The main treasury of @Commons Hub Brussels has been drained yesterday. We lost €110k (

TxInfo.xyz

TxInfo - Add metadata to any blockchain transaction

Add metadata to any blockchain address or transaction using Nostr

Already reached out to Monerium, gnosis team, etc. but there is nothing we can do to recover the funds 😢 What happened: One of our signatories had for historic reasons two keys to make any payment from the multisig of our Monerium account. He has been a victim of a supply chain attack (PolinRider) earlier this month. We first thought that only environment variables were at risk, not his private keys. But apparently the attacker installed a keylogger and retrieved the encryption key of his metamask. Mistake 1: those two keys belong to the same person and should have been on two different devices. They somehow ended up in the same metamask on his main computer (we were unaware) Mistake 2: that person actually left the organization months ago and we should have removed his keys from the SAFE. That’s my negligence. It’s not enough to set up a multisig, it needs constant tending. Very expensive lesson. How was your Monday?

s/wdic

s/wdi

Gm Brussels

How to Train Your Agent. Soon in a theater near you.

There’s got to be a better way to rotate api keys and other env variables 🔑 What do you guys use?

Latest npm virus (aka supply chain attack):

GitHub

GitHub - OpenSourceMalware/PolinRider: A detailed technical dossier on the DPRK threat actor "PolinRider"

A detailed technical dossier on the DPRK threat actor "PolinRider" - OpenSourceMalware/PolinRider

Everything that can be hacked will be hacked. Crazy times.

Hello Amsterdam

CLI First is the new Mobile First. It forces you to get to the essence of your application. No distraction. Focused work. Efficient. Minimal battery impact. Just get the job done and get out of the way.

Taste the difference. Make a difference. Vote with your money.

A belfry is a symbol of the sovereign collective: “Where a cathedral spire represented the Church and a castle keep represented the lord, the belfry represented the commune — the self-governing town. Building one was an act of civic emancipation, an architectural declaration of independence from feudal and ecclesiastical authority. The bells rang on the town’s own schedule, the archives proved the town’s own rights, and the silhouette on the skyline said: we govern ourselves here.”

The orchestrator is the new webmaster

What do Nostr people think of Mastodon?

@Jurjen de Vries you all good? We haven’t heard from you in a while. Hope you are well!

macOS is the best OS for humans. Linux is the best OS for agents. Instead of an easy to use but limiting GUI, text files everywhere to configure everything. A nightmare for humans, heaven for LLMs. I've been using Claude to configure my machine and it's been (mostly) great. Not perfect, but very promising. I wish someone would train a small open source model dedicated to help you configure your Linux environment. This would be perfect.

Gm Brussels (Hollekken-Linkebeek, just outside of Brussels, direct train)

Gm Brussels

Every day a daily brief based on Brussels’ various newspapers. You can also get it in your mailbox. View article →

Anthropic is the Apple of LLMs. They want to have a tight control on their ecosystem to ensure prime user experience for normies. The “it just works” experience. Claude Cowork is a great example of that. Claude is the M5 in an iPad.

The deno node runtime is actually a very good solution for the supply chain attacks we've seen recently in the npm world as it allows you to define a whitelist of domains that your code is allowed to call. But somehow it doesn't seem to be getting much traction. Looks like bun is the new node runtime that people use. Why?