Uncle Sam’s reading AI and a jury's reading Greg Brockman for filth

GitLab Transcend

GitLab Transcend is back June 10th, and it's free and virtual. You can expect an agenda that's full of keyboard moments with live demos of Duo Agent Platform, agentic AI use cases from your peers, and The Developer Show hosted live by Senior Developer Advocate, Colleen Lake.

Register now.

Good morning! Remember when people did things because they were cool, not because they needed content? Neither do we.

On this day in 2009, NASA astronaut Mike Massimino became the first human being to tweet from space. His tweet reads "From orbit: Launch was awesome!! I am feeling great, working hard, & enjoying the magnificent views, the adventure of a lifetime has begun!" He did not end the tweet with a company plug, instead we got floating above the Earth with genuine zest for life. That will never happen again. Two days later, more than 247,000 people were following his feed. X users have since used the platform to confirm the moon landing was staged, so we've really come a long way.

GOOGLE, MICROSOFT, AND xAI HAVE AGREED TO LET THE GOVERNMENT PEEK AT THEIR AI HOMEWORK

The US Department of Commerce announced that Google, Microsoft, and xAI have voluntarily agreed to submit their new AI models for government safety testing through the Center for AI Standards and Innovation. This builds on earlier agreements made under the Biden administration with OpenAI and Anthropic, and covers testing for security risks, capabilities, and whatever else these things are capable of before they get handed to the general public like a flamethrower at a petting zoo.

Microsoft, who would absolutely be the kid in third grade reminding the teacher about the homework, published a blog post noting that it already tests its own models, but acknowledged that government collaboration is important for "national security and large-scale public safety risks." Google's DeepMind declined to comment. SpaceX, which now controls xAI, did not respond to a request for comment. (Historically accurate for a company whose CEO responds to everything except legal service.)

The move marks a quiet but notable pivot for a White House that spent most of the last two years promising to rip up every regulatory guardrail on AI. Then Anthropic apparently built something called “Mythos,” so unhinged it couldn't be released to the public, and suddenly the adults-in-the-room conversation became a lot more urgent. Dario Amodei met with senior Trump staff last month. We're sure that went great.

DEAR DIARY: A JURY IS READING THIS OUT LOUD

Greg Brockman, president of OpenAI, spent the better part of last week doing what no human should have to endure — reading his own private journal aloud in federal court, while a YouTube livestream peaked at 1,200 viewers who could have been watching literally anything else. Elon Musk's legal team used the journals to argue that Brockman and Sam Altman abandoned OpenAI's nonprofit mission in favor of becoming exceptionally wealthy, which, to be fair, they did. (This claim from a man who spent $44 billion on a bird app so he could post memes at 2am, and whose entire business portfolio exists to make him the richest person in human history…)

One 2017 entry included the line "Financially, what will take me to $1B?" (Don’t ask me! I'm still debating guac at Chipotle like it's a quarterly earnings call.) Musk's attorney asked him more than a dozen times whether he'd consider giving $29 billion back. Brockman said no and was subsequently compared to a bank robber who argues the theft wasn't that bad because there's still money in the vault. Brockman testified the entries were stream-of-consciousness and shouldn't be taken literally — which is exactly what's said at the start of every South Park episode (and what you definitely should say when your diary gets subpoenaed). He also testified that when Musk gave his departing speech in 2018, he told the room his plan at Tesla was to cut corners on AI safety. Nobody wrote that one in their journal, apparently.

MEET QLNX, THE LINUX MALWARE THAT’S BEEN SUBLETTING YOUR DEV MACHINE SINCE APRIL

Researchers at Trend Micro found a Linux implant called “Quasar Linux” (QLNX, for those who prefer their existential dread in acronym form) targeting developers in npm, PyPI, GitHub, AWS, Docker, and Kubernetes environments. It compiles its own rootkit directly on your machine using gcc, runs entirely in memory, deletes itself from disk, wipes logs, spoofs process names, and uses seven separate persistence mechanisms to make sure it never leaves. It's less malware, more extremely committed houseguest who found your spare key and has been eating all the food in your fridge since April.

The credential theft layer is where it gets personal. QLNX steals SSH keys, cloud credentials, browser data, and intercepts your password at the PAM layer before your OS even sees it — meaning it knows your password before you've finished typing it. The surveillance module adds keylogging, screenshots, and clipboard monitoring on top of that. At the time this story published, only four security tools flagged it as malicious. Trend Micro published indicators of compromise. If you're a developer and you haven't checked them yet, this newsletter will wait. Go.

⚙️ TOOL TIME

The only thing "crashing" this summer should be the waves at the beach, not your core switch.

Summer’s almost here.

Your OOO is drafted.

And your network?

One “quick change” away from absolutely ruining your long weekend.

So Auvik made something to keep your summer outage-free:

The Network Configuration Safety Net

Unplanned changes are the #1 cause of outages. It's time to build a framework that makes your network visible, monitored, and recoverable.

Inside:

• The safety net framework- 5 essential safeguards 

• Real incidents & lessons learned

• A 10-minute change checklist

Get Your Free Copy

Stay cool (and connected) out there.

👨‍💻 JOB OPPORTUNITIES

IT Project Manager Expert @ BAE Systems

You'll wrangle enterprise Scrum, manage defense systems, and communicate with stakeholders who use the phrase "circle back" in wartime contexts. TS clearance required, because they will absolutely Google you.

Sr. Director, IT Operations @ Sierra Space

Here’s your chance to lead IT infrastructure for a company literally building things that go to space. TS/SCI clearance obviously required. If you ever wanted to tell someone your on-call rotation covers low Earth orbit, this is the job.

IT Systems Engineer @ Apex Fintech Solutions

Entry-level role keeping the infrastructure running so 22 million people can panic-sell their portfolios from their phones. Great learning opportunity. Also you will carry this emotionally.

🛩 INDUSTRY MOVES

• Mark Cuban went on a podcast and said OpenAI is just "f***ing away" money at scale, that Sam Altman is "all over the map," and that trillion-dollar return projections "aren't going to come to fruition.” He then praised Anthropic and Google as the smarter plays, which means the guy who bought the Dallas Mavericks and appeared on Shark Tank for 15 seasons is now the most credible AI analyst in the room, and that should keep everyone up at night.

• Five book publishers and author Scott Turow sued Meta and Mark Zuckerberg personally, alleging he "personally authorized and actively encouraged" the illegal torrenting of 267 terabytes of pirated books and articles to train Llama, after an internal memo confirmed they knew the dataset was pirated and specifically noted they "would not disclose" its use. The human cyborg's team called it fair use, which is what you say when you get caught downloading 267 terabytes of other people's work.

• Utah's Senate Bill 73 went into effect May 6 and now bans websites from even explaining what a VPN is if they're subject to the state's age-verification law. This effectively forces websites to either surveil everyone or block all VPN traffic, making Utah the first US state to govern the internet the same way your college IT department governed the dorm Wi-Fi, except somehow with a worse legal justification.

• Kaspersky disclosed that DAEMON Tools (the virtual drive software approximately 40% of you still have installed from 2009 and completely forgot about)was backdoored between April 8 and late April 2026 with trojanized versions deploying an infostealer. This was followed by a selective backdoor targeting government, scientific, and manufacturing organizations in Russia, Belarus, and Thailand. Researchers suspect Chinese state actors, which means your abandoned virtual drive software from the Windows XP era is now a geopolitical incident.

Hey, it's your boy Chip, live from the EE community forums where the real problems get solved — not by AI or a chatbot hallucinating Stack Overflow posts from 2014, but by actual humans who know what they're doing:

• One member is trying to get SSL working on a Windows 11 XAMPP 8.1.25 local dev setup and the certificate situation is, predictably, a mess. Localhost doesn't want to cooperate, the browser doesn't want to trust it, and everyone involved is having a bad time. Classic local environment behavior.

• Another member logged back into their Hotmail account after it got compromised and discovered the entire interface had switched to a language they don't speak. Nothing says "welcome back, the damage is already done" like Microsoft greeting you in a foreign language after someone else threw a party in your inbox!

• A third member is working with two related SELECT queries in ColdFusion and trying to figure out the cleanest way to connect them without making the code look like it was written by someone who learned SQL from a fever dream.

Join the conversation on Experts Exchange →

That's the week! Logging off for now. Try doing something without posting about it.

P.S. If any of this made you want to talk to someone who actually knows what they're doing, head over to Experts Exchange and say so. Logging off!