You’d need to write a script, for example:

#!/bin/bash

# Set the directory where screenshots will be saved
SCREENSHOT_DIR=~/Pictures/Screenshots

# Create the directory if it doesn't exist
mkdir -p "$SCREENSHOT_DIR"

# Get the current date and time in the format MM-DD-YYYY_HH:MM:SS
DATETIME=$(date +"%m-%d-%Y_%H-%M-%S")

# Build the filename using the datetime
FILENAME="screenshot_$DATETIME.png"

# Take a fullscreen screenshot, save it to the specified directory, and copy it to the clipboard
spectacle -f -b -c -o "$SCREENSHOT_DIR/$FILENAME"

# Optional: Notify the user (requires notify-send)
notify-send "Screenshot taken" "$FILENAME saved to $SCREENSHOT_DIR"

You can change the -f to change the screenshot mode. From spectacle --help:

  -f, --fullscreen                        Capture the entire desktop (default)
  -m, --current                           Capture the current monitor
  -a, --activewindow                      Capture the active window
  -u, --windowundercursor                 Capture the window currently under
                                          the cursor, including parents of
                                          pop-up menus
  -t, --transientonly                     Capture the window currently under
                                          the cursor, excluding parents of
                                          pop-up menus
  -r, --region                            Capture a rectangular region of the
                                          screen

Save the script somewhere. It’s safest to make it owned by root and put somewhere like /usr/scripts so random user-access programs can’t edit the script. Use chmod +x to make it executable.

Then go to Plasma -> Settings -> Keyboard -> Shortcuts, Click ‘Add New’ -> Command or Script. For the command, give it the path to your script, give it a name click Add and then set a hotkey by clicking the Add butoon.

We only know if we’re at the top of the curve if we keep pushing the frontier of what is possible. Seeing exciting paths is what motivates people to try to get the improvements and efficiencies.

I do agree that the AI companies are pushing a ridiculous message, as if LLMs are going to replace people next quarter. I too am very pessimistic on that outcome, I don’t think we’re going to see LLMs replacing human workers anytime soon. Nor do I think GitHub should make this a feature tomorrow.

But, machine learning is a developing field and so we don’t know what efficiencies are possible. We do know that you can create intelligence out of human brains so it seems likely that whatever advancements we make in learning would be at least in the direction of the efficiency of human intelligence.

If that’s the case I don’t feel like having hundreds and hundreds of false security reports creates the mental arena that allows for researchers to actually spot the non-false report among all the slop.

It could very well be that you can devise a system which can verify hundreds of false security reports easier than a human can audit the same codebase. The author didn’t explore how he did this but he seems to have felt that it was worth his time.:

What is different, is that for the first time the chance of getting correct results is sufficiently high that it is worth your time and and your effort to try to use it on real problems.

From the blog post: https://sean.heelan.io/2025/05/22/how-i-used-o3-to-find-cve-2025-37899-a-remote-zeroday-vulnerability-in-the-linux-kernels-smb-implementation/

That is quite cool as it means that had I used o3 to find and fix the original vulnerability I would have, in theory, done a better job than without it. I say ‘in theory’ because right now the false positive to true positive ratio is probably too high to definitely say I would have gone through each report from o3 with the diligence required to spot its solution. Still, that ratio is only going to get better.

Conclusion

LLMs exist at a point in the capability space of program analysis techniques that is far closer to humans than anything else we have seen. Considering the attributes of creativity, flexibility, and generality, LLMs are far more similar to a human code auditor than they are to symbolic execution, abstract interpretation or fuzzing. Since GPT-4 there has been hints of the potential for LLMs in vulnerability research, but the results on real problems have never quite lived up to the hope or the hype. That has changed with o3, and we have a model that can do well enough at code reasoning, Q&A, programming and problem solving that it can genuinely enhance human performance at vulnerability research.

o3 is not infallible. Far from it. There’s still a substantial chance it will generate nonsensical results and frustrate you. **What is different, is that for the first time the chance of getting correct results is sufficiently high that it is worth your time and and your effort to try to use it on real problems. **

The point is that LLM code review can find novel exploits. The author gets results using a base model with a simple workflow so there is a lot of room for improving the accuracy and outcomes in such a system.

A human may do it better on an individual level but it takes a lot more time, money and effort to make and train a human than it does to build an H100. This is why security audits are long, manual and expensive process which requires human experts. Because of this, exploits can exist in the wild for long periods of time because we simply don’t have enough people to security audit every commit.

This kind of tool could make security auditing a checkbox in your CI system.

I’m not sure if a signal to noise ratio of 1:100 is uh… Great…

It found it correctly in 8 of 100 runs and reported a find that was false in 28 runs. The remaining 64 runs can be discarded, so a person would only need to review 36 reports. For the LLM, 100 runs would take minutes at most, so the time requirement for that is minimal and the cost would be trivial compared to the cost of 100 humans learning a codebase and writing a report.

So, a security research puts in the code base and in a few minutes they have 36 bug reports that they need to test. If they know that 2 in 9 of them are real zero-day exploits then discovering new zero-days becomes a lot faster.

If a security researcher had the option of reading an entire code base or reviewing 40 bug reports, 10 of which would contain a new bug then they would choose the bug reports every time.

That isn’t to say that people should be submitting LLM generated bug reports to developers on github. But as a tool for a security researcher to use it could significantly speed up their workflow in some situations.

None of that addresses the company at issue.

There are several Chinese developers involved in this investigation.

If the DoD was “designating every rival as a military organization” then why are they singling out specific Chinese developers instead of designating them all as a “Chinese Military Company”? It isn’t because they “have to comply with local data regulations”, all companies have to do that. All Chinese companies have to do that and not all Chinese companies are designated by the DoD as a Military Company.

So, why is this one specific company singled out? Probably because it works for the PLA, as the DoD says.

Your argument is basically “The DoD is lying” which isn’t supported by any evidence in this case. “Trust me bro” from a random social media user isn’t exactly a credible source.

Are iOS app developers usually considered rivals of the Department of Defense?

Or is it only the ones that work for the PLA?

They didn’t designate all Chinese iOS developers, they singled a few out. Unless you think the DoD is trolling, they must have a reason for accusing this specific app developer.

if __name__ == '__main__':
    exec(open(__file__, 'r').read())

From the article:

Several of the apps traced back to Qihoo 360, a firm declared by the Defense Department to be a “Chinese Military Company."

Mate, I think you mean rubbish tip

Same.

It’s also likely that Google will use/require manifest v3 to access some of their services (like YouTube) in order to more strictly apply DRM and prevent adblockers/third party players. That hasn’t happened yet, but it’s the kind of enshittification that these companies like to do.

The consequences of v2 ending is that you should use a non-Chromium-based browser, like Firefox or one of it’s forks.

looking for anything to remember the hierarchy and memorizing the metric and Celsius measurement system, sometimes explained in schooling or local sayings. (if I had an example for those systems I would give one lol).

This is how I was taught it in school:

The idea of being forced to use government approved messaging services seems a bit Orwellian.

Exactly, and you cannot hope to see any meaningful regulation out of the current government.

The company will just buy The Secret Service/Trump’s Presidential Library a fleet of Rolls Royce and he’ll intimidate congress into silence.

It just seems silly to be like “I’m not going to pay for streaming, so I’m going to pirate” and then paying someone to do the piracy for you.

Just don’t expect it will make you faster or more efficient.

It will, but it requires you spend a lot of time dealing with being slow and wanting to give up and reach for the mouse.

I swapped keyboard layouts (to a 52 key split layout) and it took me around 2-3 weeks of typing slow, hitting the wrong keys, and keeping several printed sheets (for all of the keyboard layers) on my desk in order to learn the layout. It was frustrating and it would have been a lot easier to just grab a standard keyboard but, in the end, it was worth it.

Learning vimkeys/application hotkeys does take a while and it is much easier to avoid it for any given task. Just grab the mouse and avoid the frustration of having to try to remember the hotkey (or, even worse, look it up). But if you can avoid that and force yourself through the uncomfortable frustration. You’ll find that the time investment is worth it.

The best way I’ve heard it described is that learning all of the motions, shortcuts, commands, etc is the best way to remove all of the possible friction between you having a thought and you putting that thought into text.

It’s like using Word and learning that CTRL+B toggles Bold. You don’t NEED to know that, you can click the bold icon. The extra 2 seconds that it took to grab the mouse and click the icon and then move your hand back to the keyboard seems trivial, but if you’re doing a lot of writing that can add up to a lot.

In addition, having to stop your train of thought in order to fiddle with a GUI can cause lapses in concentration. Constantly having to stop typing in order to fiddle with a GUI is annoying and requires you to switch context from what you were typing to looking for the icon or menu that you need to click.

Multiply that by everything else you need to do in editing text (moving the cursor to different places, selecting text, finding text, opening and saving documents, etc. That’s a lot of time that you’re spending messing around with a mouse and GUI annoyances.

Also, if you’re using Linux, a lot of tools use vim keys as their interface. So learning the basics (mostly hjkl for moving, / for searching, etc) can help you in a lot of programs.

For example, I’m using vimium in Firefox, so I can operate the entire browser without using the mouse. Press f and all of the links and form fields on the page are tagged with a 2 letter combination, pressing those two letters is like clicking the link/field. I can access shortcuts, open bookmarks, etc all without needing my mouse. In addition, the browser has hotkeys for tab manipulation (ctrl t for new tab, ctrl f4 to close tab, ctrl shift t to re-open/undo last closed tab, etcetc).

I try to have all of my programs be keyboard driven (and use a lot of terminal applications where possible). Vim keys and motions, in all of the various programs that use them, along with the shortcuts from the window manager (everyone knows alt + tab, but there are many more) and even individual applications make that possible (except for Freetube, which requires the mouse :/).

Overall, I would say that it’s not a requirement, but if you’re willing to spend a week or two learning (and moving very slow as you force yourself to learn and use the keys) then I think you’ll have a better time in Linux.

Also, it feels pretty ‘90s hacker movie hacker’ to just flail on the keyboard and have things happen on your PC.

Mike’s Used Appliances is not trying to fingerprint you.

Mike’s Used Appliances might use Google Analytics though.

Around '99 or '00. A friend of mine was gifted a Linux Magazine subscription and made me a copy of the CD. It was noteworthy at the time because it didn’t have any copy protection and we were neck deep in piracy, keeping our friend group supplied with copies of games that we pulled off of IRC.

Getting a CD full of software that made no effort to prevent copying was intriguing enough that we sacrificed a spare machine one weekend (giving up the ability to play LAN StarCraft!) to see what another operating system looked like.

We tinkered on and off for a year, once we could get dual boot working (thanks to the IRC crowd) we used it a bit more often. Mostly ricing, though that wasn’t a term at the time, and playing with the hacking tools (for educational purposes only, of course).

I think there was some copy protection mode that was annoying to write on Windows but trivially easy on Linux, which was the first time that I can remember where it was just better than Windows. That, and ARP poisoning our LAN parties to packet capture and read people’s AIM and ICQ conversations because we were little shits.

Try proton-ge. It’s a build of proton with additional patches from the community.

You can use protonup-qt to install it (or protonup-rs for doing it via terminal/script)