fidzu : computers

I was a long-time Bitwarden user, until a year or so ago when I started migrating my passwords first to Firefox/LibreWolf, and recently from there to a KeePass database I can transfer and use with whatever password manager application is compatible with KeePass' file format. It seems I was accidentally on time, as it's come out over the last few days that Bitwarden is probably going down the drain soon. In February, the company got a new CEO, and in March, it doubled its Premium price, announcing the hike deep in a feature announcement. The new CEO seems to be a bellwether for what's to come for Bitwarden. He's a merger and acquisitions guy, with a history of gutting companies and selling them for parts, and changes to Bitwarden's website also indicate where it's headed. The phrase "Always free" disappeared from the personal password manager page in mid-April. It used to sit prominently under the plan selector. The free plan still exists - for now - but the commitment language is gone. And then there's the values rewrite. Bitwarden used to define its culture with the acronym GRIT: Gratitude, Responsibility, Inclusion, and Transparency. After May 4th, that changed. GRIT now stands for Gratitude, Responsibility, Innovation, and Trust. Inclusion and Transparency are out. Innovation and Trust are in. ↫ Patrick Boyd The "Always free" motto quietly reappeared on the site after its removal was uncovered and went viral on Fedi. The change in CEO, the changes in values, and the removal (and reappearance) of Bitwarden's well-known and oft-repeated commitment to its free plan have all been quiet. No announcements, no blog posts, no posts on social media - but they did change a four-year old blog post by Bitwarden's former CEO to change that GRIT acronym. You don't need to be an honors student to figure out where this is going, and what the new CEO's plans are for Bitwarden. Do as I did, and get your passwords out of BitWarden. I strongly suggest using an open format that can be used by any compatible password manager, with KeePass' formats being the obvious choice. This way your passwords are truly yours, and not dependent on someone's continued commitment to free plans or proprietary services that can unexpectedly change hands. Bitwarden is licensed under the Apache 2.0 license, but with all of the above, one has to wonder how long that's going to remain a thing.

20 May 2026 11:21pm GMT

Intuit is reportedly cutting about 3,000 jobs, or 17% of its workforce, as it restructures around AI and simplifies its corporate organization. TechCrunch reports: The layoffs come during a bad year for the tech workforce. The tech industry has already cut more than 100,000 jobs this year, per Statista, and is on track to outpace both 2024 and 2025 if the layoff trend continues. Companies such as Amazon, Block, Cisco, Cloudflare, Meta, Microsoft, and Oracle have let go of thousands of employees each, all of them citing a need to refocus expenditures around AI projects as a reason to cut jobs and restructure their organizations. [...] Intuit, however, hasn't been perceived as a beneficiary of the AI boom, with its shares consistently underperforming in the broader S&P 500 over the past 12 months. The company has been caught up in the broader current of worries that traditional software-as-a-service firms will not be able to keep up or compete, as new and upcoming AI products and services threaten to change how software is developed and how it is used. In its fiscal second quarter ended January, Intuit reported revenue of $4.65 billion, a 17% increase, and net profit of $693 million, a 48% improvement compared to a year earlier. The company expects revenue to increase by about 10% in the third quarter, for which it will report results later today.

Read more of this story at Slashdot.

20 May 2026 11:00pm GMT

An anonymous reader quotes a report from Ars Technica: Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other Chromium-based browsers. The proof-of-concept code exploits the Browser Fetch programming interface, a standard that allows long videos and other large files to be downloaded in the background. An attacker can use the exploit to create a connection for monitoring some aspects of a user's browser usage and as a proxy for viewing sites and launching denial-of-service attacks. Depending on the browser, the connections either reopen or remain open even after it or the device running it has rebooted. The unfixed vulnerability can be exploited by any website a user visits. In effect, a compromise amounts to a limited backdoor that makes a device part of a limited botnet. The capabilities are limited to the same things a browser can do, such as visit malicious sites, provide anonymous proxy browsing by others, enable proxied DDoS attacks, and monitor user activity. Nonetheless, the exploit could allow an attacker to wrangle thousands, possibly millions, of devices into a network. Once a separate vulnerability becomes available, the attacker could use it to then compromise all those devices. "The dangerous part here is that you can just have a lot of different browsers together that you can in the future run something on that you figure out," said Lyra Rebane, the independent researcher who discovered the vulnerability and privately reported it to Google in late 2022 in an interview. He said using the exploit code Google prematurely published would be "pretty easy," although scaling it to wrangle large numbers of devices into a single network would require more work. In the thread of Rebane's disclosure to Google, two developers said in separate responses that it was a "serious vulnerability." Its severity was rated S1, the second-highest classification. Since its reporting 29 months ago, the vulnerability remained unknown except to Chromium developers. Then on Wednesday morning, it was published to the Chromium bug tracker. Rebane initially assumed the vulnerability was finally fixed. Shortly thereafter, he learned that, in fact, it remained unpatched. While Google removed the post, it remains available on archival sites, along with the exploit code. Google representatives didn't immediately respond to an email asking how and why it published the vulnerability and if or when a fix would become available. The exploit works by abusing Chromium's Browser Fetch API to open a service worker that remains persistently active. A malicious website can trigger it through JavaScript, creating a connection that can be used "for monitoring some aspects of a user's browser usage and as a proxy for viewing sites and launching denial-of-service attacks," reports Ars. Depending on the browser, those connections "either reopen or remain open even after it or the device running it has rebooted," effectively turning the device into part of a "limited botnet."

Read more of this story at Slashdot.

20 May 2026 10:00pm GMT

Officials denied refusing entry, but dodged questions on why Americans didn't return.

20 May 2026 9:58pm GMT

"As a bonus, it captured Mars images from a rare perspective."

20 May 2026 9:26pm GMT

Red Hat has released RHEL 10.2 and 9.8 with new AI-assisted command-line tools. The releases also add updated developer toolchains such as Go 1.26, LLVM 21, Rust 1.92, Python 3.14, and PHP 8.4. Phoronix reports: Red Hat Enterprise Linux has introduced the goose command for power users. Goose is an optional CLI AI assistance with model context protocol (MCP) integration. There is also improved visual output via color output enhancements. As for their rationale with the new AI integration: "The business value: Faster problem resolution, and a quicker path for new administrators to become proficient. This translates into higher developer productivity and accelerated project timelines."

Read more of this story at Slashdot.

20 May 2026 9:00pm GMT

"You are he who will restore peace to Eternia."

20 May 2026 8:29pm GMT

Printing on Linux, macOS, and even on Windows seems to be pretty much a solved problem, but what about printing on OpenBSD? Anyway, to do so I would need to set up my HP OfficeJet printer, connected wirelessly to the network, on OpenBSD. I chose to do this using HPLIP and CUPS as they are both in ports, I am familiar with how they work, and my printer is old enough that its PPD (driver) file is included in the slightly older version of HPLIP that is ported to OpenBSD. However, after installing both packages, starting the relevant services via rcctl including Avahi, and launching CUPS and finding the printer, I could not get it to install properly. Either it would error out at the end saying the printer couldn't be added and advise me to check the CUPS error log, or it would seemingly successfully add the printer but I couldn't print anything and couldn't adjust the printer settings. ↫ Morgan at his blog Only very tangentially related, but my personal crowning achievement in computing is somehow making it possible for my PA-RISC c8000 workstation running HP-UX 11i v1 to print to my modern all-in-one HP printer thing, some random HP consumer junker we bought on a whim because it was a returned item and cheap. It took some messing around, but ever since I've been able to just print stuff right from any application on HP-UX over the network, wirelessly. Note that the c8000 and HP-UX 11i v1 are almost two decades out of date compared to the printer, but by trying out promising device files included in HP-UX I managed to get it all to work. I never need it, but I am fairly sure I'm one of the very few people in the world who can reliably print from an HP-UX 11i v1 workstation to a modern throwaway HP junker over Wi-Fi. Put that on my tombstone.

20 May 2026 7:57pm GMT

⁂ A little progress bar to keep track of our fundraiser! ⁂ ➡️ Donate through Ko-Fi ➡️ Donate through SEPA transfer ➡️ Why a fundraiser? Note that I have to update it manually, and that it includes both Ko-Fi donations, as well as direct bank transfers. Yes, if your country is part of SEPA (EU, more or less), you can now do a safe direct bank transfer using IBAN to a dedicated bank account. This avoids any third parties. Use your bank's application or website (Name: Thom Holwerda - IBAN: SE08 8000 0820 1684 4657 8414 - BIC: SWEDSESS).

20 May 2026 7:45pm GMT

Just trying to answer one simple question: What if the terminal was 3D?

11 May 2026 12:00am GMT

Break the pattern today or the loop will repeat tomorrow.

18 Apr 2026 12:00am GMT

My thoughts on AI-assisted programming.

11 Apr 2026 12:00am GMT