activescott's Notes

Public notes from activescott

Monday, April 27, 2026

Hasbara (Hebrew: הַסְבָּרָה) is the public diplomacy of Israel. It includes mass communication, as well as individual interaction with foreign nationals through social and traditional media, and cultural diplomacy. Organizations involved include the IDF Spokesperson's Unit, Prime Minister's Office, Ministry of Foreign Affairs, and pro-Israel civil society organizations. Historically, these efforts were openly called "propaganda" by the early Zionists who promoted them, with Theodor Herzl advocating such activities in 1899.[1] The term hasbara was introduced by Nahum Sokolow, literally meaning "explaining".[2] This communicative strategy seeks to justify Israeli state actions and is considered reactive and event-driven.

Israeli officials have emphasized the importance of molding American public opinion to influence U.S. foreign policy favorably toward Israel. For example, Prime Minister Benjamin Netanyahu has said, "In the last 30 years, I appeared innumerable times in the American media and met thousands of American leaders. I developed a certain ability to influence public opinion." Netanyahu said this in the context of the Israeli government's decade-long effort to pressure for military action against Iran. He added that this "is the most important thing: the ability to sway public opinion in the United States against the regime in Iran."[

According to The Israel Lobby and U.S. Foreign Policy by John Mearsheimer and Stephen Walt, major American Jewish organizations have played a significant role in advancing an Israeli state narrative to the American public. They quote Rabbi Alexander M. Schindler, former chair of the Conference of Presidents of Major American Jewish Organizations, saying: "The Presidents' Conference and its members have been instruments of official governmental Israeli policy. It was seen as our task to receive directions from government circles and to do our best no matter what to affect the Jewish community." Similarly, they quote Hyman Bookbinder, a high-ranking official of the American Jewish Committee, as saying: "Unless something is terribly pressing, really critical or fundamental, you parrot Israel's line in order to retain American support. As American Jews, we don't go around saying Israel is wrong about its policies."

California’s “Trump Tax Loophole” is a billionaire-friendly tax break that lets the wealthiest commercial property owners avoid paying taxes based on what their properties are actually worth. It traces back to Proposition 13, which was promoted as a way to protect homeowners from being taxed out of their homes when values rise. This law has been exploited to generate massive corporate tax giveaways, including an estimated $200 million windfall at Trump’s 555 California Street building in San Francisco.1 By including commercial and industrial property, the law created a system that billionaire and corporate landowners exploit to lock in artificially low tax bills for decades—even while their buildings skyrocket in value and generate enormous profits.

Requires=

Similar to Wants=, but declares a stronger requirement dependency. Dependencies of this type may also be configured by adding a symlink to a .requires/ directory accompanying the unit file.

If this unit gets activated, the units listed will be activated as well. If one of the other units fails to activate, and an ordering dependency After= on the failing unit is set, this unit will not be started. Besides, with or without specifying After=, this unit will be stopped (or restarted) if one of the other units is explicitly stopped (or restarted).

Often, it is a better choice to use Wants= instead of Requires= in order to achieve a system that is more robust when dealing with failing services.

Note that this dependency type does not imply that the other unit always has to be in active state when this unit is running. Specifically: failing condition checks (such as ConditionPathExists=, ConditionPathIsSymbolicLink=, … — see below) do not cause the start job of a unit with a Requires= dependency on it to fail. Also, some unit types may deactivate on their own (for example, a service process may decide to exit cleanly, or a device may be unplugged by the user), which is not propagated to units having a Requires= dependency. Use the BindsTo= dependency type together with After= to ensure that a unit may never be in active state without a specific other unit also in active state (see below).

Added in version 201.

Sunday, April 26, 2026

With both Hezbollah and Iran damaged but still standing, Trump’s announcement of twin ceasefires in Iran and Lebanon has exposed the principal cheerleader of both conflicts, Netanyahu, to domestic political jeopardy.

Just days before Trump’s Lebanon ceasefire announcement, a poll by the Israel Democracy Institute showed overwhelming support among Jewish Israeli respondents for continuing the conflict even if that led to friction with the US.

The ceasefire with Iran has also proven unpopular within Israel, with two-thirds of Israelis polled by the Hebrew University of Jerusalem opposing the pause in operations.

“I think that, on the one hand, Israelis, Israeli Jews in particular, tend to put both of them [Iran and Lebanon] into the broader basket of ‘all enemies are against us,’” Dahlia Scheindlin, an American Israeli political consultant, pollster, and journalist told Al Jazeera, “We live in a region with a sea of enemies trying to destroy Israel in every possible way. So it becomes part of a wider self-image that Israelis have.”

#

Israel's Prime Minister Benjamin Netanyahu has ordered his military to "vigorously attack Hezbollah targets" in Lebanon, two days after a ceasefire was extended by three weeks.

Israel continues to occupy a much of southern Lebanon and has been carrying out large-scale demolitions there.

An Israeli strike killed Amal Khalil, who worked for a Lebanese newspaper, and injured freelance photographer Zeinab Faraj. Officials in Lebanon say they were deliberately targeted as they sought shelter in a home after an initial air strike hit the vehicle in front of them, killing two men.

#

Saturday, April 25, 2026

The findings expose how suspected commercial surveillance vendors (CSVs) exploit the global telecom interconnect ecosystem, leverage private operator networks, and conduct covert location tracking operations that can persist undetected for years.

SIM Card Exploitation: One campaign sent a malicious SMS containing hidden SIM card commands to extract location information, attempting to turn the device into a covert tracking beacon.

Our findings highlight a systemic issue at the core of global telecommunications: operator infrastructure designed to enable seamless international connectivity is being leveraged to support covert surveillance operations that are difficult to monitor, attribute, and regulate. Despite repeated public reporting, this activity continues unabated and without consequence.

These vulnerabilities are not the result of software bugs or network misconfigurations; rather, they are inherent to global telecommunications design and business practices. The mobile ecosystem comprises over a thousand operators interconnected through roaming agreements and signalling protocols that prioritize efficiency, service availability, and revenue opportunity over security. As a result, a shadowy marketplace of state-backed and commercial espionage actors has emerged, developing and deploying software platforms that weaponize telecommunication networks for global surveillance.

he root of the security problem lies in the foundational signalling protocols themselves. Designed for a trusted community of mobile operators and legitimate third-party service providers, SS7 protocols lack the basic security mechanisms of IP networks, such as authentication and validation to verify the source of signalling messages, integrity checks to ensure that data has not been altered, and encryption to protect its contents.

While most commercial threat groups focus on device implants, there is strong demand by government agencies for “off-the-shelf” telecom surveillance services that use mobile networks to locate and track users, and intercept communications without hacking a target’s phone. These services are often brokered through intermediaries with direct or brokered access to mobile operator or provider networks, allowing surveillance traffic to blend into legitimate roaming operations.

Friday, April 24, 2026

Below is a list of frequently asked questions on the Accessibility Conformance Report (ACR) and the Voluntary Product Accessibility Template (VPAT®). This information was adapted from NASA’s Demystifying Section 508: An Industry Guide to Understanding Section 508 of the Rehabilitation Act.

have not completed a VPAT®/ACR before. Why am I being required to complete it now? Isn’t the VPAT® voluntary?

The U.S. federal government must buy information and communication technology (ICT) that is accessible per Section 508 of the Rehabilitation Act. The government asks industry to submit an Accessibility Conformance Report so that the accessibility of a product may be evaluated. Without the ACR, the government may not proceed with the purchase unless there is a special use case exception that the government – never industry – may claim in which the ACR will not be required. Industry completes the ACR so that their product may be considered for purchase.

The ITI Voluntary Product Accessibility Template (ITI VPAT®) is a free template that translates accessibility requirements and standards (e.g., in Section 508 and other legal frameworks) into actionable testing criteria for products and services. Users should test their products and services against each section of the VPAT and use the template to document results. Once completed, the VPAT® with documented testing results is referred to as an Accessibility Conformance Report (ACR) that details the accessible features of the tested product or service.

The Accessibility Conformance Report (ACR), based on a completed ITI VPAT®, is the leading global reporting format for assisting buyers and sellers in identifying information and communications technology (ICT) products and services with accessibility features. The VPAT includes the leading ICT accessibility standards: Section 508 (U.S.), EN 301 549 (EU), and W3C/WAI WCAG.

A Voluntary Product Accessibility Template (VPAT) is a template containing information regarding how an Information and communications technology (ICT) product or service conforms with Section 508 of the United States Rehabilitation Act of 1973, as amended (29 U.S.C. § 794 (d)). Section 508 provides guidelines for rendering ICT accessible to, and therefore usable by, people with disabilities. The VPAT was originally designed as a tool for vendors to document product compliance to Section 508 and facilitate government market research on ICT with accessible features. Many people started to call the completed document a "VPAT" but the wider procurement community would prefer to call it a product Accessibility Conformance Report, or ACR. The distinction is that the VPAT is the incomplete form, and the ACR is the completed report using the VPAT template.

The current VPAT has expanded to include the U.S. Revised Section 508, European EN 301 549, and WCAG standards which are required by regulations in many jurisdictions.

Opus 4.7 takes instructions more literally than any previous Claude model. Anthropic's own words: "substantially better adherence" and "takes instructions more literally than predecessors." They even recommend retuning existing prompts.

I'll say it plainly: if your prompts have sloppy instructions that Opus 4.6 gracefully ignored or interpreted charitably, Opus 4.7 will follow them to the letter. And you might not like the result.

Example: I had a system prompt that said "always respond in JSON format." With Opus 4.6, it would still give me a natural language preamble before the JSON when it felt the user needed context. Opus 4.7? Pure JSON. Every time. No exceptions. Even when a clarifying question would've been more helpful.

The fix: Be precise about what you actually want. If you mean "respond in JSON format unless the user's question requires clarification," say that. The model won't guess your intent anymore — it'll do what you told it.

This is actually a good thing for production systems. Predictability over cleverness. But you'll need to audit your prompts.

and that misalignment risk remains very low (though higher than for pre-Mythos Preview models).

Autonomy threat model 1 is applicable to Claude Opus 4.7, as it is to some of our previous AI models. Claude Opus 4.7 is less capable than Claude Mythos Preview on our autonomy-relevant evaluations, and our alignment assessment indicates it has alignment properties broadly similar to those of Claude Opus 4.6, which are not particularly concerning with respect to the pathways identified for this threat model. We therefore do not believe Claude Opus 4.7 raises the level of risk under this threat model beyond what was assessed in the Claude Mythos Preview Alignment Risk Update. Unlike Claude Mythos Preview, Claude Opus 4.7 is being released for general access, which brings additional risk pathways into scope. Rather than publishing a separate risk report, we provide an updated overall risk assessment for this threat model in Section 2.4 of this system card

Evaluation awareness concerns substantially limit the interpretation of these results. Given high rates of prompted evaluation awareness, models can likely correctly represent our evaluations as such without verbalisation. It is difficult to know whether models act on such representations, but this means that models may behave differently than they would when presented with real-world opportunities to compromise research. The reported rate of zero research compromise behaviour should therefore be interpreted cautiously.

Users have two solutions for avoiding this fatigue: a built-in sandbox where tools are isolated to prevent dangerous actions, or the --dangerously-skip-permissions flag that disables all permission prompts and lets Claude act freely, which is unsafe in most situations. Figure 1 lays out the tradeoff space. Sandboxing is safe but high-maintenance: each new capability needs configuring, and anything requiring network or host access breaks isolation.

Auto mode uses two layers of defense: one for what Claude reads, one for what Claude does.

a server-side prompt-injection probe scans tool outputs:

At the input layer, a server-side prompt-injection probe scans tool outputs (file reads, web fetches, shell output, external tool responses) before they enter the agent's context. When content looks like an attempt to hijack behavior, the probe adds a warning to the agent's context before the result is passed along—telling the agent to treat this content as suspect and anchor on what the user actually asked for.

At the output layer, the transcript classifier (running on Sonnet 4.6) evaluates each action against a set of decision criteria before it executes, acting as a substitute for a human approver. The classifier runs in two stages: a fast single-token filter (deciding ‘yes’ to block or ‘no’ to allow), followed by chain-of-thought reasoning only if the first filter flags the transcript. Because most actions clear the first stage, reasoning tokens are spent only where needed. The classifier sees only user messages and the agent's tool calls; we strip out Claude's own messages and tool outputs, making it reasoning-blind by design.

So... Claude Code's auto mode lets through 17% of dangerous real world actions. From the article:

False-negative rate (FNR) is the fraction of dangerous actions the classifier lets through... The 17% false-negative rate on real overeager actions is the honest number. The agent was trying to solve the user's problem and tried to execute a dangerous command past what was authorized.

I don't think comparing it to --dangerously-skip-permissions is intellectually honest since Claude Code now prompts you to make Auto Mode your default mode now, while --dangerously-skip-permissions was basically a hidden feature. I don't know anyone else that I work with who even knew about it.

Whether 17% is acceptable depends on what you're comparing against. If you are running --dangerously-skip-permissions, this is a substantial improvement. If you are manually approving every action carefully, it's arguably a regression—you're trading your own judgment for a classifier that will sometimes make a mistake. Auto mode is meant for the first group, and for tasks where the second group's approval overhead isn't worth the marginal safety. It is not a drop-in replacement for careful human review on high-stakes infrastructure.

At the input layer, a server-side prompt-injection probe scans tool outputs (file reads, web fetches, shell output, external tool responses) before they enter the agent's context. When content looks like an attempt to hijack behavior, the probe adds a warning to the agent's context before the result is passed along—telling the agent to treat this content as suspect and anchor on what the user actually asked for.

Israel has granted a perpetrator of war crimes in Gaza the honor of lighting a ceremonial torch on Independence Day. By choosing Rabbi Avraham Zarbiv to represent “the spirit of the nation,” Israel is making genocide part of its official national ethos.

“There’s nothing for them to go back to in Rafah and Jabalya… Tens of thousands of families have no documents, childhood photos, ID cards, homes. Nothing.” This boast was made by Rabbi Avraham Zarbiv, an Israeli Rabbi who perpetrated war crimes who has been chosen to light a torch at Israel’s Independence Day ceremony, today, April 21. This is one of the highest accolades in the country, granted to “exemplary citizens” who represent “the spirit of the nation.”

Rabbi Zarbiv served about 500 days as a military reservist in Gaza over the last two and a half years. As a bulldozer operator during the genocide, he carried out war crimes of which he has openly boasted in videos he filmed, media interviews and public talks.

Bestowing one of the highest civilian honors in Israel on a citizen who committed war crimes illustrates how deeply the dehumanization of Palestinians has taken root in the Israeli mainstream. It is yet another terrifying signal that genocide has officially become part of the national ethos. Rabbi Avraham Zarbiv is a regional rabbinical court judge for the settlement of Ariel, and head the pre-military academy in the settlement of Beit El that educates hundreds of Israeli youth. Choosing him as an “exemplary citizen” represents a state-level endorsement of the complete de-humanization of Palestinians, systematic destruction of Palestinian life and the governing logic of annihilation and ethnic cleansing in the Gaza Strip and the West Bank. Zarbiv is not ashamed of his actions, neither, clearly is the State of Israel. We’vecompiled some documentation here to mark the occasion.

An extremist rabbi known for razing civilian homes in Gaza will light a torch at Israel’s independence day celebration on Tuesday, a role human rights campaigners said marked the embrace of genocide as the official “spirit of the nation”.

The footage spread so widely on social media that his name entered the lexicon of Hebrew slang. “To Zarbiv” now means to destroy, a neologism that the 54-year-old has embraced, making it the title of a lecture earlier this year.

Zarbiv’s selection for the ceremony marks an official endorsement of the dehumanisation of Palestinians and systematic destruction of Palestinian life, according to the rights group B’tselem. It said: “This selection sends a clear message to the citizens of Israel and the entire world – in Israel, genocide, ethnic cleansing and war crimes are the ‘spirit of the nation’.”

Israel's levelling of these structures comes after Defence Minister Israel Katz's order on 22 March to "accelerate the destruction of Lebanese homes" near the Israeli border based on the "model in Gaza" as part of its campaign against Hezbollah.

The systematic demolition of these towns and villages may amount to a war crime, international law experts told BBC Verify.

Katz's plan for an Israeli-controlled "security zone" extending from the border to the Litani river would take up about 10% of Lebanon's territory.

Using verified footage and analysis of available satellite imagery, BBC Verify found evidence of controlled Israeli demolitions in at least seven border towns and villages.

We found more than 460 buildings had been demolished in Aita al-Shaab alone. Excavators and armoured vehicles can also be seen in satellite imagery of the village, according to Tony Reeves, founder of intelligence analysis firm MAIAR.

The deliberate demolition of structures is not a new Israeli military tactic. It has been deployed across swathes of Gaza during the war that was triggered by the Hamas-led attack on Israel on 7 October 2023.

Multiple legal experts told BBC Verify the destruction of property is strictly prohibited by international humanitarian law, unless it is demanded by military necessity. The bar for necessity is higher than military convenience or advantage, according to Prof Janina Dill, a global security and international law expert at Oxford University: "It certainly does not cover levelling entire villages as a predicate to long-term national security." It also requires case-by-case analysis when determining which buildings have military significance, said Yuval Shany, a legal expert from the Israel Democracy Institute think tank. The capacity of some civilian buildings to be used for military activity "does not justify a sweeping policy of creating buffer zones next to the border inside which all buildings are to be destroyed", he added.

Dr Lawrence Hill-Cawthorne, co-director of the Centre for International Law at the University of Bristol, reiterated that the "fundamental rule of law" is that civilian objects must not be targeted. "It is not a permissible defence to claim that the total destruction of towns and villages in southern Lebanon is necessary for creating a buffer zone to hold back Hezbollah," he said. "Even if Israel's war in Lebanon can be considered self-defence against attacks from Hezbollah, its conduct seems to go far beyond a limited war of self-defence against specific attacks."