0xD
@0xD@infosec.pub
- Comment on Novel attack against virtually all VPN apps neuters their entire purpose 1 week ago:
It’s not as vulnerable but it still is.
Interestingly, Android is the only operating system that fully immunizes VPN apps from the attack because it doesn’t implement option 121. For all other OSes, there are no complete fixes. When apps run on Linux there’s a setting that minimizes the effects, but even then TunnelVision can be used to exploit a side channel that can be used to de-anonymize destination traffic and perform targeted denial-of-service attacks.
- Comment on Why do people still eat beef when we know it's terrible for Earth? 2 weeks ago:
Imagine how many people you could feed if we would just eat what we fed the animals!
- Comment on natural sciences be like 4 weeks ago:
That’s your choice of perspective and it makes your life harder :)
- Comment on Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks 5 weeks ago:
The Windows API is the direct access to OS functions. If you’re using the API it’s your responsibility to do it securely and protect your users.
- Comment on America Is Sick of Swiping 5 weeks ago:
Because good journalism isn’t free and the expectation that it is leads to societal downfall ;)
- Comment on How does the day-to-day work of not wearing shoes in the house? 5 weeks ago:
Yes, because dirt and germs stay exactly where they’re left and never move or multiply, and are always completely benign! Lol, I stand by my comment. :)
Also funny that you’re calling basically the rest of the world silly for figuring this out before you.
- Comment on How does the day-to-day work of not wearing shoes in the house? 5 weeks ago:
It was about your attitude, not the shoes ;) I am aware that not everyone cares about basic hygiene, that’s fine by me!
- Comment on How does the day-to-day work of not wearing shoes in the house? 1 month ago:
Also if you don’t already have it, get a longer shoe horn so you can also slip into robust shoes more easily!
- Comment on How does the day-to-day work of not wearing shoes in the house? 1 month ago:
Lmao living in filth and being proud of it. Congratz, you’re the epitome of intellect!
- Comment on "No, seriously. All those things Google couldn't find anymore? Top of the search pile. Queries that generated pages of spam in Google results? Fucking pristine on Kagi – the right answers, over and ov 1 month ago:
I’m convinced a lot of it is astroturfing. It’s just too perfect and consistent, with the perfect answers for everything and just the right amount of fear mongering.
- Comment on Liking an OS isn't a personality trait ❌ 1 month ago:
It’s UI is just embarrassingly bad. Paint.net ftw
- Comment on Liking an OS isn't a personality trait ❌ 1 month ago:
How?
- Comment on Steam :: Introducing Steam Families 1 month ago:
That’s two cheating incidents too many.
- Comment on What are y'all buying on the steam sale? 1 month ago:
Hah, I even got the pack with Pony Island because it was a few cents cheaper lol! Will check it out, thanks :D
- Comment on Experimental Video Game Made Purely With AI Failed Because Tech Was 'Unable to Replace Talent' 2 months ago:
The overall point may be relatively obvious, but the details are not.
Which steps of which processes is it good at, and which not? What can be easily integrated into existing tooling? Where is is best completely skipped?
- Comment on What are y'all buying on the steam sale? 2 months ago:
Fuuuuuuuuuuck Rockstar, sail the seas!
- Comment on What are y'all buying on the steam sale? 2 months ago:
Inscryption. What a masterpiece!
- Comment on Microsoft now permits uninstalling Edge, Bing, and OneDrive to adhere to the EU's Digital Markets Act. 2 months ago:
I impaled your heart with my mighty sword, peasant; And all that solemnly using but my words. Words… Forged in the gaping depths of my unending intellect, sharpened with rigorous studies, and honed through years of practice. You can only hope to reach the heights of my wit.
tip of my hat turn to the beautiful maiden on my side
M’lady, I’m sorry that you had to witness this murder. Shall we?
make passionate love to my queen
- Comment on Google’s self-designed office swallows Wi-Fi “like the Bermuda Triangle” 2 months ago:
Welcome to the future! Standard everywhere.
- Comment on Microsoft now permits uninstalling Edge, Bing, and OneDrive to adhere to the EU's Digital Markets Act. 2 months ago:
You really have less than zero idea of what you’re talking about, this is actually hilarious.
- Comment on Apple Terminated Epic’s Developer Account 2 months ago:
Right, and since 2008 not a single thing has changed in this world.
- Comment on Apple Terminated Epic’s Developer Account 2 months ago:
And before that you need to register and validate your contact data. Even the act of that one login is more work than changing one setting to allow sideloading. Your point is just completely wrong.
- Comment on Apple Terminated Epic’s Developer Account 2 months ago:
Not really: You don’t need to log in. That is more effort than enabling sources ;)
Don’t forget that registration also requires an email account! And a phone number! All of that is not necessary for sideloading in Android.
- Comment on Apple Terminated Epic’s Developer Account 2 months ago:
You’re not even good at whataboutism, lol. Changing one setting is not even comparable to Apple’s perfection. The message that you need to allow it first even takes you straight to the setting.
- Comment on Apple Terminated Epic’s Developer Account 2 months ago:
It just works™️
- Comment on OpenAI boss Sam Altman wants $7tn. For all our sakes, pray he doesn’t get it 2 months ago:
…europa.eu/…/eu-ai-act-first-regulation-on-artifi…
Like this ;)
- Comment on The White House wants to 'cryptographically verify' videos of Joe Biden so viewers don't mistake them for AI deepfakes 3 months ago:
I’ll be talking about digital signatures which is the basis for such things. I assume basic understanding of asymmetric cryptography and hashing.
Basically, you hash the content you want to verify with a secure hashing function and encrypt the value with your private key. You can now append this encrypted value to the content or just release it alongside it.
To now verify this content they can use your public key to decrypt your signature and get the original hash value, and compare it to their own. To get that, they just need to hash the content themselves with the same function.
So by signing their videos with the white house private key and publishing their public key somewhere, you can verify the video’s authenticity like that.
For a proper understanding check out DSA :)
- Comment on Why Everyone Should Still Use an RSS Reader in 2024 3 months ago:
Hope you find something to fulfill your wish!
- Comment on ICANN proposes creating .INTERNAL domain 3 months ago:
Who is Ian?
- Comment on Chinese hackers ready to ‘wreak havoc’ on critical US infrastructure with 50-to-1 cyber personnel advantage, FBI director warns 3 months ago:
I work in exactly this field and I can go to work in shorts and a tank top because it’s about my expertise, not the material or its form I choose to put on my skin. I had to go to work in a suit in a previous job and I’ll never ever accept that again.