Last week, Google filed suit against SerpApi, a scraping company that helps businesses pull data from Google search results. The lawsuit claims SerpApi violated DMCA Section 1201 by circumventing G…
"The implied attack assumes that MFA is not used or has been bypassed. If you can get access to download the encrypted database, like what happens with most password databases that are stolen, you don’t need to deal with MFA (or those pesky password lockouts) when making attempts thereafter." hivesystems.com/blog/are-your-…
💬 50 🔁 9194 ❤️ 8059 · Instructor who gave U of Oklahoma student a zero on anti-trans paper removed from teaching · Graduate assistant Mel Curth found Samantha Fulnecky's paper unscientific and of…
Years ago I used to recommend a Fedi platform called Lemmy. However, in 2021 some very disturbing stuff about Lemmy's developers came out which totally changed my mind. Because of this, I did a thread to warn people about Lemmy and then never mentioned them again.
Today a mod on this account's old server deleted the 2021 thread, without any explanation but apparently by mistake.
If you're looking for the thread, it's on the Internet Archive:
So, still looking for someone to do a logo for my dba ★General★ Delivery, basically just stylized text, normal cash payment for this.
Also looking for someone to create official looking signs for us featuring cryptids/mythological creatures, with two initial products, and depending on sales success, two additional designs every six months for us to sell, payment is up to the artist, either straight flat rate cash, or some combo of cash and a cut of the gross.
I love things like this. At first it doesn't look like much, just a sign for an apartment complex but if you pay attention to the details, it gets really... Funny? Dumb? ?? Luxury apartments are always a rip-off, but they usually put some effort into appearance like a new sign when branding changes, not slapping a cheap sign over the old one. And that logo, is that a recolored PayPal logo?
I mean its not like I would've been surprised to hear the song modified, maybe gayed up if'n it were Dee Snider or George Michael singing it, or for a straight guy replacing Santa Claus with Mrs Claus, but for Nathaniel Ratecliff and the Night Sweats to play it straight? Yeah, I think they broke my brain.
When an entire class of technology states on the packaging that it was made in China but intended "for overseas use only," this should really give you pause before plugging it into your network.
You will find this verbiage on a lot of Android TV streaming boxes for sale at the major retailers. There's a very good reason the country that makes this crap doesn't want it on their own networks. My advice: If you have one of these Android streaming boxes on your network or get one as a gift, toss it in the trash. I'll have a lot more about this in the New Year, but these things are responsible for building out a botnet that currently has ~2M devices and is growing rapidly. blog.xlab.qianxin.com/kimwolf-…
Background
On October 24, 2025, a trusted partner in the security community provided us with a brand-new botnet sample. The most distinctive feature of this sample was its C2 domain, 14emeliaterracewestroxburyma02132[.
How do those devices (along with all the fridges and IOT cameras that make up most botnets) get infected? Aren't most of them behind NAT? I understand "default passwords", but for that to be a problem, there has to be a way for the attacker to connect to a device in the first place, and that is the part I don't get.
@miki The bot forms the connection to the server. Bing bang boom.
There's also IP6. That may or may not be available for direct addressing.
That's all the issue is. The outside doesn't know how to address something behind a NAT. Once a connection is formed the NAT gateway deals with the translations and communication happens normally for the two sides. The NAT gateway does the work at that point.
@briankrebs@infosec.exchange I don't think China is a country. I think China is a stateless territory infested by a communist criminal terrorist organization whose kingpin is Xi Jin Ping.
@clock I don't think the United States is a country. I think it's a stateless territory infested by a criminal capitalist terrorist organization whose kingpin is three billionaires in a trench coat shaped like Donald Trump.
Meant to link to my previous reporting on this topic, which briefly touches on some of the challenges w/ the ubiquity and sheer insecurity-by-design of most of these Android TV/movie streaming devices
On the surface, the Superbox media streaming devices for sale at retailers like BestBuy and Walmart may seem like a steal: They offer unlimited access to more than 2,200 pay-per-view and streaming services like Netflix, ESPN and Hulu, all for…
For the record, I am mainly interested in seeing the major US retailers moving to stop selling these devices, period. That seems to be happening, at least on the ones that are being called out. But the only reason that's happening now is because more people (present company included) are starting to make a lot more noise about it.
Since I started writing about these particular video devices, I've gotten a lot of messages from readers asking, okay, but what about *this* model, as if just having a different model number or brand makes a difference. The underlying hardware and software is functionally the same.
I'll add that pro-piracy advocates are militant in their observation that technology is not inherently this or that, that it's all just how the technology is used. The subtext is, okay, maybe these things are designed w/ zero security and are a major security liability, but hey you can still flash them with whatever you want and run your own stock firmware or hardware, etc. No reason to distrust these devices at a more fundamental level, even though every single point of evidence about their design, manufacture and sale points to the opposite conclusion being the correct one.
Also, the people saying the loudest that this is a nothingburger are the same people who think flashing firmware and running custom ROMs is a thing they want to do. Most people who buy these devices a) have no clue what a liability they are and b) wouldn't begin to know how to do that, or that they might need to. To me, it's a form of class snobbery.
If you're planning to give your child a phone for Christmas, please do not install any monitoring apps on it!
I know, you're just trying to protect them. As you should! But if we accustom children to constantly being monitored, they won't protest surveillance once they become adults.
So please, teach them to use technology responsibly, even when Big Parent isn't watching!
If a movie is getting justified with the line "Who cares, it's just for kids", then no it's not made for kids. It's made for adults who want something key-jingly to put on their TV to keep their kids quiet, and nothing more. That's actually a whole industry of slop, right there.
Good productions for children you can watch together with the kids or as good escaptism as an adult. Bad productions are just brainrot and painful to stand if you try to reflect or analyse the media.
@tenkoman Yup. And it's part of why I wish more people would actively engage with the stuff they enjoy, because I feel like the reason why the slop industry is able to thrive in movies that "are just made for kids" is because a lot of adults genuinely see movies as JUST turn-your-brain-off entertainment.
@Badgardener I spend Christmas alone just about every year these days and I don't mind it at all. It's just another day.
One year I did start following the #joinin tag. Unfortunately, I had to stop following it because it was dragging me down with depressing posts and even some pleas for financial assistance.
Yes, I'll get into a conversation with you and maybe we can even build a friendship, but I won't do it if you're dripping with self pity. I'm not a shrink. 🤷🏼♀️
@photom @Badgardener I just wish that more people were as satisfied (or even happy!) about going solo as I am. After being in a mentally abusive and definitely boring relationship for many, many years I'm thrilled to be able to have total control of my life. And I don't experience loneliness because I keep myself very busy doing the things I want to do. #JoinIn
@mlanger @photom @Badgardener I've found being alone most of the time is necessary because that is the only time I feel I can do want I want instead of catering to other peoples' needs or desires.
Especially because I really really suck at figuring out what people want.
@cptbutton @photom @Badgardener I'm with you 100%. Sometimes it seems to me that people are playing games, trying to be something they're not, trying to make you guess what it is that you can do to satisfy them. I'm so tired of playing games.
I've messaged the fedigroups admin to ask about the group's status. Sometimes FediGroup profiles appear to be empty even when they are active because their founder chose the private option.
About the hashtag vs group, you can use both. They aren't competitors, they are just two ways of reaching people which can be used simultaneously. They federate in different ways which is why it's useful to use both.
I think it's important to acknowledge that it was started by comedian Sarah Millican, who started it on Twitter back in the day (I think she did eventually step back from it in 2023).
If you're not looking forward to Christmas Day, maybe jump on Twitter and follow the hashtag #joinin for some chat and company. I'll be there and so will lots of other lovely people. It's our 8th year and is always so bloody lovely.
Have you already thought about basing your mastodon instance on glitch-doc extension? You often reach 500+ characters in your great posts. How nice would it be not to have this broken down messages in threads.
1/2 alttext: "We chose the term "asexual" to describe ourselves because both "celibate" and "anti-sexual" have connotations we wished to avoid: the first implies that one has sacrified sexuality for some higher good, the second that sexuality is degrading or somehow inherently bad. "Asexual", as we use it, does not mean "without sex" but "relating sexually to no one".
2/2 alttext: This does not, of course, exclude masturbation but implies that if one has sexual feelings they do not require another person for their expression. Asexuality is, simply, self-contained sexuality." The Asexual Manifesto, Lisa Orlando and Barbara Getz, 1972.
Anyone else having trouble unlocking your iPhone/iPad with FaceID after updating to iOS 26.2? Mine just insists on using the passcode every time. Says it’s needed to enable FaceID but never enables after entering.
Found some reports that the update introduced bugs with the TrueDepth front camera and this is why FaceID is borked for some people. Grrr. 😠
26.2 has been a massive dumpster fire for me. I'm having this issue on my iPad Pro (2018) and my iPhone 16 Pro Max. ...among a LARGE number of other issues only introduced in 26.2
I haven’t had any noticeable problems with Face ID.
Something that may help a bit while you try to figure it out is to enable your Apple Watch under Unlock with Nearby Devices in the Face ID & Passcode settings.
Top 52 Banned Books: The Most Banned Books in US Schools lists the fifty-two most frequently banned books in U.S. schools so far this decade. Looking for Alaska by John Green tops the list, with 147 bans, while Nineteen Minutes by Jodi Picoult comes in second place, with 142 bans. pen.org/top-52-banned-books-si…
Hey linux folks who are aware of the changes in Fedora 43 for Audio. I noticed that this command,
sudo sh -c ' echo "load-module module-loopback" >> /etc/pulse/default.pa '
is not working anymore in Fedora 43. (it did in Fedora 42.) Anyone know if there has been a change in formatting or if there is a new command that will do what this did? It was meant to permanently turn on loopback so that you could hear what was coming into Line in on your speakers. For some reason the temporary command
pactl load-modiule module-loopback
still works, but it looks like the file that the echo command was supposed to write to is no longer used. (at least it's not on my computer anymore, and making one doesn't seem to do anything.)
Do you have a second-hand musical instrument you could donate to the Olympias Music Foundation? With the help of Oglesby Charitable Trust Green Grants, we will repair up to 100 second-hand instruments for use by our young musicians at Olympias!
Every year, thousands of musical instruments go to landfill due to the prohibitive cost of repair. Many are made of rare woods and metals, which are impossible to recycle. We are partnering with the Oglesby Charitable Trust, Sound Post Limited and team of community luthiers (instrument makers) to breathe new-life into second-hand instruments and putting them into the hands of young people to inspire the next generation of musical talent in Manchester!
We are accepting donations of violins, violas, cellos, flutes, clarinets, saxophones, trumpets, trombones, french horns, euphoniums and electric keyboards. Unfortunately, we are unable to accept donations of pianos, guitars and drum-kits. Instruments can be dropped off at our base in central Manchester, or picked up from locations around Manchester.
If you have a musical instrument you no longer need and would like to donate to Olympias, we would love to hear from you!
Mark Wollschlager
in reply to 🌴 Seph 💭 👾 • • •