I would suggest the US is slightly better. At least we don’t have an unenforceable law that offers the illusion of privacy protections.
how is having NO law better? I'd say 12 out of 20, is better than zero.
Readit Newsejpir commented on I made 20 GDPR deletion requests. 12 were ignored nikolak.com/gdpr-failure/... · Posted by u/nikola-k
ejpir commented on Running Claude Code dangerously (safely) blog.emilburzo.com/2026/0... · Posted by u/emilburzo
How does docker sandbox solve the docker-in-docker issue? Can Claude running in docker sandbox spin up other docker containers, without having privileged access?
micro-vms, not DinD
I'd say _yes_. This is my `npx ccusage` (reads the .claude folder) since nov 20th:
│ Total │ │ 3,884,609 │ 3,723,258 │ 215,832,272 │ 3,956,313,197 │ 4,179,753,336 │ $3150.99 │
It calculates tokens & public API pricing. But also Anthropic models are generally more expensive than others, so I guess its sort of 'self made' value? Some of it?
cool tool, thanks! Was wondering if I was using the 5x well :) 2026-01-03
│ Total │ │ 2,102,742 │ 622,848 │ 78,507,465 │ 1,670,798,000 │ 1,752,031,055 │ $1283.69 │
ejpir commented on Cloudflare CEO on the Italy fines twitter.com/eastdakota/st... · Posted by u/sidcool
Vance is hardly operating in the shadows. He is a very public figure.
we only see 20% of what happens in the shadow, but yah, I guess its better than 100%
ejpir commented on RCE Vulnerability in React and Next.js github.com/vercel/next.js... · Posted by u/rayhaanj
I ran your exploit-rce-v4.js with and without the patched react-server-dom-webpack, and both of them executed the RCE.
So I don't think this mechanism is exactly correct, can you demo it with an actual nextjs project, instead of your mock server?
I'v updated the code, try it now with server-realistic.js:
1. npm start 2. npm run exploit
ejpir commented on RCE Vulnerability in React and Next.js github.com/vercel/next.js... · Posted by u/rayhaanj
I ran your exploit-rce-v4.js with and without the patched react-server-dom-webpack, and both of them executed the RCE.
So I don't think this mechanism is exactly correct, can you demo it with an actual nextjs project, instead of your mock server?
I'm trying that, nextjs is a little different because it uses a Proxy object before it passes through, which blocks the rce.
I'm debugging it currently, maybe I'm not on the right path after all.
ejpir commented on RCE Vulnerability in React and Next.js github.com/vercel/next.js... · Posted by u/rayhaanj
I'm fumbled around a bit and got it working, but not entirely sure if this is how it really works: have a look at https://github.com/ejpir/CVE-2025-55182-poc
ejpir commented on Apple introduces a universal design across platforms apple.com/newsroom/2025/0... · Posted by u/meetpateltech
Why, why, why, do all the Apple announcements have the exact same ASIMO stiff hand gestures? Hostage videos have more fluidity.
thought the same, how on earth did they think this looks like a smooth presentation. Almost like he doesn't believe what he's saying
ejpir commented on Jjui – A Nice TUI for Jujutsu github.com/idursun/jjui... · Posted by u/Curiositry
jj as effectively used is a git UI. There's an experimental self-hosted backend that nobody uses (and is disabled in release builds), and there's a piper backend in Google, which is enough that people call it a VCS of its own rather than a git UI, but there's nothing stopping some other tool building the same primitives on top of git directly without jj as an intermediate layer. As I understand it, to some extent, that is GitButler.
got a link to it?:)
ejpir commented on Tachy0n: The Last 0day Jailbreak blog.siguza.net/tachy0n/... · Posted by u/todsacerdoti
If this is the case Apple employed an amazing strategy. By locking all ways to possibly root their devices they patch vulnerabilities discovered for free by jailbreak devs.
but they haven't, the article says the "private" community still has exploits and apple patches them. The public, like the dev, for some reason, don't anymore.