HackerTrans
TopNewTrendsCommentsPastAskShowJobs

Doe-_

no profile record

comments

Doe-_
·hace 2 años·discuss
What makes you think that? Secure Boot prevents this rootkit from running and is the recommended mitigation:

> Bootkitty is signed by a self-signed certificate, thus is not capable of running on systems with UEFI Secure Boot enabled unless the attackers certificates have been installed.

> To keep your Linux systems safe from such threats, make sure that UEFI Secure Boot is enabled

In fairness, the blog post confusingly says this in the next bullet point:

> Bootkitty is designed to boot the Linux kernel seamlessly, whether UEFI Secure Boot is enabled or not, as it patches, in memory, the necessary functions responsible for integrity verification before GRUB is executed.

However, this would still require Rootkitty to have gained execution already, which it wouldn't be able to if Secure Boot was enabled and the malicious actor's certificates weren't installed.
Doe-_
·hace 2 años·discuss
Certainly true if the target application is running on the same host as Wireshark. But mitmproxy is very helpful when the device or application isn't fully under your control, for example if you can't set a proxy.

Mitmproxy also has a few features which make it a lot easier to use than wireshark alone, even if the aim is only to inspect TLS traffic. Including the wireguard server mode or transparent proxying for example.
Doe-_
·hace 2 años·discuss
The City is also unique in that businesses represent the majority of the voters in its council elections.

Moreover, the council is also the police authority, which could explain a more active copyright infringement force.
Doe-_
·hace 2 años·discuss
The email address wouldn't be in the document directly, only in the SVG. Whether the title of the SVG contains "Email us" or the email address wouldn't affect how it works.

If the scrapper is searching the DOM rather than simply downloading the webpages, then the email will found regardless.
Doe-_
·hace 2 años·discuss
You can bind a device to another, so while you would need the ability to issue the command, a server wouldn't be required to handle the state propagation.

https://smarthomescene.com/guides/how-to-bind-zigbee-devices...
Doe-_
·hace 2 años·discuss
> Take a look at heat geeks.

Is this them? https://www.heatgeek.com/
Doe-_
·hace 2 años·discuss
Exactly. On a bigger scale, the time wasted by people redoing the formatting because it isn't pasted by default would outweigh that wasted by people writing blog posts about having to remove it.

And if they're that animated by it, they're are likely the sort of user that would look for a solution and change the default or learn how to paste in their software of choice without formatting.
Doe-_
·hace 2 años·discuss
Fun!

I wonder if this lets you measure the average attention span of visitors? I'd be curious to see the impact on the average of the various platforms where this is shared.
Doe-_
·hace 3 años·discuss
Interestingly, the privacy policy only says they collect name, email and user ID. It also states that no data is shared with third-parties.

I find this suspicious considering the absence of any mention of privacy on its page.
Doe-_
·hace 3 años·discuss
The location report is signed with a public key advertised by the "lost" device.

To retrieve the device's location and to prevent Apple from knowing who lost the device, all signed in users can download any location report for a given public key.

This is explained better here: https://github.com/seemoo-lab/openhaystack
Doe-_
·hace 3 años·discuss
Or for two other adjacent projects to also do the same, on the same day.

https://github.com/MetaCubeX/Clash.Meta https://github.com/zzzgydi/clash-verge
Doe-_
·hace 3 años·discuss
So has another adjacent project by yet another author, using the same technique: https://github.com/MetaCubeX/Clash.Meta

Which would suggest it's not anodin.
Doe-_
·hace 3 años·discuss
I am equally terrified of Chrome's dominance in the browser market.

I don't agree that forcing WebKit on iOS is the solution, however. The law should seek to break Chrome's monopoly, not enforce another.
Doe-_
·hace 3 años·discuss
No indeed, but the insurance caps out at £7000, which is not an amount I need to insure myself for.

Insurance must on average cost more than it pays out. When it comes to pets, there is less competition, less transparency on cover and less competition on veterinary costs.

All these factors combined make it unattractive to me, as I have enough income to self-insure beyond the low cover pet insurance provides.
Doe-_
·hace 3 años·discuss
I looked into pet insurance. The best cover I could find would have cost me £250/year, and would only cover up to £7500.

It cost me £7000 for my cat to spend 2 days in "ICU", nothing surgical, though they did do a _cat scan_ and put him on oxygen.

I found the cost of insurance ludicrous given how expensive the vet was and how little the insurance would cover. Granted ICU is expensive, I would still expect there to be an option which would wouldn't cap out at such a low figure.

For such a measly cover, I would prefer to self-insure.