I have to do a thread on this amazingly terrible web page that is awesome in its terribleness. Let's just start with the title:
"How International Student Pass Business Writing Class."
(URL neutered to avoid giving them clicks).
So it's not clear that the author really WOULD pass a business writing class, with that title. But a quick read gives so much more fun details.
We’ll friends, this security fad was fun while it lasted https://www.cnbc.com/amp/2022/06/10/job-cuts-hit-cybersecurity-firms-despite-surging-growth-from-attacks.html
How do they write these things with a straight face? “We don’t store key material, but we store the encryption key”
Laughing out loud at my 16yo who already thinks like a code: I’m mentioning that I am going to get a 3D printer and we could print our own dice.
19yo: you could print a 7-sided die
Me: I don’t know a good 7-sided polyhedron
16yo: it’s just an 8-sided die with one side labeled “roll again”
And so now I can just go over to Safari, copy/paste the text, and be on my merry way!
I don't have a lot of encrypted PDFs whose content I can happy paste into a search engine (not much overlap in that Venn diagram!) so I don't know how MUCH text I can copy/paste this way. But it beat the heck out of typing! 3/FIN
If I try to copy from the PDF, I get this warning that says I need to supply the password to Preview. Now, if I right click on the text, I see a few options. Including "Search with DuckDuckGo". That's interesting. (DuckDuckGo is my default search in Safari) I select that option and what do you know? Safari opens. It has copied the text I highlighted and sent it to DuckDuckGo as a search string! 2/
On our legal documents, our legal team apparently encrypts PDF contracts. Good for them. If I open one in Preview (Version 11.0 (1018.6.2), Big Sur 11.6.5) and I look at the document info, I see password protection is enabled. It says it's "encrypted" but there are a few standards of PDF #encryption. I don't know what this means. 1/
In 2019, we observed AdColony receiving GPS location data from Grindr and filed a GDPR complaint:
German watchdog @firstname.lastname@example.org just observed Inneractive/Fyber receiving GPS location data from a clock/weather app with >50m installs:
Nice story about how you can end up with cool stuff if you keep old warez about
My battle against the #AWS SecurityHub "best practices" continues. This time it's "[EC2.21] Network ACLs should not allow ingress from 0.0.0.0/0". I don't USE NACLs. NACLs are stupid. They're a total waste of time and not the right way to do network security. If NACLs are an important part of your #VPC #network #security, you're doing it wrong.
Today's hot take, from someone who works at #AWS (but this is just my personal opinion). CIS Benchmarks for AWS are total crap. Mostly a waste of time. Like, you can spend hours and hours making them shut up and stop nagging. But it's so superficial and so basic. You have a LONG way to go after you get the CIS benchmarks to shut up.
Dear open source users,
If the author of your favorite open source app has announced they stopped developing and supporting the app (because they're frustrated and possibly burned out), please don't suggest they do more free work so that you can continue using the app.
Instead, consider thanking them for their past work and let them know that you enjoyed their app.
another open source developer