Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)L

lemmyvore

@ lemmyvore @feddit.nl

Posts
12
Comments
1501
Joined
3 yr. ago

  • Amazon cloud boss echoes NVIDIA CEO on coding being dead in the water: "If you go forward 24 months from now, it's possible that most developers are not coding"

    Jump

  • If you go forward 12 months the AI bubble will have burst. If not sooner.

    Most companies who bought into the hype are now (or will be soon) realizing it's nowhere near the ROI they hoped for, that the projects they've been financing are not working out, that forcing their people to use Copilot did not bring significant efficiency gains, and more and more are realizing they've been exchanging private and/or confidential data with Microsoft and boy there's a shitstorm gathering on that front.

  • Android malware steals payment card data using previously unseen technique

    Jump

  • When it happens it's a security flaw and it needs to get patched. It's not normal everyday thing.

  • Android malware steals payment card data using previously unseen technique

    Jump

  • This isn't about subscribing to NFC events, the malware is creating fake NFC events without the NFC sensor being involved in a physical interaction with a tag or reader.

  • iPhones in the EU get ability to set more default apps, delete more built-in ones

    Jump

  • For now, but the EU will force Apple to allow non-WebKit engines on iOS. At which point only Google will have enough money to spare porting an entire engine to a small market.

  • Android malware steals payment card data using previously unseen technique

    Jump

  • That's what I mean, it shouldn't be possible to relay anything. It should only trigger when there's a reader physically in proximity to the phone.

    Please keep in mind this is happening on the victim's phone which is not rooted, the malware is a regular non-system app.

    If it were happening on a rooted phone I could understand being able to subvert the NFC chain because at some point it has to pass from hardware to software and if you're privileged enough you can cut in there. But the malware app is not privileged.

  • iPhones in the EU get ability to set more default apps, delete more built-in ones

    Jump

  • You know, I hadn't realized this before. Thanks to Apple's decade-long policy, alternative browsers for iOS literally don't exist, they'll have to be ported. It will take years for that to happen, if anybody even bothers. Well, Google will.

    And that's how Apple will have managed to shoot themselves in the foot and have iOS fall under Chrome domination too.

    At this point if they were smart they would sponsor the ports of alternative browsers that are not Chrome, but I doubt they have it in them.

  • Android malware steals payment card data using previously unseen technique

    Jump

  • For those confused about how this could work with chip cards, the malware has two components, one installed on the victims phone and one on the attacker's. The attacker initiates the contactless authentication at an ATM or contactless payment and their phone communicates in real time with the victim's, which is tricked by the malware into reacting to that event and producing the one time token which is then relayed to the attacker and used.

    They also previously social-engineered the card PIN from the victim, in case the contactless event requires it (definitely in case of ATM login).

    The fact you can trick the NFC system on the phone into reacting to "phantom" payment events and intercept the resulting token sounds like a pretty big problem. The former should be entirely hardware controlled, and the latter should not allow the token to go anywhere else except to the hardware.

  • About 500,000 trees cut down at site of Tesla gigafactory near Berlin | The Guardian

    Jump

  • Where'd you hear Germans are progressive? 😄

  • What's the difference between a $50 HDD and a $200 HDD?

    Jump

  • It's impossible to tell how meaningful Backblaze's numbers are because we don't know the global failure rate for each model they test, so we can't calculate the statistical significance. Also there are other factors involved like the age of the drives and the type of workload they were used for.

    buying more reliable devices can definitely save you time and headache in the future by having to deal with failures less frequently.

    That's a recipe for sorrow. Don't waste time on "reliability" research, just plan for failure. All HDDs fail. Assume they will and backup or replicate your data.

  • What's the difference between a $50 HDD and a $200 HDD?

    Jump

  • Any difference you personally experience between the three big brands is meaningless. For any failed HDD you have there's going to be another person who swears by them and has had five of them running for 10 years without a hitch.

    But whatever's cheaper in your area and stop worrying. Your reliability should be assured by backups anyway not by betting on a single drive. Any drive can fail.

  • What's the difference between a $50 HDD and a $200 HDD?

    Jump

  • For home setup you don't care because you should have either redundancy or backup (preferably both).

    So that typically means buying the cheapest HDD that's new and from one of the established brands (Seagate, Western Digital, Toshiba) that's in the correct size for your needs, and you can afford to buy it at least twice (for the aforementioned backups or redundancy), or even thrice, and replace as soon as needed.

    In other words there's no need to speculate on how long an HDD will last, you simply replace it when needed.

    Please also note that HDDs over 10 TB are starting to get increasingly replaced with enterprise models which run hotter and make more noise.

  • How difficult would it be to fork and mantain a chromium version that still supports Manifest V2?

    Jump

  • And what do you do when Firefox deprecates v2 too?

  • 4 browsers that will continue to support uBlock Origin and other ad blockers with Manifest V2

    Jump

  • I've done tests with the built-in Firefox strict mode vs uBlock and there's a bit of a difference. Firefox blocks about two thirds, uBlock is almost 100%.

  • Fuck-up Assessment Form

    Jump

  • DNS at any company tends to be a mess. Multiply that by a thousand for a large multinational corporation. Case in point, here's Microsoft (and these are never going to stop, due to the sheer complexity):

    Even when you use an automated service things can go wrong. For example I use Let's Encrypt but it needs to verify my DNS ownership so I use an API token to let the certbot make the modifications to prove that. At some point I wanted to restrict the token rights so it only has access to certain TXT records (to increase security in case the token every gets compromised). Long story short I forgot to include one wildcard and that particular certificate couldn't get renewed so it was out for the day until I fixed it.

    Manjaro's website is made for presentation purposes and whether it's up or not has no impact on how the distro runs or whether you can download packages. Furthermore it's a completely different team from the distro developers so this has no bearing on the package quality. I've been a Manjaro user when some of the manjaro.org certificates expired but I never knew about it because it didn't affect me in any way.

    manjaro.org uses Let's Encrypt now and it's been recently redesigned.

  • Microsoft is enabling BitLocker device encryption by default on Windows 11

    Jump

  • Which brings me to the question, how is Microsoft doing this, where will people's keys be located? Do they force everybody to put in an USB stick?

  • Microsoft is enabling BitLocker device encryption by default on Windows 11

    Jump

  • You don't need your hard drive if all your files have been secretly moved to OneDrive taps forehead.

  • Arch users trying to print files

    Jump

  • First day at work for junior software engineer, he is super excited and stays late getting familiar with the project.

    Finally he gets up to leave and in the hallway he runs into the CEO himself, looking lost, standing with a piece of paper in his hand in front of a shredder.

    "Oh, thank God," says the CEO, "I thought everybody has left. Look, my secretary has gone and I only have two minutes until I have to be back in the conference call. Do you know how to work this thing?"

    The junior looks at the shredder, notices it's not plugged in, connects it, the thing turns on and he shows the CEO how to put in the paper and press the button. They watch the paper as it starts going in with a sigh of relief.

    "Thank you so much," says the CEO, "you're a life-saver. I only need one copy."

  • Deleted

    Permanently Deleted

    Jump

  • Repology artificially reduces the number of packages instead of reporting the actual number. Which I find highly dubious because most packages have a purpose. In particular for repositories like the AUR artificially eliminating packages goes against everything it stands for. Yes it's supposed to have alternative versions of something, that's the whole point.

    If there wasn't for this the ranking would be very different. Debian for example maintains over 200k packages in unstable.

  • Custom ROMs have had just about enough of being Android's second-class citizens

    Jump

  • Ironically, if Graphene would succeed, it would lead to a system that's every bit as locked down as a manufacturer's Android. GrapheneOS would also not allow you to have root etc.

    IMO Graphene wants a place at the big player table. They're not in it for user freedoms.