Arghblarg

@Arghblarg@lemmy.ca

This is a remote user, information on this page may be incomplete. View at Source ↗

Image

-credit to nedroid for strange art

⁨Comment⁩ on ⁨I found a Vulnerability. They found a Lawyer.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Nah, once I moved jobs and started holding nontrivial amounts of retirement and TFSA stocks I opened accounts with a new broker.
⁨Comment⁩ on ⁨I found a Vulnerability. They found a Lawyer.⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
I had a similar experience many, many years ago – before the rules for vuln embargoes were formalized; and I wasn’t even a security researcher. I was just a techie who discovered that the broker’s staff were resetting anyone’s forgotten password to the same temporary word. And like in this article, they had no mechanism to force users to reset the temp password on next login to something unique. I’d asked to have my password reset at some point, having forgotten it, and upon logging in with my user ID accidentally swapping two digits, found myself in someone else’s brokerage account, with substantial funds staring me in the face! And, their email and personal details.

I disclosed the issue to the broker, but out of paranoia, did it through a throwaway email account, from home, not work (I should’ve used a VPN, but back then I wasn’t as aware of such things). From that throwaway email, I also notified the person whose account I’d accidentally logged into, urging them to check their account and contact the broker to ensure no one else might have gotten into their account.

A day or so later, I got a call at my work phone from someone at said broker, asking if I had seen any unusual activity on my account, and that they had seen some suspicious activity from our company’s network (remember, the accidental login to the other person’s brokerage account occurred at my work PC)… I suspect they were fishing for info pointing to my being the one who accidentally accessed someone else’s account. I played dumb, as the call did NOT have good vibes; I could sense they were looking for a ‘hacker’ to scapegoat, not calling just to inform people there was a problem.

Thank heavens I didn’t reveal that I knew anything about the vulnerability… I had just reset my password, nope nothing unusual here, nosirree… but within a day or two their password reset procedure had been changed for the better and emails were sent out stating that a ‘security incident’ had occurred.

Lesson: Do NOT trust that your security report will be taken as being helpful. Most companies will try to throw you under the bus if they can, to save face.
⁨Comment⁩ on ⁨The green lean mean killing machine⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
For those who have experience, yes – but to the inexperienced eye, there are some false morels that can definitely trick people.

duckduckgo.com/?q=morel+lookalike+gyromytra&t=viv…

We have some Gyromitra that pop up every year in one area of our backyard. They produce a molecule, gyromitrin, which is metabolized in the body into monomethylhydrazine, which is used in rocket fuel(!)… So be careful.

Apparently Gyromitra are consumed in Europe by some – but only after careful preparation… I am not brave enough to try that :/
⁨Comment⁩ on ⁨The green lean mean killing machine⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Good advice, but respectfully there are some trustworthy books. So long as the reader actually follows all of the verification steps in those books.

And definitely not those fly-by-night, probably AI-generated ‘slop’ books online!.

My wife & I only moved out to the west coast in our 40s, and in the decade since, we (slowly! carefully!) learned how to recognize the safe species. Just don’t take any stupid risks – be absolutely sure of an ID before eating. Show what you’ve collected first, if it’s a new one, to someone local who knows and learn from their experience.

One good book is All That The Rain Promises …
⁨Comment⁩ on ⁨The green lean mean killing machine⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Don’t forage for mushrooms unless you identify them in multiple ways, from multiple guidebooks, and ask locals what’s around, first.

There are quite a few types of mushrooms that don’t have any poisonous lookalikes, that is once you know what to look for.

Oyster mushrooms, golden (and winter) chanterelles, puffballs (IFF you slice them and make sure there’s no ‘mushroom’ outline within!!!), hedgehogs, boletes.
⁨Comment⁩ on ⁨He made beer that’s also a vaccine. Now controversy is brewing⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:

Running a study that’s unethical

You’re assuming the conclusion though – that it’s unethical. The argument here is that he tested it on himself specifically in order not to endanger others – as that would be unethical.

If, as some would hope, other scientists try to reproduce the results then it’ll get corroboration, or be shot down.

If the brews contain only safe test viruses, it should ethically be a safe experiment. Test for antibodies to the innocuous viruses and thee mechanism is proven or disproven.
⁨Comment⁩ on ⁨He made beer that’s also a vaccine. Now controversy is brewing⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
But he did it on personal time, with personal resources, under the purview of a non-profit totally unrelated to his employer. He didn’t use their name/brand, so there’s no defamation here either is there?

I understand the fear of some rogue ‘mad scientist’ doing something stupid but this really doesn’t seem to be that situation here.
⁨Comment⁩ on ⁨Modern problems require modern solutions⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Bain Capital? The Bain Capital? Ugh.

In his 2009 book The Buyout of America: How Private Equity Is Destroying Jobs and Killing the American Economy, Josh Kosman described Bain Capital as “notorious for its failure to plough profits back into its businesses,” being the first large private-equity firm to derive a large fraction of its revenues from corporate dividends and other distributions.
⁨Comment⁩ on ⁨Borrowing money against their stuff to get more stuff to borrow money...⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Neat doc, thanks for linking. I find this part very sensible in light of what you brought up

In most cases, the ultra wealthy don’t need to borrow, because their liquid, taxable income—salaries, business income, and capital gains—is significantly higher than their annual consumption.

That makes sense… I mean once you’re somehow generating millions or more every year in income, no need to borrow at all really. It’s making it to that upper tier of income vs. expenses that few reach.

Tax the Rich, the Old Fashioned Way: Raise Rates

That’s the key thing.
⁨Comment⁩ on ⁨He made beer that’s also a vaccine. Now controversy is brewing⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
I appreciate that there are ethics boards holding scientists to standards, but sometimes (not usually, I know – only in very specific cases!) it takes someone with initiative to “just do it”. And the guy isn’t some crank, he’s a virologist who’s discovered multiple viruses. Good for him, I say.

A research ethics committee at the National Institutes of Health told Buck he couldn’t experiment on himself by drinking the beer.

Buck says the committee has the right to determine what he can and can’t do at work but can’t govern what he does in his private life. So today he is Chef Gusteau, the founder and sole employee of Gusteau Research Corporation, a nonprofit organization Buck established so he could make and drink his vaccine beer as a private citizen.

This is no different IMO from the scientist who proved that H.Pylori causes a common form of stomache ulcer.
⁨Comment⁩ on ⁨Borrowing money against their stuff to get more stuff to borrow money...⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Yup, search for “Buy borrow die” and there are various articles about the technique.
⁨Comment⁩ on ⁨Is Reddit banning posts with "join-lemmy.org"?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
It depends. I got perma-banned from one particular sub for modifying all my old posts with an info blurb about the fediverse back when reddit nuked all 3rd-party APIs. Mods accused me to trying to “steal users” – as if people can’t have logins to reddit and other websites… sheesh.

None of the other subs I cleaned my post/comment history in this way banned me however. But I am certain Spez and his minions/investors (fuck /u/spez) doesn’t want people to start using alternatives.
⁨Comment⁩ on ⁨An open source repairable printer.⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Yeah, that’s the anti-copy mechamism I recall reading about long ago. I wonder if/how this project will deal with that?
⁨Comment⁩ on ⁨An open source repairable printer.⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Good thing I live outside of the US then ;)

This looks awesome…hope they make it, I’d buy one if it isn’t toooo expensive.
⁨Comment⁩ on ⁨I have a rasberry pi 5 collecting dust, what are some neat useful things i can do with it?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Home Assistant? Replace google / nest / alexa.
⁨Comment⁩ on ⁨They wonder why nobody wants kids anymore.⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
What does this mean? That other employees are going to be expected to give up their own vacation/sick leave to pregnant co-workers? The state is so cheap they aren’t willing to give them their own leave? WTAF.
⁨Comment⁩ on ⁨Why Cops Frequently Got Caught Planting Drugs in 2017 | Look. All technology comes with a learning curve.⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
That might indeed be the result sometimes :). Doesn’t matter. Since the US seems OK with Amazon making their drivers pee in a bottle and docking them points for gazing away while driving, why not make police submit to full recording like this?
⁨Comment⁩ on ⁨Why Cops Frequently Got Caught Planting Drugs in 2017 | Look. All technology comes with a learning curve.⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:

The cameras worked by constantly recording even before the “record” button was pressed, periodically deleting any footage that hadn’t been intentionally recorded. Once the “record” button was pressed by the officer, it would capture the 30 seconds before the button had been pressed, thanks to this method of constantly being on standby.

But it was a hard concept for cops to understand. They weren’t being properly trained on the fact that their own cameras didn’t start recording once they pressed record. Hitting that button saved the 30 seconds prior as well, a neat feature that really bit them in the ass.

Maybe bodycams should randomly record even when the RECORD button isn’t pressed by an officer; and the pre-record time should be random from say 2 minutes to 30 seconds before. And the recording should stop a random 30-60 seconds AFTER they hit ‘STOP’. So they never know when they’re being recorded. If they’re not pulling illegal shit, they shouldn’t have any problem with that, right?

In fact, with storage capabilities nowadays, bodycams should ALWAYS be recording, period. Gotta go to the bathroom? Too damn bad. You’re a public servant. Trust the auditors to redact that if it comes to a court subpoena. You signed up for it. Extraordinary powers come with extraordinary sacrifices.

Jeebus Chripes. No wonder so many people say ACAB.
⁨Comment⁩ on ⁨Beyond All Reason⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
I played Total Annihilation many years ago w/friends at a LAN party… good times (I always sucked at it, the name described my fate well :P)

Looks fun!
⁨Comment⁩ on ⁨We can't even pump fuel anymore without holding a digital billboard (Netherlands)⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Good point. Mechanical means are safest and simplest.
⁨Comment⁩ on ⁨We can't even pump fuel anymore without holding a digital billboard (Netherlands)⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Oh no, my very sharp keys fell hard onto that screen, tragically cracking it.
⁨Comment⁩ on ⁨Microsoft lost $357 billion in market cap as stock plunged most since 2020⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Sorry you’re right, number MUST GO UP /s.

sigh.
⁨Comment⁩ on ⁨Microsoft lost $357 billion in market cap as stock plunged most since 2020⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Oh no. Anyway…

Make Windows 7 again (or just use Linux), ditch AI, value your users. Sack the CEO. Pretty simple.
⁨Comment⁩ on ⁨How many containers are you all running?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Me too!
⁨Comment⁩ on ⁨low beans⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
My beans are mighty low right now and the fog has been dense these past few days. :/
⁨Comment⁩ on ⁨YSK you can add a noAI version of DuckDuckGo to Firefox⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
…or to Vivaldi, or vanilla Chrome, or any other browser that has search engine options in its Settings.
⁨Comment⁩ on ⁨HP reportedly eyes Chinese suppliers for DRAM as global shortage sparks shake-up — analyst says memory chips are commodities that can easily be replaced⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
The paranoid in me wonders though… can DRAM be backdoored? I’d bet ‘yes’, and this would be a perfect opening to introduce a huge amount of compromised hardware to the world market…
⁨Comment⁩ on ⁨Cloudflare CEO Matthew Prince talks about Italy fines while praising JD Vance and Elon Musk⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Cloudflare has caused too much of the internet to be centralized under their whims. There need to be more alternatives for DDoS protection; I don’t use any at all for my self-hosted site, but if I ever do, it won’t be Cloudflare.
⁨Comment⁩ on ⁨Cloudflare CEO Matthew Prince talks about Italy fines while praising JD Vance and Elon Musk⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Thank you for linking via xcancel.com rather than to that service directly. Wish more posters would do this.
⁨Comment⁩ on ⁨Ubisoft Closes Canadian Studio After It Unionizes⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Could workers not form a ‘dark union’, gathering members from as man different companies as possible without informing the employers up-front – gathering a strike-pay war chest before announcing any unionized shops? Then the next time they pull this, everyone everywhere quits out of solidarity. Draw from the war-chest to pay workers while the companies panic, and then dictate fair terms to return to work.