bamboo

@bamboo@lemmy.blahaj.zone

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨D-Link refuses to patch a security flaw on over 60,000 NAS devices — the company instead recommends replacing legacy NAS with newer models⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:

If you’re using one of these models, it’s highly recommended that you replace your NAS system with one that’s still receiving patches from the manufacturer. If that isn’t possible right now, Netsecfish suggests restricting access to your NAS settings menu/interface to only trusted IP addresses. You could also isolate your NAS from the public internet to ensure that only authorized users can interact with it.

Emphasis mine, regardless of this incident, even with a brand new supported model, it shouldn’t be exposed to the internet. Half the reason these security issues are such a big deal is because manufacturers wanted to make things simple and designed it to sit on the open internet, so they wouldn’t have to deal with support requests. Now their customers are exposed because of poor recommendations and the lack of updates.
⁨Comment⁩ on ⁨Question about Firefox - any way to open specific sites as if they were an app or program (similar to an option in Chrome)?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
I use PWAs for Firefox and they work ok, although I don’t have the issue you mention. For me, in Ubuntu, if I open a link in a PWA for Google Chat, then the link opens in the PWA firefox window, not my main browser window. Maybe there’s a setting I missed?

Also, the PWA acts like a separate browser, so opening Google Chat requires you to log in again to Google on the same machine. And if you open up a paywalled link, and it opens in the PWA, then you have to log in, even if you’re logged in in Firefox.

Overall 5/7 rating on usability, but did allow me to get completely off of Chrome
⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

public facing is fine

Not exactly, if it is something unintentionally public facing, that can get you charged with access a computer without authorization under the the Computer Fraud and Abuse Act. This happened in this case: en.wikipedia.org/wiki/Goatse_Security#AT&T/iPad_e…

sending a HTTP request with a valid ICC-ID embedded inside it to the AT&T website, the website would reveal the email address associated with that ICC-ID.

On November 20, 2012, Auernheimer was found guilty of one count of identity fraud and one count of conspiracy to access a computer without authorization

More information: www.wired.com/…/hacking-choice-and-disclosure/
⁨Comment⁩ on ⁨My friend gifted me a "fighting RPG" that turned out to be something else entirely⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
This is kinda the plot of a Black Mirror episode, Striking Vipers.
⁨Comment⁩ on ⁨Anyone else get random cancellation emails from onlyfans?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Sounds like someone accidentally created an account with your name. As someone who has firstname.lastname@gmail.com this happens a lot. About 10 years ago, amazon.ca allowed you to create an account and start using it without verifying control of the email address. I woke up one day and saw all orders someone made, their address, last 4 digits of their credit card number, etc. Customer service doesn’t care. Ended up having to reset their password to get them to stop.
⁨Comment⁩ on ⁨That article made me realize how insane Image Generators already are.⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Yeah, clearly the author doesn’t know about the Loch Ness monster
⁨Comment⁩ on ⁨If Biden died tomorrow and Harris took over? and she won the election also. Could she work full two terms or would it count as one when Biden died?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Biden resigning now just to make Trump’s hats invalid would be the best Dark Brandon move ever.
⁨Comment⁩ on ⁨If Biden died tomorrow and Harris took over? and she won the election also. Could she work full two terms or would it count as one when Biden died?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
If we’re being pedantic (and the Republicans would be), Harris already served as acting president for 1h25m on November 19, 2021 while Biden underwent a colonoscopy. If hypothetically Biden had died or resigned exactly 2 years into his term (January 20, 2023 12pm ET), and Harris assumed the presidency for the remaining two years, her total time would be over 2 years and she would be ineligible for a second term.
⁨Comment⁩ on ⁨Why is it that when I write on Googles keyboard on my phone and misspell something it has no idea what I am trying to write but if I Google the same word it knows instantly what the word is?⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
It’s a calculated scheme to get you to do a search for “aniprrsperient” so they can sell you deodorant
⁨Comment⁩ on ⁨WhatsApp and Signal messages at risk of surveillance following EncroChat ruling, court hears | Computer Weekly⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
They’ve said that they release the source code after it’s running in production:

sorry the source for one of our services was so far behind. We often don’t push source until we release things, and there were a few overlapping releases that happened in that period which made it awkward to push at any moment and put us behind. Additionally, we’ve seen a large increase in spam, and a reluctance to immediately publish the exact anti-spam measures we were responding with to a place where spammers could immediately see them combined with the above to cause this extreme delay.

github.com/signalapp/Signal-Android/issues/11101#…
⁨Comment⁩ on ⁨Why does 11:19AM have to look so much like 5 till 4PM?⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
Clearly taking the 25 or 6 to 4 approach of writing a title
⁨Comment⁩ on ⁨A Black woman has never lost the general election for POTUS in US history but 46 white men have lost⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
what are you talking about? racist? I think they’re saying that since ~2% of the population identifies as trans and more are probably eggs, we likely had one trans president before, but they weren’t out to the public, or perhaps even themselves.
⁨Comment⁩ on ⁨Does voting for Biden change anything if I live in a deep red area of my state? (Ohio)⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
Absolutely yes. Every vote for Democrats is a vote against Trump. He has such a weak ego, your one vote along with millions of other votes against him will drive him crazy. Death by 81,283,098 cuts.
⁨Comment⁩ on ⁨Disney hack leads to 1.2TB of Slack communications leaked online⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
I’ve never heard of an on prem offering, which tier is that on? None of the plans mention it? slack.com/pricing
⁨Comment⁩ on ⁨Hey guys I love Jodie Foster so much any tips on how someone like me can impress her?⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
She was 12 years old when she was in Taxi Driver, her breakout role.
⁨Comment⁩ on ⁨Disney hack leads to 1.2TB of Slack communications leaked online⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
I had to manage a Slack migration to another org we were merging with. As the owner, normally I couldn’t even see the names of private channels, but when it came down to the migration, upgrading the account to Business+ tier, the full export included everything (private channels and DMs), which we imported into the new org.

Slack sends notifications to all Admins that the export was happening, and i’ve only seen that notification once after using Slack for 10 years.
⁨Comment⁩ on ⁨Disney hack leads to 1.2TB of Slack communications leaked online⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
I don’t think Slack has a self hosted version, and does not offer IP allow listing. There’s nothing preventing someone to go to disney.slack.com. I think when they say “internal” they mean for internal employees, and not like a thing for fans.
⁨Comment⁩ on ⁨Netflix Starts Booting Subscribers Off Cheapest Basic Ads-Free Plan⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
Wow what a dumb way to basically gatekeep me from even moving to the ad tier.
⁨Comment⁩ on ⁨Poor Sega just didn't get the timing right.⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
They just really wanted to release on 9/9/99 no matter what.
⁨Comment⁩ on ⁨Quora’s Chatbot Platform Poe Allows Users to Download Paywalled Articles on Demand⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
Usually NYT sets a cookie to track how many free articles you read and once you exceed that, you get the paywall. The bots probably don’t set/send the cookies, so NYT doesn’t block them. Also, I’d imagine the bots are coming from various different IPs so even server side blocking based on IP wouldn’t block everything and eventually the bot would get to the article. User Agents can also be spoofed.
⁨Comment⁩ on ⁨Steam Summer Sale - Top Deals⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
How is this different from Factorio?
⁨Comment⁩ on ⁨Eric “ConcernedApe” Barone Can’t Let Go Of Stardew Valley⁩ ⁨⁨5⁩ ⁨months⁩ ago⁩:
I thought $0.50 was low for this math to work out, but turns out 30 million copies of Stardew Valley have been sold, so that’s $15 million, which over 60 years is $250k/year.

Still though I have no clue if $0.50 is normal take home per copy sold for a self published game (it seems low), but I’m very happy he’s doing well for himself and hopes he makes more per copy sold. I’ve bought the game 4 times, so I’m doing my part!
⁨Comment⁩ on ⁨Comcast Unveils Peacock, Netflix, Apple TV+ Streaming Bundle⁩ ⁨⁨5⁩ ⁨months⁩ ago⁩:
Why use JustWatch.com when you can follow this guide to know where to watch King Kong vs. Godzilla (1968)
⁨Comment⁩ on ⁨Nearly all Nintendo 64 games can now be recompiled into native PC ports to add proper ray tracing, ultrawide, high FPS, and more⁩ ⁨⁨5⁩ ⁨months⁩ ago⁩:
Exactly, with Nintendo’s existing IP and old gamers dying, they need a way to get younger generation exposed to what kids in the 80s and 90s grew up with and make sure that it’s plastered on all the streaming websites to get maximum exposure.
⁨Comment⁩ on ⁨If you or somebody you know ever fell for a romance scam, how did you or the person fall for it?⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
I have the worst f***ing attorneys
⁨Comment⁩ on ⁨Bitwarden has launched a new authenticator app⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
What’s wrong with Authy?
⁨Comment⁩ on ⁨If you or somebody you know ever fell for a romance scam, how did you or the person fall for it?⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
What was the scam if he was reimbursing her? Was it to generate Amazon reviews?
⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
I’ve been on flights where they have announced to the cabin about someone with a severe nut allergy, and based on anecdotal evidence of a sample size of 3 or 4, nothing bad happened on the flight.
⁨Comment⁩ on ⁨ByteDance won't sell TikTok, would rather pull it from the US⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
No need to guess, it’s all outlined in the bill:
1. ByteDance has 270 days (+90 days at president discretion) to divest of TikTok and sell to an entity not affiliated with an “adversary country” (China, Iran, Russia, N. Korea).
2. If they don’t sell, hosting providers of TikTok application (servers, storage, app store, etc) will be fined up to $500 times the number of users in the US if they continue to host the application
So basically, the law will impose a fine of US hosting providers of the app. If the app moves all services overseas to foreign entities, then the app presumably will continue to work even if banned if already installed (plus the website if hosted overseas).

ISPs and search engines are explicitly exempt from the bill so there is no mechanism to ban connections to TilTok servers or links to TikTok.
⁨Comment⁩ on ⁨The walls of Apple’s garden are tumbling down⁩ ⁨⁨6⁩ ⁨months⁩ ago⁩:
Say what you will about Apple, they are masters of spinning their shortcomings as groundbreaking achievements. When they refused to unlock the iPhone of the san bernardino terrorist attack, it was framed as an act of preserving user privacy, but brushed over how willing they were to hand over the iCloud backups if the police would have brought the iPhone to a known WiFi network for the backup to be uploaded.