Onze recensent schakelt hulptroepen in om te kunnen begrijpen waar ‘Jelies & Gnodde: Grote Gezinnen Emigreren’ over gaat. Maar ook die kunnen er geen touw aan vastknopen.
/s3/static.nrc.nl/wp-content/uploads/2026/04/28134732/280426CUL_2033356068_ZAP_Jelies-en-Gnodde.jpg)
Ineens werd het 3,5 graad warmer. Een anonieme gebruiker werd daardoor 34.000 dollar rijker, dankzij een weddenschap op platform Polymarket.
/s3/static.nrc.nl/wp-content/uploads/2026/04/28104804/290426WET_2033343109_1.jpg)
Social
Voor veel mensen is Groningen ver weg, maar als je in Groningen woont is het juist heel erg dichtbij. Zo ook voor Driekus Vierkant, bekend van het internet alsmede van GeenStijl, het blogcollectief van mensen die zo af en toe een beetje om zich heen kijken en zo nog eens wat te weten komen. Over commissaris van de Koning René Paas bijvoorbeeld, maar vooral over het plan van de provincie Groningen en het waterschap Noorderzijlvest om het gebied rond Lucaswolde (nog best wel dichtbij de rest van Nederland, red.) in te richten als waterberging annex natuurgebied. En bij dat laatste puntje wringt de schoen. Er wordt namelijk enorm veel (Europees) belastinggeld gebruikt om de boel daar lekker ecologisch verantwoord in natuur om te toveren, wat weer slecht nieuws is voor boeren vanwege de stikstoffuik. De waterberging zou een stuk goedkoper zou kunnen, maar dan moet dat geld uit de borstzak van het waterschap zelf komen, terwijl nu de broekzak van het Rijk, EU-subsidies en provinciebudgetten kan worden aangewend. Klinkt ingewikkeld, is het ook best, maar u kunt het dus allemaal even langlezen bij Driekus. De totale klapjosti's van FDF zijn ook boos (al een tijdje), maar hee. Misschien hebben ze dus wel een punt. Hele MOETLEES BLOG HIERRRR.
peaceful-jp-scenery has added a photo to the pool:
Mt.Minobu Kuonji Temple
身延山久遠寺
This is the main gate at the entrance to Kuonji Temple. I'm sure everyone who visits has driven past it.
久遠寺の入り口にある総門です。きっと訪れた皆さんは車で通過しているはずです。
Minobucho, Yamanashi pref, Japan
peaceful-jp-scenery posted a photo:
Mt.Minobu Kuonji Temple
身延山久遠寺
There were lots of small plants on display. It was quite stylish.
小さな植物がいっぱい展示されていました。なかなかお洒落ですね。
Minobucho, Yamanashi pref, Japan
peaceful-jp-scenery posted a photo:
Mt.Minobu Kuonji Temple
身延山久遠寺
This is the main gate at the entrance to Kuonji Temple. I'm sure everyone who visits has driven past it.
久遠寺の入り口にある総門です。きっと訪れた皆さんは車で通過しているはずです。
Minobucho, Yamanashi pref, Japan
Pair accused of creating literal flame war as bonkers conspiracy theories grow
Two men face charges over a series of arson attacks on 5G masts spanning two years following a Police Service of Northern Ireland (PSNI) investigation.…
Two weeks ago, Anthropic announced that its new model, Claude Mythos Preview, can autonomously find and weaponize software vulnerabilities, turning them into working exploits without expert guidance. These were vulnerabilities in key software like operating systems and internet infrastructure that thousands of software developers working on those systems failed to find. This capability will have major security implications, compromising the devices and services we use every day. As a result, Anthropic is not releasing the model to the general public, but instead to a limited number of companies.
The news rocked the internet security community. There were few details in Anthropic’s announcement, angering many observers. Some speculate that Anthropic doesn’t have the GPUs to run the thing, and that cybersecurity was the excuse to limit its release. Others argue Anthropic is holding to its AI safety mission. There’s hype and counterhype, reality and marketing. It’s a lot to sort out, even if you’re an expert.
We see Mythos as a real but incremental step, one in a long line of incremental steps. But even incremental steps can be important when we look at the big picture.
How AI Is Changing Cybersecurity
We’ve written about shifting baseline syndrome, a phenomenon that leads people—the public and experts alike—to discount massive long-term changes that are hidden in incremental steps. It has happened with online privacy, and it’s happening with AI. Even if the vulnerabilities found by Mythos could have been found using AI models from last month or last year, they couldn’t have been found by AI models from five years ago.
The Mythos announcement reminds us that AI has come a long way in just a few years: The baseline really has shifted. Finding vulnerabilities in source code is the type of task that today’s large language models excel at. Regardless of whether it happened last year or will happen next year, it’s been clear for a while this kind of capability was coming soon. The question is how we adapt to it.
We don’t believe that an AI that can hack autonomously will create permanent asymmetry between offense and defense; it’s likely to be more nuanced than that. Some vulnerabilities can be found, verified, and patched automatically. Some vulnerabilities will be hard to find but easy to verify and patch—consider generic cloud-hosted web applications built on standard software stacks, where updates can be deployed quickly. Still others will be easy to find (even without powerful AI) and relatively easy to verify, but harder or impossible to patch, such as IoT appliances and industrial equipment that are rarely updated or can’t be easily modified.
Then there are systems whose vulnerabilities will be easy to find in code but difficult to verify in practice. For example, complex distributed systems and cloud platforms can be composed of thousands of interacting services running in parallel, making it difficult to distinguish real vulnerabilities from false positives and to reliably reproduce them.
So we must separate the patchable from the unpatchable, and the easy to verify from the hard to verify. This taxonomy also provides us guidance for how to protect such systems in an era of powerful AI vulnerability-finding tools.
Unpatchable or hard to verify systems should be protected by wrapping them in more restrictive, tightly controlled layers. You want your fridge or thermostat or industrial control system behind a restrictive and constantly updated firewall, not freely talking to the internet.
Distributed systems that are fundamentally interconnected should be traceable and should follow the principle of least privilege, where each component has only the access it needs. These are bog-standard security ideas that we might have been tempted to throw out in the era of AI, but they’re still as relevant as ever.
Rethinking Software Security Practices
This also raises the salience of best practices in software engineering. Automated, thorough, and continuous testing was always important. Now we can take this practice a step further and use defensive AI agents to test exploits against a real stack, over and over, until the false positives have been weeded out and the real vulnerabilities and fixes are confirmed. This kind of VulnOps is likely to become a standard part of the development process.
Documentation becomes more valuable, as it can guide an AI agent on a bug-finding mission just as it does developers. And following standard practices and using standard tools and libraries allows AI and engineers alike to recognize patterns more effectively, even in a world of individual and ephemeral instant software—code that can be generated and deployed on demand.
Will this favor offense or defense? The defense eventually, probably, especially in systems that are easy to patch and verify. Fortunately, that includes our phones, web browsers, and major internet services. But today’s cars, electrical transformers, fridges, and lampposts are connected to the internet. Legacy banking and airline systems are networked.
Not all of those are going to get patched as fast as needed, and we may see a few years of constant hacks until we arrive at a new normal: where verification is paramount and software is patched continuously.
This essay was written with Barath Raghavan, and originally appeared in IEEE Spectrum.