@PinoBatch all comes down to financial capital ... in the end the big banks decide whats possible

@woe2you @stux I know ... but in the defense industry you can see to which "technological wonders" and fruity competition government overspending can lead.

https://hellochinatech.com/p/openclaw-china-ai-stack

So Compute Vendors welcome OpenClaw with open arms, since it leads to their overdimensioned data centers to finally becoming a bit more profitable, therefore they push end consumers to install and run it, even if they have no plan on what todo with it, so OpenClaw hits random APIs of SaaS companies and sends queries to models increasing their resource usage. This is all so fucking insane.

#Openclaw #AI

@stux In discussions with neolibs I rather encounter the argument "the state can't deliver quality healthcare, it would all be bureaucracy and long wait times" or "it would remove all competition out of the healthcare sector and things will get worse and worse" or even better "you will take the right of people to choose to pay for the healthcare they want". On the other hand the US government has a fracking expensive military apparatus driving up markets, competition and technological progress in weapons manufacturing while literally nobody (not even their congress) has a say in what they fracking use it for. One would think these guys see the contradiction. But never saw one realize it.

@peterdutoit and the EU, as well as its nation states, seem to focus on the opposite

@donni the troubles began, when the capitalists figured how to use the internet for exploiting us even more and got the powerful in to regulate and control it for their advantage

@petergleick I mean ... most of the western world already undermined the authority of the ICC by simply not caring about the arrest warrants for Netanyahu ... the US still holds effective world power, no country would even bother too reply to it. I guess most nation western nation leaders would event criticize the ICC for the decision.

So on the one hand, ICC would undermine itself with it. On the other: Maybe that leads to more people seeing through that our institutions are just succumb to the goodwill of the nations that hold the power.

RE: https://mastodon.social/@heidilifeldman/116203122527409700

These two sentences are in consecutive paragraphs:

> Lobster tail is apparently a favorite of Hegseth’s Pentagon—the department spent more than $7.4 million total on the luxury item in March, May, June, and October.

> Weeks later, millions of Americans would lose their SNAP benefits amid the longest government shutdown in U.S. history.

@SecureOwl haha, my first thought was a security incident

@malwaretech thanks for sharing your analysis! Super interesting.

It feels like Proton are being intentionally misleading in their statements. They know that most of their customers aren't familiar with how legal process actually works, so are happy to spread half-truths.

Under US law, a US law enforcement agency (LEA) typically has to apply for a subpoena or search warrant with a US court. The court is then responsible for deciding if the legal bar for search a request has been met, then either grants or denies it.

The problem is, if a company has no real US footprint (no US corporate entity, offices, servers, etc.), then a US court typically doesn't have the jurisdiction to compel the company to hand over customer data (except in some rare circumstances). Even if the court approved the warrant anyway, it wouldn't really be legally binding.

Which is why the Mutual Legal Assistance Treaty (MLAT) exists. MLAT enables law enforcement agencies in one company to send requests for information to law enforcement agencies in another. Switzerland has such a treaty with the US. This means that the FBI can request that Swiss authorities hand over a Swiss company's data on their behalf.

Any country requesting information held by a company in a foreign jurisdiction would typically do so via MLAT. Which means from Proton's perspective, the legal request would appear to originate from their local law enforcement, not the FBI. Which they clearly understand based on their Reddit post.

Saying "we don't respond to legal requests from anywhere other than Swiss authorities" seems very intentionally worded to give the impression that the company does not cooperate with foreign law enforcement. But since it'd be the Swiss authorities handling any such requests, they'd have to comply, since as they admitted, they have to comply with local laws.

There is, however, some useful (but more nuanced) information here:

Firstly, MLAT requests are handled by local law enforcement according to local law. So if there is a difference between the law of the sending and recipient country, that might mean the MLAT request is denied. That probably doesn't mean much, because if you're on the FBI's radar, the chances are you did something that is also massively illegal in Switzerland too.

Secondly, they are 100% correct in saying that no other service provider is going to do any better. They're all beholden to local laws, and the ones that think they're not tend to get their doors blown off by SWAT like CyberBunker did. The only exception is if the company resides in a country which does not cooperate with US law enforcement (which Proton does not).

But the part that's extremely disingenuous is that the "we only respond to requests from the Swiss authorities". That statement is likely intended to imply they don't cooperate with law enforcement in any other countries, which is simply not true. Switzerland has MLAT agreements with over 30 counties.

People really need to understand that no company is going to shield you from the FBI (or any reputable law enforcement agency). They'll use misleading statements to make it sounds like they don't cooperate with law enforcement, but they do. They have to.

@randahl now would be cool if Switzerland sanctions US and freezes bank accounts of US oligarchs 🤡

@confusedMiddleAgedDad @Daojoan maybe that's what finally differentiates us form AI ... irony and daytime depression. Or we just need to star training a model from scratch.

Critical Authentication Bypass in pac4j-jwt Library Allows Full User Impersonation

A critical authentication bypass vulnerability (CVE-2026-29000) in the pac4j-jwt Java library allows attackers to impersonate any user by forging encrypted but unsigned tokens. The flaw is caused by a logic error in JwtAuthenticator that skips signature verification when a token is wrapped in an RSA-encrypted envelope.

**If your Java applications use pac4j-jwt, this is urgent! Update to the latest patched versions immediately because there is no practical way to hide your app from the internet, and the exploit is trivial - it will be exploited in a matter of days.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-bypass-in-pac4j-jwt-library-allows-full-user-impersonation-f-h-1-h-f/gD2P6Ple2L

@Daojoan that's because we don't have down-to-earth LLMs writing linked in posts in a shitty/depressed mood.