- Joined
- Sep 22, 2018
- Messages
- 41,887
- Location
- Moonbase Caligula
- SL Rez
- 2008
- Joined SLU
- 2009
- SLU Posts
- 55565
Nobody Cares: Technology-only Edition
- Thread starter Dakota Tebaldi
- Start date
- Joined
- Sep 26, 2018
- Messages
- 2,433
- Location
- Central Illinois
- SL Rez
- 2006
- Joined SLU
- 07-25-2012
- SLU Posts
- 278
You all know what is coming: Grumpy Cat says “Good.“It seems like someone has decided to burn down 4chan.
4Chan down UPDATES: Website inaccessible for thousands after 'hacking' reports
CONTROVERSIAL website 4Chan has gone down for thousands with users unable to access the message board. More than 1,000 users of the site have logged complaints on the Downdetector website, which me…www.the-sun.com
Also apparently basically all the mod and janitor information has been leaked (emails, addresses, chat logs, names, etc.)
I care enough to wish it gone.Are we caring. Does anybody care?
Last edited:
- Joined
- Sep 19, 2018
- Messages
- 9,688
- Location
- Ohio
- Joined SLU
- 02-22-2008
- SLU Posts
- 16791
Spirits Rising
Quite Blunt
- Joined
- Sep 21, 2018
- Messages
- 641
- Location
- Clinton, OH
- SL Rez
- 2006
- Joined SLU
- 08/24/2014
- SLU Posts
- 1476
So .... can someone kindly target its inbred cousins too?It seems like someone has decided to burn down 4chan.
4Chan down UPDATES: Website inaccessible for thousands after 'hacking' reports
CONTROVERSIAL website 4Chan has gone down for thousands with users unable to access the message board. More than 1,000 users of the site have logged complaints on the Downdetector website, which me…
Also apparently basically all the mod and janitor information has been leaked (emails, addresses, chat logs, names, etc.)
- Joined
- Sep 22, 2018
- Messages
- 41,887
- Location
- Moonbase Caligula
- SL Rez
- 2008
- Joined SLU
- 2009
- SLU Posts
- 55565
Allegedly, a 4chan account belonging to one Musk, Elon was outed by this hack. An account where he allowed his pro-Nazi , anti-semitic, god complex freak to fly. But you heard nothing about this from me...
Noodles
The sequel will probably be better.
- Joined
- Sep 20, 2018
- Messages
- 5,859
- Location
- Illinois
- SL Rez
- 2006
- Joined SLU
- 04-28-2010
- SLU Posts
- 6947
- Joined
- Sep 19, 2018
- Messages
- 9,688
- Location
- Ohio
- Joined SLU
- 02-22-2008
- SLU Posts
- 16791
It's fun to think about, but I would take any such reveals with a whole block of salt. We're talking about 4chan after all, literally every single thing that comes from it is suspect and I wouldn't exempt hacked data from that.
- Joined
- Sep 22, 2018
- Messages
- 41,887
- Location
- Moonbase Caligula
- SL Rez
- 2008
- Joined SLU
- 2009
- SLU Posts
- 55565
Jesus, you got an "Allegedly" from me. What more do you want?
- Joined
- Sep 19, 2018
- Messages
- 9,688
- Location
- Ohio
- Joined SLU
- 02-22-2008
- SLU Posts
- 16791
CVE, or "Common Vulnerabilities and Exposures", was started in 1999 and is a kind of centralized, globally-and publicly-available list of computer bugs, including malicious hacks. Every computer virus, exploit, or vulnerability you hear about on the news has a CVE number attached; you might have even seen them now and again, like "CVE-2017-0145" (which was the 2017 WannaCry ransomware exploit), but in general it's the kind of thing you maybe see but just don't need to pay attention to or really care about unless you're a computer security expert who has to actually deal with these things professionally. But a centralized list like this that everyone around the world who DOES deal with these things can reference is really crucial, because it makes sure that everyone is on the same page and talking about the same thing. It's like the SI, or ISO databases, same thing but for computer bugs.
CVE is run by the MITRE corporation which is US-government funded. But yesterday, MITRE announced that the current US administration, which has cheerfully capitulated any and all US scientific, academic, and regulatory leadership in the world just so that it doesn't have to hear the words "climate change" ever again, decided not to renew the funding contract for CVE, which would expire today. After an uproar, last night at the very last minute some US agency or other quickly announced a course-reverse and extension of the contract for another 11 months.
It seems that MITRE has been afraid of this scenario for at least the past few months. They have been actively planning and today they announced the creation of the CVE Foundation, an NGO that will take stewardship of the CVE. There aren't many details yet, but they say we should stay tuned.
The foundation will likely need money but not from you and me; I don't think they should have too much trouble getting some funding from (non-US) governmental sources.
CVE is run by the MITRE corporation which is US-government funded. But yesterday, MITRE announced that the current US administration, which has cheerfully capitulated any and all US scientific, academic, and regulatory leadership in the world just so that it doesn't have to hear the words "climate change" ever again, decided not to renew the funding contract for CVE, which would expire today. After an uproar, last night at the very last minute some US agency or other quickly announced a course-reverse and extension of the contract for another 11 months.
It seems that MITRE has been afraid of this scenario for at least the past few months. They have been actively planning and today they announced the creation of the CVE Foundation, an NGO that will take stewardship of the CVE. There aren't many details yet, but they say we should stay tuned.
The foundation will likely need money but not from you and me; I don't think they should have too much trouble getting some funding from (non-US) governmental sources.
Last edited:
- Joined
- Sep 22, 2018
- Messages
- 41,887
- Location
- Moonbase Caligula
- SL Rez
- 2008
- Joined SLU
- 2009
- SLU Posts
- 55565
Ugh ugh ugh.
arstechnica.com
Meanwhile, cookies for now, cookies for later, cookies forever!
arstechnica.com
OpenAI wants to buy Chrome and make it an “AI-first” experience
OpenAI would love to own Chrome, and it's allegedly not alone.
arstechnica.com
Meanwhile, cookies for now, cookies for later, cookies forever!
Google won’t ditch third-party cookies in Chrome after all
Google drops plans for a one-click prompt to disable tracking cookies.
arstechnica.com
Bartholomew Gallacher
Well-known member
- Joined
- Sep 26, 2018
- Messages
- 6,812
- SL Rez
- 2002
Intel wants to fire more people, 20% of the staff this time to get back to an "engineer-driven culture."
Noodles
The sequel will probably be better.
- Joined
- Sep 20, 2018
- Messages
- 5,859
- Location
- Illinois
- SL Rez
- 2006
- Joined SLU
- 04-28-2010
- SLU Posts
- 6947
Yeah, cookies can be a problem but this was never about protecting users but kneecaping it's competitors in the Ad Tech space.Meanwhile, cookies for now, cookies for later, cookies forever!
Google won’t ditch third-party cookies in Chrome after all
Google drops plans for a one-click prompt to disable tracking cookies.
Bartholomew Gallacher
Well-known member
- Joined
- Sep 26, 2018
- Messages
- 6,812
- SL Rez
- 2002
It was a good idea for its time, but in the last decade or so the boundaries of it became really evident. CVE today is more or less show but without much happening after it.
For further reference here's an interesting thread about how to improve a new register:
Poul-Henning Kamp (@bsdphk@fosstodon.org)
I understand why the "security industry" which feeds of the CVE register is upset about it's potential demise. But let's face it: MITRE's CVE register was a prototype, built in a world where there were (only!) 231 known security vulnerabilities in total. We have learned a lot from that...
fosstodon.org
Bartholomew Gallacher
Well-known member
- Joined
- Sep 26, 2018
- Messages
- 6,812
- SL Rez
- 2002
Good news from Intel: their CPUs are gaining more traction and sales numbers are on the rise!
The major caveat with it is that old Raptor Lake chips are booming right now. Nobody wants the most recent lines Lunar and Meteor Lake with AI stuff on it. So in other words nobody wants Copilot from Microsoft.
The major caveat with it is that old Raptor Lake chips are booming right now. Nobody wants the most recent lines Lunar and Meteor Lake with AI stuff on it. So in other words nobody wants Copilot from Microsoft.
Bartholomew Gallacher
Well-known member
- Joined
- Sep 26, 2018
- Messages
- 6,812
- SL Rez
- 2002
Prof. Dominik Merli for Cybersecurity from Technische Hochschule Augsburg was so fed up about not reaching anyone with what to do that he made a music video paroy called "Cyber Gangsta's Paradise" about the necessity to act now, and also to implement the EU's Cyber Resilience Act. The CRA tries to enforce security, which many manufacturers try to sidestep.
He's condeming the tendency of many manufacturers to just put products on the market and to ignore its security. The video shows Merli talking to 2 suits, whom he tries to convince about getting serious with security, but they keep just telling "nah", "its safe enough", "nobody will ever attack this" and "no customer is willing to pay for this." In the end they do ignore his pitch completely, calling him insane.
Lyrics in English
He's condeming the tendency of many manufacturers to just put products on the market and to ignore its security. The video shows Merli talking to 2 suits, whom he tries to convince about getting serious with security, but they keep just telling "nah", "its safe enough", "nobody will ever attack this" and "no customer is willing to pay for this." In the end they do ignore his pitch completely, calling him insane.
Lyrics in English
VERSE 1
Every day, in the newspaper and on heise.de,
attacks and vulnerabilities, but they probably don't hurt.
Every year, hundreds of billions in damage,
but sure, no stress, let's just wait.
With everything we network, I just ask myself,
why is there often no trace of security, yo?
Is this really quality, is this all there is to it?
If we don't step on the gas soon, it'll just be too late!
Criminals have dollar signs in their eyes,
because our security measures are only moderately effective.
We have to do something now, we can't rest any longer,
the time has come, otherwise it'll soon go BOOM!
CHORUS
IoT at any price leads to Cyber Gangsta's Paradise
Without protection, as everyone knows, this is Cyber Gangsta's Paradise
Ultimately, only courage and diligence will lead you out of Cyber Gangsta's Paradise
Now, let's be honest, we live in Cyber Gangsta's Paradise
VERSE 2
Who in your organization knows about cybersecurity,
knows the typical dangers, can save you from vulnerabilities?
You need a minimum level of cybersecurity,
Your customers want protection – that's the be-all and end-all!
"Time to market!" – your killer argument,
but what good is that if the whole place goes up in flames afterwards?!
Signed updates and secure boot,
these features are good for your machines too!
A device ID is a must,
with TLS, your stuff runs on secure channels.
And if your device ever has a security vulnerability,
Then close it! And make a mountain out of a molehill!
BRIDGE
Why are we blind while time slips away?
We only harm ourselves, and darkness wins!
CHORUS
IoT at any price leads to Cyber Gangsta's Paradise
Without protection, as everyone knows, this is Cyber Gangsta's Paradise.
Ultimately, only courage and diligence will lead us out of Cyber Gangsta's Paradise.
Now, let's be honest, we live in Cyber Gangsta's Paradise.
VERSE 3
Folks, relax, don't fall off your feet.
Black hats are in business, we're not gamblers.
When we look for vulnerabilities, we call it acquisition,
but it only affects your customers - you don't have a crisis.
With critical infrastructure components, it can happen that
states pay us if we secretly sabotage things.
Our business is humming, your machines are standing still.
Leave security alone, because nobody really wants that!
CHORUS
IoT at any cost leads to Cyber Gangsta's Paradise
Without protection, as everyone knows, this is Cyber Gangsta's Paradise
Ultimately, only courage and diligence will lead out of Cyber Gangsta's Paradise
Now, no bullshit, we live in Cyber Gangsta's Paradise
BRIDGE
Why are we blind while time passes,
We only harm ourselves and darkness wins!
Why are we blind while time passes,
We only harm ourselves and darkness wins!
Every day, in the newspaper and on heise.de,
attacks and vulnerabilities, but they probably don't hurt.
Every year, hundreds of billions in damage,
but sure, no stress, let's just wait.
With everything we network, I just ask myself,
why is there often no trace of security, yo?
Is this really quality, is this all there is to it?
If we don't step on the gas soon, it'll just be too late!
Criminals have dollar signs in their eyes,
because our security measures are only moderately effective.
We have to do something now, we can't rest any longer,
the time has come, otherwise it'll soon go BOOM!
CHORUS
IoT at any price leads to Cyber Gangsta's Paradise
Without protection, as everyone knows, this is Cyber Gangsta's Paradise
Ultimately, only courage and diligence will lead you out of Cyber Gangsta's Paradise
Now, let's be honest, we live in Cyber Gangsta's Paradise
VERSE 2
Who in your organization knows about cybersecurity,
knows the typical dangers, can save you from vulnerabilities?
You need a minimum level of cybersecurity,
Your customers want protection – that's the be-all and end-all!
"Time to market!" – your killer argument,
but what good is that if the whole place goes up in flames afterwards?!
Signed updates and secure boot,
these features are good for your machines too!
A device ID is a must,
with TLS, your stuff runs on secure channels.
And if your device ever has a security vulnerability,
Then close it! And make a mountain out of a molehill!
BRIDGE
Why are we blind while time slips away?
We only harm ourselves, and darkness wins!
CHORUS
IoT at any price leads to Cyber Gangsta's Paradise
Without protection, as everyone knows, this is Cyber Gangsta's Paradise.
Ultimately, only courage and diligence will lead us out of Cyber Gangsta's Paradise.
Now, let's be honest, we live in Cyber Gangsta's Paradise.
VERSE 3
Folks, relax, don't fall off your feet.
Black hats are in business, we're not gamblers.
When we look for vulnerabilities, we call it acquisition,
but it only affects your customers - you don't have a crisis.
With critical infrastructure components, it can happen that
states pay us if we secretly sabotage things.
Our business is humming, your machines are standing still.
Leave security alone, because nobody really wants that!
CHORUS
IoT at any cost leads to Cyber Gangsta's Paradise
Without protection, as everyone knows, this is Cyber Gangsta's Paradise
Ultimately, only courage and diligence will lead out of Cyber Gangsta's Paradise
Now, no bullshit, we live in Cyber Gangsta's Paradise
BRIDGE
Why are we blind while time passes,
We only harm ourselves and darkness wins!
Why are we blind while time passes,
We only harm ourselves and darkness wins!
Last edited:
- Joined
- Sep 19, 2018
- Messages
- 9,688
- Location
- Ohio
- Joined SLU
- 02-22-2008
- SLU Posts
- 16791
The NextCloud Android app now has the ability to upload users' files again, months after Google restricted the app's ability to request all-file access permissions for unspecified "privacy" reasons.
In order to keep their app available on the Play store, NextCloud had to restrict their own app to uploading media files only; anyone who sync documents or any other kinds of files via NextCloud had to side-load the fully featured app from the F-droid store (which frankly you really ought to be doing anyway). Now though the issue, whatever it was, has been "fixed" and the Play store app can also sync anything.
Bear in mind that the reason any person is using NextCloud to begin with is FOR privacy, in order to avoid having to use Google's privacy-invading and data-mining native Android services.
In order to keep their app available on the Play store, NextCloud had to restrict their own app to uploading media files only; anyone who sync documents or any other kinds of files via NextCloud had to side-load the fully featured app from the F-droid store (which frankly you really ought to be doing anyway). Now though the issue, whatever it was, has been "fixed" and the Play store app can also sync anything.
Kamilah Hauptmann
Shitpost Sommelier
- Joined
- Sep 20, 2018
- Messages
- 14,993
- Location
- Cat Country (Can't Stop Here)
- SL Rez
- 2005
- Joined SLU
- Reluctantly
Khamon
Folk Harpist
- Joined
- Sep 23, 2018
- Messages
- 3,089
- Location
- Alabama
- SL Rez
- 2003
- Joined SLU
- 2007
It looks like some sort of training device.
