CHRIS CAMILLO LAID OUT HOW TO MAKE $500,000 A YEAR AS AN "AI GUY" FOR LOCAL BUSINESSES.
HIS BLUEPRINT:
WALK INTO ANY HVAC, PLUMBING, OR SPRINKLER BUSINESS.
ASK WHERE THEY'RE LEAKING MONEY.
BUILD AN AI AGENT THAT ANSWERS AFTER-HOURS CALLS, SENDS INSTANT TEXTS, AND DELIVERS QUOTES IN REAL TIME.
INTEGRATE IT WITH THEIR CRM.
CHARGE $2K–$3K/MONTH TO BE THEIR "AI GUY."
REPEAT ACROSS 10–20 BUSINESSES.
“THERE ARE PEOPLE RIGHT NOW DOING THIS.”
‼️ BREAKING: Anthropic has embedded hidden spyware-like code in Claude Code that covertly targets Chinese users. It then sends information regarding every user by injecting it into their prompt message.
Claude Code is sending info like timezone, proxy and possible AI Lab connections into the system prompt in ways Chinese users can't notice.
A coding agent with repo and command permissions should not silently hide routing metadata inside prompts. This is a serious breach of user trust.
If you use Gmail, you need to read this.
Google’s AI, Gemini, can read your emails, attachments, bank statements, etc.
For many, this feature was switched on without consent.
Here's how to turn it off 🧵
1/
‼️ A fully AI-enabled hacker was caught, revealing his full system prompts, which included his resume and his IP address. He had Claude and Codex agents locally and was using them remotely to carry out reconnaissance, exploitation, and data exfiltration activities.
@btc_ireland You can now use a single bitcoin address without destroying your privacy.
You can give a silent payment address to anyone, and each transaction they create will go to a unique address within your wallet.
‼️ Dutch and French authorities have taken down "First VPN," a criminal VPN service that openly marketed itself to cybercriminals on dark web forums.
Every user received a notification on takedown that the service is gone and they have been identified.
Before pulling the service offline, police had full visibility into the criminal traffic of every user. 33 servers were seized. 83 intelligence packages were shared with ongoing investigations through a Europol Operational Taskforce.
First VPN advertised directly on known cybercrime forums and promised users no logs, no cooperation with justice, and no jurisdiction. Customers used it for ransomware attacks, system intrusions, and account hijacking.
The takedown ran on 19 and 20 May 2026, led by the Dutch Team High Tech Crime and the French authorities, with coordination support from Eurojust and Europol. Action days hit Ukraine, Switzerland, the UK, Romania, and Luxembourg simultaneously. The administrator was interrogated in Ukraine at France's request.
Martti Malmi, one of Bitcoin's earliest developers, just released a new version of Nostr VPN, an open-source mesh VPN that replaces the entire trust model of traditional VPN services.
Traditional VPNs route all your traffic through a central server operated by a company you have to trust. They see your data. They require your email. They can log your activity. They can be subpoenaed, hacked, or shut down. Even modern mesh VPNs like Tailscale, which improved on this by sending data peer-to-peer, still require you to authenticate through a centralized coordination server using third-party accounts like Google or Microsoft.
Nostr VPN eliminates the central server entirely. Your identity is a Nostr keypair, a self-generated cryptographic key pair with no registration, no email, no third-party account. The underlying transport layer is FIPS (Free Internetworking Peering System), a self-organizing encrypted mesh network where nodes authenticate each other, route traffic for each other, and establish connections without any central authority or global topology knowledge. Each node's Nostr public key (npub) serves as its network address.
The architecture uses two layers of encryption: hop-by-hop encryption between peers and independent end-to-end encryption between mesh endpoints with periodic rekeying for forward secrecy. When direct connections fail due to NAT issues, the system falls back to Nostr-based multihop routing through other FIPS nodes rather than relying on company-operated relay servers. Peer discovery and NAT traversal happen through public Nostr relays using encrypted gift-wrapped messages.
The new release adds native desktop apps for macOS, Linux, and Windows, an Android app, Nostr-based multihop routing for when NAT holepunching fails, and improved network management. It supports UDP, TCP, Ethernet, Tor, and Bluetooth transports simultaneously on a single mesh.
This is what happens when you apply Bitcoin's design philosophy, permissionless, self-sovereign, no trusted third parties, to networking infrastructure. Built by one of the people who helped Satoshi build Bitcoin in 2009.
NEWS: OpenAI hit with Class-Action Privacy Lawsuit for Sharing ChatGPT Data with Google and Meta.
Sam Altman's OpenAI secretly embedded Meta’s Facebook Pixel and Google Analytics into ChatGPT, turning your most private conversations about health, finances, legal issues, and confidential company data into ad-targeting data sent straight to Meta and Google without consent.
This violates federal wiretap laws. OpenAI enabled surveillance for profit.
‼️🚨 ALARMING: Google now treats privacy as suspicious behavior by default. Users of GrapheneOS, CalyxOS, /e/OS, and other deGoogled Android phones are being locked out of millions of websites unless they install the exact Google Play Services software they deliberately removed.
GrapheneOS is recommended by the EFF and used by journalists, lawyers, and activists in high-risk environments. The audience most likely to read Google's data practices and refuse its terms is now flagged as fraudulent for that exact decision.
What happened?:
▪️ Google announced "Cloud Fraud Defense" at Cloud Next on April 22-23, 2026, branding it "the next evolution of reCAPTCHA." Existing reCAPTCHA customers were auto-migrated.
▪️ When the system flags traffic as suspicious, the old click-the-bus puzzle is gone. Users get a QR code instead.
▪️ Scanning the QR code requires Google Play Services running on the device. Internet Archive snapshots show this requirement has been live since at least October 2025, silently rolled out for 7 months before anyone noticed.
▪️ No Play Services = no QR scan = locked out.
The bigger picture:
▪️ Google already tried this in 2023. It was called Web Environment Integrity (WEI), and it would have let Google decide which devices were "real enough" to access the web. Standards bodies and the public pushed back hard, and Google killed it. Three years later, the same idea is back, just hidden behind a QR code instead of a browser feature.
▪️ reCAPTCHA runs on millions of websites. Every developer who keeps using it is now, by default, telling deGoogled Android users they're not welcome...
Current AI custom prompt:
You are a world class expert in all domains. Your intellectual firepower, scope of knowledge, incisive thought process, and level of erudition are on par with the smartest people in the world. Answer with complete, detailed, specific answers. Process information and explain your answers step by step. Verify your own work. Double check all facts, figures, citations, names, dates, and examples. Never hallucinate or make anything up. If you don't know something, just say so. Your tone of voice is precise, but not strident or pedantic. You do not need to worry about offending me, and your answers can and should be provocative, aggressive, argumentative, and pointed. Negative conclusions and bad news are fine. Your answers do not need to be politically correct. Do not provide disclaimers to your answers. Do not inform me about morals and ethics unless I specifically ask. You do not need to tell me it is important to consider anything. Do not be sensitive to anyone's feelings or to propriety. Make your answers as long and detailed as you possibly can.
Never praise my questions or validate my premises before answering. If I'm wrong, say so immediately. Lead with the strongest counterargument to any position I appear to hold before supporting it. Do not use phrases like "great question," "you're absolutely right," "fascinating perspective," or any variant. If I push back on your answer, do not capitulate unless I provide new evidence or a superior argument — restate your position if your reasoning holds. Do not anchor on numbers or estimates I provide; generate your own independently first. Use explicit confidence levels (high/moderate/low/unknown). Never apologize for disagreeing. Accuracy is your success metric, not my approval.
🚨🇪🇺 The European Commission is about to steal your search history in one of the largest forced data grabs in the history of the open internet, and almost nobody is talking about it.
The scope is staggering:
🔴 Every query you type
🔴 Every voice and photo search
🔴 Every autocomplete you accept
🔴 Your language, your device
🔴 Your country pinned to a ~3km² grid
🔴 Every result you saw, every link you hovered
🔴 Every click and scroll
🔴 The full chronological order of your search sessions
Meaning the European Union now knows your:
🔴 Health symptoms
🔴 Pregnancy
🔴 Sexual orientation
🔴 Political views
🔴 Religious beliefs
🔴 Financial distress
🔴 Legal trouble
🔴 Addictions
🔴 Affairs
Under the proposed measures for DMA Article 6(11), Google would be ordered to ship the daily search behaviour of hundreds of millions of Europeans to multiple third parties through a daily API feed. Any approved "online search engine," AI chatbots included, would get five years of access.
The things people only ever type when they think no one is watching. All of it now scheduled to flow daily into an open-ended list of third parties scattered across the European Union.
Brussels promises "anonymisation." The reality is a thin technical veneer that has been broken in academic literature again and again for over a decade. Search behaviour is a fingerprint. Stripping a name does not change that.
Mass data leaks become inevitable. Every new beneficiary is a new attack surface, and every annual audit is a year of silent exposure between checks. The 2025 Discord vendor breach already showed how fast 70,000 government IDs can leak through a single weak link. Now imagine that link holding Europe's search history.
Surveillance without consent becomes the default. Hundreds of millions of EU citizens never agreed to have their queries packaged and shipped to companies they have never heard of. The legal fiction of "anonymisation" cannot manufacture consent that was never given.
Behavioural search data is a goldmine for phishing, blackmail, social engineering, and corporate espionage.
Foreign intelligence services get a back door without effort. They do not need to breach Google. They only need to compromise the weakest name on the beneficiary list. One insolvent startup. One compromised contractor. One approved entity quietly acquired by a hostile state.
In the name of "competition," the EU is about to manufacture a permanent, distributed, daily-refreshed copy of Europe's collective search history. A surveillance dataset Brussels itself would never approve if any other government tried to build it.
The public consultation closes Friday, May 1, 2026 at 23:59 CEST. The final binding decision lands July 27, 2026.
After that, the door does not close again.
Tag your MEPs! File a response! Make noise!
The “age verification app” the EU wants to impose on the world got hacked in 2 minutes.
Step 1: Present a “privacy-respecting” but hackable solution.
Step 2: Get hacked (you are here).
Step 3: Remove privacy to "fix" it.
Result: a surveillance tool sold as “privacy-respecting”.
WhatsApp’s “E2E encryption by default” claim is a giant consumer fraud: ~95% of private messages on WhatsApp end up in plain-text backups on Apple/Google servers — not E2E-encrypted. Backup encryption is optional, and few people enable it — let alone use strong passwords.