drspod

joined 3 years ago
sorted by: new top controversial old
ChatGPT Tells User to Mix Bleach and Vinegar in c/fuck_ai@lemmy.world
[–] drspod@lemmy.ml 2 points 3 days ago

CORRECTED STEP 2: THE SOAK OF RIGHTEOUSNESS

PSA: Mozilla Monitor still sends your data to surveillance company OneRep - more than a year after promising they wouldn't in c/firefox@lemmy.world
[–] drspod@lemmy.ml 6 points 3 days ago (1 children)

This is only relevant to you if you signed up for their Monitor service.

FUCK HIM in c/tenforward@lemmy.world
[–] drspod@lemmy.ml 20 points 4 days ago (4 children)

You probably think they'd be better with two heads on one body, eh Zaphod?

PSA: Mozilla Monitor still sends your data to surveillance company OneRep - more than a year after promising they wouldn't in c/firefox@lemmy.world
[–] drspod@lemmy.ml 23 points 4 days ago (2 children)

Handing over all of your private data to one company so that they can "delete your data across the whole web" was always a business model ripe for abuse. It shouldn't be surprising at all that the data brokers themselves are creating these deletion services.

Even if you find a company that you trust, surely we know by now that no database is secure in the modern age. Eventually that database will leak and given that these data deletion services have every item of personal data for all of their customers, they are an extremely high value target.

Gmail : la CNIL menace Google d'une amende record in c/technologie@jlai.lu
[–] drspod@lemmy.ml 1 points 4 days ago

paywall

Deadnaming (It's wholesome, trust me) in c/tumblr@lemmy.world
[–] drspod@lemmy.ml 35 points 4 days ago (1 children)

This would be a remarkable cover for straight up identity theft.

Spotted rule in c/onehundredninetysix@lemmy.blahaj.zone
[–] drspod@lemmy.ml 5 points 4 days ago (1 children)

:E

New MI6 chief’s grandfather was Nazi spy in c/europe@lemmy.ml
[–] drspod@lemmy.ml 4 points 4 days ago (1 children)

The kind that was known as, "the butcher."

196 pieces rule in c/196@lemmy.blahaj.zone
[–] drspod@lemmy.ml 4 points 4 days ago

14*14=196

How fair is a Fairphone? (Or, how much of the sticker price does Fairphone spend on fair/eco?) in c/technology@lemmy.world
[–] drspod@lemmy.ml 4 points 5 days ago (1 children)

What’s their margin? Are they profitable?

The 'Stop Killing Games' initiative is close to its final deadline, and after that, its leader is understandably done: 'Either the frog hops out of the pot, or it's dead' in c/games@lemmy.world
[–] drspod@lemmy.ml 1 points 5 days ago (1 children)

There aren’t any, thats the point I’m making. Petitions produce sample bias that excludes the opinions of people who don’t want their legal name and home address printed on a document that might get passed around God-knows-where.

Fedora X11Libre change proposal withdrawn after 'overwhelmingly negative feedback' in c/linux@programming.dev
[–] drspod@lemmy.ml 2 points 5 days ago (1 children)

I do not want to waste everyone’s time by continuing this discussion that is not leading anywhere.

Not leading anywhere? That's a strange perspective to have given the "overwhelmingly negative feedback." I think it led to a fairly concrete conclusion.

I think what he meant to say was "I don't like that my arguments did not sway your opinion."

130
Bad Apple But It’s 6,500 Regex Searches In Vim (hackaday.com)
 

If you want to go straight to the original write-up, it's here: https://eieio.games/blog/bad-apple-with-regex-in-vim/

16
[video] Atari XE Computer to Laptop Conversion (2m22s) (www.youtube.com)
 

Build log: https://www.southernamis.com/forum/general-discussions/xe-book-development

3
Füxa - Photon (www.youtube.com)
 

From the Free Your Soul EP in 1995.

42
[video] I Built Apple’s 1980s iPad Concept! (49m17s) (www.youtube.com)
submitted 6 months ago* (last edited 6 months ago) by drspod@lemmy.ml to c/cassettefuturism@lemm.ee
4 comments fedilink
 

Great craftsmanship from this maker and the end result is impressive.

If you want to skip the construction process and just see the end result, skip ahead to 41:20.

21
[FIXED] The lemmy.ml pictrs server is resizing all images to thumbnail size (lemmy.ml)
submitted 7 months ago* (last edited 7 months ago) by drspod@lemmy.ml to c/lemmy_support@lemmy.ml
4 comments fedilink
 

Edit: this appears to be fixed now: https://lemmy.ml/post/22203615/14801411

All images in posts on lemmy.ml are currently being resized to 256px on the longest dimension (width/height), even if they are image posts, not intended to be just article thumbnails.

Is this an intentional change? It makes text in images illegible and means that I have to view the original post to see the original image on every image post.

If this is a deliberate space-saving measure, could it be tuned for a little better usability? For example, increasing the maximum size of image when the post is an image post (as opposed to a web link that generates a thumbnail) and setting a size threshold to trigger resize (ie. most small images could be left alone).

Some examples from my feed:

23
The Global Surveillance Free-for-All in Mobile Ad Data – Krebs on Security (krebsonsecurity.com)
35
[python] Revival Hijack supply-chain attack threatens 22,000 PyPI packages (www.bleepingcomputer.com)
submitted 9 months ago* (last edited 9 months ago) by drspod@lemmy.ml to c/programming@programming.dev
1 comments fedilink
 

Threat actors are utilizing an attack called "Revival Hijack," where they register new PyPi projects using the names of previously deleted packages to conduct supply chain attacks.

The technique "could be used to hijack 22K existing PyPI packages and subsequently lead to hundreds of thousands of malicious package downloads," the researchers say.

If you ever install python software or libraries using pip install then you need to be aware of this. Since PyPI is allowing re-use of project names when a project is deleted, any python project that isn't being actively maintained could potentially have fallen victim to this issue, if it happened to depend on a package that was later deleted by its author.

This means installing legacy python code is no longer safe. You will need to check every single dependency manually to verify that it is safe.

Hopefully, actively maintained projects will notice if this happens to them, but it still isn't guaranteed. This makes me feel very uneasy installing software from PyPI, and it's not the first time this repository has been used for distributing malicious packages.

It feels completely insane to me that a software repository would allow re-use of names of deleted projects - there is so much that can go wrong with this, and very little reason to justify allowing it.

2
have you ever had a rule (lemmy.ml)
 
23
Vladimir Kramnik admits to VIOLATING Fair Play Policy (www.youtube.com)
 

Description: "Featured is a playthrough of a blitz chess game between Rodrigo Vasquez and Vladimir Kramnik from an Early Titled Tuesday event which was held on October 17th, 2023. Kramnik recently admitted, via a YouTube comment on this topic of fair play surrounding him, that he played several tournaments under someone else’s chess.com account. This act violates chess.com’s Fair Play Policy. Kramnik played under Denis Khismatullin’s account, “Krakozia”. I share reasons why this is a violation of fair play policy, how a player can be negatively impacted because of it, and provide Kramnik’s YouTube comments where he attempts to explain it all."

295
Malicious Google Search Ads can now fake the displayed URL to push malware downloads (www.bleepingcomputer.com)
 

cross-posted from: https://lemmy.ml/post/4912712

Most people know at this point that when searching for a popular software package to download, you should be very careful to avoid clicking on any of the search ads that appear, as this has become an extremely common vector for distributing malware to unsuspecting users.

If you thought that you could identify these malicious ads by checking the URL below the ad to see if it directs to the legitimate site, think again! Malware advertisers have found a way to use Google's Ad platform to fake the URL shown with the ad to make it appear like a legitimate ad for the product when in fact, clicking the ad will redirect to an attacker controlled site serving malware.

Don't click on search ads or, even better, use an ad-blocker so that you never see them in the first place!

193
Malicious Google Search Ads can now fake the displayed URL to push malware downloads (www.bleepingcomputer.com)
 

Most people know at this point that when searching for a popular software package to download, you should be very careful to avoid clicking on any of the search ads that appear, as this has become an extremely common vector for distributing malware to unsuspecting users.

If you thought that you could identify these malicious ads by checking the URL below the ad to see if it directs to the legitimate site, think again! Malware advertisers have found a way to use Google's Ad platform to fake the URL shown with the ad to make it appear like a legitimate ad for the product when in fact, clicking the ad will redirect to an attacker controlled site serving malware.

Don't click on search ads or, even better, use an ad-blocker so that you never see them in the first place!

332
Free Download Manager site redirected Linux users to malware for years (www.bleepingcomputer.com)
 

A reported Free Download Manager supply chain attack redirected Linux users to a malicious Debian package repository that installed information-stealing malware.

The malware used in this campaign establishes a reverse shell to a C2 server and installs a Bash stealer that collects user data and account credentials.

Kaspersky discovered the potential supply chain compromise case while investigating suspicious domains, finding that the campaign has been underway for over three years.

view more: ‹ prev next ›