Technology
YouTube will shove ads in your face even when you pause videos
IllNess 2 hours ago • 100%
So many good episodes. This episodes, "Fifteen Million Merits" stands out. It's really good.
My favorite is "Shut Up and Dance".
Technology
YouTube will shove ads in your face even when you pause videos
IllNess 2 hours ago • 100%
On my Galaxy S24+, I have this option:
Keep screen on while viewing Keep the screen on while you're looking at it, using the front camera to detect your face.
Creepy. I wonder if Samsung can do this if this option is on...
Technology
YouTube will shove ads in your face even when you pause videos
IllNess 4 hours ago • 100%
There was a Black Mirror episode where if you close your eyes, the ad stops playing and continues only when you open your eyes again.
This is next.
Technology
Apple and Samsung aren't the world's top two smartphone vendors for once
IllNess 7 hours ago • 100%
when I got my S24+, it had Facebook, Spotify, Netflix, LinkedIn, Office 365, and OneDrive. I was able to uninstall all of them except OneDrive. I disabled OneDrive.
AndroidIllNess 3 days ago • 95%
One of the first major problems took place with Android 10, as it restricted navigation gestures to stock launchers.
Note in 2019 in the beta release of Android 10, Google took away swipe gesture navigation and forced third party launchers to use the older 3 button navigation.
Selfhosted
Software for manga/book reader
IllNess 4 days ago • 100%
Moon Readers cloud sync is amazing if you read from multiple devices. I think they recently added book syncing too.
Fuck CarsIllNess 4 days ago • 95%
Because she either a sadist, a psychopath, and/or a narcissist.
Send her this article: Who Wants a Loud Car? [Psychology Today]
Tell her to get help.
London
Over half of Londoners think councils prefer improving roads for drivers over safety of cyclists and pedestrians, as majority call for more Low Traffic Neighbourhoods and 20mph limits, new study finds
IllNess 5 days ago • 100%
Interesting way to play Exploding Kittens.
Mildly Infuriating
One car accident, endless spam calls
IllNess 5 days ago • 100%
I don't know how all states operate but they have access to police reports that have your contact info. If it doesn't have your number then background reports.
Mildly Infuriating
One car accident, endless spam calls
IllNess 5 days ago • 100%
These calls might be from lawyers. Check your mail and see if you are getting mail from lawyers. They are all trying to beat each other to get you to sign with them.
IllNess 5 days ago • 100%
Thanks for the info.
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
Early 90s Guide To Cyberpunk Necessities
IllNess 6 days ago • 100%
I wanted a Dick Tracy watch so badly. Tech just decided to skip all of that and put a screen on a watch. Boo.
Technology
Search Risk – How Google Almost Killed Proton Mail
IllNess 1 week ago • 100%
Is piped or invidious working for you?
The popular servers are down. Google put some kind of limit on them. I'm going to guess bandwidth limit.
Technology
Android apps are blocking sideloading and forcing Google Play versions instead
IllNess 1 week ago • 83%
Yes. I think a huge issue is Linux doesn't handle other app activities like how Android's Intent or Broadcast does.
Technology
Android apps are blocking sideloading and forcing Google Play versions instead
IllNess 1 week ago • 100%
When I say Linux phones, I mean selling a phone with Linux already or Linux ready, not taking existing phones with Android and putting Linux on them.
Examples:
Purism Librem 5
PinePhone Pro
Pro1 X
Volla Phone X23
Technology
Android apps are blocking sideloading and forcing Google Play versions instead
IllNess 1 week ago • 91%
There are Linux phones available. I,m going to guess popularity of those devices to increase soon.
Jellyfin: The Free Software Media System
SOLVED Total novice: unable to reach server
IllNess 1 week ago • 100%
depends on what version of Android but it should be similar.
Also do not delete or modify anything.
Go to Settings -> Network & Internet -> Internet -> (You Network Name Here)
Then click the down arrow for Advanced and under Network Details you will find IP Address.
This Network Details information might be useful later. Remember how you got to it.
Pulse of Truth
Ford Seeks Patent for Software That Records Your Conversations to Serve You Ads
IllNess 1 week ago • 100%
Google, Meta, Microsoft, or ByteDance don't have this?!
Jellyfin: The Free Software Media System
SOLVED Total novice: unable to reach server
IllNess 1 week ago • 100%
ping is terminal or command line command.
It works in Windows, MacOS, and Linux.
Go open a terminal and type ping then a space, then the IP address of your Android device. If it connects it will give you a latency number. If it doesn't, it will tell you it is not reachable.
Windows stops the command at 4 I believe. In Linux and MacOS use CTRL + C to stop the command.
Jellyfin: The Free Software Media System
SOLVED Total novice: unable to reach server
IllNess 1 week ago • 100%
This was my first thought was the port number.
OP, ping the IP address of your Android device from your server. If not, you have a networking issue. If you can ping it, probably a settings issue.
Also, my Android phone was able to find my server automatically.
Data Breaches
Payment gateway data breach affects 1.7 million credit card owners
IllNess 1 week ago • 100%
The types of data that may have been accessed by the unauthorized part include:
- Full name
- Physical address
- Credit card number
- Payment card expiration date
Data Breaches
Car rental giant Avis discloses data breach impacting customers
IllNess 1 week ago • 100%
Woodworking
Ever catch yourself spotting burls during your everyday life?
IllNess 2 weeks ago • 100%
They are growths on a tree that causes swirl grains. You see the bumps on the tree in OPs picture? Those are burls.
I saw a bowl in Target that had fake burl wood. It's going mainstream.
PrivacyIllNess 2 weeks ago • 100%
Google Wallet, formally Google Pay, formally GPay, formally Android Pay, formally Google Wallet, formally Android Wallet, does the same thing.
Switching phones and returning something was such a pain since it generated an entirely new number.
>Transport for London, the city's public transportation agency, revealed today that its staff has limited access to systems and email due to measures implemented in response to a Sunday cyberattack.
thehackernews.com
>"After an initial chat conversation, the attacker sent a ZIP file that contained COVERTCATCH malware disguised as a Python coding challenge," researchers Robert Wallace, Blas Kojusner, and Joseph Dobson said. >The malware functions as a launchpad to compromise the target's macOS system by downloading a second-stage payload that establishes persistence via Launch Agents and Launch Daemons.
IllNess 2 weeks ago • 100%
I am definitely not trying to defend the manufacturers here, only point out that there are solutions for those like myself who want to continue using their wired headphones with newer phones.
Understood.
I agree with you with the SD card too. That one probably annoys me more. It made everything so much more difficult. Transferring files, backups, swapping out music, seeing pictures from a camera or drone... Made the device less like a computer in everyway.
IllNess 2 weeks ago • 100%
Yes that is true but speaking on clinging on to an older phone, a headphone jack had a superior physical hold. My phone got saved a few times because my phone was connected to my wired headphones.
These dongles that came with phones were also usually very thin. It also sticks out and made of plastic. It just adds another weak point. They somehow added a weak point to a great piece of technology... On top of that phones no longer comes with the dongles.
Also dongles aren't sexy. It looks like a hack to make something work. Phone companies made headphones unsexy while making wireless earbuds really sexy.
Some people said that a headphone jack made dustproofing and waterproofing more difficult. Maybe but it had be done before. They also said it brings down the price of the phone to get rid of them. Weird considering the Google A series and Samsung mid range phones had it but their flagship phones didn't.
You made a lot of great points. Thank you for those.
I actually have bluetooth earbuds either came bundled, or I was gifted them. They have come a long way. Easier to connect. Better latency and better sound quality compared to the older version of bluetooth.
I like them, I am not a complete hater but I really am annoyed that this stuff will just turn to ewaste while my headphones have lasted me decades.
I'm just an old head yelling at the clouds.
IllNess 2 weeks ago • 100%
This is the main reason they got rid of the headphone jack. Some headphones lasted forever.
Now you have Bluetooth earbuds with tiny batteries that goes in a case with another small battery. Batteries that small will last 5 years tops. On top of that sound quality hasn't improved and latency got worse.
>American car rental giant Avis disclosed a data breach after attackers breached one of its business applications last month and stole customer personal information.
Pulse of Truth
Idiots Who Tried TikTok’s Viral ‘Free Money Glitch’ at ATMs Are Getting Reported for Fraud
IllNess 2 weeks ago • 100%
I see.
To combat this my bank doesn't allow me to withdraw above what is in my bank account, no matter how big the check is. Like I can see the check money in there but it usually has a note that only a certain amount is usable until the check clears.
Technology
new foss adblocker for safari (macOS, ipadOS, iOS)
IllNess 2 weeks ago • 87%
Most professional programmers, graphic artist, and designers I met use MacOS.
Pulse of Truth
Idiots Who Tried TikTok’s Viral ‘Free Money Glitch’ at ATMs Are Getting Reported for Fraud
IllNess 2 weeks ago • 100%
If you need an account with Chase, doesn't that mean they were just withdrawing their own money? On top of that they are now going to jail for fraud.
IllNess 2 weeks ago • 100%
I feel like I lost and won at the same time.
Technology
Waymo Robotaxis Are Giving 100,000 Rides a Week. It'll Soon Be More.
IllNess 2 weeks ago • 66%
If it was a simple flag, you would be correct a computer will react faster than any human but when you factor in everything else like constantly analysis of surroundings, decision making, and accounting for physical limitations, then yes. It's the reason why Waymo cars move so slowly.
If a person was standing at a sidewalk, hidden behind an object, far away from a pedestrian way or traffic signal and jumps 2 feet in front of a car going 25 mph, the average driver with their full faculties would do better than Waymo.
Technology
Waymo Robotaxis Are Giving 100,000 Rides a Week. It'll Soon Be More.
IllNess 2 weeks ago • 100%
The reports of the safety of AVs is overstated when you consider that they are limited within a city limit, they rarely go on the highway, they follow speed limits in cities which is lower than highways, people are more aware of AVs, and during their trial runs they had an actual human in the car to correct them.
On average, AVs are safer especially when you consider some bad drivers do not get better, people drink, people get sleepy, people distract themselves. and young drivers lack experience. But the average driver with it with their full faculties would do better in tests based solely on reactions.
if you look at the accident reports and took out drivers who were on a substance, are younger than 25 or older than 70, was distracted with something like their phones or others in the car, were not following laws, and those who were emotional then the stats would be pretty close.
Overall I do believe AVs are better for world because peak performance of an average driver is rare.
Technology
Waymo Robotaxis Are Giving 100,000 Rides a Week. It'll Soon Be More.
IllNess 2 weeks ago • 90%
Human vision also have the brain that does a lot of automation like figuring out distance and looking out for danger with real time reaction speed. Night vision is usually better for most people too. The brain also combines that with sound so it can detect things out of vision. Eyes already have a range of view but the human head can also move around accurately. On top of all this focus is what the human brain is best at. While cameras can see 360°, years of data built in the subconscious taught a human driver what to look out for.
Technology
Waymo Robotaxis Are Giving 100,000 Rides a Week. It'll Soon Be More.
IllNess 2 weeks ago • 100%
This correct. Waymo cars have both radar and Lidar plus like 29 cameras.
IllNess 2 weeks ago • 100%
Texan here. I have seen a lot of trucks.
is that real?…
www.darkreading.com
Tracked as [CVE-2024-45195](https://nvd.nist.gov/vuln/detail/CVE-2024-45195) and discovered by Rapid7 security researchers, this remote code execution flaw is caused by a forced browsing weakness that exposes restricted paths to unauthenticated direct request attacks.
IllNess 2 weeks ago • 100%
Yeah, the drunks with several DUIs.
IllNess 2 weeks ago • 100%
The security advisory is for version 13.x until 13.6 on the popular virtualization software for macOS. The bug — CVE-2024-38811 — has a CVSSv3 base score of 8.8 and is caused by an insecure environment variable. Mykola Grymalyuk of RIPEDA Consulting reported the vulnerability and VMWare has issued a patched version of the software.
The vulnerability allows a user with standard privileges to execute code within the Fusion application.
cyberscoop.com
thehackernews.com
>The malvertising activity, observed in June 2024, is a departure from previously observed tactics wherein the malware has been propagated via traditional phishing emails, Unit 42 researchers Mark Lim and Tom Marsden said. Definitions: Malvertising - Internet advertising whose real intention is to deliver malware to the PC when the ad is clicked. [-wordnik](https://www.wordnik.com/words/malvertising)
Technology
YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel
IllNess 2 weeks ago • 100%
that makes sense. Thank you.
>The U.S. Federal Trade Commission (FTC) has reported a massive increase in losses to Bitcoin ATM scams, nearly ten times the amount from 2020 and reaching over $110 million in 2023. >Bitcoin ATMs are typically located in convenience stores, gas stations, and other busy areas, but instead of dispensing cash like the traditional ATMs they resemble, they allow you to buy and sell cryptocurrency.
thehackernews.com
thehackernews.com
> Written in Rust and capable of targeting both Windows and Linux/ESXi hosts, Cicada3301 first emerged in June 2024, inviting potential affiliates to join their ransomware-as-a-service (RaaS) platform via an advertisement on the RAMP underground forum.
>Though D-Link acknowledged the security problems and their severity, it noted that they fall under its standard end-of-life/end-of-support policies, meaning there will be no security updates to address them.
>The popular Docker-OSX project has been removed from Docker Hub after Apple filed a DMCA (Digital Millennium Copyright Act) takedown request, alleging that it violated its copyright.
>Researchers Ian Carroll and Sam Curry discovered the vulnerability in FlyCASS, a third-party web-based service that some airlines use to manage the Known Crewmember (KCM) program and the Cockpit Access Security System (CASS). KCM is a Transportation Security Administration (TSA) initiative that allows pilots and flight attendants to skip security screening, and CASS enables authorized pilots to use jumpseats in cockpits when traveling. Definitions: SQL injection is a code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution. -[Wikipedia](https://en.wikipedia.org/wiki/SQL_injection)
>North Korean hackers have exploited a recently patched Google Chrome zero-day (CVE-2024-7971) to deploy the FudModule rootkit after gaining SYSTEM privileges using a Windows Kernel exploit. >Citrine Sleet targets financial institutions, focusing on cryptocurrency organizations and associated individuals, and has been previously linked to Bureau 121 of North Korea's Reconnaissance General Bureau.
www.darkreading.com
>In the watering-hole attacks, threat actors infected two websites, cabinet.gov[.]mn and mfa.gov[.]mn, which belong to Mongolia's Cabinet and Ministry of Foreign Affairs. They then injected code to exploit known flaws in iOS and Chrome on Android, with the ultimate goal of hijacking website visitors' devices. Definitions: **Watering hole** is a computer attack strategy in which an attacker guesses or observes which websites an organization often uses and infects one or more of them with malware. Eventually, some member of the targeted group will become infected. -[Wikipedia](https://en.wikipedia.org/wiki/Watering_hole_attack) Whereas zero-days are a class of vulnerability that is unknown to a software developer or hardware manufacturer, an **N-day** is a flaw that is already publicly known but may or may not have a security patch available. -[Dark Reading](https://www.darkreading.com/vulnerabilities-threats/the-overlooked-problem-of-n-day-vulnerabilities)
cross-posted from: https://infosec.pub/post/16863645 > This relatively new ransomware-as-a-service (RaaS) operation extorts victims in exchange for not leaking stolen files and sells the documents to the highest bidder if negotiations fail. The ransomware group focuses on data-theft-based extortion rather than encrypting victims' files, although they were also identified as potential buyers of Knight ransomware source code. > > Since the start of the year, RansomHub has claimed responsibility for breaching American not-for-profit credit union Patelco, the Rite Aid drugstore chain, the Christie's auction house, and U.S. telecom provider Frontier Communications. Frontier Communications later warned over 750,000 customers their personal information was exposed in a data breach.
This relatively new ransomware-as-a-service (RaaS) operation extorts victims in exchange for not leaking stolen files and sells the documents to the highest bidder if negotiations fail. The ransomware group focuses on data-theft-based extortion rather than encrypting victims' files, although they were also identified as potential buyers of Knight ransomware source code. Since the start of the year, RansomHub has claimed responsibility for breaching American not-for-profit credit union Patelco, the Rite Aid drugstore chain, the Christie's auction house, and U.S. telecom provider Frontier Communications. Frontier Communications later warned over 750,000 customers their personal information was exposed in a data breach.
Today, the Cybersecurity and Infrastructure Security Agency (CISA) announces its cyber incident reporting form moved to the new CISA Services Portal as part of its ongoing effort to improve cyber incident reporting. [CISA Services Portal](https://myservices.cisa.gov/irf)
thehackernews.com
thehackernews.com
www.bleepingcomputer.com
www.bleepingcomputer.com
www.darkreading.com
www.darkreading.com
www.darkreading.com
www.darkreading.com
www.bleepingcomputer.com
www.bleepingcomputer.com
www.bleepingcomputer.com
www.bleepingcomputer.com
* [CSI: Advancing Zero Trust Maturity Throughout the Network and Environment Pillar [pdf]](https://media.defense.gov/2024/Mar/05/2003405462/-1/-1/0/CSI-ZERO-TRUST-NETWORK-ENVIRONMENT-PILLAR.PDF) * [CSI: Use Secure Cloud Identity and Access Management Practices [pdf]](https://media.defense.gov/2024/Mar/07/2003407866/-1/-1/0/CSI-CloudTop10-Identity-Access-Management.PDF) * [CSI: Account for Complexities Introduced by Hybrid Cloud and Multi-Cloud Environments [pdf]](https://media.defense.gov/2024/Mar/07/2003407865/-1/-1/0/CSI-CloudTop10-Hybrid-Multi-Cloud.PDF) * [CSI: Manage Cloud Logs for Effective Threat Hunting [pdf]](https://media.defense.gov/2024/Mar/07/2003407864/-1/-1/0/CSI_CloudTop10-Logs-for-Effective-Threat-Hunting.PDF) * [CSI: Uphold the Cloud Shared Responsibility Model [pdf]](https://media.defense.gov/2024/Mar/07/2003407863/-1/-1/0/CSI-CloudTop10-Shared-Responsibility-Model.PDF) * [CSI: Secure Data in the Cloud [pdf]](https://media.defense.gov/2024/Mar/07/2003407862/-1/-1/0/CSI-CloudTop10-Secure-Data.PDF) * [CSI: Implement Network Segmentation and Encryption in Cloud Environments [pdf]](https://media.defense.gov/2024/Mar/07/2003407861/-1/-1/0/CSI-CloudTop10-Network-Segmentation.PDF) * [CSI: NSA’s Top Ten Cloud Security Mitigation Strategies [pdf]](https://media.defense.gov/2024/Mar/07/2003407860/-1/-1/0/CSI-CloudTop10-Mitigation-Strategies.PDF) * [CSI: Mitigate Risks from Managed Service Providers in Cloud Environments [pdf]](https://media.defense.gov/2024/Mar/07/2003407859/-1/-1/0/CSI-CloudTop10-Managed-Service-Providers.PDF) * [CSI: Use Secure Cloud Key Management Practices [pdf]](https://media.defense.gov/2024/Mar/07/2003407858/-1/-1/0/CSI-CloudTop10-Key-Management.PDF) * [CSI: Enforce Secure Automated Deployment Practices through Infrastructure as Code [pdf]](https://media.defense.gov/2024/Mar/07/2003407857/-1/-1/0/CSI-CloudTop10-Infrastructure-as-Code.PDF)
* [CSI: Advancing Zero Trust Maturity Throughout the Network and Environment Pillar [pdf]](https://media.defense.gov/2024/Mar/05/2003405462/-1/-1/0/CSI-ZERO-TRUST-NETWORK-ENVIRONMENT-PILLAR.PDF) * [CSI: Use Secure Cloud Identity and Access Management Practices [pdf]](https://media.defense.gov/2024/Mar/07/2003407866/-1/-1/0/CSI-CloudTop10-Identity-Access-Management.PDF) * [CSI: Account for Complexities Introduced by Hybrid Cloud and Multi-Cloud Environments [pdf]](https://media.defense.gov/2024/Mar/07/2003407865/-1/-1/0/CSI-CloudTop10-Hybrid-Multi-Cloud.PDF) * [CSI: Manage Cloud Logs for Effective Threat Hunting [pdf]](https://media.defense.gov/2024/Mar/07/2003407864/-1/-1/0/CSI_CloudTop10-Logs-for-Effective-Threat-Hunting.PDF) * [CSI: Uphold the Cloud Shared Responsibility Model [pdf]](https://media.defense.gov/2024/Mar/07/2003407863/-1/-1/0/CSI-CloudTop10-Shared-Responsibility-Model.PDF) * [CSI: Secure Data in the Cloud [pdf]](https://media.defense.gov/2024/Mar/07/2003407862/-1/-1/0/CSI-CloudTop10-Secure-Data.PDF) * [CSI: Implement Network Segmentation and Encryption in Cloud Environments [pdf]](https://media.defense.gov/2024/Mar/07/2003407861/-1/-1/0/CSI-CloudTop10-Network-Segmentation.PDF) * [CSI: NSA’s Top Ten Cloud Security Mitigation Strategies [pdf]](https://media.defense.gov/2024/Mar/07/2003407860/-1/-1/0/CSI-CloudTop10-Mitigation-Strategies.PDF) * [CSI: Mitigate Risks from Managed Service Providers in Cloud Environments [pdf]](https://media.defense.gov/2024/Mar/07/2003407859/-1/-1/0/CSI-CloudTop10-Managed-Service-Providers.PDF) * [CSI: Use Secure Cloud Key Management Practices [pdf]](https://media.defense.gov/2024/Mar/07/2003407858/-1/-1/0/CSI-CloudTop10-Key-Management.PDF) * [CSI: Enforce Secure Automated Deployment Practices through Infrastructure as Code [pdf]](https://media.defense.gov/2024/Mar/07/2003407857/-1/-1/0/CSI-CloudTop10-Infrastructure-as-Code.PDF)
www.darkreading.com
> One of the vulnerabilities (identified as CVE-2024-27198) has a near-maximum severity CVSS rating of 9.8 out of 10 and is an authentication bypass issue in TeamCity's Web component. Researchers from Rapid7 who discovered the vulnerability and reported it to JetBrains have described it as enabling a remote unauthenticated attacker to execute arbitrary code to take complete control of affected instances.
www.darkreading.com
> One of the vulnerabilities (identified as CVE-2024-27198) has a near-maximum severity CVSS rating of 9.8 out of 10 and is an authentication bypass issue in TeamCity's Web component. Researchers from Rapid7 who discovered the vulnerability and reported it to JetBrains have described it as enabling a remote unauthenticated attacker to execute arbitrary code to take complete control of affected instances.
www.csoonline.com
www.csoonline.com
thehackernews.com
