Want to wade into the snowy surf of the abyss? Have a sneer percolating in your system but not enough time/energy to make a whole post about it? Go forth and be mid.

Welcome to the Stubsack, your first port of call for learning fresh Awful you’ll near-instantly regret.

Any awful.systems sub may be subsneered in this subthread, techtakes or no.

If your sneer seems higher quality than you thought, feel free to cut’n’paste it into its own post — there’s no quota for posting and the bar really isn’t that high.

The post Xitter web has spawned so many “esoteric” right wing freaks, but there’s no appropriate sneer-space for them. I’m talking redscare-ish, reality challenged “culture critics” who write about everything but understand nothing. I’m talking about reply-guys who make the same 6 tweets about the same 3 subjects. They’re inescapable at this point, yet I don’t see them mocked (as much as they should be)

Like, there was one dude a while back who insisted that women couldn’t be surgeons because they didn’t believe in the moon or in stars? I think each and every one of these guys is uniquely fucked up and if I can’t escape them, I would love to sneer at them.

(Credit and/or blame to David Gerard for starting this.)

  • rook@awful.systemsEnglish
    0·
    17 hours ago

    This is fun: a zero-click android exploit that allows arbitrary code execution and privilege escalation. Y’know, the worst kind. How did we get here?

    Over the past few years, several AI-powered features have been added to mobile phones that allow users to better search and understand their messages. One effect of this change is increased 0-click attack surface, as efficient analysis often requires message media to be decoded before the message is opened by the user. One such feature is audio transcription. Incoming SMS and RCS audio attachments received by Google Messages are now automatically decoded with no user interaction. As a result, audio decoders are now in the 0-click attack surface of most Android phones.

    AI, making everything worse, even before it runs!

    https://projectzero.google/2026/01/pixel-0-click-part-1.html

    Every now and then, I think about going back to android, and then I read stuff like this. FWIW, iOS had a closely related bug, but compiled the offending code with bounds checks, so it wasn’t usefully exploitable (and required some user interaction, too).

    Anyway, if you do android, maybe check if automatic transcription is enabled.

    • jaschop@awful.systemsEnglish
      0·
      11 hours ago

      I suppose you can go for a Jolla, if you’re willing to bet that SailfishOS will finally work. I’ll let y’all know in a year or so.

      • rook@awful.systemsEnglish
        0·
        10 hours ago

        I’ve thought about jolla, but I’m not particularly interested right now. Their security is unlikely to be anything like as good as ios or graphene, software availability is poor, the hardware quality appears to be ok at best, and so on.

        I’m considering various alternative devices, but if it’s effectively a “vanilla smartphone only slightly worse” it doesn’t really appeal to me. If they’d built a modern n900, on the other hand…

    • BlueMonday1984@awful.systemsOPEnglish
      0·
      14 hours ago

      >zero-click android exploit

      >arbitrary code execution and privilege escalation

      Remember when the human was the weakest part of any cybersecurity system? Pepperidge Farms remembers.