Mastodon Feed
collinsworth@hachyderm.io ("Josh Collinsworth") wrote:
You know that little chat pop-up we all hate? The one that always appears in the lower right corner of every website, with a hyper obnoxious prompt like, "chat now with an enterprise sales specialist!"? The one we all wish we'd just never see again and would happily install a browser extension just to block forever?
Yeah, that little AI sparkle button is WAY more obnoxious than that now.
Mastodon FeedReblogged by collinsworth@hachyderm.io ("Josh Collinsworth"):
Alice@beige.party ("Alice McFlurry, BBW/WAP :bc:") wrote:
Sorry for any confusion that resulted from me updating my profile pic, but I had to ensure it matched my LinkedIn profile pic.
Mastodon FeedReblogged by slightlyoff@toot.cafe ("Alex Russell"):
tri_becca90 ("Rebecca Rivers") wrote:
You know what I would love to watch a 4-hour documentary on YouTube about?
Trends in mobile ads.
There have been a bunch of different “phases” they have gone through.
Do you remember when Mobile ads started to try to get you to interact with the ads?
Or would include weird puzzles that weren’t actually in the game and then they had to shoehorn them in?
It would also be interesting to compare mobile ad trajectories to web ads.
Mastodon Feedjsonstein@masto.deoan.org ("Jeff Sonstein") wrote:
one plodding step at a time
Mastodon Feedcollinsworth@hachyderm.io ("Josh Collinsworth") wrote:
Roasts should be a more normal thing than they are, because we all know someone who could really use a nice, firm, good-natured "what the actual fuck are your shit choices right now?"
Mastodon Feedrmrenner ("The Old Gay Gristle Fest") wrote:
Consoles from after the introduction of HDMI but before game companies got used to the idea of gameplay streaming are such a hassle to get video out of
Mastodon Feedrmrenner ("The Old Gay Gristle Fest") wrote:
Boo, I just discovered that my HDMI splitter can successfully remove HDCP protection from the PS3's output but not the Vita TV
Mastodon FeedReblogged by cstanhope@social.coop ("Your friendly 'net denizen"):
eb@social.coop ("Evan Boehs") wrote:
https://boehs.org/node/everything-i-know-about-the-xz-backdoor
I have begun a post explaining this situation in a more detailed writeup. This is updating in realtime, and there is a lot still missing.
Mastodon FeedReblogged by keul@fosstodon.org ("Luca Fabbri"):
olly1240@livellosegreto.it wrote:
@ed @kenobit Ho un'importante segnalazione per tutti gli utenti debian/fedora, in generale tutti quelli che usano APT, RPM, e Linux. È stata trovata una backdoor in liblzma che coinvolge openssh e forse altri esegubili. Al momento ha un CVSS score di 10.0 (RedHat). Tutte le versioni dopo la 5.6.0 presentano il payload ma non l'exploit. https://www.openwall.com/lists/oss-security/2024/03/29/4
Il link contiene anche uno script per verificare la vulnerabilità
Mastodon FeedReblogged by keul@fosstodon.org ("Luca Fabbri"):
guidostevens@kolektiva.social ("Guido Stevens") wrote:
Looks like the XZ vulnerability was introduced 5 weeks ago. That means it shouldn't be on any of my systems. Phew! 😅
Let's see how this story unfolds. #infosec
Mastodon FeedReblogged by kornel ("Kornel"):
xkcd@mastodon.xyz ("XKCD Bot") wrote:
Cesium-133, let it be. Cesium-134, let it be even more.
https://xkcd.com/2913/
Mastodon Feedxor@tech.intersects.art ("Parker Higgins") wrote:
wrote my name down so sloppily i have to resign in disgrace
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
duncaned@tech.lgbt ("Duncan Campbell") wrote:
Professor Ross Anderson, FRS, FREng Our dear friend and treasured long term campaigner for privacy and security, Professor of Security Engineering at Cambridge University and Edinburgh University, Lovelace Medal winner, died suddenly at the family home in Cambridge overnight. His wife, Shireen is with their children and grandchildren. Ross had suffered heart problems for some years. He recently mentioned experiencing Covid reinfection, causing brain fog as a sequel. He was 67. His loss leaves a void for his family and for us all who care about digital privacy and security, as an inspiration and a doughty fighter, over many decades. Goodbye, my friend
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
esther@strangeobject.space ("Esther is finally relaxing") wrote:
Wow. I don't think I've ever seen an "immediately stop using your computer" warning for a security issue. Usually it's "update your stuff as soon an possible"
This is very bad.
https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
mrtnsnp ("Maarten Sneep") wrote:
If you use homebrew (on a mac), please run brew update; brew upgrade; immediately. This will downgrade the xz package and the lzma library to remove malicious code that has been introduced in the current versions.
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
bentsukun@mastodon.sdf.org ("ベンツくん") wrote:
Wow, this was a real rollercoaster ride. xz versions 5.6.0 and 5.6.1 contain a backdoor.
Mastodon Feedjsonstein@masto.deoan.org ("Jeff Sonstein") wrote:
kowabunga!
Mastodon FeedGargron ("Eugen Rochko") wrote:
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
nixCraft ("nixCraft 🐧") wrote:
Sama somehow convinced Microsoft to spend another 100 billion dollars. He still needs 6.9 trillion, tho. Let’s go 😂 Microsoft & OpenAI are working on plans for a data center project that could cost as much as $100 billion and include an artificial intelligence supercomputer called "Stargate" set to launch in 2028 https://www.reuters.com/technology/microsoft-openai-planning-100-billion-data-center-project-information-reports-2024-03-29/
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
vegard ("Vegard Nossum") wrote:
Upstream backdoor discovered in xz-utils/liblzma: https://www.openwall.com/lists/oss-security/2024/03/29/4
It seems to affect ssh authentication.
As far as we know, only xz-utils 5.6.0/5.6.1 are affected and these are luckily not yet widely deployed.
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
Aissen@treehouse.systems ("Anisse") wrote:
Wow, that's very scary. It seems like a regular contributor (for 2 years) to an open source project (xz/liblzma) has planted exploit code that has heavy repercussion on ssh security. When the issue was caught by valgrind, the attacker fixed it, and then updated the exploit code ("test files") to keep it working.
Luckily it seems to have been caught early (before widespread distro integration). You can use @vegard 's script to analyze if your system is compromised.
https://mastodon.social/users/vegard/statuses/112179869758119960
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
NPR@press.coop ("NPR :press:") wrote:
Texas appeals court acquits Crystal Mason's illegal voting conviction
The court said the state did not have enough evidence to prove that Mason knew she was ineligible to vote when she cast a ballot in the 2016 election. She was facing a five-year prison sentence. #press
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
I accidentally found a security issue while benchmarking postgres changes.
If you run debian testing, unstable or some other more "bleeding edge" distribution, I strongly recommend upgrading ASAP.
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
thisismissem@hachyderm.io ("Emelia 👸🏻") wrote:
Specifically, there's a bunch of what look like fake accounts all posting a pro-Israel set of hashtags / messages; The other posts by these accounts seem completely random garbage, like a quote from breaking bad with a picture of flamingos, or random "feel good" quotes. https://josh.tel/@josh/112180104323769056
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
Catherine Rampell, in the Washington Post:
"Got that? Trump owes this money because he fraudulently misrepresented the value of his assets, and now apparently no one will accept those assets as collateral. Oops."
"Imagine you sold someone a glass engagement ring that you claimed was a real diamond. Then, when a judge found you liable for fraud, you tried to use the “diamond ring” as collateral for an appeal bond. That’s the level of chutzpah we’re working with here."
Mastodon Feedjsonstein@masto.deoan.org ("Jeff Sonstein") wrote:
https://www.inquirer.com/opinion/baltimore-bridge-collapse-immigrant-deaths-20240328.html
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
briankrebs@infosec.exchange ("BrianKrebs") wrote:
This is so badass: Ukraine is using a network of thousands of mobile phones deployed across the country to track incoming drones and missiles.
h/t to @riskybusiness which notes on this week's podcast that Iranian drones apparently are really loud. So they use these network of phones to hear when lawn-mower drones trundle on by, and then shoot them down with small arms fire.
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
gtconway3@threads.net ("George Conway") wrote:
how it started/how it went/face-eating leopards etc etc etc
RE: https://www.threads.net/@washingtonpost/post/C5GxA4ZObGG
Mastodon Feedjsonstein@masto.deoan.org ("Jeff Sonstein") wrote:
a long over-due move
https://www.bbc.com/news/world-middle-east-68684069
h/t @jockr
Mastodon FeedReblogged by jsonstein@masto.deoan.org ("Jeff Sonstein"):
cstross@wandering.shop ("Charlie Stross") wrote:
Sir Jeffrey Donaldson has resigned as leader of the Democratic Unionist party after being charged with historical sexual offences, throwing Northern Ireland politics into turmoil.
(Note for foreigners: the DUP are a right-wing Loyalist protestant party, so think of them as Northern Ireland's equivalent of the US Republican party.)
