Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)N

n0xew

@ n0xew @lemmy.world

Posts
0
Comments
16
Joined
3 yr. ago

  • Malicious PyPI Package "automslc" Enables 104K+ Unauthorized Deezer Music Downloads

    Jump

  • I agree the article isn't super clear. Reading it twice, it seems that the user credentials are exfiltrated to the C2 server (only the screenshot implies it), which definitely would be malicious.

    Also a possible interpretation could be that the package advertised "just" some automations (e.g. export playlists to m3u?) and getting music metadata, whereas it was actually downloading musics locally unbeknownst to the user. Then exfiltrating the music back to the C2 server, effectively using the package's users to mass pirate musics without exposing the pirates directly. That would indeed be malicious, especially if the package did not advertise any content downloading.

    But for the last paragraph I'm extrapolating on the few info this article gives without making much sense..

    EDIT: from the original article here https://socket.dev/blog/malicious-pypi-package-exploits-deezer-api-for-coordinated-music-piracy it does not seem that the musics are downloaded on the user systems then extracted to the C2 server, but rather all that's necessary to build the download urls, including tokens tied to the victims' account.

  • Plex migration from Windows to Linux

    Jump

  • What's the strangest insult that you have ever received/given?

    Jump

  • Oh I got one from when I was a kid: my sibling's friend once valled her an "invertebrate brain". I'm glad she didn't have any vertebrae in there!

  • Streamyfin, a simple and user-friendly Jellyfin client for iOS and Android

    Jump

  • Looks nice, I'll give it a try! There's also a Jellyfin community, don't hesitate to crosspost there :)

  • Deleted

    Who else hasn't voted in presidential elections in years?

    Jump

  • Technically, most people?

  • What is YOUR top 10 list of all time best video games?

    Jump

  • I'm just going to drop my number 1, especially because it's in no one's list but somehow CP2077 is mentionned several times..

    • The Witcher 3 !

    Then the rest would be:

    • Age of Empires II
    • Minecraft
    • Overwatch 1
    • Star Wars Battlefront II (the OG)
    • Trackmania
    • Portal
    • Skyrim

    ... I'll leave the remaining 2 to others :)

  • Cameractrls, software to control your webcamera - available as Flatpak

    Jump

  • Thanks for sharing! I've been using guvcview for a long time to control exposure and focus on my good old Logitech C920, but adding a ppa just for that seemed a bit too much. I will definitely have a look at it!

  • Atuin: ✨ Magical shell history

    Jump

  • Looks helpful, I'll have to give it a try. Thanks!

  • Authelia Docker Image outdated?

    Jump

  • There hasn't been any release since a year either, the last one being 4.37.5 https://github.com/authelia/authelia/releases

    But you can have a look at the github milestones, 4.38.0 is in the work and hopefully will be released sooner than later https://github.com/authelia/authelia/milestone/17

    Regarding security: a quick browsing in the project's issues, filtering by area:security did not show any flaws being reported since the last release. But there may have been undisclosed vulnerabilities the project's dev are working on fixing for the next version. My personal non-professional non-legally-binding opinion is that it looks fine, so I do keep it running on my server.

  • Controlling and monitoring computers (Windows, Linux) from Home Assistant?

    Jump

  • The original dev has gone silent indeed, but a team of volunteers resumed development recently. So I wouldn't call it outdated, but we'll see if they'll keep up the good work for long.

    I've been using it for more than a year to automate a few stuff, it's been good for this purpose so yeah I would recommend it :)

  • Controlling and monitoring computers (Windows, Linux) from Home Assistant?

    Jump

  • In bid to curb immigration, France to scrap birthright citizenship in Indian Ocean island of Mayotte

    Jump

  • That's indeed a pretty confusing wording!

  • In bid to curb immigration, France to scrap birthright citizenship in Indian Ocean island of Mayotte

    Jump

  • Mayotte's is part of overseas France, so I guess you are talking about mainland France?

    So yes it may be the case for some of the island inhabitants, who as French citizens can travel to mainland France. Surely and understandbly some do, but reading the press this isn't really part of the debate. At the same time, these citizens are also the ones installing the roadblocks and demanding these changes. Mayotte is also the French department where Le Pen's right-wing party got the highest score (42.68%!) during the presidential 1st turn, so that's not entirely surprising.

    My point being, putting it under the scope of "this is mainland France government who wants to discourage immigration to mainland France" is wrong. A more accurate summary could be "this is mainland France governement giving in to demands of Mayotte inhabitants to discourage immigration to Mayotte".

  • In bid to curb immigration, France to scrap birthright citizenship in Indian Ocean island of Mayotte

    Jump

  • I don't know about the rest of the developed world, that'd be interesting to know. EDIT: the wiki page has a nice map of the world giving this info https://en.m.wikipedia.org/wiki/Jus_soli

    To answer your question, it would cause it to deviate from the rest of France, be it mainland or overseas France. All the territories have "jus soli", but Mayotte already had lessened rights compared to the rest.

    But this would need a revision of the constitution, to specifically remove this right from Mayotte. It's possible that it may not pass though, given the controverse it created.

  • In bid to curb immigration, France to scrap birthright citizenship in Indian Ocean island of Mayotte

    Jump

  • It's true that this is coming from the right-wing french politicians. But it has nothing to do with immigration to mainland France though (read the article).

    The situation in Mayotte is explosive: only a third of the adult population has a job, and 34% are registered as unemployed. You also have one inhabitant out of two coming from abroad. You have shanty towns growing everywhere. And in the past years, there has been a surge in violence between gangs, kidnappings etc... causing some inhabitants to install roadblocks in protest against the governement inaction. It's effectively blocking the island, along with its economy, worsening the problem..

    This looks like a desperate attempt to please the pissed locals to lift the roadblocks. So calling that a move to make sure the island's inhabitants don't go to mainland France is cliché and missing the whole context. This does not make the decision less controversial though. Nor useful...