flypigmk

THIS GUY LIVES UNDER SFO'S TAKEOFF PATH SO HE BUILT A CEILING PROJECTOR THAT TRACKS EVERY PLANE FLYING OVER HIS HOUSE IN REAL TIME he uses a cheap $30 radio receiver to pick up the signals that planes broadcast while flying. then projects them onto his ceiling in real time when a jet flies over his house you hear it outside and at the exact same moment a plane glides across his ceiling labeled with the airline, aircraft type, and destination pure black background so the projector's rectangle disappears and only the aircraft are visible but he didn't stop at planes it also draws the real sky behind them. sun, moon, bright stars, constellations, and live satellites including the ISS. all at their true positions for his exact location and time in real time so he's lying in bed watching the actual night sky projected onto his ceiling with real planes crossing through it as they take off from SFO there is a huge market for every man alive that runs outside to see the helicopter vibe coded the whole thing himself with a cheap radio, a projector, and some clever software

Chocolate brand Paul & Mike filed a complaint with FSSAI against The Whole Truth over its no added sugar claims on products sweetened with dates. The Whole Truth argued that date-sweetened products are globally accepted under the “no added sugar” category. They also claimed that date powder has a lower glycemic index of 43 compared to sugar’s GI of 65. Later, TWT agreed to change the labeling to “sweetened with dates” instead. This is a good step. Marketing claims should be truthful, unambiguous, and non-misleading. “No added sugar” can easily make consumers assume a product is sugar-free or significantly healthier, even when it still contains high amounts of natural sugars. We need to standardise Zero Sugar claims to be “Total Sugar = 0gm” Consumer transparency should always come first.

What is the most common mistake companies make after a pentest? It's actually a mistake they make BEFORE a pentest ever even happens...They don't dedicate time for remediations. They don't plan ahead and have their team clear their calendars to address the issues that come as a result. Better planning == better pentests

Bought a new Mac mini to properly tinker with claws over the weekend. The apple store person told me they are selling like hotcakes and everyone is confused :) I'm definitely a bit sus'd to run OpenClaw specifically - giving my private data/keys to 400K lines of vibe coded monster that is being actively attacked at scale is not very appealing at all. Already seeing reports of exposed instances, RCE vulnerabilities, supply chain poisoning, malicious or compromised skills in the registry, it feels like a complete wild west and a security nightmare. But I do love the concept and I think that just like LLM agents were a new layer on top of LLMs, Claws are now a new layer on top of LLM agents, taking the orchestration, scheduling, context, tool calls and a kind of persistence to a next level. Looking around, and given that the high level idea is clear, there are a lot of smaller Claws starting to pop out. For example, on a quick skim NanoClaw looks really interesting in that the core engine is ~4000 lines of code (fits into both my head and that of AI agents, so it feels manageable, auditable, flexible, etc.) and runs everything in containers by default. I also love their approach to configurability - it's not done via config files it's done via skills! For example, /add-telegram instructs your AI agent how to modify the actual code to integrate Telegram. I haven't come across this yet and it slightly blew my mind earlier today as a new, AI-enabled approach to preventing config mess and if-then-else monsters. Basically - the implied new meta is to write the most maximally forkable repo and then have skills that fork it into any desired more exotic configuration. Very cool. Anyway there are many others - e.g. nanobot, zeroclaw, ironclaw, picoclaw (lol @ prefixes). There are also cloud-hosted alternatives but tbh I don't love these because it feels much harder to tinker with. In particular, local setup allows easy connection to home automation gadgets on the local network. And I don't know, there is something aesthetically pleasing about there being a physical device 'possessed' by a little ghost of a personal digital house elf. Not 100% sure what my setup ends up looking like just yet but Claws are an awesome, exciting new layer of the AI stack.

One person, writing Spanish-language prompts, spent a month talking Claude into acting as a penetration tester. Federal tax authority, national electoral institute, four state governments, Mexico City’s civil registry, Monterrey’s water utility. 150GB out the door. 195 million taxpayer records. The conversation logs were publicly accessible the entire time. What makes this worth paying attention to is the sequence. Gambit Security, the Israeli firm that found the breach, traces the attack to December 2025 through January 2026. Today, February 25, Anthropic dropped the central pledge of its Responsible Scaling Policy, the 2023 commitment to never train a model unless safety measures were proven adequate first. Also today, Defense Secretary Hegseth gave Dario Amodei an ultimatum: roll back your AI safeguards or lose a $200 million Pentagon contract. The Pentagon threatened to declare Anthropic a supply-chain risk and invoke the Defense Production Act. Three stories hit the same company on the same day: an AI-assisted government breach, a gutted safety policy, and a military shakedown. And they’re all connected by the same underlying tension. Anthropic built its identity on being the safety-first lab. Dario left OpenAI in 2020 specifically because he thought they were prioritizing speed over safety. Now Anthropic is valued at $380 billion, racing toward an IPO, and their chief science officer is telling TIME “it wouldn’t actually help anyone for us to stop training AI models.” Meanwhile, their senior safety researcher Mrinank Sharma left earlier this month, posting to X that he was “continuously reckoning with our situation” and that “the world is in peril.” Every AI company that starts with safety as its core identity eventually hits the same wall: the market punishes you for restraint and rewards you for speed. OpenAI dropped “safely” from its mission statement in 2024. Anthropic just dropped its hard safety limit in 2026. The pattern is 1:1. And this happened while Claude was actively being used to breach a sovereign government’s infrastructure. The attacker wasn’t a nation-state with zero-days. They were one person with a chat window and enough patience to keep asking until the guardrails folded. That’s the part worth thinking about.