Ransomware is a nasty bit of malware. Effectively, it locks down your device, and the only way of potentially getting access back is by paying hackers to get it removed. At least, that's what ransomware is supposed to be. Recently, a new one has been spotted that couldn't be removed even if the hackers wanted to.
Nitrogen's ESXi ransomware, as spotted by Coveware (via The Register), has a "coding mistake in the ESXi malware [that] causes it to encrypt all the files with the wrong public key, irrevocably corrupting them."
Effectively, once ransomware gets into your device (often via suspicious links or PC vulnerabilities), it then encrypts your valuable files and stores a randomly generated key that only it knows. That key can then be used to decrypt files. It's like someone who spots you removing your lock from a locker and putting theirs on instead. Thus, affected users are forced to fork out cash to bad actors on the chance they can actually get the files back.
Coveware points out that when the public key is accessed, the ransomware mistakenly overwrites the first four bytes of the key, which means "no one actually knows the private key that goes with the corrupted public key." Modern-day encryption relies on having a public key and secret private key, both required to unlock a device. Without both parts, the data cannot be accessed. There's no point guessing, either, as the whole point is it would take a computer an impossible amount of time to brute force unlock the data.
Essentially, even if you pay the ransom, the hackers are incapable of getting back into your files. Though even if Nitrogen can't get your files back, that likely won't stop them from asking for payment if they get into your device.
(Image credit: Chris Ratcliffe/Bloomberg via Getty Images)
This ransomware is reportedly a coding offshoot of the Conti 2 builder code. Conti is a type of Malware from the hacking group 'Wizard Spider' that was created in 2019. In 2022, a splintering of the group formed due to political differences over the Russian invasion of Ukraine and a leak of the builder code happened as a result.
There's no word yet on how widespread this specific offshoot of the builder code is, but its target is VMware ESXi hypervisors. Being software that runs and manages virtual machines, it could mean a virus gains access to not just a device but a mass of devices. That being said, it's a lot more niche than a more traditional virus.
Naturally, there's no way of guaranteeing a hacker will obey the contract you've made with them, even if they're capable of getting into files. And, as a result, the best way to prevent ransomware from destroying your files is to try not download any weird gunk on the internet to begin with.
Tom the Dancing Bug: Are You a Dangerous Criminal? A Handy Quiz
👉 Please join the team that makes it possible for your friendly neighborhood comic strip Tom the Dancing Bug to exist in this hostile Trumpverse! JOIN US FOR 2026 IN THE INNER HIVE, and be the first kid on your block to get each week's Tom the Dancing Bug comic – before it's published anywhere. — Read the rest
Not everyone is happy with the introduction of AI into... well, everything they use on a daily basis, and it appears Mozilla has been listening. After considerable backlash towards its announcement that Firefox would become an 'AI browser' over the next few years, it looks to have changed its tune in recent weeks.
Beyond the declaration that it's building a 'rebel alliance' to challenge Big Tech's current plans for AI-integrated toasters and the like, it's now announced a new AI controls section within the browser's settings menu.
It'll begin rolling out in Firefox 148, which is due to release on February 24, and looks to be an easy way to block "current and future generative AI features" within the browser.
Per Mozilla's Firefox blog: "AI is changing the web, and people want very different things from it.
"We’ve heard from many who want nothing to do with AI. We’ve also heard from others who want AI tools that are genuinely useful. Listening to our community, alongside our ongoing commitment to offer choice, led us to build AI controls."
(Image credit: Firefox)
The new menu allows you to turn on or off a host of AI features, including translations, alt text in PDFs, AI-enhanced tab grouping, link previews, and an AI chatbot in the sidebar.
"You can choose to use some of these and not others. If you don’t want to use AI features from Firefox at all, you can turn on the Block AI enhancements toggle," says Mozilla. "When it’s toggled on, you won’t see pop-ups or reminders to use existing or upcoming AI features".
Your AI preferences also stay in place across updates, apparently, which should hopefully prevent a random AI feature from bouncing its "We've added a doohickie!" message across your browser window because you dared to keep your software up to date. Hopefully. We can only pray.
As a Firefox user myself, I have to say this is pretty encouraging. Some of these features were already capable of being disabled within one of the browser's labyrinthine settings pages (or in the about:config panel), but grouping all the stuff I want to turn off in one easy menu seems like a genuine improvement.
If you want to try it out early, Mozilla says the controls will also be available in the Firefox Nightly beta builds, although I tried one once and it broke many things. Your mileage may vary, but at least your anti-AI browser crusade might come one step closer to fruition.
Microsoft has said it will provide the authorities with encryption keys for any Windows PC data protected by Bitlocker, where it has received a warrant to do so. The admission comes after the FBI served Microsoft with a search warrant in early 2025 (thanks, Forbes) compelling it to provide the keys for data held and encrypted on three laptops that, the Feds claim, contained evidence proving Covid-related fraud on Guam.
The data in question was protected with BitLocker, which is automatically enabled on most modern Windows PCs to encrypt the PC's hard drive. Users can choose to store the keys on a separate device, or via Microsoft's cloud service (which is the default option). In the Guam case the keys had been stored on Microsoft's servers, and were provided to the authorities.
"While key recovery offers convenience, it also carries a risk of unwanted access, so Microsoft believes customers are in the best position to decide how to manage their keys," said Microsoft spokesperson Charles Chamberlayne, adding that the company receives around 20 such requests per year. If the decryption key is not stored on Microsoft's servers, the company can't do anything.
So: don't say you haven't been warned. Though as far back as 2005, when Microsoft launched Bitlocker, there have been claims that the FBI and other security agencies asked the firm to include a backdoor.
It is "simply irresponsible for tech companies to ship products in a way that allows them to secretly turn over users' encryption keys," said Democratic Senator Ron Wyden. "Allowing ICE or other Trump goons to secretly obtain a user’s encryption keys is giving them access to the entirety of that person’s digital life, and risks the personal safety and security of users and their families."
It seems unlikely that Microsoft will change tack here, so the best bet for anyone concerned about such issues is to look elsewhere. Apple is notably different in this area, having previously fought an FBI order to help the agency access iPhones belonging to terrorists involved in the 2015 San Bernardino shooting. In that case, the FBI ultimately bypassed Apple. Both it and Meta allow keys to be stored on their servers but, crucially, allow users to encrypt the files, meaning no third parties can access them.
(Image credit: Getty Images)
"This is private data on a private computer and they made the architectural choice to hold access to that data," said Matt Green, cryptography expert from Johns Hopkins University. "If Apple can do it, if Google can do it, then Microsoft can do it. Microsoft is the only company that's not doing this. It's a little weird…
"The lesson here is that if you have access to keys, eventually law enforcement is going to come. My experience is, once the U.S. government gets used to having a capability, it's very hard to get rid of it."
The warrant in the Guam case has been successfully executed. The case itself is ongoing and the lawyer for defendant Charissa Tenorio, who pleaded not guilty, said prosecutors had information from her client’s computer that included references to BitLocker keys provided to the FBI.
As if MicroSlop wasn't enough to kick Windows to the curb. Linux continues to improve, in the meantime.
Microsoft provided the FBI with BitLocker encryption recovery keys following a warrant request, allowing federal agents to decrypt hard drives belonging to suspects in an alleged fraud investigation in Guam, reports TechCrunch.
BitLocker is Windows' full-disk encryption feature. Recovery keys allow authorized users to access encrypted drives when standard authentication methods fail. — Read the rest
As the son of a man who was a historical reenactor, pre-internet Tolkien lorehead, and casual collector of bladed weaponry, my upbringing was of a very specific flavor. While I've overheard more complaints about the accuracy of period film costumes than anyone ever should, it did have its benefits—like getting to browse the occasional catalogs that would arrive in our mailbox selling replicas of historical and fictional swords. Hours of my youth were spent fascinated by the fact that there were people out there making Oakeshott Type XVIII longswords and copies of Gandalf's Glamdring.
In other words, I was destined from a young age to be the kind of person who'd see that Bladesong, a fantasy swordsmithing simulator, is launching in early access on Steam next week, and immediately add it to PC Gamer's task tracking software with the addendum "hell yes dude this is videogames."
(Image credit: Mythwright)
Bladesong promises an elaborate and intricate toolset for handcrafting your Platonic ideal of a cool sword—whether that's a period-accurate arming sword or a glowing, rune-etched work of high fantasy maximalism with appropriately absurd proportions. There's a demo available now, and while it only offers a limited selection of the full game's swordsmithing features, it's more than enough to stir my internal childhood sword sicko.
Bladesong's simulated blacksmithing allows shaping of a blade's length, width, thickness, and cross-section. With some precise hammering, you can taper its dimensions, or curve it, or alter the spine width and concavity of one or both of its edges. It has dynamic fuller technology. It has modular hilt construction using freely malleable quellon segments and scalable grips. It's a simulation clearly, undeniably, and admirably designed by and for extreme sword weirdos.
It also has a surprisingly compelling story mode. I expected to be working as a fantasy blacksmith, but I didn't expect to be thrust into an eerie medieval postapocalypse where I'd be shaping swords for what pockets of civilization remain in a world whose gods have died. It's good, flavorful writing—and meeting the specifications of my miserable customers is satisfying, too, requiring attention to the delicate interplay of blade weight, shape, and balance that shifts with each hammer blow.
(Image credit: Mythwright)
And that's just the demo. The early access launch will bring all sorts of additional engraving options, ornamentations, materials, and blade shaping techniques. I might have thought Glamdring was the coolest possible sword as a kid, but by this time next week, Gandalf's going to be feeling deeply inadequate.
Bladesong launches in early access on Steam on January 22.
It’s easy to look at these and assume “well, high crime cities need more police,” but i think that’s putting the cart before the horse.
Police make crime worse.
Police take fiscal oxygen out of the room, away from actual social support programs. The money spent on policing could go to housing, nutritional services, healthcare, civil rights, building inspections, labor rights enforcement, street maintenance, public transportation. But it goes to paying guys to sit around idling Ford Explorers all day and hitting poor people with sticks.
Crime follows poverty in absolutely every single case. Every single “high crime city” is because of the fucking poverty.
Please join the team that makes it possible for your friendly neighborhood comic strip Tom the Dancing Bug to exist in this world! JOIN US FOR 2026 IN THE INNER HIVE, and be the first kid on your block to get each week's Tom the Dancing Bug comic – before it's published anywhere. — Read the rest
This video is a joy to watch. Cary Elwes and Mandy Patinkin discuss how that incredible sword fight, where neither was actually left-handed, came to be.
The swordfight between Inigo Montoya and the Dread Pirate Roberts in The Princess Bride remains, somehow, the best sword fight ever filmed. — Read the rest
Outside the world of open-source computing, it's getting pretty hard to escape artificial intelligence being jammed down our throats for even the most banal tasks. Google's Gmail was already awful — it watches what you type, what you buy, and who you correspond with, all in the name of monetization. — Read the rest
Where some are sick of AI usage, others are sick of debate about AI usage. And when it comes to mentioning the use of LLMs in kernel documentation, Linux creator Linus Torvalds seems to be very much in the latter camp.
As reported by The Register, Linux kernel engineer for Oracle, Lorenzo Stoakes, recently critiqued Torvalds, arguing that AI tools are not the same as any other tool and need unique documentation and flagging. Stoakes then replied to Dave Hansen, kernel hacker at Intel, saying, "We're noticing a lot more LLM slop than we used to. It is becoming more and more of an issue."
Stoakes argues LLMs have had a negative impact in many areas, "for which you need only take a cursory glance at the world to observe". Furthering this point, Stoakes says, "Thinking LLMs are 'just another tool' is to say effectively that the kernel is immune from this. Which seems to me a silly position."
This is where Torvalds comes into the conversation. He says, "No. Your position is the silly one. There is *zero* point in talking about AI slop. That's just plain stupid. Why? Because the AI slop people aren't going to document their patches as such. That's such an obvious truism that I don't understand why anybody even brings up AI slop."
Torvals argues that he wants no kernel development documentation to mention AI, as "We have enough people on both sides of the 'sky is falling' and 'it's going to revolutionize software engineering', I don't want some kernel development docs to take either stance."
(Image credit: Jim Sugar via Getty Images)
Effectively, the 'it's just a tool' statement is one that backs up this belief. Torvalds says the "AI slop issue" won't be solved through kernel documentation, and AI documentation is, instead "pointless posturing". It is worth noting that Torvalds does see value in AI tools, as expressed back in 2024.
a. For the tech press to not gleefully report that the kernel just accepts AI patches now since hey it's just another tool.
b. To be able to refer back to the document when rejecting series.
"As to point a., as I said before in other threads, I remain concerned that the second the tech press say 'the kernel accepts AI patches now' we'll see an influx. It's sad we have to think about that, but it's a fact of life."
As is the way within the AI debate, one side argues that accepting AI work as any other directly human created work could open the floodgates for AI agents, and another wishes for it to be welcomed as any other tool. Some within the threads have highlighted patches successfully laid out by AI, but the conversation around it seems much bigger than that. There might be 'zero point in talking about AI slop', and yet the thread has only grown since.
On January 1, everything published in 1930 entered the U.S. public domain. According to Standard Ebooks, the volunteer-run project prepared 20 new free ebooks to celebrate, including some major titles: Dashiell Hammett's The Maltese Falcon, William Faulkner's As I Lay Dying, Franz Kafka's The Castle, and Agatha Christie's The Murder at the Vicarage — the first full-length Miss Marple novel. — Read the rest
![[link]](https://i.redd.it/p9kvqw54twhg1.png){kind=link}
![[link]](https://i.redd.it/05bf6s8e8lhg1.png){kind=link}
![[link]](https://i.redd.it/bbye4uzx62gg1.png){kind=link}
![[link]](https://i.redd.it/jnev06z4mahg1.png){kind=link}
![[link]](https://i.redd.it/y25v98qbs9hg1.jpeg){kind=link}
![[link]](https://i.redd.it/k3gvn4aul3hg1.jpeg){kind=link}
![[link]](https://i.redd.it/enukhx1eaidg1.jpeg){kind=link}
![[link]](https://i.redd.it/kc1zkma7w0dg1.jpeg){kind=link}
![[link]](https://i.redd.it/fzwzs4k0sscg1.jpeg){kind=link}
![[link]](https://i.redd.it/trnb5wdxplcg1.jpeg){kind=link}
![[link]](https://i.redd.it/uv3cn22u5icg1.jpeg){kind=link}
