Internet Archive establishes a Swiss preservation foundation, France proposes inserting ghost participants into encrypted chats, and a FreeBSD operator precedence bug in execve() grants root to any local user

arXiv

LLMs Silently Corrupt About a Quarter of Document Content During Delegated Editing Tasks

Researchers introduced DELEGATE-52, a benchmark of 52 professional document editing scenarios spanning legal, medical, technical, and business domains, designed to test whether LLMs can reliably complete delegated long-horizon editing tasks. The headline finding is uncomfortable: frontier models corrupt approximately one-quarter of document content when handling multi-step editing workflows — and these errors accumulate silently. The model does not flag when it has modified text it was supposed to preserve. The corruption rate worsens with document length and interaction complexity, suggesting the degradation is structural: the longer the context and the more steps involved, the worse the model maintains fidelity to the original content. This creates a specific danger for the deployment pattern organizations are currently pursuing — delegating document review, revision, and formatting to LLMs operating with broad editing permissions on sensitive materials. A model that fails loudly is manageable; a model that silently introduces plausible-looking errors in legal briefs, medical records, or technical specifications is a different category of risk. The benchmark's 52-domain scope was intentional: it tests whether degradation is domain-specific or general, and the results suggest the corruption pattern appears across professional contexts rather than being concentrated in any one area. DELEGATE-52 provides a concrete evaluation framework for teams assessing whether their specific document workloads fall within the reliability envelope current models can support.

Twitter / Jarred Sumner

Bun's Rust Rewrite Hits 99.8% Test Compatibility — 960,000 Lines Migrated in ~6 Days

Jarred Sumner announced that Bun's full rewrite from Zig to Rust has achieved 99.8% test suite compatibility on Linux x64 glibc — the most critical deployment target for server-side JavaScript. The migration covered approximately 960,000 lines of code, completed in roughly six days of focused work, making this one of the largest-scale Zig-to-Rust migrations attempted on a production-grade runtime. The motivation is stability: Zig's manual memory management, which enabled the performance characteristics that made Bun competitive, was also the source of the memory leaks and crashes that have been its persistent reliability complaints. Rust's borrow checker provides the same low-level control with compile-time memory safety guarantees — fixing the problem at the language level rather than through runtime mitigation. This brief covered the porting methodology announcement on May 5, when the PORTING.md file went public outlining the strict approach: no async/await, custom mimalloc-based memory management, intrusive reference counting, and mandatory safety justifications for every unsafe block. The 99.8% compatibility figure represents the completion of Phase A (draft Rust files capturing the logic); Phase B resolves imports and achieves compilability crate-by-crate. Sumner indicated a blog post on performance, memory usage, and maintainability implications is forthcoming. For teams that have been watching Bun but deferring adoption due to stability concerns, this milestone removes the primary blocker if the remaining 0.2% of test failures resolve as expected.

Reclaim the Net

France Proposes Inserting 'Ghost Participants' Into Encrypted Messaging Conversations

France's parliamentary intelligence delegation put forward a proposal requiring WhatsApp, Signal, and Telegram to allow state-authorized access to message content. The mechanism deliberately avoids the language of 'backdoors': rather than requiring platforms to decrypt stored messages after the fact, it proposes inserting an invisible government agent as a third party into communications before encryption occurs. Security researchers have labeled the distinction meaningless — a ghost participant inserted before encryption is functionally identical to a backdoor from an attacker's perspective, and any such implementation creates infrastructure that malicious actors can discover and exploit. Internal opposition in the French legislature has been substantive: Senator Olivier Cadic secured an amendment explicitly prohibiting messaging services from installing backdoors, and other legislators have raised the self-harm argument — vulnerabilities created for state access cannot be restricted to authorized users and are exploitable by hostile foreign intelligence services as readily as by domestic law enforcement. The proposal fits a broader European pattern of encryption access legislation, distinct from the U.K.'s Online Safety Act implementation, and represents a test of whether the procedural reframing as 'ghost participant' rather than 'backdoor' can survive the substantive security critique in parliamentary deliberation. Signal has historically indicated it would exit markets that require such capabilities rather than comply; whether that position holds under French regulatory pressure — and what the EU's response would be — remains to be seen.

Cyber Insider

GrapheneOS Patches Android VPN Bypass That Google Declined to Fix

Android's 'Always-On VPN' feature, which promises to route all device traffic through a VPN tunnel without exception, contains a vulnerability that allows apps with basic internet permissions to bypass the protection. The attack path exploits QUIC socket teardown to send UDP packets directly over the physical network interface, bypassing the VPN routing table entirely. The practical consequence is IP address exposure: an app operating behind what a user believes is a complete VPN tunnel can observe the device's real IP address and potentially deanonymize users relying on VPN for location or identity protection. Google's security team acknowledged the report but declined to patch it, classifying the exploitation scenario as infeasible in practice — a risk assessment GrapheneOS disputed. GrapheneOS deployed its own fix within a week in version 2026050400, disabling the vulnerable QUIC optimization. The episode extends a recurring pattern: GrapheneOS consistently patches vulnerabilities that Google declines to fix, reflecting a different threat model — one calibrated for users who have specifically chosen privacy-hardened Android over stock devices. For users whose threat model requires VPN guarantees — journalists, activists, or anyone using a VPN for genuine anonymity — this vulnerability remains unpatched on all stock Android devices. The fix is available only through GrapheneOS, which supports a specific set of Pixel devices; users on stock Android or other Android distributions have no official mitigation.

FreeBSD Security

FreeBSD Patches Critical Local Privilege Escalation in the execve() System Call

FreeBSD published security advisory SA-26:13 disclosing a local privilege escalation in execve(2) — the fundamental Unix mechanism for launching new processes. The root cause is an operator precedence bug in C: a conditional expression that should evaluate one way evaluates another due to implicit parsing, producing a buffer overflow that an unprivileged local user can exploit to reach superuser. The vulnerability affects all supported FreeBSD releases — 15.0, 14.4, 14.3, and 13.5 — on amd64, arm64, and i386 platforms. No workaround is available short of patching: execve() cannot be disabled or restricted because it is essential to process execution on any Unix system. The relevant attack surface includes any deployment with local unprivileged users: multi-user systems, shared hosting environments, FreeBSD jails that do not fully isolate kernel access, and development workstations. Patching requires a kernel update via pkg(8), freebsd-update(8), or recompiling from source. The bug's presence in such a foundational code path — an operator precedence error that a routine C code review might overlook — is a recurring reminder that the C integer and pointer type system remains a persistent source of privilege escalation risk in operating system code. FreeBSD's rapid disclosure and patch cadence here is noteworthy; the advisory includes patch instructions and references for all affected release branches.

Mat Duggan

The Hypocrisy of Cyberlibertarianism

Mat Duggan's essay argues that early internet ideology's core promise — that decentralization would prevent the concentration of power — has been so thoroughly inverted that the same libertarian rhetoric now functions as justification for the opposite outcome. The ideological arc runs from 'no one can control the internet' through to platforms exercising editorial and algorithmic control over public discourse at unprecedented scale, while continuing to invoke libertarian anti-regulation arguments whenever governments propose constraints on that power. The specific hypocrisy Duggan identifies: the same voices who argued that network effects and market competition would solve content problems have built the concentrated attention platforms where those market mechanisms demonstrably do not apply — network effects produce winner-take-all dynamics, and competition does not automatically force quality improvements when switching costs are high. The piece draws a distinction between the original internet's actual structure — genuinely distributed, with no single point of control — and today's effective architecture, which routes most human communication through a small number of privately controlled chokepoints while retaining the cultural language of openness. The HN discussion (305 points) largely agreed with the diagnosis while debating whether the failure was inevitable or a contingent product of specific policy decisions in the 1990s and 2000s. The argument has renewed relevance as AI accelerates the consolidation of information infrastructure around a small number of frontier model providers.

blog.kronis.dev

Distributing Mac Software Outside the App Store Is Getting Harder

A developer maintaining a macOS utility tool published a detailed account of the friction Apple has created for software distribution outside the App Store. The specific obstacles are concrete: Gatekeeper quarantines unsigned software and presents security warnings alarming enough to deter non-technical users; the $99 annual Apple Developer Program membership is a significant cost barrier for hobbyist or infrequent distribution; Apple's identity verification process is broken enough to require multiple submission attempts before succeeding; and system status pages provide insufficient information about notarization service disruptions that block submissions without explanation. The post resonates because it describes a class of developer experience that Apple has made progressively harder over the past decade — the independent developer who builds a small utility, prices it below App Store viability, and needs to distribute it directly. Gatekeeper's friction is calibrated to make unsigned distribution painful and push developers toward App Store submission, where Apple takes a 30% cut and controls the distribution pipeline. The developer's proposal — that government-issued digital identity verification could replace Apple's proprietary identity system — highlights the underlying dynamic: the gatekeeping exists because Apple controls the identity infrastructure, not because no technical alternatives are feasible. For developers outside the U.S. or EU, the verification issues are more acute, as Apple's identity verification infrastructure is inconsistently maintained across regions.

chrismorgan.info

Website Owners Are Banning Unauthorized Query String Parameters

Chris Morgan published a personal policy declaring his website will reject all query string parameters that he has not explicitly implemented — including UTM tracking parameters, referrer tags, and analytics markers that third parties append when sharing links to his content. The policy is both a statement of URL ownership and a commentary on the growing practice of tracking infrastructure being attached to links without the destination site's participation. When a URL is shared as ?utm_source=newsletter&utm_medium=email, the parameters encode tracking data that follows visitors to a site they never requested to be tracked on, and the destination site has had no role in authorizing the surveillance. Morgan's position is that his URLs belong to him and third parties do not have consent to append tracking payloads to them. He distinguishes between query strings he explicitly whitelists for functional purposes and external tracking infrastructure added without his input. The simultaneously popular Lobsters post by Susam Pal (https://susam.net/no-query-strings.html), published the same day and making a complementary argument, suggests the position is becoming a more explicit stance in developer communities where link cleanliness has historically been treated as an aesthetic preference rather than a consent or privacy question. The practical implementation — stripping or rejecting unwhitelisted parameters at the server level — is technically simple, and the growing visibility of UTM parameter proliferation through affiliate programs, social platforms, and analytics suites may push more sites toward similar policies.

adele.pages.casa

All My Clients Wanted a Carousel — Now They All Want an AI Chatbot

A web developer's essay observes that client demand for AI chatbots on corporate websites is following exactly the pattern that carousel demand followed for a decade: clients want them not because users want them or because they improve outcomes, but because competitors have them and absence reads as falling behind. The comparison is precise. Image carousels tested poorly in usability research for years — users ignored them, skipped past them, or found them disorienting — yet client demand remained durable because carousels functioned as a signal of 'professional' website design, a social marker that had decoupled from any actual user benefit. AI chatbots appear to occupy the same position in the current market. The author documents a specific irony: clients who personally find AI chatbots annoying or useless still request them for their websites, because competitive anxiety about appearing technologically outdated creates pressure that does not respond to user experience evidence. The broader diagnosis is about how feature trends propagate through the web development market — not through demonstrated user value but through professional anxiety about being left behind. The pattern raises a genuine question: carousels eventually faded as design tastes shifted; what would cause AI chatbot adoption to reverse, if the driver is social signaling rather than demonstrated utility? The essay has resonance precisely because it does not answer this question, and because developers currently navigating client requests recognize the dynamic immediately.