elvith

@elvith@feddit.org

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Notepad++ Hijacked by State-Sponsored Hackers⁩ ⁨⁨15⁩ ⁨hours⁩ ago⁩:
From my understanding: Basically the attackers could reply to your version check request (usually done automatically) and tell N++ that there were a new version available. If you then approved the update dialogue, N++ would download and execute the binary from the update link that the server sent you. But this didn’t necessarily need to be a real update, it could have been any binary since neither the answer to the update check nor the download link were verified by N++
⁨Comment⁩ on ⁨Anyone?⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
Wait until they decide to seize it
⁨Comment⁩ on ⁨ICE takes aim at data held by advertising and tech firms⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
Everyone always complains how the Germans are so backwards and why most of them are “backwards” and insistent about having data protection and privacy rights.

Maybe, just maybe the US is starting to learn why we’re like this.ay, just maybe it’d been better to learn from our past than repeating it. But this way works, too, I guess?
⁨Comment⁩ on ⁨Microsoft CEO warns that we must 'do something useful' with AI or they'll lose 'social permission' to burn electricity on it⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
In my pocket
⁨Comment⁩ on ⁨Nova Launcher gets a new owner and... ads⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I bought it back then in the Android… 2.x or 4.x days as the launcher on my phone sucked. Hadn’t much complaints about the stock launchers of my next few phones and forgot about it until I got a Pixel. Wow, the pixel launcher was a complete letdown. Especially the forced unremovable search bar that’s completely useless for me and takes up so much real estate on the screen. Then I couldn’t remove the at a glance widget either (IIRC a big back then, but… Yeah…). I get it, that it’s nice, but… Again: Too much real estate for a clock, a totally unreliable weather info (at least in my area?) and info about the currently playing song.

Searched launchers, remembered Nova and was surprised it was still around and had all the features I wanted. Bonus: it allows me to resize widgets.

I tried Octopi, when the owner change news for Nova hit, but was so used to having folders on the dock from my previous phones and Nova, that I couldn’t use it without that feature. So I tried lawnchair which is basically the pixel launcher but with exactly the features I missed in the original. I can get rid of spotlight and can get rid of the search bar. Widgets are resizable. Also the dock features folders. And I can control the grid size and adjust it to my liking.

Niagara was also recommended to me, but… IIRC in the end it felt to opinionated about the workflow and immediately lost me. Not what I’m looking for in a launcher. (Not saying it’s bad - just that it’s not for me).
⁨Comment⁩ on ⁨What next, power supply shortages?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
And my gaming porn rig!
⁨Comment⁩ on ⁨Microsoft Confirms Windows 11 January 2026 Update Issues, Releases Fixes⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Hey Copilot. Users are reporting errors with the latest patch we released. Among them are a problem with RDP credential prompts, hanging/not completing shutdown and long black screens on boot.

Oh, you’re right. That was my mistake. Let me develop, compile and deploy a new set of patches for you!

Thinking…

Changing shutdown.c… Changing random file.c… Introducing more bugs for a future fix…
⁨Comment⁩ on ⁨Such a dreamy guy⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Jizzizzippi?
⁨Comment⁩ on ⁨Microsoft Office has been renamed to “Microsoft 365 Copilot app”⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Pre AI: Hey, we have 5 billion subscribers to our office suite!

Start of AI: Hey, we have 5 billion subscribers to our office suite and 3 subscribers to our AI offering (currently in their free testing period, plans already precancelled)

Now: Hey, we have 5 billion subscribers to our AI services (that also features an office suite)
⁨Comment⁩ on ⁨We'll probably never see a Grand Theft Auto set in a futuristic city like GTA 2 because the team "hated it": "People didn’t connect with the game or its city"⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:

Imagine if Microsoft blocked games being released onto XBox if they don’t have a certain amount of AI generated assets and/or “live generated content”.

Shhhh! Don’t tell them this idea, please!
⁨Comment⁩ on ⁨Do Costcos usually have an ATM machine?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
I’ll check in with Redundancy Department of Redundancy Department then
⁨Comment⁩ on ⁨Silent Hill decompilation just surpased 80%⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Im inclined to answer with “Yesn’t”

Yes, the problem is readability. You can get “better” code of you know the exact tooling and settings for compilation, as you can then better guess what optimisations and tricks were used (by the compiler) and you may be able to “undo” them. There are so many places where this will only let you make guesses. You write a loop in your code, the compiler removes the loop and replaced it with another construct that may be a bit faster to execute, but may be way harder to understand - or tedious to change if you need to edit it especially if it’s not a simple change (character can now run faster!) but needs new functionality that would completely break this optimisation (but it’d be trivial to add in the original code).

Also all context is removed. You won’t work with code like this:

(Both pseudocode, not bothered to make a real example that maybe even compiles)
```
if keyPressed(MOVE_RIGHT){
  player.speed = min(player.MAX_SPEED, player.speed + player.acceleration*frametime)
}
else{
   player.speed = player.speed * player.MOVEMENT_DAMPENING * frametime
}
```
You’d get something like this:
```
int *fi93836290= 0x7363728
int *fi22425 = &fi93836290+0x23
fi22425 = fun7362782(0x63627)? fun42638(...)
//and so on
```
⁨Comment⁩ on ⁨Silent Hill decompilation just surpased 80%⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
I don’t know.

The gist is… When you write a program/game/… You write source code and then compile it - that means translating the source code into machine readable code. While certain things do usually get lost in this process (e.g. function names, variable names, etc.) you can see the resulting machine code and make a valid assumption about how the original code looked like. This is not a 1:1 reconstruction, but will yield code that should compile to the (basically) same result as the original game.

If you hit a Jackpot, you find a version of the program/game that was used for testing. Those often contain many pieces of information that would otherwise be stripped from the end result (e.g. aforementioned variable names, function names and so on). If not, it’s a puzzle solved with guess work and experience.

If you know some specifics about the game (which language was it written in, what compiler was used in which version,…) you can get some better results, as you can take patterns in the machine code and translate them back into what the original code was probably looking like based on the tools used.

In the end it’s sadly almost everytime still a manual process in which you look at the resulting source code, make some educated guesses based on patterns that are usually used when programming and specific functions that are probably contained in a game and then check those assumptions by changing the code and see if your changes affect the part of the program you thought you were dealing with.

Say you assume a specific variable/value is the maximum walking speed of the character. Then you change it and try to play the game and see if you can walk faster now. If so, label this value accordingly and go on to the next unknown piece of the puzzle.
⁨Comment⁩ on ⁨Setting up VPS (finally)⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

And don’t listen to the promises of big companies with billion-funds, they cook with water like the rest of us.

Oh, yeah, I remember when one of our super important core systems was migrated to SaaS. My system was interfacing with it, so I got notified about the migration to make a plan. I basically told them: “We’re using $API to connect to your system. Tell me the new hostnames and IP ranges and ports and I will configure the firewall on our end. Also, our connector for your migrated system will be deployed in $IP-range so please allow these inbound connections in your firewall.”

Half a year later I got a message: “Yeah, we just found out, that $SaaS-provider never configured the firewall after our tickets and everything is reachable from the public internet. We’re forcing them to lock down the system now. Can you please tell us again from where you connect to us?”
⁨Comment⁩ on ⁨Setting up VPS (finally)⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
If you put any data anywhere, assume it will be contained in a breach in the future. Blue teaming is hard. You have to be perfect every time. Red teaming is easy. You just have to wait till the blue team makes a simple mistake…

Mails sent to a company? Their or your mail account will be breached one day.

Account details on a webpage? Their user database will be leaked.

Your cloud drive, ect.

Even your data on your NAS at home or on your PC could get accessed in one way or another, you’re just a zero day and an unfortunate click away from disaster.

On the upside, as long as you do not have a target on your back, patch your stuff in a timely manner and keep some hygiene in configs, secops … You should be fine, as most automated attacks aren’t that high level and target the low hanging fruits. But that doesn’t make you completely safe.
⁨Comment⁩ on ⁨big opportunity⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Whips! Traps! Big round boulders rolling in your direction trying to crush you! Nazis you can punch!
⁨Comment⁩ on ⁨xkcd #3182: Telescope Types⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Instructions unclear, drinking straw stuck in telescope.
⁨Comment⁩ on ⁨Never tried it but it sounds like fun⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
There are 69 reasons why I don’t need a flexible spine.
⁨Comment⁩ on ⁨Streaming on mobile⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
In the German Ubuntu Wiki there’s a list of many streaming URLs of (local) radio stations ordered by country: wiki.ubuntuusers.de/Internetradio/Stationen/

Then they also have this list of online only radio stations, but those are heavily skewed towards German stations: wiki.ubuntuusers.de/…/Internetradio-Stationen/

Just plug those URLs into VLC or any other app of your choice (heck, even the browser should work) and you’re good to go.
⁨Comment⁩ on ⁨Never tried it but it sounds like fun⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Yes
⁨Comment⁩ on ⁨It would be cool if after you died you could see the top 5 times you almost died⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
3 Not unconscious, but not far off from it (but heat in the summer plus also having not had a meal for a long time while being outdoors in a rarely frequented part of the woods)
⁨Comment⁩ on ⁨Cursed worm by Stitchywithliviee⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
No, never! Otherwise, we wouldn’t have such wonderful musical creations!
⁨Comment⁩ on ⁨Manufacturer issues remote kill command to disable smart vacuum after engineer blocks it from collecting data — user revives it with custom hardware and Python scripts to run offline⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Having not read the article: “Let’s apply Hanlon’s Razor: Oh, probably it just collects the data locally and caches it until the vendor’s servers are reachable. After a while the data partition was full and it stopped working as this case was never deemed possible when this was developed.”

Having read that the kill command was logged and he found it in the logs: “ok, there are no technical details, so there might still be a misunderstanding, but that’s not what I expected!”
⁨Comment⁩ on ⁨NEVER OBSOLETE⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
There aren’t many i386 distributions anymore, but you should still have some selection, I think
⁨Comment⁩ on ⁨Why?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
This!
⁨Comment⁩ on ⁨Lawmakers Want to Ban VPNs—And They Have No Idea What They're Doing⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
That’s basically any modern network. There is no more trivial “inside our network” vs. “outside on the internet”. Networks are segmented on a need-to-know principle. You can access some information from the public internet. Some other things can be accessed from the internet, but only on corporate devices, if your user AND device is whitelisted. And then you have one or more VPNs on top of that for more sensitive stuff. Also those VPNs may be “dynamic” in the sense that it may also be dependent on the user, device and authentication method what is currently accessible over that VPN connection.
⁨Comment⁩ on ⁨In 1982, a physics joke gone wrong sparked the invention of the emoticon - Ars Technica⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

:-(
⁨Comment⁩ on ⁨We have one at home⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
I didn’t get mine to have less than about a second latency LOL
⁨Comment⁩ on ⁨🚣 🚣⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
There’s a boat emoji?
⁨Comment⁩ on ⁨If Valve creates an "entry point" for living room PCs, the console-beating Steam Machines will follow, argues Baldur's Gate 3's publishing director⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
You can disable UAC (thinking practical, not necessarily security minded - but for an auto login w/o password, what’s security?)

Popups: yes. But then you’d need to actively use other software besides steam. Why would you do that, if using only a controller? Also that can happen in Linux, too. If you mean those desktop notifications - those should be silenced automagically when running games.

For the logoff or shutdown: Set or createHKEY\_CURRENT\_USER\\Control Panel\\Desktop\\AutoEndTasks to 1 to auto kill hanging/not ending processes automagically. Also you can use WaitToKillAppTimeout there to define how long windows should wait before killing the processes (in milliseconds).

And regarding bitlocker after a bios update: why would you use bitlocker on such a machine (auto login on boot which would allow access to all files anyways)? Anyways, set or create HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\BitLocker\\PreventDeviceEncryption to 1 to prevent bitlocker from running after an upgrade. With Pro, you could also leverage GPOs for that.

At least for the new Steam Gamepad they announced trackpads to be able to control the mouse with the gamepad, so clicking away a popup or sich shouldn’t be a problem.