@VessOnSecurity
Anti-virus, malware and infosec expert, crypto amateur, privacy advocate and general annoyance.
PGP keyID: 0x365697c632dd98d9
Relays (1)
- wss://relay.ditto.pub – read & write
Recent Notes
"OpenAI Really Wants Codex to Shut Up About Goblins":
https://www.wired.com/story/openai-really-wants-codex-to-shut-up-about-goblins/
“Never talk about goblins, gremlins, raccoons, trolls, ogres, pigeons, or other animals or creatures unless it is absolutely and unambiguously relevant,” reads OpenAI’s coding agent instructions.
https://www.wired.com/story/openai-really-wants-codex-to-shut-up-about-goblins/
“Never talk about goblins, gremlins, raccoons, trolls, ogres, pigeons, or other animals or creatures unless it is absolutely and unambiguously relevant,” reads OpenAI’s coding agent instructions.
"Even cybersecurity researchers are exposing secrets in their arXiv LaTeX source":
https://www.helpnetsecurity.com/2026/04/28/cybersecurity-researchers-arxiv-latex-source-leaks/
https://www.helpnetsecurity.com/2026/04/28/cybersecurity-researchers-arxiv-latex-source-leaks/
Health (or lack thereof) update.
The old single web page has become too large and unwieldly. People have trouble reading the newest entries without cleaning their browser cache. So, a friend and a colleague of mine helped me create a more professionally-looking blog. The link will show only the latest entry; an archive of previous entries can be found in a column to the right, if you're using a desktop browser, or at the bottom, if you're using a mobile one.
I'll continue maintaining the old web page for a while but you're strongly recommended to switch to the new one. Eventually, I'll put a redirector from the old one to the new one.
The link of the new blog (with the latest entry from today) is
https://blog.bontchev.nlcv.bas.bg/en
(No, there isn't a Bulgarian version of the texts.)
The old single web page has become too large and unwieldly. People have trouble reading the newest entries without cleaning their browser cache. So, a friend and a colleague of mine helped me create a more professionally-looking blog. The link will show only the latest entry; an archive of previous entries can be found in a column to the right, if you're using a desktop browser, or at the bottom, if you're using a mobile one.
I'll continue maintaining the old web page for a while but you're strongly recommended to switch to the new one. Eventually, I'll put a redirector from the old one to the new one.
The link of the new blog (with the latest entry from today) is
https://blog.bontchev.nlcv.bas.bg/en
(No, there isn't a Bulgarian version of the texts.)
The real reason, of course, is that governments of all stripes want more control over their citizens' thoughts and actions. Hiding behind anonymity to post stuff we don't approve of? Can't have that.
Coming soon to a country near you, too.
"Trump’s war: the kind of military misadventure that ends empires":
https://asiatimes.com/2026/04/trumps-war-the-kind-of-military-misadventure-that-ends-empires/
https://asiatimes.com/2026/04/trumps-war-the-kind-of-military-misadventure-that-ends-empires/
Remember the outcry when it was reported that Russian soldiers were looking private property in occupied Ukraine? Well, guess what Israeli soldiers are doing in Gaza and Lebanon...
"Israeli Troops Say Mass Looting of Occupied Southern Lebanon ‘Routine’":
https://news.antiwar.com/2026/04/23/israeli-troops-say-mass-looting-of-occupied-southern-lebanon-routine/
"Israeli Troops Say Mass Looting of Occupied Southern Lebanon ‘Routine’":
https://news.antiwar.com/2026/04/23/israeli-troops-say-mass-looting-of-occupied-southern-lebanon-routine/
"Claude-powered AI coding agent deletes entire company database in 9 seconds — backups zapped, after Cursor tool powered by Anthropic's Claude goes rogue":
https://www.tomshardware.com/tech-industry/artificial-intelligence/claude-powered-ai-coding-agent-deletes-entire-company-database-in-9-seconds-backups-zapped-after-cursor-tool-powered-by-anthropics-claude-goes-rogue
https://www.tomshardware.com/tech-industry/artificial-intelligence/claude-powered-ai-coding-agent-deletes-entire-company-database-in-9-seconds-backups-zapped-after-cursor-tool-powered-by-anthropics-claude-goes-rogue
nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyd968gmewwp6kyqpqlvv7n293zx576n3ay7xt47s7fu32l6np5wtp8a9d8jxk42hw4c4qftmex9 I would not be surprised if the teller you first talked to sounded like she was speaki...
@nprofile1q... No, she really had trouble communicating verbally. I mean, pronouncing words in intelligible way. It's not that she was speaking nonsense - it's that it was hard to understand what words she was saying.
So, I returned to the bank to complain that, evidently, the card registering procedure had failed. "Don't worry," said the clerk (although much less intelligibly), "the ATM is out of cash - that's why...
I long for the good old times when you just went to the bank branch to get your new card when the old one had expired and the new one had the same number and PIN and you didn't have to do anything else. Whoever came up with this new procedure needs to be shot, hanged, quartered, and then really hurt.
1
Long story short, she sent to her phone an SMS with the temporary PIN in plaintext. Then, my mother was required to go to an ATM, insert the new card, select "Register new card" as a service, enter th...
So, I returned to the bank to complain that, evidently, the card registering procedure had failed. "Don't worry," said the clerk (although much less intelligibly), "the ATM is out of cash - that's why it doesn't offer any cash withdrawal options." Just to be sure that I had understood correctly, I went to a different ATM - and, sure enough, the new card was working there just fine.
What remains to be done (and I was assured that it can be done from the bank's web site interface) is to set an additional password to the card, to be used when purchasing on-line.
What remains to be done (and I was assured that it can be done from the bank's web site interface) is to set an additional password to the card, to be used when purchasing on-line.
1
Me: "Sorry, can't do that. No apps on her phone (or mine, for that matter)."
Clerk (slightly bewildered): "OK, I'll send her an SMS. She just needs to click the link in it and..."
Me: "Sorry, can't ...
Long story short, she sent to her phone an SMS with the temporary PIN in plaintext. Then, my mother was required to go to an ATM, insert the new card, select "Register new card" as a service, enter the new PIN of her choosing twice, then enter the PIN received via SMS. This was supposed to activate the new card. Except, after finishing the procedure, the only thing on the ATM's menu was "Register new card" and "Abort", so something must have gone wrong. I mean, no menu for withdrawing money or anything like that.
1
The person at the bank giving her the card and in general processing the case was either autistic or at least had Asperger's syndrome. She wasn't mentally deficient but was totally incapable of speaki...
Me: "Sorry, can't do that. No apps on her phone (or mine, for that matter)."
Clerk (slightly bewildered): "OK, I'll send her an SMS. She just needs to click the link in it and..."
Me: "Sorry, can't click links on our phones."
Clerk: "Can she get SMS messages at all?!"
Me: "Yes, but no link clicking. No Internet access from her phone at all."
Clerk: "You mean... It's a phone with... knobs?!"
Me: "Yep. We even have one with a dial at home. We just don't use it any more."
Clerk: "What's a 'dial'?"
Me: "Nevermind."
Clerk (slightly bewildered): "OK, I'll send her an SMS. She just needs to click the link in it and..."
Me: "Sorry, can't click links on our phones."
Clerk: "Can she get SMS messages at all?!"
Me: "Yes, but no link clicking. No Internet access from her phone at all."
Clerk: "You mean... It's a phone with... knobs?!"
Me: "Yep. We even have one with a dial at home. We just don't use it any more."
Clerk: "What's a 'dial'?"
Me: "Nevermind."
1