pulsewidth
@pulsewidth@lemmy.world
- Comment on Notepad++ users take note: It's time to check if you're hacked 6 days ago:
If you’re worried that this may have hit your PC I’d say first of all be aware that this is a state-level backdoor, intended to be persistent and evade detection. You are likely not the target and are very unlikely to find any teaf
Actions I’d suggest if you’re worried this could have hit your PC:
- Grab the list of Indicators of compromise from the bottom of this article. Disconnect the PC from the Internet now that you have the list.
- Search for any instances of these files locally and SHA-256 hash them if found, and match to the hashes on the list. If you find any matches, your system is compromised.
- Check the DNS cache for any hosts mentioned in the indicators, and if you have network traffic logging you could check there also. Indicators are very likely signs of prior/active attack on your PC.
- If nothing found, reconnect to the net and continue…
- uninstall Notepad++, or if you want to keep using it, update Notepad++ via a method other than their internal update method. I suggest powershell using winget as its preinstalled in Win10 & 11.
PS > winget upgrade - q Notepad++ (will show you available updates) PS > winget upgrade - q Notepad++ (
- (Optional) disable Notepad++ internal update mechanism, and use winget or another method moving forward. Settings -> Preferences -> MISC: Auto-updater: Disable.
- Comment on Notepad++ users take note: It's time to check if you're hacked 6 days ago:
This advice is not accurate:
The Rapid 7 post says if you have a hidden folder in “%AppData%” named Bluetooth. You got hacked. So if you don’t have said folder, you’re good.
Their post says that the Bluetooth hidden folder in AppData was only used as the initial access vector.
After initial access, an advanced persistent backdoor they’ve named “Chrysalis” is delivered and installed via significantly obfuscated methods to minimize chance of detection. The backdoor allows arbitrary code execution via a CMD.exe reverse shell, with additional modes for remote file write, read, and a full self-removal mechism that attempts to delete any trace it was ever on the system.
The Indicators of compromise section at the bottom contains a list of any files you can check for on your system, and their corresponding SHA-256 values, as well as network indicators if you have logging or wish to check your DNS cache. If you have any files that match or other indicators, then your system is/was compromised. But there is a very good chance that many systems which were compromised now have no remaining trace of breech.
- Comment on [deleted] 1 week ago:
Its likely this is designed with a plan to push advertising or self-promotion.
Eg: step one is done - figure out how to both find threads early & get your content picked up as a good answer regularly and consistently. Step 2 - start inserting ‘first hand’ recommendations or even just mentions of products and services.
I’ve already seen webpages with the most esoteric or niche product/service recommendations (like some random Indian consultancy with 2 people listed in it, and no other significant web footprint) pop up in first page web results. Its another AI deathblow to the utility of search engines.
- Comment on [deleted] 1 week ago:
Nobody reads them except recruitment bots, so it’s probably fine.
- Comment on We can't even pump fuel anymore without holding a digital billboard (Netherlands) 1 week ago:
Does the screen at least have some other functionality - like telling you when the tank is full, or something?
Or is it just a little digital billboard of sadness.
- Comment on Microsoft lost $357 billion in market cap as stock plunged most since 2020 1 week ago:
The same Melius Finance that gave Tesla stock its highest rating of “must own” due to Elon lying again that Full Self Drive is being deployed imminently to Teslas via their in-house “AI chips” eta Dec 2025?
…yahoo.com/…/tesla-stock-must-own-melius-22072193…
Tesla stock is currently at $416 after a high of $474 in November, around when this call was made.
<investors_fell_for_it_again_award.webp>
- Comment on Deuterostomes 1 week ago:
Skin, probably. Everyone forgets that your skin is an organ.
- Comment on New York Startup Builds Fridge-Sized Machine That Can Turn Air Into Gasoline 2 weeks ago:
Oh, they’re not but I guess you’d have to ask him for the answer. Those videos are both still up if you want to watch a long stream of misogyny and logical fallacies dressed up as an ‘owning’.
- Comment on 2 weeks ago:
Yes please. We go from ANZAC day in April to fucking December 25th before we get another public holiday in most of Australia.
I dread that ‘public holiday drought’ every year.
Move it to early September or something. Skips the worst of winter and breaks up the work year better.
- Comment on New York Startup Builds Fridge-Sized Machine That Can Turn Air Into Gasoline 2 weeks ago:
The “Why ‘Feminism’ is poisoning atheism”, “Feminism Vs FACTS” chud?
I’m surprised he still has an audience tbh. Well, sadly not that surprised.
- Comment on Growing demand for local products in Africa's €1bn baby food market 2 weeks ago:
I’m well aware, another of Nestlé’s evils. Nothing about either of our points in the article though, which assumes its purely a supply problem and doesn’t offer the obvious solution: public education programs to encourage mothers to prioritize breast milk over formula. They speak of it primarily as a business problem.
- Comment on If someone tells you "you support socialism, yet you use products of capitalism", what would you say? 2 weeks ago:
Tell them they’re using one of the oldest logical fallacies, and Ancient philosophers would be embarrassed by them.
- Comment on Growing demand for local products in Africa's €1bn baby food market 2 weeks ago:
Gosh if only there was some kind of breast milk 90%* of people could use instead of powdered formulated, sugary cow’s breast milk.
*I understand a small percentage of women cannot produce their own breast milk, or not enough due to medical issues - for them formula is a necessity. However, over 60% of babies under 6-months in Africa use formula.
- Comment on Fear that quantum computing is on the cusp of cracking cryptocurrency's encryption spurs a global investment firm to remove Bitcoin from recommendations 3 weeks ago:
Businesses that have smart leaders are already implementing (or have already completed implementing) post-quantum encryption systems into their business to protect them for when quantum computers and quantum programming mature and make their existing encryption defeatable. For most systems it’s just a matter of a software update and re-encrypting any data.
Eg: arstechnica.com/…/why-signals-post-quantum-makeov…
This is a problem for public proof-of-work systems that cannot change their encryption, eg: all crypto. Bitcoin cannot change how their coins are encrypted without redesigning and completely rebuilding their public blockchain - it would require concensus from all major bitcoin users and businesses (coin exchanges etc), and could potentially leave any prior-minted bitcoin vulnerable anyway. It will not happen anytime soon - and when it does happen, it may be too late.
Hence, its actually pretty high on the list of quantum targets, and will likely be attacked as soon as it’s available. Some people might be able to steal a bunch of Bitcoin and exchange it for other new (secure) coins or for cash, and get out before the Bitcoin public realize its been cracked. At which time the Bitcoin price will crash hard and may not recover (depending on what action they take to resolve the issue), so the cautious are getting out asap.
- Comment on Amazon is forcibly upgrading Prime members to Alexa Plus, and users are not happy 3 weeks ago:
Its a CIA-style listening device that people pay for and proudly install and display in their home, gathering data on them, sharing it with Amazon and anyone they care to sell or make that data available to - including police.
Ostensibly all to provide short voice answers and actions they could do privately with their phone in seconds.
- Comment on Circumcision classed as possible child abuse in draft CPS document 4 weeks ago:
Well, of course, that’s crazy behaviour.
But if you did it in a religious ritualistic ceremony and sucked the blood off the tip of the babies dicks afterwards, well that wouldn’t be weird now, would it.
You could even call it “Metzitzah B’peh” and it would happen so regularly and kids would get herpetic infections from the mohel’s so often (sometimes even dying that the New York Health department would have to issue warnings about it, and it would still not be weird, even when the families of the babies affected would refuse to name the mohel’s to allow the health dept to investigate and have them banned from performing the practice on future babies.
- Comment on Circumcision classed as possible child abuse in draft CPS document 4 weeks ago:
Literally the same thing that female genital mutilators say about their ‘cultural right’ to circumsize their daughters.
What are kids anyway in your eyes beyond property that parents should have the right to permanently brand with their mark of religion.
- Comment on Innocent African-American child George Stinney executed after being falsely accused of murdering two white girls | 1944 4 weeks ago:
They thought, “ah shit, he’s not tall enough - grab that bible, we can boost him up higher.”
The USA was far too kind to the Confederate states post-war. The racism has been allowed to fester - and in many cases thrive ever since.
- Comment on 'Microslop' is heading for Edge – major browser redesign is inspired by Copilot, and it's already seriously unpopular 4 weeks ago:
Internet Copilot One X.
- Comment on CD PROJEKT and GOG co-founder Michał Kiciński acquires GOG from CD PROJEKT 5 weeks ago:
It’s a badly-worded title. Better titles:
- “GOG Is Being Acquired by Original Co-Founder Michał Kiciński” - techraptor.net/…/gog-acquired-original-co-founder
- “Co-founder of CD Projekt Michał Kiciński has acquired GOG, the company’s game storefront” - engadget.com/…/co-founder-of-cd-projekt-michał-ki…
- Comment on CD PROJEKT and GOG co-founder Michał Kiciński acquires GOG from CD PROJEKT 5 weeks ago:
Making it independent from CD Projekt is probably a good thing for conflict of interests, but this seems like it will ultimately change very little as it’s moving from ownership by CD Projekt (and a small group of CD Project co-founders) to ‘independence’ from CD Projekt and ownership by a single CD Projekt/GOG co-founder - who remains the second-largest share owner of CD Project. It only cost him ~$23mil USD BTW, which sounds like a bargain to me, considering CD Projekt Red (while owning GOG) is valued around $10bil US between market cap and assets, and GOG’s slow-but-consistent increase in popularity…
- Comment on Evidence 5 weeks ago:
97% was reported by earlier small surveys, but I think the most rigorous and widely reported survey of scientists was Harris Interactive in 2007.
en.wikipedia.org/…/Scientific_consensus_on_climat…
That was followed up in 2010 by a survey of specifically climate scientists, whom hit 97-98%.
The ‘concensus’ has been constantly challenged in conservative media and circles so there have been many such surveys / meta-analyses continuing over the years and it’s been hitting 100% for the last several years. If any idiot ever parrots “science doesn’t work on concensus” my usually response is something like, “no it doesn’t, but when an entire field of scientists have determined a theory to have vast evidence-based backing its considered settled. The only thing that would change that is significant contradictory data being presented, yet instead every year we’re measuring huge volumes of data that confirm the concensus.”
- Comment on LG Electronics unveils 2026 Gram Laptop line with aerospace composite - up to 50% lighter than macbooks 5 weeks ago:
A Chromecast is not full of ads, but are they all just Google TV now? Is Google TV full of ads? I haven’t used one.
Could be an option to reset your TV, disconnect it from the Internet, and buy & use a Google TV device instead. The streaming devices seem to have far fewer ads and shit than TV manufacturers cram into their devices nowadays.
The hoops we have to jump through to minimise surveillance capitalism…
- Comment on Still trying to figure it out... 5 weeks ago:
Sure is. Like Cliff said, it’s a Western Pygmy Possum (from social media source).
Pic from Wikipedia :
- Comment on Spotify vs. Anna's Archive 1 month ago:
Spotify streams all music at 160kbps OGG for free users by default, so that’s what this archive is dumped at - the original Spotify content, no transcode.
Side note - it would probably not be possible to do a dump as a paid used (as they would notice a user account is being abused, and ban it), but paid accounts go up to 320kbps OGG and some content is also available lossless (as FLAC).
Anyway, 99%+ of people can’t consistently tell the difference between a 160kbps OGG and lossless, because of limitations in either their equipment, training, ears, or a combination thereof. This has been blind tested many times and the audiophiles that ‘swear they can tell’ are always proven wrong, they then usually blame the equipment or test. There’s tests you can run yourself too, eg here: abx.digitalfeed.net/list.html
- Comment on Teenage Jehovah's Witness can receive blood transfusion, judge rules 1 month ago:
The judge would never make a legal argument that “religious propaganda had reduced a person’s legal capacity” as it would have wide-ranging implications and would be challenged (and overruled) in short order due to freedom of religion laws.
The hospitals legal team appealed for an order because the kid was effectively killing themselves and they have a duty to do no harm.
This prompted the health board to go to the Court of Session to seek an order which would allow its doctors to administer the blood transfusion up to two weeks following the child’s procedure.
Its legal team told Lady Tait that such an order was necessary because blood loss was an “inevitable consequence” of the operation.
The judge deemed that weighing the child’s personal beliefs and medical risk it was in their best interest to allow the order. That is their justification and it follows other case law examined, there is no legal need for them to deem the kid incapable of making the decision. It’s only made the news because religious people making dumb decisions about their health is a common public interest story.
Lady Tait also wrote about cases examined by English courts, before concluding that in the context of the case brought before the court, it would be in the best interests of the child that the order be granted.
- Comment on Teenage Jehovah's Witness can receive blood transfusion, judge rules 1 month ago:
Sounds like a slippery slope fallacy. Just because a judge has carefully weighed that this is in the 14 year olds best interest now, does not at all mean more dire decisions against personal rights will be made in future.
I’ll worry if the courts ever start making decisions that go against the childs best interest.
The judge said they’re ordering this because there would not be time to solicit the court for an order if a transfusion does become necessary, and risk of death would be significant.
I’m fine with letting adult religious zealots bleed out if they’re too god-brained to accept help, but for a 14yo I think it’s pretty reasonable to save them from themselves so they can live to have a fully-developed brain.
- Comment on How AI broke the smart home in 2025 1 month ago:
For sure. IKEA is a great place to start (or stay), as it’s a cheap ecosystem and their app/implementation doesnt require permanent internet access - functions fine during an internet outrage, and quite privacy-respecting.
HomeAssistant is not anywhere near as hard to set up as it used to be. If you have an old mini-PC retired from work sitting around there are HA images for PCs now, and it’s pretty simple to set up to use your IKEA hub (or whatever you have already), while adding a huge swath of optional features.
I agree it’s still not something your average Joe will set up, but the continual lowering of barriers will get more people into running a self-hosted local config is a great thing for privacy and expanding the hobby.
- Comment on How AI broke the smart home in 2025 1 month ago:
There’s an xkcd for everything, isn’t there.
Its not wrong, but the major attraction to Matter is it must allow devices to operate locally (not tying them to cloud services that die every internet outrage, or permanently when the service retires), and it’s an application-layer protocol. Meaning it can operate over WiFi, Ethernet, or Thread.
Many existing smart home hubs have been able to program support for Matter and simply send out an OTA update to add certified Matter support.
- Comment on How AI broke the smart home in 2025 1 month ago:
The real issue with smart home adoption has been proprietary formats all vying for dominance and fragmenting the market. I don’t think AI has changed much.
Matter (and Thread) are a huge change to the SmartHome landscape because they’re open protocols and have well-documented standards - and they’ve finally begun appearing in big manufacturer’s line-ups such as IKEA.
Once their availability spreads I suspect a lot more people will get into running their own local (eg HomeAssistant) smart home because they won’t have to do the ‘ok do I need z-wave or ZigBee or HomeKit or IFTTT or Hue or Tuya or… you know what, fuck this’. It’ll all be the same protocol and communications and config & debug will be much easier.
