Flutterby™! (short)
Thursday July 16th, 2026
proofreading for agents
Dan Lyke /
comment 0
In which an essayist talks about how LLM usage is destroying their staff's morale, while
cluelessly using image generation to illustrate said lament: Stackademic: My Best Senior
Engineer Quit Last Month. Her Exit Interview Was Scheduled for Forty Minutes. The Last Five
Changed How I Run My Team.
She said: I havent built anything in eight months. Ive spent
eight months
reading things a machine wrote, trying to find the bug it was too confident to see.
Im not
an engineer here anymore. Im a verification layer for an agent. I didnt spend
ten years
getting good at this to become the thing that stands between a model and the incident
its
about to cause. Im tired in a way that has nothing to do with hours.
Via
My ear buds I dunno man I may have
Dan Lyke /
comment 0
My ear buds: "I dunno, man, I may have heard of your phone, once..."
My car: "Oh, hey, I realize you turned off the audio but I dug through your phone and found the raunchiest erotic podcast, your passengers are gonna listen to that now."
Friend from way back is reinventing as
Dan Lyke /
comment 0
Friend from way back is reinventing as a digital artist, went through the NFT phase, and is referencing Pepe the Frog because "Pepe is a very popular in the Web3 space".
Yikes, and it's amazing how the bubbles of what's acceptable surround us.
Wednesday July 15th, 2026
Exploit by design
Dan Lyke /
comment 0
JFC. Mindgard: Cursor 0day: When Full Disclosure Becomes the Only Protection
Left
This isn't even a prompt injection attack. Open a repo in Cursor that contains a "git.exe"
file, Cursor runs it.
This disclosure goes beyond a single executable named git.exe to the place of
trust in software. AI companies routinely ask users to grant unprecedented levels of
access to code, repositories, terminals, secrets, and workflows that increasingly blur the
line between suggestion and action.
The industry narrative is that these systems deserve trust because they
increase productivity, but history has taught us time and again that trust should not be
granted because something is useful. It should be earned through behavior. That behavior
is reflected in how a company responds to security reports, communicates with affected
users, and prioritizes remediation.
Via lobste.rs,
which both raises the possibility that this might be an intentional backdoor given how
long it's gone unpatched, and also has some speculation about LLM attitudes and
philosophies around command vs data channels, and the unwillingness (or inability to
conceptualize) separating the two.
Time zones, daylight savings, and health
Dan Lyke /
comment 0
Cancer Epidemiology, Biomarkers & Prevention: Longitude
Position in a Time Zone and Cancer Risk in the United States
Fangyi Gu; Shangda Xu; Susan S. Devesa; Fanni Zhang; Elizabeth B. Klerman; Barry I.
Graubard; Neil E. Caporaso
Methods: We examined associations between the position in a
time zone and age-standardized county-level incidence rates for total cancers combined and
23 specific cancers by gender using the data of the Surveillance, Epidemiology, and End
Results Program (20002012), including four million cancer diagnoses in white residents of
607 counties in 11 U.S. states. Log-linear regression was conducted, adjusting for
latitude, poverty, cigarette smoking, and state. Bonferroni-corrected P values were used
as the significance criteria.
Results: Risk increased from east to west within a time zone
for total and for many specific cancers, including chronic lymphocytic leukemia (both
genders) and cancers of the stomach, liver, prostate, and non-Hodgkin lymphoma in men and
cancers of the esophagus, colorectum, lung, breast, and corpus uteri in women.
https://doi.org/10.1158/1055-9965.EPI-16-1029
Via,
which thread also had Journal of
Health Economics: Sunset time and the economic effects of social jetlag: evidence
from US time zone borders
The right way around
Dan Lyke /
comment 0
jbz
@jbz@indieweb.social
What if we ban computers from using kids instead?
Is there a way to generate a large
Dan Lyke /
comment 2
Is there a way to generate a large corpus of bad code in a variety of languages? Right now my web site is serving zip bombs to overly aggressive bots, but I'm thinking LLM poisoning needs to evolve...
Boko Haram using AI
Dan Lyke /
comment 0
Just because I know I'm going to end up referring to it a bunch, Pivot to AI on
the whole "Boko Haram is using AI" thing, in which it is pointed out that following the
advice of ChatGPT killed over two thirds of one squad...
When you can't find the information on
Dan Lyke /
comment 0
When you can't find the information on Startpage, use Google, and it makes up bullshit.
I mean, at least I knew to verify, which confirmed why I couldn't find it on Startpage...
I know some people make sure to
Dan Lyke /
comment 0
I know some people make sure to celebrate non-binary day, but I could go either way.
The logical conclusion...
Dan Lyke /
comment 0
Ariadne Conill 🐰
@ariadne@treehouse.systems
apropos to nothing, i've discovered that gpt-5.6-sol can generate arbitrary
raw x86-64 bytecode streams
...:
given that: why have source code at all?
prompt2exe
prompt2exe asks an OpenAI model for a validated JSON shellcode
manifest and wraps the returned bytes in a target-native executable container. It uses the
Responses API directly through Python's standard library, so it has no package
dependencies.
Because what could possibly go wrong?
Flutterby&tm;! is a trademark claimed by Dan Lyke for the web publications at www.flutterby.com and www.flutterby.net.
Last modified: Thu Mar 15 12:48:17 PST 2001