Mount Vernon Police District- Detectives from our Financial Crimes Unit uncovered a credit card skimming operation that targeted ATMs and payment devices inside stores across the Richmond Highway corridor, leading to one arrest.

In September, our Financial Crimes Unit partnered with the United States Secret Service to conduct an operation targeting credit card skimming activity along the Richmond Highway corridor. The initiative was prompted by the discovery of two skimming devices earlier that month, raising concerns about potential widespread fraud.

During the operation on September 11, detectives uncovered seven skimming devices, six of which were advanced models equipped with miniature camera systems strategically placed at ATMs. These sophisticated devices were designed to capture both card data and PIN entries from unsuspecting victims.

Below are photos of skimming devices recovered:

Skimming devices were located at the following stores:

Store:	Address:
Dollar Tree	6711 Richmond Hwy
7-Eleven	8226 Russell Rd, Woodlawn
7-Eleven	5638 Mount Vernon Memorial Hwy, Mount Vernon
7-Eleven	5638 Mount Vernon Memorial Hwy, Mount Vernon
7-Eleven	2901 Arlington Dr, Groveton
7-Eleven	3100 Lockheed Blvd, Groveton
7-Eleven	2800 Beacon Hill Rd, Groveton

Through their investigation, detectives identified Marko Puskas, 40, of no fixed address, as the suspect responsible for placing the skimming devices.

As the investigation continued, the Calvert County Sheriff’s Office in Maryland contacted our detectives regarding similar cases in their jurisdiction and assisted in determining that Puskas was in Fairfax County.

On October 2, detectives, with the assistance of our Violent Crime Suppression Unit, located Puskas in the 7100 block of Lee Highway in Falls Church and took him into custody.

(Surveillance Photo of Puskas)

Puskas was charged with Identity Theft, Possession of Fictitious Identification, Possession of Burglarious Tools, Conspiracy to Commit a Felony, and was served with six outstanding Fairfax County warrants for Unlawful Use of Payment Card Scanning Devices and Re-Encoders. He was transported to the Fairfax County Adult Detention Center, where he was held on no bond.

How to Protect Yourself from Skimming Devices

Credit card skimming devices are often small, discreet, and designed to blend in seamlessly with legitimate card readers. They can be found at ATMs, gas pumps, and even self-checkout machines. Here are some tips to help protect yourself from becoming a victim:

• Inspect before you insert. Before using an ATM or gas pump, look closely at the card reader and keypad. If the card slot looks loose, bulky, or mismatched in color or material compared to the rest of the machine, it could be a skimmer.
• Check for hidden cameras. Skimmers are often paired with tiny cameras aimed at capturing your PIN. Look for any unusual attachments, pinholes, or objects positioned near the keypad.
•  Do not accept assistance from anyone you don’t know while using an ATM or payment device. Scammers sometimes pose as helpful bystanders to distract you or capture your information.
• Cover your PIN. Always use your hand to shield the keypad while entering your PIN, even if you don’t see anything suspicious.
• Use familiar or well-lit locations. Whenever possible, use ATMs inside banks or high-traffic areas where criminals are less likely to install devices unnoticed.
• Monitor your accounts regularly. Review your bank and credit card statements frequently for unauthorized transactions, even small ones, which can signal a compromised card.
• Use contactless payment methods. Tap-to-pay cards or mobile wallets provide an extra layer of protection, as they don’t transmit your physical card data.

If you believe you’ve been a victim of skimming or notice a suspicious device, do not attempt to remove it. Instead, call our non-emergency number at 703-691-2131.

Anyone with information regarding this incident is encouraged to call our Financial Crimes Unit at 703-246-3533. Tips can also be submitted anonymously through Crime Solvers by phone – 1-866-411-TIPS (866-411-8477), and by web – Click HERE. Download the ‘P3 Tips’ App “Fairfax Co Crime Solvers”. Anonymous tipsters are eligible for cash rewards. Please leave contact information if you wish for a detective to follow up with you.  

Register your camera with Connect Fairfax County to help FCPD solve crimes, locate missing people, and support investigations.

For ongoing updates, please read our blog and follow us on X, Facebook and Instagram at @FairfaxCountyPD.

Tim Bray writes, on Mastodon, I think correctly:

The canceling of ICEBlock is more evidence, were any needed, that the Web is the platform of the future, the only platform without a controlling vendor. Anything controversial should be available through a pure browser interface.

This is not the first time I’ve had reason to think about this — I think about issues of tech freedom every day, and I still bristle, after all these years (now more than ever), at having to publish NetNewsWire for iOS through the App Store. (The Mac version has no such requirement — it’s available via the website, and I have no plans to ever offer it via the Mac App Store.)

But what if I wanted to do a web app, in addition to or instead of a native app?

I can picture a future, as I bet you can, where RSS readers aren’t allowed on any app store, and we’re essentially required to use billionaire-owned social media and platform-owned news apps.

But there are issues with making NetNewsWire a web app.

Money

I explain in this post that NetNewsWire has almost no expenses at all. The biggest expense is my Apple developer membership, and I pay just a little bit to host some websites. It adds up to a couple hundred bucks a year.

If it were a web app instead, I could drop the developer membership, but I’d have to pay way more money for web and database hosting. Probably need a CDN too, and who knows what else. (I don’t have recent web app experience, so I don’t even know what my requirements would be, but I’m sure they’d cost substantially more than a couple hundred bucks a year.)

I could charge for NetNewsWire, but that would go against my political goal of making sure there’s a good and free RSS reader available to everyone.

I could take donations instead, but that’s never going to add up to enough to cover the costs.

And in either case I’d have to create a way to take money and start up some kind of entity and then do bookkeeping and report money things to the right places — all stuff I don’t have to waste time on right now. I can just work on the app.

Alternately I could create a web app that people would self-host — but there’s no way I could handle the constant support requests for installation issues. There are free self-hosted RSS readers already anyway, and NetNewsWire would be just another one. This also wouldn’t further my goal of making a free RSS reader available to everyone, since only people with the skills and willingness to self-host would do it.

Protecting Users

Second issue. Right now, if law enforcement comes to me and demands I turn over a given user’s subscriptions list, I can’t. Literally can’t. I don’t have an encrypted version, even — I have nothing at all. The list lives on their machine (iOS or macOS). If they use a syncing system, it lives there too — but I don’t run a syncing system. I don’t have that info and can’t get it.

If that happened, I’d have to pay a lawyer to see if the demand is legit and possibly help me fight it. That’s yet more money and time.

(Could I encrypt the subscription lists on the server? Yes, but the server would have to be able to decrypt it, or else the app couldn’t possibly work. Which means I could decrypt the lists and turn them over.)

Another type of freedom

Not an issue, exactly, but a thing.

I was 12 years old when I got my first computer, an Apple II Plus, and I’ve never stopped loving the freedom of having my own computer and being able to run whatever the hell I want to.

My computer is not a terminal. It’s a world I get to control, and I can use — and, especially, make — whatever I want. I’m not stuck using just what’s provided to me on some other machines elsewhere: I’m not dialing into a mainframe or doing the modern equivalent of using only websites that other people control.

A world where everything is on the web and nothing is on the machines that we own is a sad world where we’ve lost a core freedom.

I want to preserve that freedom. I like making apps that show the value of that freedom.

What I want to see happen is for Apple to allow iPhone and iPad users to load — not sideload, a term I detest, because it assumes Apple’s side of things — whatever apps they want to. Because those devices are computers.

I get it. It’s not looking good. And even with the much greater freedom for Mac apps there is still always the possibility of being shut down by Apple (by revoking developer memberships, refusing to notarize, or other technical means).

Still, though, I keep at it, because this freedom matters.

But, again…

Apple keeps doing things that make us all feel sick. Removing ICEBlock is just the latest and it won’t be the last. So I am sympathetic to the idea of making web apps, and my brain goes there more often. And if I could solve the problems of money and of protecting users, I’d be way more inclined.

Bit of news on the historic preservation front. Cyan has posted the "Making of Myst" video from 1993, remastered in high-resolution from the original video files. Credit to Ted Sase for a fantastic job.

This 13-minute video was included on the original 1993 Myst CD-ROM. Because CD-ROMs were enormous, and they had all this free space left over...! The original Quicktime movie data was a whopping 73 megabytes. It looked kinda like this:

Okay, that's a Youtube rip, so it's probably worse than what I watched on my Mac Centris 610. But this was highly compressed video data. Also color grading hadn't been invented.

Comparison, today's version:

How is this possible? A couple of years ago, the Video Game History Foundation got permission to scan and digitize a pile of videotapes from Cyan's vault.

With that material available, Ted Sase was able to recover the original recordings and recreate the original video in 4K res. I'm pretty sure he redid all the titles, the transitions, the lot. In-game footage re-recorded from the game, of course. Ooh, is that a fixed aspect ratio? Nice.

There's a couple of brief shots that haven't improved. (See "Testing", 11:45.) I assume that footage was not found, so Sase couldn't do anything except color-correct the CD-ROM version. And of course the images filmed from CRTs have no more pixels than they did in 1993. (Although the monitor desync stripes have been cleaned up!)

But I'm just nitpicking to reassure the creator that his efforts have been appreciated. This is an amazing effort. My congratulations.

Beyond Vibe Coding

Back in May I wrote Two publishers and three authors fail to understand what “vibe coding” means where I called out the authors of two forthcoming books on "vibe coding" for abusing that term to refer to all forms of AI-assisted development, when Not all AI-assisted programming is vibe coding based on the original Karpathy definition.

I'll be honest: I don't feel great about that post. I made an example of those two books to push my own agenda of encouraging "vibe coding" to avoid semantic diffusion but it felt (and feels) a bit mean.

... but maybe it had an effect? I recently spotted that Addy Osmani's book "Vibe Coding: The Future of Programming" has a new title, it's now called "Beyond Vibe Coding: From Coder to AI-Era Developer".

This title is so much better. Setting aside my earlier opinions, this positioning as a book to help people go beyond vibe coding and use LLMs as part of a professional engineering practice is a really great hook!

From Addy's new description of the book:

Vibe coding was never meant to describe all AI-assisted coding. It's a specific approach where you don't read the AI's code before running it. There's much more to consider beyond the prototype for production systems. [...]

AI-assisted engineering is a more structured approach that combines the creativity of vibe coding with the rigor of traditional engineering practices. It involves specs, rigor and emphasizes collaboration between human developers and AI tools, ensuring that the final product is not only functional but also maintainable and secure.

Amazon lists it as releasing on September 23rd. I'm looking forward to it.

Tags: books, oreilly, ai, generative-ai, llms, ai-assisted-programming, addy-osmani, vibe-coding

I ran Claude in a loop for three months, and it created a genz programming language called cursed

Geoffrey Huntley vibe-coded an entirely new programming language using Claude:

The programming language is called "cursed". It's cursed in its lexical structure, it's cursed in how it was built, it's cursed that this is possible, it's cursed in how cheap this was, and it's cursed through how many times I've sworn at Claude.

Geoffrey's initial prompt:

Hey, can you make me a programming language like Golang but all the lexical keywords are swapped so they're Gen Z slang?

Then he pushed it to keep on iterating over a three month period.

Here's Hello World:

vibe main
yeet "vibez"

slay main() {
    vibez.spill("Hello, World!")
}

And here's binary search, part of 17+ LeetCode problems that run as part of the test suite:

slay binary_search(nums normie[], target normie) normie {
    sus left normie = 0
    sus right normie = len(nums) - 1    
    bestie (left <= right) {
        sus mid normie = left + (right - left) / 2
        ready (nums[mid] == target) {
            damn mid
        }
        ready (nums[mid] < target) {
            left = mid + 1
        } otherwise {
            right = mid - 1
        }
    }
    damn -1
}

This is a substantial project. The repository currently has 1,198 commits. It has both an interpreter mode and a compiler mode, and can compile programs to native binaries (via LLVM) for macOS, Linux and Windows.

It looks like it was mostly built using Claude running via Sourcegraph's Amp, which produces detailed commit messages. The commits include links to archived Amp sessions but sadly those don't appear to be publicly visible.

The first version was written in C, then Geoffrey had Claude port it to Rust and then Zig. His cost estimate:

Technically it costs about 5k usd to build your own compiler now because cursed was implemented first in c, then rust, now zig. So yeah, it’s not one compiler it’s three editions of it. For a total of $14k USD.

Via @GeoffreyHuntley

Tags: c, programming-languages, ai, rust, zig, generative-ai, llms, ai-assisted-programming, anthropic, claude, vibe-coding, geoffrey-huntley

Hello world. This is my new blog. I’ve been writing it in private for awhile now, so I’m glad you’re here. Check out what it’s all about, then I hope you’ll explore and find something interesting.

I usually post something new a couple times a week. If you’d like a monthly roundup via email, subscribe to the newsletter.

A lot has changed since I started writing on the web half a lifetime ago, but I believe one thing hasn’t: sharing what’s on your mind brings you closer to finding your people and yourself. I’m glad to be back at it. What are you working on? I’d love to hear about it—get in touch.

Tags: #blog #meta