Daily Shaarli
April 9, 2026
Digital books have grown in popularity over the past decade, but more Americans still read books in print than in digital formats.
Overall, 75% of U.S. adults say they have read all or part of at least one book in the past 12 months, according to a Pew Research Center survey conducted in October 2025. While book reading is widespread, the survey also shows that participation in book clubs is much less common.
Print continues to be the only book format used by a majority of Americans. Roughly two-thirds of adults say they have read a physical book in the past 12 months, according to our October survey.
Much smaller shares say they have read an e-book or listened to an audiobook in the past year
Modern adversary tooling executes what security researchers call a real-time phishing relay, sometimes referred to as an adversary-in-the-middle (AiTM) attack. The mechanics are precise.
An adversary builds a reverse proxy that sits between the victim and the legitimate service. When the victim enters credentials on the spoofed page, the proxy forwards those credentials to the real site in real time.
The real site responds with an MFA challenge. The proxy forwards that challenge to the victim. The victim responds — because the page looks legitimate and the MFA prompt is real. The proxy forwards the response. The adversary receives an authenticated session.
Push notification MFA, SMS one-time codes, and TOTP authenticator apps are all vulnerable to this relay. They authenticate the exchange of a code. They do not verify that the individual completing the exchange is the authorized account holder. They cannot distinguish a direct session from a proxied one. //
The deeper problem is that the authentication architecture most organizations have deployed was not designed to answer the question that actually matters in a post-breach environment: was the authorized individual physically present and biometrically verified at the moment of authentication?
Push notifications do not answer this question. SMS codes do not answer this question. TOTP does not answer this question. USB hardware tokens answer a related but different question — they prove the registered device was present, not the authorized person. //
FIDO2/WebAuthn gets cited frequently in this conversation, and it is a meaningful step forward — but it is not sufficient on its own. Standard passkey implementations bind the credential to a device or cloud account.
Cloud-synced passkeys inherit the vulnerabilities of the cloud account: SIM swap attacks against the recovery phone number, account takeover via credential phishing, recovery flow exploitation. Device-bound passkeys prove device possession. They do not prove human presence.
Phishing-resistant authentication that closes the relay attack vector requires three properties simultaneously:
- Cryptographic origin binding: the authentication credential is mathematically tied to the exact origin domain. A spoofed site cannot produce a valid signature because the domain does not match. The attack fails before any credential is transmitted.
- Hardware-bound private keys that never leave secure hardware: the signing key cannot be exported, copied, or exfiltrated. Compromise of the endpoint does not compromise the credential.
- Live biometric verification of the authorized individual: not a stored biometric template that can be replayed, but a real-time match that confirms the authorized person is physically present at the moment of authentication.
When all three properties are present, a relay attack has no viable path. The adversary cannot produce a valid cryptographic signature from a spoofed site. They cannot relay a session because the cryptographic binding fails the moment the origin changes.
They cannot use a stolen device because the biometric verification fails without the authorized individual. They cannot social-engineer an approval because there is no approval prompt — the authentication either completes with a live biometric match at the registered hardware, or it does not complete.
The federal government plans to automatically register eligible men for the military draft beginning in December, according to a proposed rule published last week.
The Selective Service System (SSS), the government agency that maintains the database of draft-eligible Americans, submitted the “automatic registration” rule change to the Office of Information and Regulatory Affairs on March 30. //
Congress approved automatic registration for the draft last December as part of the 2026 National Defense Authorization Act, must-pass legislation that authorizes funding for military personnel and operations.
“This statutory change transfers responsibility for registration from individual men to SSS through integration with federal data sources,” the agency notes on its website. “SSS will implement the change by December 2026, resulting in a streamlined registration process and corresponding workforce realignment.” //
Currently, 46 states and territories have laws in place to automatically register eligible men when they apply for driver’s licenses or IDs, according to the Selective Service System.
Trump has already said the Navy will escort ships through Hormuz “if necessary.” If the same reflagging requirement applies, every European and Asian tanker that wants a U.S. escort would need to fly the American flag.
Think about what that means for the SHIPS Act, the Jones Act, the U.S. flag fleet, and CMA CGM’s unfulfilled promise to triple its U.S.-flag vessels, Greenland. Hormuz becomes the forcing function for everything Trump’s maritime agenda could not achieve through legislation or diplomacy.
Meanwhile, Iran is selectively letting ships through. Turkish, Indian, Chinese, and some Saudi tankers have been permitted to transit via Iranian territorial waters. About eighteen tankers, mostly Chinese, have done so according to Lloyd’s. Western-allied ships are blocked.
The “closure” is really a sorting mechanism. Iran decides who trades and who does not. Unless the U.S. Navy reopens it for everyone. On America’s terms.
That’s the decision the world has to make, let Iran pull up a tollbooth or stop blocking Trump’s maritime plans. //
While TV oil analysts focus on the global price of oil, the real experts in Houston are watching something different: the fracturing of the global energy market.
The real threat is not $200 oil. It’s a fracture of the system. It is cheap energy in export nations and ruinous energy costs in places far from reserves. It’s $2 oil in the Persain Gulf, $20 dollar oil in the Gulf of America and $2,000 oil in the UK. //
One global price only works if there is a surplus of tankers to arbitrage differentials. Before the Iran strikes, that surplus was razor-thin. Now, with supertankers stuck in the Gulf, it is gone. //
Meanwhile, California has been closing refineries and blocking pipelines, forcing gasoline imports from South Korea on ships with dayrates that are skyrocketing. Govenor Newsom, the leading canidate for President in 2028, is irrate. New England imports LNG and diesel by ship. If Hormuz stays closed, prices spike in those states. Deep blue states. Red state energy costs fall. Blue state costs rise. Europe capitulates on major policy disputes between now and the midterms. //
The strongest version of this thesis is not “Trump is playing 4D chess.” It is that the administration holds more options than anyone realizes, and the insurance mechanism, not the Navy, is the real lever of power.
Speedtest.net data reveals the most popular Wi-Fi router brands in the US, many of which could face trouble licensing new models without an FCC exemption. //
according to Ookla, TP-Link comes in second, with its Wi-Fi routers appearing in only 9.9% of speed test samples. Instead, routers from Amazon-owned Eero lead the pack, although narrowly, with a 10% share. In third is US-based Netgear at 9.6%. //
To prevent harming consumers, the FCC’s order steers clear of banning any Wi-Fi routers currently in use or sold in the US. The Trump administration will also allow vendors to apply for an exemption under the implied pretext that the company will eventually move manufacturing to the US. Whether that process favors US companies over foreign brands is a big question.
Still, as it stands, the FCC is only permitting software updates to flow to existing foreign-made Wi-Fi routers for consumers until March 1, 2027. It's a pretty ironic and alarming deadline, considering software updates keep routers safe from serious vulnerabilities.
One: The next Nobel Peace Prize go to Pakistan’s prime minister, Shehbaz Sharif, for brokering the U.S.-Iranian ceasefire.
Naturally: The Nobel Committee HATES President Donald Trump. Even if he cured cancer, AIDS, SIDS, and male pattern baldness, there’s no way in hell the Nobel Committee will give Trump its seal of approval. //
Two: This ceasefire will be broken repeatedly. Get used to it.
Famously, World War I ended on the 11th day of the 11th month at 11:00 a.m. in 1918.
Only it really didn’t: Even after the armistice, the fighting continued.
Ceasefires are seldom neat and tidy. Either deliberately or accidentally, they’re almost always violated by at least one side.
The Iran War will follow this pattern.
Iran’s #1 objective — by far — is to maintain control of its country. Part of the reason why its military performed so poorly is that it wasn’t really designed to battle America or Israel directly, but to keep its boot atop the Iranian people. //
Three: The “fee” on ships in the Strait of Hormuz is real and here to stay — because President Trump believes that it’ll benefit America.
Does Iran have the power to arbitrarily assign a seven-figure “fee” on ships that pass through the Strait of Hormuz? Over the short-term, yes; over the long-term, no. It’s a violation of international law.
Unless the United States allows it. //
It’ll increase the operational cost on everyone else, making American goods cheaper by comparison, benefiting American companies.
Does it violate international law? Absolutely. Is international law enforceable? Probably not.
To keep our Gulf allies happy, we’ll need waivers (or profit-sharing) for Middle East nations that were hit with Iranian missiles. That’ll give ‘em the funds to rebuild, too. //
Four: The NATO alliance has been fatally wounded and is unlikely to survive.
It might limp on for several more years as a zombie org, but there are too many cracks in its foundation — because it’s now painfully obvious that U.S. and European interests no longer align.
For 100 years, we’ve protected Europe with American blood and treasure. We fought two World Wars on the continent, rebuilt it with the Marshall Plan, and then provided an 80-year security blanket to protect Western Europe from the Soviet Union. //
Europe is wealthy enough to defend itself. Besides, NATO didn’t exactly bend over backward to help us against Iran.
The opposite is true: NATO nations went out of their way to endanger U.S. lives by denying us access to shared military bases and/or their airspace.
That was their decision. And decisions have consequences.
Chief among them: Americans no longer believe that NATO makes us safer, freer, or more prosperous.
Never Trumper David Frum wrote a blistering op-ed on April 8 for The Atlantic, where he confused Richard Nixon’s madman theory with Dwight Eisenhower’s brinkmanship diplomacy. //
The truth is, NATO hasn’t been relevant in over a generation. Even The Times forgot what it stood for! //
Five: Operation Epic Fury also marks the end of the Israeli-U.S. military alliance.
Too much antisemitism. Too much anti-Zionism in the national ether. This means that there are too many political headwinds for the U.S.-Israeli alliance to survive: It’s no longer politically viable.
And that was before the Iran War!
The Democratic Party was already stridently anti-Israel, blasting it as a genocidal, apartheid state. After Israel participated in President Trump’s “illegal war” against Iran, the Dems' hatred has reached a crescendo. //
In all of American history, we’ve never treated a wartime ally this poorly.
It’s not fair, but the world doesn’t run on fairness. It runs on cause-and-effect, and the unfortunate truth is, virtually every PR trendline is heading in an anti-Israel direction. This means that Israel better prepare for a post-U.S. reality, because its future won’t be tied to ours anymore.
The Republican Party isn’t an anti-Israel party yet. But if these trendlines continue, it’s inevitable. //
RubyCupcake
2 hours ago edited
If you want accurate prophecy about what's to come read the Bible - specifically Daniel, Zechariah, Ezekiel, Revelation rather than Nostradamus. The day the US breaks their alliance with Israel is the day it no longer exists. The only reason we've survived God's wrath this long is because of us supporting Israel and the large percentage of Christians living here. //
FeynBohrStein Oldman77
an hour ago
That's advice, not a prediction.
"It's tough to make predictions, especially about the future"—a sentiment often attributed to Yogi Berra or Niels Bohr
One of my favorite Apollo astronauts is the late Jim Lovell. He flew in two missions yet never walked on the moon. His unflappable leadership during the ill-fated Apollo 13 mission helped make it what some called a “successful failure.”
Lovell also flew on Apollo 8, the mission that first flew around the moon. It was Christmas Eve 1968, and Lovell, William Anders, and Frank Borman delivered a Christmas message to the world from their orbit around the moon, which included a reading from Genesis 1: //
Lovell passed away at the age of 97 in August of last year, but a couple of months before he died, he recorded a message for Artemis II. NASA kept Lovell’s message a secret, but mission control played it to wake the crew up on Monday.
Hello Artemis II! This is Apollo astronaut Jim Lovell. Welcome to my old neighborhood. When Frank Borman and Bill Anders and I orbited the moon on Apollo 8, we got humanity's first up close look at the moon and got a view of the home planet that inspired and united people around the world. I'm proud to pass that torch on to you as you swing around the moon and lay the groundwork for missions to Mars, for the benefit of all. It's a historic day, and I know how busy you'll be, but don't forget to enjoy the view. So, Reid and Victor and Christina and Jeremy, and all the great teams supporting you, good luck and Godspeed from all of us here on the good earth.
The TP-Link WR841N router is named by the NCSC as one of the models APT28 has been exploiting, likely using CVE-2023-50224, an unauthenticated information disclosure flaw that allows an attacker to retrieve credentials through an HTTP GET request. When the threat actor has the router’s credentials, a second GET request rewrites the DHCP DNS settings, setting the primary DNS to a malicious IP and the secondary to the original primary.
The advisory lists more than 20 additional TP-Link models targeted in the campaign, //
A second cluster of attacker infrastructure received DNS requests forwarded from compromised MikroTik routers as well as TP-Link gear, and was also used in interactive operations against a smaller set of MikroTik routers "often located in Ukraine" that the NCSC said were likely of intelligence value.
Every 10 years, the National Academies convene a panel of planetary scientists to set priorities for Solar System exploration. These decadal surveys help NASA decide where to send missions and what scientific questions they should seek to answer. None of the results from Artemis II are likely to answer these big questions.
“Is there going to be decadal-level science out of Artemis II? Probably not,” Neal told Ars in an interview this week. “This is a technology demonstration mission… This is primarily to have a crew there to check out the engineering and make sure that things are working.”
From a scientific perspective, what’s most intriguing about Artemis II is figuring out how to incorporate humans into planetary exploration. For more than 50 years, generations of scientists have learned to explore other worlds only through the electronic eyes of robots. With NASA’s return to the Moon, they must learn to take advantage of human observations.
This requires a shift in how ground teams design instruments, plan science campaigns, and select targets for their observations. It also necessitates a change in culture. Astronauts on the lunar surface or in lunar orbit will provide a real-time feedback loop for the army of scientists looking over their shoulders from Earth. During the Apollo program, it took multiple landings to fine-tune how this works.
Should we take a closer look at this rock? Should we go see that outcrop? Humans can make these key decisions in seconds or minutes rather than days, weeks, months, or in some cases, years.
The experience of the Artemis II flyby also informed spacecraft engineers about the utility of the Orion spacecraft as an observation platform and the optical quality of the capsule’s windows. The astronauts reported some issues with glare from the Sun and the Earth. They MacGyvered a makeshift window shroud using a T-shirt to help overcome the glare so they could better see the lunar surface.
“We confirmed that we can achieve science through orbital observations and through integrating science into flight operations,” said Kelsey Young, NASA’s science lead for the Artemis II mission.
Human eyes are remarkably good at sensing color gradients and brightness changes. “Right away, they started describing the green around Aristarchus plateau and different brown hues, and these colors really help tell us nuances about the chemistry of lunar material,” Young said after the flyby.
Glover, Artemis II’s pilot, noted his perception of the Moon’s three-dimensionality during the flyby: “You really get a sense that we’re flying over something with elevation and terrain.” The astronauts were able to glimpse craters, mountains, and ridges at different angles as the Orion capsule arced behind the Moon. “Every vantage point is different,” Young said. //
“You might think that, after looking at hundreds of images taken of the lunar surface, I would get sick of it,” Young said. “I have not, nor do I anticipate getting sick of it.”
“It was quite infectious,” Neal said. “The Earthrise image that they took is one for the ages.”
AI is rapidly changing how software is written, deployed, and used. Trends point to a future where AIs can write custom software quickly and easily: “instant software.” Taken to an extreme, it might become easier for a user to have an AI write an application on demand—a spreadsheet, for example—and delete it when you’re done using it than to buy one commercially. Future systems could include a mix: both traditional long-term software and ephemeral instant software that is constantly being written, deployed, modified, and deleted.
AI is changing cybersecurity as well. In particular, AI systems are getting better at finding and patching vulnerabilities in code. This has implications for both attackers and defenders, depending on the ways this and related technologies improve.
In this essay, I want to take an optimistic view of AI’s progress, and to speculate what AI-dominated cybersecurity in an age of instant software might look like. There are a number of unknowns that will factor into how the arms race between attacker and defender might play out.
The Xteink X4 is a tiny eink ereader which is pretty affordable, and definitely very pocketable. At around £44 from Aliexpress I took the plunge.
One big plus that I had read about was that there are actively developed open source firmwares available for this device, most notably Crosspoint Reader. The supplied firmwares are pretty naff and also mine and most of these come out of the box setup with Chinese localisation. So to be honest, beyond just booting the device to check it worked I immediately flashed Crosspoint reader onto it within seconds. Flashing Crosspoint Reader is incredibly simple as there is a web flashing tool. Simply USB your device to your computer, point a chrome based browser at this website and click flash! Simple.