Agentic coding faces a backlash, Citizen Lab exposes global telecom surveillance, and pgBackRest is discontinued

GitHub

DeepClaude: Claude Code's Agent Loop with Cheaper Models

DeepClaude is an open-source tool that intercepts Claude Code's API calls through a local proxy and redirects them to cheaper alternatives — DeepSeek V4 Pro, OpenRouter, or Fireworks AI — while preserving the full Claude Code experience including file operations, bash execution, and autonomous reasoning loops. The reported cost reduction is approximately 90%, from around $200/month to $20. The project highlights a broader pattern: as autonomous coding agents become the interface, the underlying model is increasingly fungible. If the agent loop and tool wiring are what deliver value, teams may soon choose models the same way they choose compute — on cost and latency rather than brand.

Citizen Lab

Bad Connection: Citizen Lab Exposes Global Telecom Exploitation by Surveillance Actors

Citizen Lab has documented two distinct covert surveillance campaigns — STA1 and STA2 — exploiting fundamental design flaws in SS7 and Diameter, the signaling protocols underpinning global mobile networks. STA1 uses spoofed identities from Israeli, UK, and Channel Islands infrastructure to track targets across networks; STA2 weaponizes hidden binary SMS commands to convert devices into passive location trackers. Both campaigns operated undetected for years by abusing commercial telecom infrastructure through leasing and third-party providers. The core problem is architectural: SS7 was designed before the internet with an implicit trust model and no authentication, and despite decades of known vulnerabilities and mandatory 4G security requirements, the industry has largely failed to implement fixes — leaving billions of mobile users exposed to surveillance that bypasses all device-level protections.

emirb.github.io

Your Container Is Not a Sandbox

A thorough post challenges the widespread assumption that containers provide security boundaries: with 450+ syscalls and ~40 million lines of C code in a shared host kernel, eight recent CVEs demonstrate practical escape paths. MicroVMs — Firecracker, Cloud Hypervisor, libkrun — provide hardware-level isolation with ~125ms boot times and single-digit runtime overhead, requiring hypervisor CVEs valued at $250K–$500K to escape. The author notes that nearly every major platform handling agentic AI workloads (E2B, Fly.io, Vercel, AWS Bedrock) independently converged on microVM sandboxing within 18 months — a quiet industry consensus that containers are packaging, not security. The mature Rust VMM crate ecosystem (vm-memory, virtio-queue, kvm-ioctls) is making this transition increasingly accessible.

Tom's Hardware

Utah Holds Websites Liable When Users Bypass Age Checks with VPNs

Utah has enacted Senate Bill 73, becoming the first U.S. state to explicitly hold websites liable for age verification circumvention when users mask their location through VPNs. Rather than targeting individual users, the law shifts compliance burden to operators, who must now implement geolocation and age verification robust enough to account for proxy and VPN traffic. The constitutional challenges are obvious — enforceability against out-of-state companies and tension with privacy rights — but the regulatory precedent is notable: if the approach survives legal scrutiny, it could fragment VPN compliance requirements across states and significantly increase the operational cost of serving U.S. users.

My DBA Notebook

pgBackRest Is Dead. Now What?

pgBackRest, the most capable open-source PostgreSQL backup and disaster recovery tool — offering full backup catalogs, point-in-time recovery, and advanced restore strategies that pg_basebackup and pg_dump cannot match — has been discontinued after its sole maintainer, David Steele, lost Crunchy Data sponsorship following the company's acquisition and could not secure alternative funding. The author recommends Barman as an actively maintained alternative, though with capability gaps, and notes that pgBackRest's clean codebase makes a community fork plausible. The episode is a stark example of the open-source sustainability crisis: widely deployed production infrastructure, maintained by one person, funded by one employer, gone when that arrangement ends. Organizations depending on pgBackRest need an immediate migration plan.

purplesyringa.moe

This WASM Interpreter Fits in a QR Code

A developer built a fully functional WebAssembly interpreter in 2,944 bytes — small enough to encode in a single QR code and roughly 40% smaller than standard compression would allow. The implementation uses x86-64 assembly with legacy instruction tricks (rep prefixes, parity flags, self-modifying code), a single-pass execution model to eliminate jump target storage, hash-based WASI syscall lookups, and arithmetic coding with context mixing rather than generic compression. The write-up is part engineering achievement, part meditation on how much complexity modern toolchains add by default: a working WASM runtime, from scratch, fits in less space than a C "Hello, world" binary.

lina.sh

I Accidentally Made Law Enforcement Shut Down Their DDoS Honeypot

A security researcher stumbled onto a Dutch police honeypot — cyberzap.fun, a convincingly realistic fake DDoS-for-hire service — by noticing that the site's mail server records consistently pointed to bit.nl, the same Dutch hosting provider used across multiple law enforcement operations. After registering with a deliberately conspicuous email address, law enforcement took the site offline within hours. The post reveals a dual-strategy playbook: covert honeypots to catch active perpetrators, and overt warning sites (netcrashers.net) to deter would-be users by making them uncertain whether services are real or traps. The takedown itself is evidence that law enforcement monitoring the registrations was active — and that consistent infrastructure choices can become a detectable fingerprint for careful OSINT practitioners.

xogium.me

The Text Mode Lie: Why Modern TUIs Are a Nightmare for Accessibility

A blind developer dismantles the assumption that terminal applications are inherently accessible. Modern TUI frameworks treat the terminal as a 2D canvas — continuously redrawing the screen and flooding screen readers with cursor position announcements rather than meaningful output — making them significantly worse than legacy tools like vim, nano, or menuconfig, which respect cursor positioning constraints that screen readers depend on. Reactive frameworks like Ink compound the problem with input lag up to 10 seconds due to single-threaded rendering. The author documents repeated bug reports closed as stale by framework maintainers, and argues that "text-mode" has become a false accessibility signal: the visual aesthetic of CLI tooling now masks the same canvas-rendering problems that made graphical UIs inaccessible a generation ago.

The Gamer

Metal Gear Solid 2 HD Source Code Leaked on 4chan

The complete source code for the 2011 HD remaster of Metal Gear Solid 2 — specifically the PS Vita and Xbox 360 ports developed by Armature Studio — was leaked on 4chan in early May 2026, with reports of up to 30GB of uncompressed assets included. Source code access typically unlocks significant modding work: the Ship of Harkinian project (Ocarina of Time) demonstrated how quickly a community can produce native ports and mods once source is available. The official route to play MGS2 remains the Master Collection. The leak raises the usual questions about preservation, intellectual property, and the practical reality that game source code, once released, tends to generate more community activity than any official remaster could.