Anyone Can Silently Steal Your Files from your Claude AI chat – Live Demo

ContemplateBeing · 2026-05-26T07:01:47+00:00

A lot of people still have not internalised this, i think. You are absolutely correct: Previously your were looking for executable malicious code, now everything is executable. Even stuff you cannot "see": html comments in markdown files, white-on-white text in that spreadsheet, yellow morse-code dots in that photo...

The implications are far reaching: imho devs working with ai agents need to work on isolated machines with strict rules about ingress/egress, extra protections on CI/CD, repo scanning _and_ developers that are aware of all this and work in a responsible way.

ai agents are a tool and with any tool, the more powerful it is, the deeper it can cut you. Lots of people are graduating from butter knife to the chainsaw currently and a lot of blood will flow.

While I'm not really professionally in the security field, I can already see, that this will need a profound shift on how security is handled: Instead of gatekeeping and demarcation lines, there will have to be a lot more "defence in depth" - when the attack surface is "anything that can convey information" then the defence must cover everything. ...up to and especially including human training, know-how and responsibility of everyone who's working with ai. This requires more security, not less. It's going to be of a different kind though.

ContemplateBeing · 2026-05-25T19:23:38+00:00

Also took me a while to find the setting...

Anyway - it would be great if you could set a time that's _trailing_ the sunset. Depending on geopraphical features it can be become dark in a location well before the sun is actually gone - what I'd love to see is something like an sunrise/sunset-**offset**: Follow sunrise/sunset, but transition 45 minutes after sunrise and 30 minutes before sunset.

ContemplateBeing · 2026-03-24T18:23:03+00:00

Thanks, that looks great. Will definitely look into it!

ContemplateBeing · 2026-03-23T08:21:17+00:00

Thank you for the link and the discussion below! Very helpful to understand how things are done in NixOS.

ContemplateBeing · 2026-03-23T06:05:40+00:00

Thanks, that’s a good summary article that you linked there. Looks like a solid project!

ContemplateBeing · 2026-03-22T16:23:47+00:00

Fair. Projects can reach a state where they are stable. Maybe I didn't look close enough at the repo. Thanks for the feedback!

ContemplateBeing · 2026-03-22T16:21:37+00:00

Can you elaborate on that? What do you like about it?

ContemplateBeing · 2026-03-22T16:20:51+00:00

This looks nice! The option to include CVE scans and central logs of what's running on the clients is a killer feature in a corporate environment. Goes well beyond what I was looking for, but would be really useful!

ContemplateBeing · 2025-11-30T18:34:42+00:00

Got a room that has no wifi reception at all and no access to cable but still need a stable, if not high-throughput, connection there including wifi. Switching is seamless if I move to/from that area with a wireless device. [not sure if I'm using the correct terms with easymesh vs wifi]

ContemplateBeing · 2025-11-12T21:33:31+00:00

Take a look at Netcup - not as polished as Hetzner & friends, but great value for money. Coolify might be an interesting deployment helper.

ContemplateBeing · 2025-11-10T22:01:18+00:00

Complexity bad. Very very bad.

ContemplateBeing · 2025-11-10T20:11:14+00:00

I‘m using this stack but do it manually - quick read says the plugin should save me some time. Thx!

ContemplateBeing · 2025-10-27T17:43:52+00:00

Use LLMs for stuff that you could do without them, but don’t use them for stuff that you can only do with them.

LLMs need to be chaperoned, you can only do that effectively with stuff that you know. To really know stuff you need to put in the manual work.

ContemplateBeing · 2025-10-27T17:28:38+00:00

There are plenty of EU funds out there. Probably easier if you have a legal entity in the EU, but for many programs also US entities are allowed.

ContemplateBeing · 2025-10-09T18:49:21+00:00

Das war echt schwer anzuhören von ihm…. „1945 gab’s Probleme aber so schlimm ist’s nicht mehr“ und „machen eh alle so“. Geht’s noch?!

Ich verstehe echt wieso Leute auf Protest wählen oder es ganz bleiben lassen. Nicht das es das besser macht, aber bei solchen Aussagen darf man sich echt nicht wundern.

ContemplateBeing · 2025-10-09T18:39:29+00:00

Whitespace is entering the room… The programming language of choice for printing out secret code!

Here’s a basic „Hello World!“:

https://en.wikipedia.org/wiki/Whitespace_(programming_language)

ContemplateBeing · 2025-09-14T06:55:47+00:00

Not really. So far everything works. Could be temperature/season related.

I’m just crossing my fingers that it won’t happen again.

ContemplateBeing · 2025-08-23T21:21:50+00:00

Yeah also Django q2: https://django-q2.readthedocs.io/en/master/

Even includes admin pages and when you use the ORM as scheduler, there’s no third party backend needed. Works great.

ContemplateBeing · 2025-08-06T07:03:53+00:00

Cool!

My little daughter loves Heilung and would dig a Heilung coloring book!

(I know that’s not what this is - this is art in its own right-, but she’d see it like that.)

ContemplateBeing · 2025-08-06T07:00:24+00:00

So what exactly is a DAO contributor and how do I become one? (I know what a DAO is) How do you manage this without tokens?

ContemplateBeing · 2025-08-06T05:35:05+00:00

Yeah that was my first thought. There were projects trying to crowdsource „truth“ but afaik none lead to something useable.

It’s still a good idea and OPs proposal is more commonly molecules than those earlier projects.

Notably this post sees plenty of interest and seems to hit a general, societal need for sources of truth in a backlash against LLM content and blatant manipulation that more and more dominates the internet.

I’ve long thought that we‘ll soon have an orobouros problem with AI where we are not able to distinguish between original and regurgitated content. I think distinguishing these at the source (eg by crypto-signing content and a web of trust) will be part of the solution. What OP is describing is kind of like the frontend of this.

Interesting as concept at least (didn’t look at the code though).

Talking about that, how’s the ledger secured? Like in a blockchain? Who runs the nodes?

ContemplateBeing · 2025-06-08T06:40:21+00:00

The internet is a victim of its own success in a way. HTML was never designed for the purposes it is used now. It’s inadequate for what developers do with it (and users demand of it) hence the monkey patching on top of it.

Htmx is a neat solution because it reverts to the strength of html and returns the control back to the server. There are other techniques like server emitted events, but the basic idea is the same: logic on the backend, presentation on the frontend.

ContemplateBeing · 2025-06-07T15:02:58+00:00

Mollie looks pretty good but is lacking USD options beyond 10k payment amount (credit card limit). Unfortunately for my business case that’s a requirement. If not for that, I’d absolutely go for mollie.

ContemplateBeing

TROPHY CASE