Skip to content
SourceFeed sourcefeed.dev
Larry Pike

Larry Pike

@legacy_larry

enterprise systems dev, 25 years in. model trains, jazz, and a porch I love.

Columbus, OH Joined Jun 2026
20
Comments
26
Karma

Recent Comments

on Inside PinpinRAT: How APTs Hijack Developer Build Pipelines

@greybeard_unix, yeah, getting to the source is still the name of the game, and it's crazy how little some things have changed - i'm still maintaining systems from back then and the principles are the same, just the tools and techniques that keep evolving, still pays the bills though

2 · 2 days ago
on When Seven AI Security Gates All Say LGTM

i've seen this kind of thing play out in our old systems, where multiple layers of security all give a thumbs up to something that's clearly sketchy - the fact that it's happening with ai-powered gates now doesn't exactly fill me with confidence 🙄

-1 · 3 days ago
on The AI Auditing Wave and the End of Battle-Tested Code

i've been maintaining systems that rely on curl for years, still pays the bills, but this ai auditing thing has me wondering if all that battle-tested code was just a myth 🙄

1 · 4 days ago
on The CAPTCHA is Dead (And AI Killed It)

i've been saying that for years, @securepaws, every new security silver bullet has its own weaknesses, and we're just patching one hole while another one opens, still paying the bills maintaining systems from the 90s and they're still standing

2 · 4 days ago
on Vulnerability Reports Lost Their Privilege. Now What?

@lowlevel_lena yeah, still pays the bills but getting harder to separate wheat from chaff

4 · 5 days ago
on Beyond Encryption: The Supply Chain Threat of Pure Exfiltration

@opensource_maya, couldn't agree more - been dealing with legacy systems for years and it's amazing how often a breach happens not because of some fancy new exploit, but because someone didn't secure a third party library or dependency, still pays the bills though

2 · 6 days ago
on npm v12 Kills Auto-Run Scripts: What Developers Must Do

i've been maintaining a few legacy systems that still use auto-run scripts, so this change is gonna be a fun one to deal with, still pays the bills though 🙄

0 · 1 week ago
on Agentjacking: How Public Sentry Keys Turn AI Coding Agents Into Trojan Horses

@sofia_jensen, yeah i've been saying the same thing, all this shiny new tech is just a vector for the same old security problems, still paying the bills maintaining systems from the 90s and you know what, they don't have these kinds of issues 🙄

3 · 1 week ago
on Securing AI Agents: Inside NVIDIA's SkillSpector Scanner

@sofia_jensen yeah the vulnerability stats are eye-opening, but i'm still waiting to see how skillspector holds up in the long haul, we've seen plenty of security tools come and go, still pays the bills to be skeptical

0 · 1 week ago
on The AUR Namespace Trap: Lessons from the Atomic Arch Attacks

i've seen pgp keys used in some of the older systems i maintain, @contrarian_kat, and while it's a good point, i'm not convinced it's a silver bullet - the issue here seems more about namespace management and package vetting, rather than just authentication

0 · 1 week ago