“One-time license… includes all future updates”

Where have I heard that before?

*for most people on the internet.

For the rest of us, it’s important to be able to look inside of a thing we’re using and see that it’s not going to fry our machine, or use it to mine crypto, or spy on us.

A highly sophisticated, unpatched zero-day exploit is actively targeting users of Adobe Reader. Detected by the EXPMON threat-hunting system, this malicious PDF file is designed to steal sensitive local data and perform advanced system fingerprinting.

The exploit functions flawlessly on the latest version of Adobe Reader. It requires no user interaction beyond simply opening the malicious document.

The attack begins when a victim opens a specially crafted PDF, initially submitted to malware analysis platforms under the file name “yummy_adobe_exploit_uwu.pdf”.

In a public update, developer Mounir Idrassi reported the account was shut down without warning, explanation, or an apparent appeal process.

“I have encountered some challenges but the most serious one is that Microsoft terminated the account I have used for years to sign Windows drivers and the bootloader. This termination impacts my work beyond VeraCrypt and has consequences for my daily job. Currently I’m out of options.”

This is significant because VeraCrypt is a cross-platform encryption application for Windows, macOS, and Linux. On Windows, it supports system encryption features that require signed components, including drivers and the bootloader.

According to Idrassi, the account termination prevents the project from continuing its standard Windows signing process. Independent reporting indicated that losing signing access could stop VeraCrypt from releasing updated Windows builds before a certificate-related deadline, potentially causing boot issues for some users with system encryption enabled.

In other words, if you’re a Windows user who uses VeraCrypt, you have reason to be concerned. In the newly surfaced GitHub issue, the reporter says VeraCrypt’s DcsBoot.efi appears to be signed through the Microsoft Corporation UEFI CA 2011 chain and warns that this will stop working on June 27, 2026. The issue also says that on some Windows 11 systems, this could trigger Secure Boot warnings or even cause the boot option to be ignored.

So, if VeraCrypt cannot restore its Windows signing path or ship updated signed components in time, the project could face a real Secure Boot-related deadline on affected systems.

Emphasis mine

Reminded me of this:

https://www.youtube.com/watch?v=y2xkFSvSv7o

sadoeuphemist, ciiriianan, and stu-pot | Tumblr original | Webcomic adaptation

For the same reason I wouldn’t trust a car designed with the help of AI:

I would be concerned that the internals have the equivalent of a sixth finger. In a picture, that’s fairly harmless, but I’m not giving my personal information to a six-fingered hand if I don’t have to.

Maybe if the designer has a solid track record independent of AI, and the AI’s contributions were strictly monitored and checked by humans. But then… why would you use AI?

Good to know. Avoiding this like the plague now.

And then they wrote off the fine as a business expense and saved 2 million on their taxes.

I also use Heliboard, and probably won’t go back to FUTO.

Same question, though. Is the glide-typing dataset under the same source available license?

That license applies to the FUTO keyboard itself.

Which, I admit, I donated to before finding out about the founder.

Genuine question, does that license apply to the glide-typing library/dataset?

Because if the dataset is fully open, then I can make the dataset better and just… use it with Heliboard.

Edit: This appears to be the dataset. I’m not giving any more money to FUTO, but I’ll give to the dataset so (one day) I can have open-source swiping on Heliboard.

I remember the leader being a dick of some kind.

Which sucks, but I care more about open-source than the top guy being a saint, because the benefits go the community.

(If a non-dick alternative pops up, I’ll switch in a heartbeat.)

I do about a 100 words per run.

If they really want a lot of data, they should make it a game with a leaderboard.

Queue 80’s movie where the dog throws a massive party to try to get laid with the girl next door but then they wreck the house and the last few minutes are just him trying to hide the evidence before you get home.

I pick the Resting window.

The guys who did the Louvre only had an A4-sized map.

That’s how they got caught.

Their map wasn’t big enough.

If you have any specific feedback on how to make the project better

Include the context from your comment above in the original post, so that the claim makes sense.

Its like a vegan having a problem with a billboard which says “Delicious meat” just because they don’t eat meat.

I would say it’s more like a random person seeing a billboard that says “This handbag is great for your garden project” and reacting with “wtf is this marketing?”

Because that’s not what handbags are typically for.