drspod

joined 3 years ago
sorted by: new top controversial old
Warner Bros. Cancels Planned ‘Hogwarts Legacy’ Game Expansion in c/games@lemmy.world
[–] drspod@lemmy.ml 50 points 5 hours ago* (last edited 5 hours ago) (2 children)

JK Rowling is a transphobe, a bigot, and a fascist.

Warner Bros. Cancels Planned ‘Hogwarts Legacy’ Game Expansion in c/pcgaming@lemmy.ca
[–] drspod@lemmy.ml 19 points 1 day ago

JK Rowling is a transphobe, a bigot and a fascist.

'Lucid' Phishing-as-a-Service Exploits Faults in iMessage, Android RCS in c/cybersecurity@sh.itjust.works
[–] drspod@lemmy.ml 3 points 1 day ago

SMS messages are not encrypted. Theoretically, this allows telecommunications providers to scan for and blacklist spam campaigns at the network level, if they make enough noise. On the other hand, messages sent via RCS or iMessage are encrypted end-to-end. Although an iMessage will route directly through an Apple server, Apple itself cannot read the content in transit. Lucid takes advantage of this by sending phishing texts via iMessage and RCS, turning this otherwise positive security feature on its head.

That's it. That's the "fault" that is being "exploited" that they mention multiple times in the lead-in to the article.

Have I Been Pwned owner, pwned. in c/technology@lemmy.world
[–] drspod@lemmy.ml 6 points 1 day ago (2 children)

I personally know of two different banks who send a notification to your phone app to verify that it's you they are speaking with on the phone, and they will do this even when it's them that called you and not the other way around.

It's security theater as it doesn't prove anything to either party (as it's trivial for scammers to have a man-in-the-middle) but they still do it.

fish routine in c/unix_surrealism@lemmy.sdf.org
Are Linux Phones Ready in 2025? in c/linux@programming.dev
[–] drspod@lemmy.ml 4 points 1 day ago (4 children)

I had no idea there are people who pronounce Godot as "go-dot." I will never be able to unhear this.

I've always said "god-oh" with a silent 't' like in "Brigitte Bardot".

JPMorgan researchers say they have generated and certified truly random numbers using a quantum computer, a world-first with potential security and trading uses. in c/technology@lemmy.world
[–] drspod@lemmy.ml 21 points 1 day ago (4 children)

They've pissed so many billions of dollars into quantum computing, at least they're using it for something.

Did anyone tell them that you can use the noise in a semiconductor junction to produce truly random numbers too? You can buy one for a few pennies.

GeoGuessr is making its way to Steam next month after almost 12 years of sticking it out as a browser game in c/games@sh.itjust.works
A Sneaky Phish Just Grabbed my Mailchimp Mailing List in c/cybersecurity@sh.itjust.works
[–] drspod@lemmy.ml 2 points 3 days ago

Never click links in emails or messages. Open a new tab and type the website address manually to log in.

Hollow Knight: Silksong updated Steam page with 2025 copyrights and cloud gaming info in c/games@lemmy.world
[–] drspod@lemmy.ml 23 points 4 days ago

Silk Nukem SongNever

Hollow Knight: Silksong updated Steam page with 2025 copyrights and cloud gaming info in c/games@lemmy.world
[–] drspod@lemmy.ml 19 points 4 days ago (2 children)

🤡

Self-Hosted podcast in c/selfhosted@lemmy.world
[–] drspod@lemmy.ml 3 points 5 days ago

Most recent episode is 17th Jan. Did they stop?

3
[meta] so are we doing a raffle or a sweepstakes? (lemmy.ml)
 

Actually I'm not sure what the difference is between a raffle and a sweepstakes. Is it like a tombola?

I'm not trying to start an argument it's just, ngl i could really use some of those empty cans rn

1
R(ul)esign (lemmy.ml)
 

AMAB

46
rule set in a meat garden (lemmy.ml)
 
53
This "Basic" Robot Solves REAL Problems (without AI) (www.youtube.com)
submitted 2 months ago* (last edited 2 months ago) by drspod@lemmy.ml to c/technology@lemmy.world
10 comments fedilink
 

This is a moving story about a cafe in Japan that allows house-bound people to join in with society and find a purpose, using remotely operated robotic avatars.

1
Bad Apple But It’s 6,500 Regex Searches In Vim (hackaday.com)
 

If you want to go straight to the original write-up, it's here: https://eieio.games/blog/bad-apple-with-regex-in-vim/

17
[video] Atari XE Computer to Laptop Conversion (2m22s) (www.youtube.com)
 

Build log: https://www.southernamis.com/forum/general-discussions/xe-book-development

42
[video] I Built Apple’s 1980s iPad Concept! (49m17s) (www.youtube.com)
submitted 3 months ago* (last edited 3 months ago) by drspod@lemmy.ml to c/cassettefuturism@lemm.ee
4 comments fedilink
 

Great craftsmanship from this maker and the end result is impressive.

If you want to skip the construction process and just see the end result, skip ahead to 41:20.

1
[FIXED] The lemmy.ml pictrs server is resizing all images to thumbnail size (lemmy.ml)
submitted 4 months ago* (last edited 4 months ago) by drspod@lemmy.ml to c/lemmy_support@lemmy.ml
0 comments fedilink
 

Edit: this appears to be fixed now: https://lemmy.ml/post/22203615/14801411

All images in posts on lemmy.ml are currently being resized to 256px on the longest dimension (width/height), even if they are image posts, not intended to be just article thumbnails.

Is this an intentional change? It makes text in images illegible and means that I have to view the original post to see the original image on every image post.

If this is a deliberate space-saving measure, could it be tuned for a little better usability? For example, increasing the maximum size of image when the post is an image post (as opposed to a web link that generates a thumbnail) and setting a size threshold to trigger resize (ie. most small images could be left alone).

Some examples from my feed:

1
The Global Surveillance Free-for-All in Mobile Ad Data – Krebs on Security (krebsonsecurity.com)
34
[python] Revival Hijack supply-chain attack threatens 22,000 PyPI packages (www.bleepingcomputer.com)
submitted 6 months ago* (last edited 6 months ago) by drspod@lemmy.ml to c/programming@programming.dev
1 comments fedilink
 

Threat actors are utilizing an attack called "Revival Hijack," where they register new PyPi projects using the names of previously deleted packages to conduct supply chain attacks.

The technique "could be used to hijack 22K existing PyPI packages and subsequently lead to hundreds of thousands of malicious package downloads," the researchers say.

If you ever install python software or libraries using pip install then you need to be aware of this. Since PyPI is allowing re-use of project names when a project is deleted, any python project that isn't being actively maintained could potentially have fallen victim to this issue, if it happened to depend on a package that was later deleted by its author.

This means installing legacy python code is no longer safe. You will need to check every single dependency manually to verify that it is safe.

Hopefully, actively maintained projects will notice if this happens to them, but it still isn't guaranteed. This makes me feel very uneasy installing software from PyPI, and it's not the first time this repository has been used for distributing malicious packages.

It feels completely insane to me that a software repository would allow re-use of names of deleted projects - there is so much that can go wrong with this, and very little reason to justify allowing it.

2
have you ever had a rule (lemmy.ml)
 
1
Free Download Manager site redirected Linux users to malware for years (www.bleepingcomputer.com)
 

A reported Free Download Manager supply chain attack redirected Linux users to a malicious Debian package repository that installed information-stealing malware.

The malware used in this campaign establishes a reverse shell to a C2 server and installs a Bash stealer that collects user data and account credentials.

Kaspersky discovered the potential supply chain compromise case while investigating suspicious domains, finding that the campaign has been underway for over three years.

view more: next ›