Mostly on coffee, not exclusively. Noticable amounts of spite & tortilla chips are also present, yes, but... no shame.

Yes. My Actual Intelligence lives in my head, and runs mostly on coffee.

Only when I'm deprived of coffee.

No. I'm not dead yet.

I can do that, probably over the weekend.

The best I can do against AI is prevent their crawlers from accessing my work. I've built iocaine for this purpose, and it's happily serving an infinite maze of poison to all the crawlers, and they ain't getting through. A number of other people and organizations also use it, and that gives me warm, fuzzy feelings.

I also wrote about surviving the crawlers, and helped a couple of friends have a li'l fun with them. That's actually quite fun.

I also helped our twins ween their teacher off of ChatGPT: she's otherwise a great teacher, but she's been using ChatGPT to give them homework. It had so many mistakes, typos! So they started to quietly correct the exercises with red pen, and handing the homework in, with the questions corrected too. Other kids saw that too, started doing the same. Then it spread to other classes. Two months later, none of the teachers use ChatGPT (or any other "AI") anymore, and the word of them being laughably crap spread to households that otherwise wouldn't be aware. New kid came to town, "you guys know about chatgpt?!" - he stopped talking about it by the end of the week.

Sometimes being openly, vocally very AI-hostile pays off. So I'm going to continue doing that.

It's for self-hosters, I'm afraid. The idea behind it is that your webserver / reverse proxy forwards all GET and HEAD requests to it, it does some heuristics and either returns a page filled with garbage your webserver/reverse proxy can serve, or a 421 (misdirected request) error code, at which point your webserver / reverse proxy can serve the real contents. So to run it, you need to be able to make it play nice with your webserver or reverse proxy, which pretty much means you'll have to self-host, yeah.

The garbage part is important, because that's how iocaine serves poisoned URLs (urls that have an identifiable substring), so if any of the crawlers come back, and manage to get through all other heuristics iocaine puts in front of them, if they land on a poisoned URL, they'll get caught anyway.

I've been drooling over the open tab ever since the Kickstarter went up. I have many keyboards from my firmware hacking days, but one with a keywell is missing from my collection. Sadly can't afford it, but it'll remain on my wishlist, so whenever that changes, whenever I'll be able to afford one, I will get one.

I'm not sure it would replace my Keyboardio Model 100 (the thumb key on that is just so incredibly useful), but it's the closest thing I've seen so far.

Good luck!

Way back when in 2015, I assigned all my past and future copyrights to any contributions I made to Debian-owned projects (including any packaging work I made, etc) to the SFC, because our values aligned at the time, and it made sense. Following this post of theirs, I sent them an email asking them to reassign copyright back to me going forward.

I have not contributed to Debian in years, and the chance of me doing so in the foreseeable future is slim, but I could not stand and watch without sending a message.

I will continue to tell anyone who dares come close to my projects with an LLM to fuck off, and will ban them from any spaces I have control over. "AI" companies have caused immeasurable harm to FLOSS projects, not shunning them is ceding ground to them. And when you let them in, sooner or later, only they will remain.

I'll stick to people, thankyouverymuch.

Sadly, that's not code Linus wrote. Nor one he merged. (It's from git, copied from rsync, committed by Junio)

The single best thing I like about Zed is how they unironically put up a video on their homepage where they take a perfectly fine function, and butcher it with irrelevant features using CoPilot, and in the process:

• Make the function's name not match what it is actually doing.
• Hardcode three special cases for no good reason.
• Write no tests at all.
• Update the documentation, but make the short version of it misleading, suggesting it accepts all named colors, rather than just three. (The long description clarifies that, so it's not completely bad.)
• Show how engineering the prompt to do what they want takes more time than just writing the code in the first place.

And that's supposed to be a feature. I wonder how they'd feel if someone sent them a pull request done in a similar manner, resulting in similarly bad code.

I think I'll remain firmly in the "if FPS is an important metric in your editor, you're doing something wrong" camp, and will also steer clear of anything that hypes up the plagiarism parrots as something that'd be a net win.

...and here I am, running a blog that if it gets 15k hits a second, it won't even bat an eye, and I could run it on a potato. Probably because I don't serve hundreds of megabytes of garbage to visitors. (The preview image is also controllable iirc, so just, like, set it to something reasonably sized.)

Very bad, because the usability of such a scheme would be a nightmare. If you have to unzip the files every time you need a password, that'd be a huge burden. Not to mention that unzipping it all would leave the files there, unprotected, until you delete them again (if you remember deleting them in the first place). If you do leave the plaintext files around, and only encrypt & zip for backing up, that's worse than just using the plaintext files in the backup too, because it gives you a false sense of security. You want to minimize the amount of time passwords are in the clear.

Just use a password manager like Bitwarden. Simpler, more practical, more secure.

Invent a time machine. Go back in time. Study.

Failing that, learn from your mistakes, and next time... well... study.

Most GenAI was trained on material they had no right to train on (including plenty of mine). So I'm doing my small part, and serving known AI agents an infinite maze of garbage. They can fuck right off.

Now, if we're talking about real AI, that isn't just a server park of disguised markov chains in a trenchcoat, neural networks that weren't trained on stolen data, that's a whole different story.

Steam Deck, because it is handheld, and can run a lot of my Steam games. I can also dock it to a big screen and attach a controller.

There are no bugs. Just happy little accidental features.

Considering the amount of CVEs the kernel puts out, I'd argue there's plenty there that's broken, and could be fixed by implementing them in a language less broken than C.

I had a short tootstorm about this, because oh my god, this is some terribly ineffective, useless piece of nothing.

For one, Poison Fountain tells us to join the war effort and cache responses. Okay...

❯ curl -i https://rnsaffn.com/poison2/ --compressed -s
HTTP/2 200
content-disposition: inline
content-encoding: gzip
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
content-length: 959
date: Sun, 11 Jan 2026 21:17:36 GMT

Yeaah... how am I supposed to cache this? Do I cache one response and then continue serving that for the 50+ million crawlers that visit my sites every day? And you think a single, repetitive thing will poison anything at all? Really?

Then, the Poison Fountain explanation goes on to explain that serving garbage to the crawlers will end up in the training data. I'm fairly sure the person who set this up never worked with model training, because this is not what happens. Not even the AI companies are that clueless, they do not train on anything and everything, they do filter it down.

And what this fountain provides, is trivial to filter.

It's also mighty hard to set up! It's not just a reverse_proxy https://rnsaffn.com/posion2, because then you leak all the headers you got. No, you have to make a sanitized request that doesn't leak data. Good luck!

Meanwhile, there are a gazillion of self-hostable garbage generators and tarpits that you can literally shove in a docker container and reverse proxy tarpit URLs to them, safely, locally. Much more efficient, far more effective. And, seeing as this is practically uncacheable, if I were to use it, I'd have to send all the shit that hits my servers, their way. As far as I can tell, this is a single Linode server. It probably wouldn't crumble under my 50 million requests / day, but if ten more people would join the "war effort" without caching, my well educated guess is that it would fall over and die.

Besides, we have no idea whether poisoning works. We can't measure that. What we can measure, is the load on our servers, and this helps fuck all in that regard. The bots will still come, they'll still hit everything, and I'd have additional load due to the network traffic between my server and theirs (remember: the returned response provides no sane indicators that'd allow caching while keeping the responses useful for poisoning purposes).

Not only is this ineffective in poisoning, it's not usable at all in its current state. And they call for joining the war effort. C'mon.

Your exception is for http://ha/, you're visiting http://ha:8123/. Ports matter. It probably worked yesterday because you either visited without a port, or clicked the "Continue to HTTP site" button, and LibreWolf remembered that for the rest of the session.