Fermer

Le numérique au sein de l’É­tat

La stratégie numérique de l’É­tat

La DINUM

Les ac­teurs du numérique de l’É­tat

En Europe et à l’in­ter­na­tional

La trans­for­ma­tion numérique des ter­ri­toires

Offre d’ac­com­pa­g­ne­ment

Services numériques

Données publiques

IA

Actualités

Dernières in­for­ma­tions

Espace presse

Blog

Postuler

Fermer

Le numérique au sein de l’É­tat

La stratégie numérique de l’É­tat

La DINUM

Les ac­teurs du numérique de l’É­tat

En Europe et à l’in­ter­na­tional

La trans­for­ma­tion numérique des ter­ri­toires

Offre d’ac­com­pa­g­ne­ment

Services numériques

Données publiques

IA

Actualités

Dernières in­for­ma­tions

Espace presse

Blog

Postuler

Souveraineté numérique : l’É­tat ac­célère la ré­duc­tion de ses dépen­dances ex­tra-eu­ropéennes

À l’ini­tia­tive du Premier min­istre, du min­istre de l’Ac­tion et des Comptes publics, et de la min­istre déléguée chargée de l’In­tel­li­gence ar­ti­fi­cielle et du Numérique, la di­rec­tion in­ter­min­istérielle du numérique (DINUM) a or­gan­isé mer­credi 8 avril 2026 avec la di­rec­tion générale des en­tre­prises (DGE), l’a­gence na­tionale de la sécu­rité des sys­tèmes d’in­for­ma­tion (ANSSI) et la di­rec­tion des achats de l’É­tat (DAE) un sémi­naire in­ter­min­istériel visant à ren­forcer la dy­namique col­lec­tive de ré­duc­tion des dépen­dances numériques ex­tra-eu­ropéennes. Réunissant min­istres, ad­min­is­tra­tions, opéra­teurs publics et ac­teurs privés, cet événe­ment mar­que une ac­céléra­tion de la stratégie française et eu­ropéenne en faveur de la sou­veraineté numérique. Dans la con­ti­nu­ité des di­rec­tives ré­centes com­mu­niquées par le Premier min­istre, no­tam­ment les cir­cu­laires rel­a­tives à la com­mande publique numérique ainsi qu’à la général­i­sa­tion de l’outil de vi­sio­con­férence « Visio », le sémi­naire a per­mis de fixer un ob­jec­tif clair : ré­duire les dépen­dances numériques ex­tra-eu­ropéennes de l’É­tat.S’agis­sant de l’évo­lu­tion du poste de tra­vail, la DINUM an­nonce sa sor­tie de Windows au profit de postes sous sys­tème d’­ex­ploita­tion Linux.S’agissant de la mi­gra­tion vers des so­lu­tions sou­veraines, la Caisse na­tionale d’As­sur­ance mal­adie a an­noncé il y a quelques jours la mi­gra­tion de ses 80 000 agents vers des out­ils du so­cle numérique in­ter­min­istériel (Tchap, Visio et FranceTransfert pour le trans­fert de doc­u­ments).Le mois dernier, le Gouvernement an­nonçait la mi­gra­tion de la plate­forme des don­nées de santé vers une so­lu­tion de con­fi­ance d’ici à fin 2026.Le sémi­naire a per­mis de lancer une nou­velle méth­ode pour sor­tir des dépen­dances en for­mant des coali­tions in­édites as­so­ciant min­istères, grands opéra­teurs publics et ac­teurs privés. Cette dé­marche vise à fédérer les én­er­gies publiques et privées au­tour de pro­jets pré­cis, en s’ap­puyant no­tam­ment sur les com­muns numériques et les stan­dards d’in­teropéra­bil­ité (initiatives Open-Interop, OpenBuro).La DINUM co­or­don­nera un plan in­ter­min­istériel de ré­duc­tion des dépen­dances ex­tra-eu­ropéennes. Chaque min­istère (opérateurs in­clus) sera tenu de for­maliser son pro­pre plan d’ici l’au­tomne, por­tant sur les axes suiv­ants : poste de tra­vail, out­ils col­lab­o­rat­ifs, anti-virus, in­tel­li­gence ar­ti­fi­cielle, bases de don­nées, vir­tu­al­i­sa­tion, équipements réseau. Ces plans d’ac­tion per­me­t­tront de don­ner de la vis­i­bil­ité quant aux be­soins de l’E­tat à la fil­ière in­dus­trielle du numérique, qui dis­pose d’atouts ma­jeurs qu’il con­vient de val­oriser par la com­mande publique.Le tra­vail de car­togra­phie et de di­ag­nos­tic des dépen­dances réal­isé par la Direction des Achats de l’É­tat (DAE), ainsi que celui au­tour de la déf­i­ni­tion d’un ser­vice numérique eu­ropéen porté par la Direction générale des Entreprises (DGE), per­me­t­tra d’affiner l’ob­jec­tif chiffré de ré­duc­tion avec un cal­en­drier clair.Les pre­mières « ren­con­tres in­dus­trielles du numérique », qui seront or­gan­isées par la DINUM en juin 2026, con­stitueront l’oc­ca­sion de con­cré­tiser des coali­tions min­istérielles publiques - privées, avec no­tam­ment la for­mal­i­sa­tion d’une « al­liance pub­lic-privé pour la sou­veraineté eu­ropéenne ».

L’État ne peut plus se con­tenter de con­stater sa dépen­dance, il doit en sor­tir. Nous de­vons nous désen­si­biliser des out­ils améri­cains et repren­dre le con­trôle de notre des­tin numérique. Nous ne pou­vons plus ac­cepter que nos don­nées, nos in­fra­struc­tures et nos dé­ci­sions stratégiques dépen­dent de so­lu­tions dont nous ne maîtrisons ni les rè­gles, ni les tar­ifs, ni les évo­lu­tions, ni les risques. La tran­si­tion est en marche : nos min­istères, nos opéra­teurs et nos parte­naires in­dus­triels s’en­ga­gent au­jour­d’hui dans une dé­marche sans précé­dent pour car­togra­phier nos dépen­dances et ren­forcer notre sou­veraineté numérique. La sou­veraineté numérique n’est pas une op­tion.

min­istre de l’Ac­tion et des Comptes publics

La sou­veraineté numérique n’est pas une op­tion, c’est une né­ces­sité stratégique. L’Europe doit se doter des moyens de ses am­bi­tions, et la France mon­tre l’ex­em­ple en ac­célérant la bas­cule vers des so­lu­tions sou­veraines, in­teropérables et durables. En ré­duisant nos dépen­dances à des so­lu­tions ex­tra-eu­ropéennes, l’É­tat en­voie un mes­sage clair : celui d’une puis­sance publique qui reprend la main sur ses choix tech­nologiques au ser­vice de sa sou­veraineté numérique.

min­istre déléguée chargée de l’In­tel­li­gence ar­ti­fi­cielle et du Numérique

À pro­pos de la di­rec­tion in­ter­min­istérielle du numérique (DINUM) : La DINUM a pour mis­sion d’éla­borer la stratégie numérique de l’É­tat et de pi­loter sa mise en œu­vre. Elle ac­com­pa­gne les pro­jets numériques de l’É­tat, au ser­vice des pri­or­ités gou­verne­men­tales et dans le souci d’une amélio­ra­tion de l’­ef­fi­cac­ité de l’ac­tion publique.

(Ouvre une nou­velle fenêtre) En savoir plus sur nu­merique.gouv.fr

1d-chess is a new vari­ant where you can play the beau­ti­ful game with­out all those un­nec­ces­sary and com­pli­cated ex­tra di­men­sions. Play as white against the AI. You might ini­tally find it more dif­fi­cult than ex­pected, but ass­ming op­ti­mal play, is there a forced win for white?

Mouse over to re­veal an­swer: Try this line: N4 N5, N6 K7, R4 K6, R2 K7, R5++

There are three pieces in 1d-chess:

Can move one square in any di­rec­tion.

Can move 2 squares for­ward or back­ward. (jumping over any pieces in the way)

Can move in a straight line in any di­rec­tion.

Win by check­mat­ing the en­emy king. This oc­curs when the en­emy king is in check (under at­tack by one of your pieces) and there are no le­gal moves for the op­po­nent to get their king out of check.

* A player is not in check and there are no le­gal moves for them to play

* The same board po­si­tion is re­peated 3 times in a game.

* There are only kings left on the board, thus it is im­pos­si­ble to check­mate the op­po­nent

This chess vari­ant was first de­scribed by Martin Gardner in the Mathematical Games col­umn of the July 1980 is­sue of Scientific American

See The col­umn on JSTOR

← Back

I file the sharp cor­ners off my MacBooks. People like to freak out about this, so I wanted to post it here to make sure that every­one who wants to freak out about it gets the op­por­tu­nity to do so.

Here are some pho­tos so you know what I’m talk­ing about:

The bot­tom edge of the MacBook is very sharp. Indeed, the in­dus­trial de­sign­ers at Apple chose an alu­minum uni­body partly for the fact that it can han­dle such a geom­e­try. But, it is un­com­fort­able on my wrists, and I be­lieve strongly in cus­tomiz­ing one’s tools, so I filed it off.

The cor­ner is sharp all around the ma­chine, but it’s par­tic­u­larly pointed at the notch, which is where I fo­cused my ef­fort. It was quite pleas­ing to blend the smaller ra­dius curves into the larger ra­dius notch curve. I was slightly con­cerned that I’d file through the ma­chine, so I did this in in­cre­ments. It did­n’t end up be­ing an is­sue.

I taped off the speak­ers and key­board while fil­ing, as I’m sure alu­minum dust would­n’t do the ma­chine any fa­vors. I also clamped (with a re­spect­ful pres­sure) the ma­chine to my work­bench while do­ing this. I used a fairly rough file, as that is what I had on hand, and then sanded with 150 then 400 grit sand­pa­per. I was quite pleased with the fin­ish. The pho­tos above are taken months af­ter, and have the scratches and dings that you’d ex­pect some­one who has this level of re­spect for their ma­chine to ac­quire over that amount of time.

This was on my work com­puter. I ex­pect to sim­i­larly mod­ify fu­ture work com­put­ers, and I would be happy to help you mod­ify yours if you need a lit­tle en­cour­age­ment. Don’t be scared. Fuck around a bit.

A new re­port from 404 Media re­veals that the FBI was able to re­cover deleted Signal mes­sages from an iPhone by ex­tract­ing data stored in the de­vice’s no­ti­fi­ca­tion data­base. Here are the de­tails.

According to 404 Media, tes­ti­mony in a re­cent trial in­volv­ing “a group of peo­ple set­ting off fire­works and van­dal­iz­ing prop­erty at the ICE Prairieland Detention Facility in Alvarado, Texas,” showed that the FBI was able to re­cover con­tent of in­com­ing Signal mes­sages from a de­fen­dan­t’s iPhone, even though Signal had been re­moved from the de­vice:

One of the de­fen­dants was Lynette Sharp, who pre­vi­ously pleaded guilty to pro­vid­ing ma­te­r­ial sup­port to ter­ror­ists. During one day of the re­lated trial, FBI Special Agent Clark Wiethorn tes­ti­fied about some of the col­lected ev­i­dence. A sum­mary of Exhibit 158 pub­lished on a group of sup­port­ers’ web­site says, “Messages were re­cov­ered from Sharp’s phone through Apple’s in­ter­nal no­ti­fi­ca­tion stor­age—Sig­nal had been re­moved, but in­com­ing no­ti­fi­ca­tions were pre­served in in­ter­nal mem­ory. Only in­com­ing mes­sages were cap­tured (no out­go­ing).”

As 404 Media notes, Signal’s set­tings in­clude an op­tion that pre­vents the ac­tual mes­sage con­tent from be­ing pre­viewed in no­ti­fi­ca­tions. However, it ap­pears the de­fen­dant did not have that set­ting en­abled, which, in turn, seem­ingly al­lowed the sys­tem to store the con­tent in the data­base.

404 Media reached out to Signal and Apple, but nei­ther com­pany pro­vided any state­ments on how no­ti­fi­ca­tions are han­dled or stored.

With lit­tle to no tech­ni­cal de­tails about the ex­act con­di­tion of the de­fen­dan­t’s iPhone, it is ob­vi­ously im­pos­si­ble to pin­point the pre­cise method the FBI used to re­cover the in­for­ma­tion.

For in­stance, there are mul­ti­ple sys­tem states an iPhone can be in, each with its own se­cu­rity and data ac­cess con­straints, such as BFU (Before First Unlock), AFU (After First Unlock) mode, and so on.

Security and data ac­cess also change even more dra­mat­i­cally when the de­vice is un­locked, since the sys­tem as­sumes the user is pre­sent and per­mits ac­cess to a wider range of pro­tected data.

That said, iOS does store and cache a lot of data lo­cally, trust­ing that it can rely on these dif­fer­ent states to keep that in­for­ma­tion safe but read­ily avail­able in case the de­vice’s right­ful owner needs it.

Another im­por­tant fac­tor to keep in mind: the to­ken used to send push no­ti­fi­ca­tions is­n’t im­me­di­ately in­val­i­dated when an app is deleted. And since the server has no way of know­ing whether the app is still in­stalled af­ter the last no­ti­fi­ca­tion it sent, it may con­tinue push­ing no­ti­fi­ca­tions, leav­ing it up to the iPhone to de­cide whether to dis­play them.

Interestingly, Apple just changed how iOS val­i­dates push no­ti­fi­ca­tion to­kens on iOS 26.4. While it is im­pos­si­ble to tell whether this is a re­sult of this case, the tim­ing is still no­table.

Back to the case, given Exhibit 158’s de­scrip­tion that the mes­sages “were re­cov­ered from Sharp’s phone through Apple’s in­ter­nal no­ti­fi­ca­tion stor­age,” it is pos­si­ble the FBI ex­tracted the in­for­ma­tion from a de­vice backup.

In that case, there are many com­mer­cially avail­able tools for law en­force­ment that ex­ploit iOS vul­ner­a­bil­i­ties to ex­tract data that could have helped the FBI ac­cess this in­for­ma­tion.

To read 404 Media’s orig­i­nal re­port of this case, fol­low this link.

France is try­ing to move on from Microsoft Windows. The coun­try said it plans to move some of its gov­ern­ment com­put­ers cur­rently run­ning Windows to the open source op­er­at­ing sys­tem Linux to fur­ther re­duce its re­liance on U. S. tech­nol­ogy.

Linux is an open source op­er­at­ing sys­tem that is free to down­load and use, with var­i­ous cus­tomized dis­tri­b­u­tions that are tai­lored and de­signed for spe­cific use cases or op­er­a­tions.

In a state­ment, French min­is­ter David Amiel said (translated) that the ef­fort was to “regain con­trol of our dig­i­tal des­tiny” by re­ly­ing less on U. S. tech com­pa­nies. Amiel said that the French gov­ern­ment can no longer ac­cept that it does­n’t have con­trol over its data and dig­i­tal in­fra­struc­ture.

The French gov­ern­ment did not pro­vide a spe­cific time­line for the switchover, or which dis­tri­b­u­tions it was con­sid­er­ing. The switchover will be­gin with com­put­ers at the French gov­ern­men­t’s dig­i­tal agency, DINUM. When reached by TechCrunch, a spokesper­son for Microsoft did not com­ment on the news.

This is the lat­est ef­fort by France to re­duce its de­pen­dence on U. S. tech gi­ants and use tech­nol­ogy and cloud ser­vices orig­i­nated within its bor­ders, known as dig­i­tal sov­er­eignty, fol­low­ing grow­ing in­sta­bil­ity and un­pre­dictabil­ity on the part of the Trump ad­min­is­tra­tion.

Lawmakers and gov­ern­ment lead­ers across Europe are grow­ing more aware of the loom­ing threat fac­ing them at home, and their over-re­liance on U. S. tech­nol­ogy. In January, the European Parliament voted to adopt a re­port di­rect­ing the European Commission to iden­tify ar­eas where the EU can re­duce its re­liance on for­eign providers.

Since tak­ing of­fice in January 2025, Trump has upped his at­tacks on world lead­ers — straight-out cap­tur­ing one and aid­ing in the killing of an­other. He has also weaponized sanc­tions against his crit­ics, who in­clude judges on the International Criminal Court, ef­fec­tively cut­ting them off from trans­act­ing with U. S. com­pa­nies. Those who have been sanc­tioned have re­ported hav­ing their bank ac­counts closed and ac­cess to U.S. tech ser­vices ter­mi­nated, as well as be­ing blocked from any other U.S. ser­vice.

France’s de­ci­sion to ditch Windows comes months af­ter the gov­ern­ment an­nounced it would stop us­ing Microsoft Teams for video con­fer­enc­ing in fa­vor of French-made Visio, a tool based on the open source end-to-end en­crypted video meet­ing tool Jitsi.

The French gov­ern­ment said it also plans to mi­grate its health data plat­form to a new trusted plat­form by the end of the year.

Jason at zx2c4.com

Previous mes­sage (by thread): Adding mes­sage type 5/6 for PQC (was Re: Export noise prim­i­tives for ad­di­tional “chain key ratch­et­ing”)

Next mes­sage (by thread): [ANNOUNCE] WireGuardNT v0.11 and WireGuard for Windows v0.6 Released

Hey folks,

I gen­er­ally don’t send an­nounce­ment emails for the Windows soft­ware, be­cause the built-in up­dater takes care of no­ti­fy­ing the rel­e­vant users. But be­cause this has­n’t been up­dated in so long, and be­cause of re­cent news ar­ti­cles, I thought it’d be a good idea to no­tify the list.

After a lot of hard­work, we’ve re­leased an up­dated Windows client, both the low level ker­nel dri­ver and api har­ness, called WireGuardNT, and the higher level man­age­ment soft­ware, com­mand line util­i­ties, and UI, called WireGuard for Windows.

There are some new fea­tures — such as sup­port for re­mov­ing in­di­vid­ual al­lowed IPs with­out drop­ping pack­ets (as was added al­ready to Linux and FreeBSD) and set­ting very low MTUs on IPv4 con­nec­tions — but the main im­prove­ment is lots of ac­cu­mu­lated bug fixes, per­for­mance im­prove­ments, and above all, im­mense code stream­lin­ing due to ratch­et­ing for­ward our min­i­mum sup­ported Windows ver­sion [1]. These pro­jects are now built in a much more solid foun­da­tion, with­out hav­ing to main­tain decades of com­pat­i­bil­ity hacks and al­ter­na­tive code­paths, and bizarre logic, and dy­namic dis­patch­ing, and all man­ner of crust. There have also been large tool­chain up­dates — the EWDK ver­sion used for the dri­ver, the Clang/LLVM/MingW ver­sion used for the user­space tool­ing, the Go ver­sion used for the main UI, the EV cer­tifi­cate and sign­ing in­fra­struc­ture — which all to­gether should amount to bet­ter per­for­mance and more mod­ern code.

But, as it’s our first Windows re­lease in a long while, please test and let me know how it goes. Hopefully there are no re­gres­sions, and we’ve tested this quite a bit — in­clud­ing on Windows 10 1507 Build 10240, the most an­cient Windows that we sup­port which Microsoft does not any­more — but you never know. So feel free to write me as needed.

As al­ways, the built-in up­dater should be prompt­ing users to click the up­date but­ton, which will check sig­na­tures and se­curely up­date the soft­ware. Alternatively, if you’re in­stalling for the first time or want to up­date im­me­di­ately, our mini 80k fetcher will down­load and ver­ify the lat­est ver­sion: - https://​down­load.wire­guard.com/​win­dows-client/​wire­guard-in­staller.exe - https://​www.wire­guard.com/​in­stall/

And to learn more about each of these two Windows pro­jects: - https://​git.zx2c4.com/​wire­guard-win­dows/​about/ - https://​git.zx2c4.com/​wire­guard-nt/​about/

Finally, I should com­ment on the afore­men­tioned news ar­ti­cles. When we tried to sub­mit the new NT ker­nel dri­ver to Microsoft for sign­ing, they had sus­pended our ac­count, as I wrote about first in a ran­dom com­ment [2] on Hacker News in a thread about this hap­pen­ing to an­other pro­ject, and then later that day on Twitter [3]. The com­ments that fol­lowed were a bit off the rails. There’s no con­spir­acy here from Microsoft. But the Internet dis­cus­sion wound up catch­ing the at­ten­tion of Microsoft, and a day later, the ac­count was un­blocked, and all was well. I think this is just a case of bu­reau­cratic processes get­ting a bit out of hand, which Microsoft was able to eas­ily rem­edy. I don’t think there’s been any mal­ice or con­spir­acy or any­thing weird. I think most news ar­ti­cles cur­rently cir­cu­lat­ing haven’t been up­dated to show that this was ac­tu­ally fixed pretty quickly. So, in case you were won­der­ing, “but how can there be a new WireGuard for Windows up­date when the ac­count is blocked?!”, now you know that the an­swer is, “because the ac­count was un­blocked.”

Anyway, en­joy the new soft­ware, and let me know how it works for you.

Thanks, Jason

[1] https://​lists.zx2c4.com/​piper­mail/​wire­guard/​2026-March/​009541.html [2] https://​news.ycombi­na­tor.com/​item?id=47687884 [3] https://​x.com/​EdgeSe­cu­rity/​sta­tus/​2041872931576299888

Previous mes­sage (by thread): Adding mes­sage type 5/6 for PQC (was Re: Export noise prim­i­tives for ad­di­tional “chain key ratch­et­ing”)

Next mes­sage (by thread): [ANNOUNCE] WireGuardNT v0.11 and WireGuard for Windows v0.6 Released

More in­for­ma­tion about the WireGuard

mail­ing list

In this Friday’s magic demon­stra­tion, I’m go­ing to show how what you see in Privacy & Security set­tings can be mis­lead­ing, when it tells you that an app does­n’t have ac­cess to a pro­tected folder, but it re­ally does.

Although it ap­pears you can achieve this us­ing sev­eral or­di­nary apps, to make things sim­pler and clearer I’ve writ­ten a lit­tle app for this pur­pose, Insent, avail­able from here: in­sen­t11

I’m work­ing in ma­cOS Tahoe 26.4, but I sus­pect you should see much the same in any ver­sion from ma­cOS 13.5 on­wards, as sup­ported by Insent.

For this magic demo, I’m only go­ing to use two of Insent’s six but­tons:

* Open by con­sent, which re­sults in Insent choos­ing a ran­dom text file from the top level of your Documents folder, and dis­play­ing its name and the start of its con­tents be­low. As it does this with­out in­volv­ing the user in the process, the ma­cOS pri­vacy sys­tem TCC re­quires it to ob­tain the user’s con­sent to list and ac­cess the con­tents of that pro­tected folder.

* Open from folder, which opens an Open and Save Panel where you se­lect a folder. Insent then picks a ran­dom text file from the top level of that folder, and dis­plays its name and the start of its con­tents be­low. Because you ex­pressed your in­tent to ac­cess that pro­tected folder, TCC con­sid­ers that is good enough to give ac­cess with­out re­quir­ing any con­sent.

Once you have down­loaded Insent, ex­tracted it from its archive, and dragged the app from that folder into one of your Applications fold­ers, fol­low this se­quence of ac­tions:

Open Insent, click on Open by con­sent, and con­sent to the prompt to al­low it to ac­cess your Documents folder. Shortly af­ter­wards, Insent will dis­play the open­ing of one of the text files in Documents. Quit Insent.

Open Privacy & Security set­tings, se­lect Files & Folders, and con­firm that Insent has been given ac­cess to Documents.

Open Insent, click on Open by con­sent, and con­firm it now gains ac­cess to a text file with­out ask­ing for con­sent. Quit Insent.

Open Privacy & Security set­tings, se­lect Files & Folders, and dis­able Documents ac­cess in Insent’s en­try there us­ing the tog­gle.

Open Insent, click on Open by con­sent, and con­firm that it can no longer open a text file, but dis­plays [Couldn’t get con­tents of Documents folder].

Click on Open from folder and se­lect your Documents folder there. Confirm that works as ex­pected and dis­plays the name and con­tents of one of the text files in Documents.

Click on Open by con­sent, and con­firm that now works again.

Confirm that Documents ac­cess for Insent is still dis­abled in Files & Folders.

Whatever you do now, the app re­tains full ac­cess to Documents, no mat­ter what is shown or set in Files & Folders.

Indeed, the only way you can pro­tect your Documents folder from ac­cess by Insent is to run the fol­low­ing com­mand in Terminal:

tc­cu­til re­set All co.eclec­ti­clight. Insent

then restart your Mac. That should set Insent’s pri­vacy set­tings back to their de­fault.

You can also demon­strate that this be­hav­iour is spe­cific to one pro­tected folder at a time. If you se­lect a dif­fer­ent pro­tected folder like Desktop or Downloads us­ing the Open from folder but­ton, then Insent still won’t be able to list the con­tents of the Documents folder, as its TCC set­tings will func­tion as ex­pected.

Insent is an or­di­nary no­tarised app, and does­n’t run in a sand­box or pull any clever tricks. When System Integrity Protection (SIP) is en­abled some of its op­er­a­tions are sand­boxed, though, in­clud­ing at­tempts to list or ac­cess the con­tents of lo­ca­tions that are pro­tected by TCC.

When you click on its Open by con­sent but­ton, sand­boxd in­ter­cepts the File Manager call to list the con­tents of Documents, as a pro­tected folder. It then re­quests ap­proval for that from TCC, as seen in the fol­low­ing log en­tries:

1.204592 Insent sendAc­tion: 1.205160 Insent: try­ing to list files in ~/Documents 1.205828 sand­boxd re­quest ap­proval 1.205919 sand­boxd tc­c_send_re­quest_au­tho­riza­tion() IPC

TCC does­n’t have au­tho­ri­sa­tion for that ac­cess by Insent, ei­ther by Full Disk Access or spe­cific ac­cess to Documents, so it prompts the user for their con­sent. If that’s given, the fol­low­ing log en­tries show that be­ing passed back to the sand­box, and the change be­ing no­ti­fied to com.ap­ple.chrono, fol­lowed by Insent ac­tion­ing the orig­i­nal re­quest:

3.798770 com.ap­ple.sand­box kTCC­Ser­viceSys­tem­Pol­i­cy­Doc­u­ments­Folder granted by TCC for Insent 3.802225 com.ap­ple.chrono ap­pAuth:co.eclec­ti­clight. Insent] tcc au­tho­riza­tion(s) changed 3.809558 Insent: try­ing to look in ~/Documents for text files 3.809691 Insent: try­ing to read from: /Users/hoakley/Documents/asHelp.text 3.842101 Insent: read from: /Users/hoakley/Documents/asHelp.text

If you then dis­able Insent’s ac­cess to Documents in Privacy & Security set­tings, TCC de­nies ac­cess to Documents, and Insent can’t get the list of its con­tents:

1.093533 com.ap­ple. TCC AUTHREQ_RESULT: ms­gID=440.109, au­th­Value=0, au­thRea­son=4, au­thVer­sion=1, de­sired_auth=0, er­ror=(null), 1.093669 com.ap­ple.sand­box kTCC­Ser­viceSys­tem­Pol­i­cy­Doc­u­ments­Folder de­nied by TCC for Insent 1.094007 Insent: could­n’t get con­tents of ~/Documents

If you then ac­cess Documents by in­tent through the Open and Save Panel, sand­boxd no longer in­ter­cepts the re­quest, and TCC there­fore does­n’t grant or deny ac­cess:

0.897244 Insent sendAc­tion: 0.897318 Insent: try­ing to list files in ~/Documents 0.900828 Insent: try­ing to look in ~/Documents for text files 0.901112 Insent: try­ing to read from: /Users/hoakley/Documents/T2M2_2026-01-06_13_03_00.text 0.904101 Insent: read from: /Users/hoakley/Documents/T2M2_2026-01-06_13_03_00.text

Thus, ac­cess to a pro­tected folder by user in­tent, such as through the Open and Save Panel, changes the sand­box­ing ap­plied to the caller by re­mov­ing its con­straint to that spe­cific pro­tected folder. As the sand­box­ing is­n’t con­trolled by or re­flected in Privacy & Security set­tings, that al­lows TCC, in Files & Folders, to con­tinue show­ing ac­cess re­stric­tions that aren’t ap­plied be­cause the sand­box is­n’t ap­plied.

Access re­stric­tions shown in Privacy & Security set­tings, specif­i­cally those to pro­tected lo­ca­tions in Files & Folders, aren’t an ac­cu­rate or trust­wor­thy re­flec­tion of those that are ac­tu­ally ap­plied. It’s pos­si­ble for an app to have un­re­stricted ac­cess to one or more pro­tected fold­ers while its list­ing in Files & Folders shows it be­ing blocked from ac­cess, or for it to have no en­try at all in that list.

Most apps that want ac­cess to pro­tected fold­ers like Documents ap­pear to seek that dur­ing their ini­tial­i­sa­tion, and be­fore any user in­ter­ac­tion that could re­sult in in­tent over­rid­ing the need for con­sent. However, many users re­port that apps ap­pear to have ac­cess to Documents but aren’t listed in Files & Folders, sug­gest­ing that at some time that se­quence of events does oc­cur.

To be ef­fec­tively ex­ploited this would need care­ful se­quenc­ing, and for the user to se­lect the pro­tected folder in an Open and Save Panel, so draw­ing at­ten­tion to the ma­noeu­vre.

Most con­cern­ing is the ap­par­ent per­ma­nence of the ac­cess granted, re­quir­ing an ar­cane com­mand in Terminal and a restart in or­der to re­set the ap­p’s pri­vacy set­tings. It’s hard to be­lieve that this was in­tended to trap the user into sur­ren­der­ing con­trol over ac­cess to pro­tected lo­ca­tions. But it can do.

I’m very grate­ful to Richard for draw­ing my at­ten­tion to this.

OpenAI is throw­ing its sup­port be­hind an Illinois state bill that would shield AI labs from li­a­bil­ity in cases where AI mod­els are used to cause se­ri­ous so­ci­etal harms, such as death or se­ri­ous in­jury of 100 or more peo­ple or at least $1 bil­lion in prop­erty dam­age.

The ef­fort seems to mark a shift in OpenAI’s leg­isla­tive strat­egy. Until now, OpenAI has largely played de­fense, op­pos­ing bills that could have made AI labs li­able for their tech­nol­o­gy’s harms. Several AI pol­icy ex­perts tell WIRED that SB 3444—which could set a new stan­dard for the in­dus­try—is a more ex­treme mea­sure than bills OpenAI has sup­ported in the past.

The bill would shield fron­tier AI de­vel­op­ers from li­a­bil­ity for “critical harms” caused by their fron­tier mod­els as long as they did not in­ten­tion­ally or reck­lessly cause such an in­ci­dent, and have pub­lished safety, se­cu­rity, and trans­parency re­ports on their web­site. It de­fines a fron­tier model as any AI model trained us­ing more than $100 mil­lion in com­pu­ta­tional costs, which likely could ap­ply to America’s largest AI labs, like OpenAI, Google, xAI, Anthropic, and Meta.

“We sup­port ap­proaches like this be­cause they fo­cus on what mat­ters most: Reducing the risk of se­ri­ous harm from the most ad­vanced AI sys­tems while still al­low­ing this tech­nol­ogy to get into the hands of the peo­ple and busi­nesses—small and big—of Illinois,” said OpenAI spokesper­son Jamie Radice in an emailed state­ment. “They also help avoid a patch­work of state-by-state rules and move to­ward clearer, more con­sis­tent na­tional stan­dards.”

Under its de­f­i­n­i­tion of crit­i­cal harms, the bill lists a few com­mon ar­eas of con­cern for the AI in­dus­try, such as a bad ac­tor us­ing AI to cre­ate a chem­i­cal, bi­o­log­i­cal, ra­di­o­log­i­cal, or nu­clear weapon. If an AI model en­gages in con­duct on its own that, if com­mit­ted by a hu­man, would con­sti­tute a crim­i­nal of­fense and leads to those ex­treme out­comes, that would also be a crit­i­cal harm. If an AI model were to com­mit any of these ac­tions un­der SB 3444, the AI lab be­hind the model may not be held li­able, so long as it was­n’t in­ten­tional and they pub­lished their re­ports.

Federal and state leg­is­la­tures in the US have yet to pass any laws specif­i­cally de­ter­min­ing whether AI model de­vel­op­ers, like OpenAI, could be li­able for these types of harm caused by their tech­nol­ogy. But as AI labs con­tinue to re­lease more pow­er­ful AI mod­els that raise novel safety and cy­ber­se­cu­rity chal­lenges, such as Anthropic’s Claude Mythos, these ques­tions feel in­creas­ingly pre­scient.

In her tes­ti­mony sup­port­ing SB 3444, a mem­ber of OpenAI’s Global Affairs team, Caitlin Niedermeyer, also ar­gued in fa­vor of a fed­eral frame­work for AI reg­u­la­tion. Niedermeyer struck a mes­sage that’s con­sis­tent with the Trump ad­min­is­tra­tion’s crack­down on state AI safety laws, claim­ing it’s im­por­tant to avoid “a patch­work of in­con­sis­tent state re­quire­ments that could cre­ate fric­tion with­out mean­ing­fully im­prov­ing safety.” This is also con­sis­tent with the broader view of Silicon Valley in re­cent years, which has gen­er­ally ar­gued that it’s para­mount for AI leg­is­la­tion to not ham­per America’s po­si­tion in the global AI race. While SB 3444 is it­self a state-level safety law, Niedermeyer ar­gued that those can be ef­fec­tive if they “reinforce a path to­ward har­mo­niza­tion with fed­eral sys­tems.”

“At OpenAI, we be­lieve the North Star for fron­tier reg­u­la­tion should be the safe de­ploy­ment of the most ad­vanced mod­els in a way that also pre­serves US lead­er­ship in in­no­va­tion,” Niedermeyer said.

Scott Wisor, pol­icy di­rec­tor for the Secure AI pro­ject, tells WIRED he be­lieves this bill has a slim chance of pass­ing, given Illinois’ rep­u­ta­tion for ag­gres­sively reg­u­lat­ing tech­nol­ogy. “We polled peo­ple in Illinois, ask­ing whether they think AI com­pa­nies should be ex­empt from li­a­bil­ity, and 90 per­cent of peo­ple op­pose it. There’s no rea­son ex­ist­ing AI com­pa­nies should be fac­ing re­duced li­a­bil­ity,” Wisor says.

Analyzing every Firefox ex­ten­sion Installing every Firefox ex­ten­sion Using every Firefox ex­ten­sion

*All but 8 we did­n’t scrape (or got deleted be­tween me check­ing the web­site and me scrap­ing) and 42 miss­ing from ex­ten­sions.json.1 Technically we only in­stalled 99.94% of the ex­ten­sions.

It turns out there’s only 84 thou­sand Firefox ex­ten­sions. That sounds fea­si­bly small. That even sounds like it’s less than 50 gi­ga­bytes. Let’s in­stall them all!

There’s a pub­lic API for the add-ons store. No au­then­ti­ca­tion re­quired, and seem­ingly no rate lim­its. This should be easy.

The search end­point can take an empty query. Let’s read every page:

The search API only gives me 600 pages, mean­ing I can only see 30 thou­sand ex­ten­sions, less than half of them.

A so­lu­tion I found is to use dif­fer­ent sorts. The de­fault sort is sort=rec­om­mended,users: first rec­om­mended ex­ten­sions, then sorted by users, de­scend­ing. Changing to just sort=cre­ated gave me some of the long tail:

I’m still miss­ing 30,0252 ex­ten­sions, so I added rat­ing and hot­ness too.

Starting to hit di­min­ish­ing re­turns. While I was wait­ing 7 min­utes for that last list to get scraped be­cause my code did­n’t fetch in par­al­lel, I had an epiphany: use ex­clude_ad­dons. I can just fetch page 600 and ex­clude all its ad­dons to get page 601.

It works! There is a URL length limit, sadly, so I can only fetch an ex­tra 20 pages.

A lot less than I ex­pected, es­pe­cially con­sid­er­ing what hap­pens when I add the down­loads sort:

Reading the docs again, I no­tice I can fil­ter by cat­e­gory as well. I’m tired of wait­ing 7 min­utes so I’ll just fetch every page in par­al­lel.

I got ba­si­cally all the ex­ten­sions with this, mak­ing every­thing I did be­fore this look re­ally stu­pid.

That’s 8 less ex­ten­sions than what it says on the web­site. When I ran this in September 2025, it found 21 more ex­ten­sions than what was men­tioned on the web­site, so I think this is enough.

So that no­body has to do this again, I’ve up­loaded this dataset to Hugging Face.

The search API sup­ports date fil­ters: cre­at­ed__gte and cre­at­ed__lte. The API also re­turns the full num­ber of ex­ten­sions that match your search.

You can start with a fil­ter that in­cludes all ex­ten­sions, then keep split­ting the ranges in half un­til it is less than 30 thou­sand, then fetch all of them.

I’ve up­dated the down­loader: it is faster, wastes fewer re­quests, and seems to scrape ex­actly all the ex­ten­sions, too.

This won’t work if over 30 thou­sand ex­ten­sions get cre­ated in a sin­gle sec­ond, which I can’t imag­ine will ever hap­pen.

I have a copy of Bun and al­l_ex­ten­sions.json, so I will tor­ment you with my un­matched script power.

The biggest Firefox ex­ten­sion is dmitlichess at 196.3 MB, which con­tains 2000+ au­dio files.

Here’s the rest of the top ten:

The first time I ran this analy­sis, in September, “Cute doggy - Dog pup­pies” was the 10th largest ex­ten­sion. I’m still men­tion­ing it here, be­cause I was so fuck­ing con­fused:

The small­est ex­ten­sion is theTabs-saver, which is 7518 bytes and has no code.

FalscheLaden, with no users, re­quests 3,695 per­mis­sions. The au­thor has posted a writeup.

Second place is Google Dark Theme, which re­quests 2,675 per­mis­sions but has 1,687 users.

Dr. B is the king of slop, with 84 ex­ten­sions pub­lished, all of them vibe coded.

How do I know? Most of their ex­ten­sions have a README.md in them de­scrib­ing their process of get­ting these through ad­don re­view, and men­tion Grok 3. Also, not a sin­gle one of them have icons or screen­shots.

Personally, I’m shocked this num­ber is this low. I ex­pected to see some de­vel­op­ers with hun­dreds!

I re­viewed the source of a cou­ple ho­mo­glyph at­tacks on crypto wal­lets dis­cov­ered in the dataset and was dis­ap­pointed to find out they just pop up a form ask­ing for your seed phrase and send it off to their server. It’s an ex­ten­sion!!! You can steal their coin­base.com to­ken! You can mon­i­tor the clip­board and swap out their ad­dress for yours! You can crash their browser and claim your real mal­ware is the fix!

Why would you make a fake MetaMask ex­ten­sion and bot 1-star re­views?

Is this the do­ing of their cy­ber­crime com­peti­tors, who bot 4-star re­views on ex­ten­sions of their own?

Either way, these ex­ten­sions are clearly phish­ing. I re­ported some to Mozilla, and the next day they were all gone, even the ones I was too lazy to re­port. I for­got to archive them, so I guess they live on in May’s VM!

In terms of im­ple­men­ta­tion, the most in­ter­est­ing one is “Іron Wаllеt” (the I, a, and e are Cyrillic). Three sec­onds af­ter in­stall, it fetches the phish­ing page’s URL from the first record of a NocoDB spread­sheet and opens it:

I think the ex­ten­sion’s “no ac­counts or re­mote code” de­scrip­tion is re­ally funny, like putting “no copy­right in­fringe­ment in­tended” in your video’s de­scrip­tion in case YouTube is watch­ing. The API key had write ac­cess, so I wiped the spread­sheet.

You get a “Homepage” link in your ex­ten­sion’s page and your own page.

It’s been no­fol­low for two years, but that has­n’t stopped grifters from try­ing any­way.

On Attempt 1, I en­coun­tered Typo Sniper and Tab Fortune Teller, AI gen­er­ated ex­ten­sions with casi­nos in their au­thor’s Homepage links.

In the dataset, there’s many “Code Injector” ex­ten­sions, which are all vir­tu­ally iden­ti­cal and also have ran­dom web­sites in their au­thor’s Homepage link.

All of these ex­ten­sions are from 2025. Is there an an­cient SEO guide cir­cu­lat­ing? Is there some evil AMO fron­tend they’re still get­ting a back­link from? I have no idea what’s hap­pen­ing here.

All of these ex­ten­sions are their au­thor’s only up­loads and they have their own do­mains. Most of them are on both Chrome and Firefox, their web­sites look the same, and they all have a terms of ser­vice ref­er­enc­ing “Innover Online Group Ltd”, which is a .png for some rea­son.

Because I scraped every Firefox ex­ten­sion twice, I can see what got re­moved in be­tween the runs. Three of Innover Group’s ex­ten­sions—Earth View 360°, View Manuals, and View Recipes, to­tal­ing 115 thou­sand users—have been dis­abled by Mozilla.

Innover Group runs Google ads for their ex­ten­sions, a lot of them sim­ply say­ing “Continue”.

The “Custom Web Search” is Yahoo but with their af­fi­late code. That code be­ing safe­plexsearch, which has a web­site of its own which of course men­tions Innover Online Group Ltd, and links to an ad­don with 3,892 users, which is ac­tu­ally a Firefox ex­clu­sive. Actually, “Custom Web Search” is a Firefox ex­clu­sive on all of these ex­ten­sions. Why did they even make a Chrome ver­sion, to sell them to the NSA??

One user claimed Ezy Speed Test “disables Ublock [sic] Origin once in­stalled”, which I did not find in its code.

There’s a mil­lion com­pa­nies like this, though. I just went to Download.com with my ad-blocker off and dis­cov­ered the com­pany Atom Apps in an ad, which also up­loads ex­ten­sions for both Chrome and Firefox, with a new ac­count for each ex­ten­sion, only in­cludes Yahoo in the Firefox ver­sion, with names that end in ei­ther “and Search” or ”& Search”, and has their com­pany name as a .png in their terms of ser­vice. They have 220 thou­sand daily users to­tal across 12 ex­ten­sions, and none of theirs have been dis­abled.

* 34.3% of ex­ten­sions have no daily users

25.1% of ex­ten­sions have more than 10 daily users

10.6% of ex­ten­sions have more than 100 daily users

3.2% of ex­ten­sions have more than 1000 daily users

0.7% of ex­ten­sions have more than 10000 daily users

* 25.1% of ex­ten­sions have more than 10 daily users

* 10.6% of ex­ten­sions have more than 100 daily users

* 3.2% of ex­ten­sions have more than 1000 daily users

* 0.7% of ex­ten­sions have more than 10000 daily users

* 76.7% of ex­ten­sions are open source (SPDX li­cense that is­n’t All Rights Reserved)

* 23% of ex­ten­sions were cre­ated af­ter I started writ­ing this ar­ti­cle

19% of ex­ten­sions have no users, no re­views, no screen­shots, no down­loads, and no icon

* 19% of ex­ten­sions have no users, no re­views, no screen­shots, no down­loads, and no icon

* 2.4% of ex­ten­sions re­quire pay­ment

38.1% of those are open source???

* 38.1% of those are open source???

Obviously I’m not go­ing to open each of these in a new tab and go through those prompts. Not for lack of try­ing:

Each ex­ten­sion has the cur­ren­t_ver­sion.file.url prop­erty which is a di­rect down­load for the ex­ten­sion. I down­load them to my pro­file’s ex­ten­sions folder with the guid prop­erty as the base name and the .xpi file ex­ten­sion, be­cause any­thing else will not be in­stalled.

Then, I delete the ad­don­Startup.json.lz4 and ex­ten­sions.json files. When I re­open Firefox, each ex­ten­sion is dis­abled. Tampering with ex­ten­sions.json is com­mon enough that you can ask any chat­bot to do it for you:

My first at­tempt was in a tiny11 core VM on my desk­top.

At first, in­stead of down­load­ing all of them with a script, I tried us­ing en­ter­prise poli­cies, but this copies all the ex­ten­sions into the folder. I quickly ran out of mem­ory, and the page­file took up the rest of the stor­age al­lo­cated to the VM. I had also ex­pected Firefox to open im­me­di­ately and the ex­ten­sions to in­stall them­selves as the browser is be­ing used, but that also did not hap­pen: it just froze.

After that, I tried down­load­ing them my­self.

To make sure I was in­stalling ex­ten­sions cor­rectly, I moved the ex­ten­sions folder else­where and then moved about a thou­sand ex­ten­sions back in. It worked.

There were mul­ti­ple ex­ten­sions that changed all text to a cer­tain string. bruh-ifier lost to Se ni važn. Goku is in the back­ground.

My con­text menu is so long that I’m show­ing it side­ways:

I had in­stalled lots of pro­tec­tion ex­ten­sions. One blocks traf­fic to .zip and .mov do­mains, pre­sum­ably be­cause they are file ex­ten­sions. This is .cab era­sure! Then, I re­al­ized that there were likely mul­ti­ple peo­ple view­ing my brows­ing his­tory, so I went to send them a mes­sage.

That “⚠️ SCAM WARNING!” popup is from Anti-Phishing Alert. As you may have in­ferred, it seems to only ex­ists for its Homepage link. How does it work?

Vasavi Fraudulent Detector also has a popup for when a site is safe:

Only the ad­dons from Attempt 1 were ac­tu­ally loaded, be­cause I did­n’t know I needed to delete ad­don­Startup.json.lz4 yet. I scrolled through the ad­dons page, then I opened DevTools to ver­ify it was the full 65,335, at which point Firefox froze and I was un­able to re­open it.

After that, I made a new (non-admin) user on my Mac to try again on a more pow­er­ful de­vice.

Every time I glanced at my script down­load­ing ex­ten­sions one at a time for six hours, I kept rec­og­niz­ing names. Oops, I’m the AMO sub­ject-mat­ter ex­pert now! Parallelizing was mak­ing it slower by the last 4000 ex­ten­sions, which did­n’t hap­pen on my Windows VM.

When that fin­ished, I found out my hard­ware could­n’t run 65,335 ex­ten­sions at once, sadly. The win­dow does open af­ter some time I did­n’t mea­sure, but the win­dow never starts re­spond­ing. I don’t have the balls to run my lap­top overnight.3

Firefox did make over 400 GB of disk writes. Because I for­got swap ex­isted, I checked the pro­file try­ing to find the cul­prit, which is when I learned I needed to delete ad­don­Startup.json.lz4 and mod­ify ex­ten­sions.json. The ex­ten­sions.json was 144 MB. For com­par­i­son, my PC’s ex­ten­sions.json is 336 KB.

My so­lu­tion: add 1000 ex­ten­sions at a time un­til Firefox took too long to open. I got to 6000.

3000 ex­ten­sions was the last point where I was at least able to load web­pages.

After 4000 or more ex­ten­sions, the ex­pe­ri­ence is ba­si­cally iden­ti­cal. Here’s a video of mine (epilepsy warn­ing):

5000 was the same as 4000 but every web­site was blocked by some ex­ten­sion I know starts with an S and ends with Blocker and has a logo with CJK char­ac­ters. At 6000 ex­ten­sions, the only page that I could load was about:ad­dons.

My desk­top has 16 GB of RAM, and my lap­top has 24 GB of uni­fied mem­ory. You might no­tice that 49.3 GB is more than twice that.

What you’re about to see was recorded in May’s vir­tual ma­chine. Do not try this on your main pro­file.

My down­load script started in par­al­lel, then we switched it to se­r­ial when it slowed down. In to­tal, down­load­ing took about 1 hour and 43 min­utes.

I was on a call the en­tire time, and we spot­ted a lot of strange ex­ten­sions in the logs. What kind of chud would use “KiwiFarms Math Renderer”? Are they draft­ing the the­ory of soy­tiv­ity?

Turning on Mullvad VPN and rout­ing to Tel Aviv ap­peared to speed up the process. This was not be­cause of Big Yahu, but be­cause May restarted the script, so she re­peated that a cou­ple times. Whether that’s a Bun bug, I don’t know and I don’t care. May joked about a “version 2” that I dread think­ing about.

Defender marked one ex­ten­sion, HackTools, as mal­ware. May ex­cluded the folder af­ter that, so it may not be the only one.

Firefox took its sweet time re­mak­ing ex­ten­sions.json, and it kept climb­ing. About 39 min­utes of Firefox dis­play­ing a skele­ton (hence “it has yet to ren­der a sec­ond frame”) later, it was 189 MB large: a new record! May killed Firefox and ran en­able.js.

I did some re­search to find why this took so long.

13 years ago, ex­ten­sions.json used to be ex­ten­sions.sqlite. Nowadays, ex­ten­sions.json is se­ri­al­ized and rewrit­ten in full on every write de­bounced to 20 ms, which works fine for 15 ex­ten­sions but not 84,194.

Finally, we see the browser. The on­board­ing tabs trick­led in, never load­ing.

May re­opened it, took a shower, and came back to this:

IT STABLIZED. YOU CAN (barely) RUN FIREFOX WITH ALL 84 THOUSAND EXTENSIONS.

Well, we were pretty sure it had 84 thou­sand ex­ten­sions. It had Tab Counter, at least, and the scroll­bar in the ex­ten­sions panel was ab­solutely mas­sive.

She loaded the con­fig­ure pages of two ex­ten­sions. The op­tions iframe never loaded.

I re­al­ized we need to dis­able auto up­date be­fore Firefox sends an­other 84 thou­sand re­quests. This one took a while to load.

The list loaded but with no icons and stopped re­spond­ing, and 6 hours later it had loaded fully.

We recorded the en­tire process; the mem­ory us­age fluc­tu­ated be­tween 27 and 37 GiB the en­tire time.