See the CHANGELOG and commit messages for details.

   6. 🔗 r/reverseengineering "Instead of touching grass for 6 months I built an AI that names 150,000 sub_ functions overnight. I have no regrets [SpectrIDA]" SELF PROMO (i love the tool tho) rss

      submitted by /u/Awkward_Fox518
      [link] [comments]

   7. 🔗 r/reverseengineering Hunting the 30-Year-Old World of Xeen MT-32 Crash rss

      submitted by /u/finalpatch
      [link] [comments]

   8. 🔗 tonsky.me Every Frame Perfect rss

      A while ago I was reading about Wayland and this quote stuck with me:

      A stated goal of Wayland is “every frame is perfect”.

      And I think this is a goal we should all aspire to. Wayland is talking about the technical side of things (modern GPU stacks are very complex and Wayland is trying to take control back) but it could be applied to UI too.

      The rule of thumb is:

      If I take a screenshot of your app at any moment, it must make sense

      Why care about every frame? It builds trust. Users can’t see the code, so UI is the only way for them to judge the quality of the app. If UI looks good, that means developers had time to polish it, which means that they probably spent a comparable amount of time to iron out the code. It’s a heuristic, but a reasonable one.

      Now, what does it mean in practice? I can think of a few things:

      • No white flashes between screens.
      • No partially loaded content.
      • No relayout while content loads.
      • Internally consistent. If one part of the UI says “1 update available”, another part should not say “Checking for updates...”
      • Precise animations.

      Animations often end up being forgotten. A UI might look great in both start and end states but very janky in between. Like this:

      If you feel like there are weird things going on there, there are! Look at slowed down version:

      Now let’s apply our rule and take screenshots in the middle of the animation. This doesn’t look right:

      

      Neither does this:

      

      Both of these frames are not perfect.

      Let’s look at another example. Safari:

      Placeholder text here moves from the center but cursor animates from the left position:

      Not the end of the world by any means, but it does create a feeling that these two components are not in sync with each other. Next thought: maybe they weren’t designed together? If so, then they might not work well together. That’s how trust is lost.

      This desynchronization can lead to a lot of confusion. For example, in Photos, when switching between Crop and Adjust mode, picture snaps into place immediately but the crop border is animated:

      This creates a false feeling that something subtly changes when you switch between modes. And you know what? I don’t want my UI to give me false feelings. I want it to be a precise instrument, not an animated toy.

      Sometimes animations are supposed to help you understand a transition, so it’s doubly sad when they make it harder. Follow the magnifying glass:

      Same with Youtube. They had the simplest task in the world: move a rectangle from one position to another! Yet they decided to do something very strange:

      Can you explain this? Does it make sense?

      

      Probably a technical limitation of the DOM architecture they decided earlier on. I call these situations “The technology has outsmarted the programmer”. But no matter the reason, the result is an imperfect frame.

      Sometimes animations are left out as an afterthought. Whatever happens, happens. Then we get this:

      The details are fascinating to watch:

      So yeah. Please pay attention not only to the start and end states, but also to everything in between. Every frame matters.

      I’ll leave you with this unprovoked zoom animation from Preview app. Take care!

   9. 🔗 Armin Ronacher Dangerous Technology For Americans Only rss

      There is a bit of schadenfreude on Twitter right now about Anthropic being hit by the US government's export control directive to suspend access to Fable and Mythos. Anthropic and their leadership have spent a lot of time and effort describing its own technology as dangerous and in need of strict controls and regulation. Now that the US government appears to have taken that framing seriously and told them to turn it off for foreign nationals I can see why people are making fun of that situation.

      I understand the reaction, but I urge you to not entertain it for too long because it is a giant distraction. The important part is not that Anthropic's safety language came back to bite them but the line the US government is drawing: this technology is apparently so powerful that only Americans should have it.

      We are on a clear path towards a world of division. One should think that if a model is too dangerous for everyone, then it is too dangerous for Americans too. Instead the US is treating these models like weapons that need to be controlled. It is not just about capabilities, it is about racism and nationalism. If you have the wrong passport, you are not to be trusted. This is a very different thing from safety, and Europeans should pay close attention to it.

      Safety and National Control

      The directive, as Anthropic describes it, applies to foreign nationals whether they are inside or outside the United States, including foreign national Anthropic employees. That is an astonishing boundary if you think about it. We moved from "do not sell this model to hostile governments" to nationality itself being the defining boundary. This should be a wake-up call to Europeans in and outside the US, and quite frankly, any non US citizen.

      A lot of AI safety discourse presents itself as universal: humanity, catastrophic risk, safeguards, responsible deployment. Even Anthropic's own writings start out that way, but yet every time regulation is discussed there is an overtone of national security and that it cannot get into the wrong hands. It's not just Anthropic, it's the entire US based discourse on AI. The foundation is that the US has moral superiority and others are not to be trusted. That there are other countries are authoritarian, that they lack freedoms.

      That should make us uncomfortable, not just Europeans, but particularly us. It is also a situation you cannot regulate yourself out of. European technology policy is entirely unprepared for this, because this is not a question of regulation but a question of might and power, something that Europe lacks.

      Europe has spent years trying to regulate large American technology companies, sometimes for good reasons. I am not reflexively against that. The DMA matters because access matters. Users should have agency over their devices, their data, and the software they run. But regulation is a useless substitute for capability and we are lacking that. Regulation might try to force open doors but if those doors only come from American or Chinese companies, then that accomplishes very little.

      Also let's not be naive in that this is a negotiation of money and force. The US is in that position because the US has a mighty military. The US can bomb nations anywhere in the world, force international trade routes closed and get away with it. That's true leverage.

      Oh Europe

      Europe is dependent on the United States in ways that are becoming increasingly impossible to ignore. We depend on American cloud providers, operating systems, developer platforms and now AI models and internet from satellites. We also depend on global semiconductor supply chains we do not control. If access to frontier AI becomes a matter of American national security policy, Europe is not a peer in that conversation and might not even be a market.

      That is a humiliating position, but one that happened entirely intentionally.

      European citizens and politicians still have not managed to move beyond blaming the EU for its failures. We built and maintained fragmented markets and then pretended we had a single one. We let company formation, hiring, equity compensation, tax, notaries, KYC, banking, and cross-border services remain much harder than they need to be and we are playing these rules against each other. Not just on the European level, but within every single member state. We protect the trusts and established enterprises, who are risk averse and entrenched, instead of trusting the next generation to build great companies. We created a culture where process becomes an excuse for low agency. We made it hard to build new and large companies and then act surprised when our most ambitious founders move somewhere else or just decided to incorporate their companies in the US.

      Increasingly, Europeans who want to build very large technology companies move to the United States. They do it because the capital markets are better, the startup infrastructure is better, employee equity is better understood. I cannot blame anyone doing it, and I'm guilty of this myself as we have incorporated our holding in Delaware. If you are trying to raise serious money, hire aggressively, and move quickly, the US often looks like the only game in town. Because quite frankly: it is.

      But this is why we are on a dangerous death spiral already. Talent leaves because the ecosystem is weak and the ecosystem stays weak because talent leaves. Infrastructure makes the world: build excellent swimming pools and you will grow a generation of great swimmers.

      The temporary task is straightforward but uncomfortable: Europeans need to believe in themselves enough not to surrender to American gravity. Moving to the US as a founder or tech employee is rational and individually it is often the right decision. But if every ambitious person treats Europe as a lost cause, then Europe becomes one. If everyone with agency leaves, the only people left to shape the system are the people most comfortable with the system as it is. Then we really should not be surprised when nothing changes.

      Europe needs more ambition, more ownership, more urgency, and more willingness to build. It needs less resignation. It needs to stop confusing regulation with strategy and dependency with virtue. We need to deregulate where rules serve mostly as protectionism. We need capital markets that can fund companies at the scale modern technology requires. We need employee ownership to become normal rather than exotic. We need a real single market for services, not just speeches about one. We need countries to stop fighting each other while claiming to act in the European interest.

      Most importantly: we need to stop blaming the politicians. Too many European companies are adding to that bureaucracy entirely out of their own choice. They drown you in paperwork. At one point I had to sign a four page contract for a 120 Euro lamp at an Austrian retailer, just to pick up from their store 15 minutes later. Sometimes I cannot get a speaking engagement at a European event without someone sending me complex rights waivers over. It's all just paperwork protection against potential downsides.

      When we do not have the power to influence, we should at least understand why and where things are failing. Too many entrepreneurs are blaming EU regulation for failures that are originating within the member states. EU regulation is the result of a democratic process between countries that are lobbying in favor of their local industries against others in the same economic bloc. No amount of abolishment of the EU is going to fix this harsh reality. Nothing more demonstrates this as the inability for cross-border M&A in the European Union. It's not the EU that blocks it, it's the country that loses out.

      Strengthening Europe is necessary because weakness makes us pawns. A Europe that cannot build, cannot finance, cannot coordinate and cannot defend its own interests will not be treated as an equal. It will be regulated around, export-controlled around, consulted after the fact or not consulted at all.

      The American Trap

      I do not want the lesson to be that Europe simply needs to turn itself into a copy of the United States. The US has solved some things that Europe has not. It has deep capital markets, a much stronger culture of ownership, a greater tolerance for risk, and institutions that often try to make progress possible rather than explain why it cannot happen. It also has achieved an internal level of integration that is unparalleled in Europe. Tremendous advantages!

      But the American path is not obviously a healthy one in all aspects. It tends to take paths with a lot of conflict and wars, a lot of internal societal division and deep inequalities. It centralizes powers away from citizens in the presidency and people with money. You are still trading one set of failures for another. You are at the whim of the US government and its strict rules and regulations. The US barely manages to uphold the rights for its own citizens today.

      We should be honest about both sides. You do not win by pretending that Europe is fine. You also do not win by pretending that America has figured everything out.

      We must not be blind to all the signs of how international cooperation is falling apart around us. The US no longer talks to European governments before implementing orders that directly affect Europeans. It is threatening to take Greenland, the territory of Denmark, one of its oldest allies. Treaties, alliances and institutions have lost all their worth.

      All that matters even if our own lives are focused on building companies, creating wealth, hiring people and making things. Our individual path to success is one thing, but it depends on a world where contracts work, visas work and don't change on a moment's notice, trade routes stay open, payment systems function, and families are not torn apart by border regimes or wars. If the world descends into chaos, our basic needs cannot be considered met just because we have a great salaries or equity or investors that trust us.

      This is why strengthening Europe cannot be the final goal. A stronger EU is, at best, a temporary defense against a darker world and not an excuse to replace American nationalism with European nationalism. The long-term answer cannot be bigger and bigger blocs fighting over who may use which model, which chip, which cloud or which trade route.

      The Way Out Is Cooperation

      I'm not asking here for Europeans to get their shit together just to compete with the US or China. Maybe I hope that this is a thing that develops, but the goal absolutely cannot be that we accept the deterioration of international relationships long term.

      I truly believe that Open Source matters and international cooperation matters. It is not a magical answer to every problem, but it is one of the few paths we have that does not naturally lead to total concentration of power.

      If frontier AI becomes something only large corporations and governments can control, then everyone else becomes dependent on their judgment. That is a bad place to be. Corporations will optimize for their incentives, as well structured as they might be, and governments will optimize for more and more power. Right now we're on a path in which access to general-purpose capability is mediated by a small number of actors with tremendous powers.

      I'm not naive in pretending AI cannot carry inherent risks. Open systems are messy, they can be misused and they create uncomfortable questions about dual- use capabilities. I do not want to wave that away but closed systems do not make those questions disappear either. Moving the power to decide into fewer hands is not a solution I believe in. And I would have the same opinion if I was a US citizen living in the US.

      Any path that puts large blocs in a constant fight against each other has despicable downstream effects that result in the removal of individual rights. It's entirely pointless for the US to talk about freedoms that do not extend to non-US citizens and the same is true for Europe or any other country. We might accept these restrictions temporarily, but we absolutely cannot accept them long term for the inhumane effects that they can cause.

      If we believe this technology can be used for good, then broad access matters and our goal should be to restore the international rule of law, and not to further weaken it. If we find ourselves in a war against our friends from other countries, cold or hot, we have failed as society.

      The world we should be working back toward is one of international cooperation, globalization in the best sense of the word, and human dignity. The internet has made our lives irreversibly international: every day people fall in love across borders, marry across languages, move across continents, and work with friends they may never meet in countries they may never visit. Identifying too strongly with any one country in that world is a fool's errand.

      Over the last decade too many of the people I got to know through Open Source were directly dragged into a war. I want to believe there is a way for us to break this cycle. We should be repairing failed states, rebuilding trust between people, and finding ways to cooperate again instead of letting the richest countries arm themselves and fight over who gets to control the future and narrative. Of course I want Europe to become stronger so it can stop being a pawn, but if we mistake that temporary need for the destination, I will be deeply disappointed.

      The way out is not American supremacy, Chinese supremacy or European supremacy. The way out is to climb back toward cooperation before the alternative becomes war.

      Artificial Intelligence is quickly becoming another instrument of militarization and national rivalry, when it could be one of the most powerful tools for cooperation we have. We should be using it to help people across societies and languages understand one another, not fighting over who gets to control it.

4. June 12, 2026
   1. 🔗 IDA Plugin Updates IDA Plugin Updates on 2026-06-12 rss

      IDA Plugin Updates on 2026-06-12

      Activity:

      • capa
        • 430de817: Sync capa rules submodule
      • idasql
        • 6ce863a1: readme: drop self-reference from the xsql-family list
   2. 🔗 earendil-works/pi v0.79.2 release

      New Features

      • Clearer Bedrock validation guidance - Amazon Bedrock data retention validation errors now link to AWS data retention documentation. See Amazon Bedrock.

      Added

      • Added an experimental first-time setup flow behind PI_EXPERIMENTAL=1 that asks for a dark/light theme choice (preselecting the detected appearance) and opt-in analytics data sharing on first launch with the default agent directory; opting in stores a trackingId in settings.json (#5587 by @vegarsti).
      • Added AWS data retention documentation links to inherited Amazon Bedrock unsupported data retention mode validation errors (#5561 by @unexge).

      Fixed

      • Fixed project trust detection to ignore global ~/.pi/agent state when running from $HOME, and made pi update use only saved or explicit project trust without prompting (#5619).
      • Fixed experimental first-time setup to skip forked sessions instead of rerunning the setup prompts (#5627 by @vegarsti).
      • Fixed inherited OpenAI-compatible context overflow detection for parenthesized maximum context length (N) errors (#5677).
      • Fixed inherited OpenAI GPT-5.4/GPT-5.5 and OpenAI Codex GPT-5.4/GPT-5.4 mini/GPT-5.5 context window metadata to match current OpenAI limits (#5644).
      • Fixed inherited Anthropic refusal stops to preserve provider stop_details explanations in error messages (#5666 by @rwachtler).
      • Increased the inherited OpenAI Codex Responses SSE response-header timeout to 20 seconds to reduce false-positive stalls while retaining the bounded wait introduced for zero-event hangs (#4945).
      • Fixed inherited Claude Fable 5 thinking-off requests to omit Anthropic's unsupported thinking.type: "disabled" payload (#5567 by @tmustier).
      • Fixed inherited late tool progress callbacks after tool settlement to be ignored instead of emitting stale tool_execution_update events (#5573).
      • Fixed inherited user-message transcript rendering so standalone + messages no longer render as - (#5657).
      • Fixed inherited slash-separated fuzzy queries so provider/model completions remain matchable after insertion.
      • Fixed inherited WezTerm inline Kitty image rendering so reserved row clears do not erase all but the top strip of tool image previews (#5618).
      • Fixed inherited editor wrapping for CJK text to break at character boundaries instead of leaving large trailing gaps (#5585 by @haoqixu).
      • Fixed inherited loose Markdown list rendering to preserve blank-line separation between list items (#5562 by @Perlence).
      • Fixed --model resolution for authenticated custom model IDs whose slash prefix matches an unauthenticated built-in provider (#5643).
      • Fixed /fork to keep session parent chains connected when the forked path contains labels (#5669).
      • Fixed /share and /export HTML exports to use the active fallback theme when the configured custom theme no longer exists (#5596).
      • Fixed custom fallback model IDs with :<thinking> suffixes to preserve the requested thinking level when the provider template model does not advertise reasoning (#5560 by @haoqixu).
   3. 🔗 HexRaysSA/plugin-repository commits sync repo: +1 plugin, +3 releases, -1 release rss

      sync repo: +1 plugin, +3 releases, -1 release
      
      ## New plugins
      - [ida-rpc](https://github.com/bkerler/ida_rpc) (0.1.0)
      
      ## New releases
      - [IDASQL](https://github.com/allthingsida/idasql): 0.0.17
      - [ida-bochs-binaries](https://github.com/hexrayssa/ida-bochs-binaries): 1.0.1
      
      ## Changes
      - [IDASQL](https://github.com/allthingsida/idasql):
        - removed version(s): 0.0.1
      

   4. 🔗 3Blue1Brown (YouTube) Measuring the entropy of English rss

      Full video: https://youtu.be/l6DKRf-fAAM

   5. 🔗 HexRaysSA/plugin-repository commits merge: discover changelog URLs, mirroring readme_url (EA-770) rss

      merge: discover changelog URLs, mirroring readme_url (EA-770)
      
      Probe the local mirror then GitHub for CHANGELOG.md / CHANGES.md /
      HISTORY.md / docs/CHANGELOG.md and write metadata.changelog_url on each
      plugin record in combined.json, exactly like README discovery. The
      probe helpers are now filename-list-driven so both share one code path.
      
      Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
      

generated: June 15, 2026 at 14:00:50