Pinned toot

@fluffy @angristan @rotawerx
More to the point, if someone needs to be pre-emptively shielded from all negativity, they may wish to put the computer away.

Nick Jr., Noggin, and Sprout are still broadcasting for their convenience.

r000t boosted

French TV News - Pretty good illustration of recent Twitter hack 😅

"voting software should always be fre-"

Voting software should not exist. Software should not be involved in casting ballots. Period. No such thing should exist. It's not possible to do it right in theory, it sure as shit will never happen in practice.

Paper. Ballots. Paper. Ballots. Paper. Ballots. If you don't understand and insist on using anything electronic, it better fucking have a paper backup copy that cannot be disabled.

Electronic voting is stupid, man. It's universally stupid.

r000t boosted
Imagine writing this regex, wtf. URL regex:

_^(?:(?:https?|ftp)://)(?:\S+(?::\S*)?@)?(?:(?!10(?:\.\d{1,3}){3})(?!127(?:\.\d{1,3}){3})(?!169\.254(?:\.\d{1,3}){2})(?!192\.168(?:\.\d{1,3}){2})(?!172\.(?:1[6-9]|2\d|3[0-1])(?:\.\d{1,3}){2})(?:[1-9]\d?|1\d\d|2[01]\d|22[0-3])(?:\.(?:1?\d{1,2}|2[0-4]\d|25[0-5])){2}(?:\.(?:[1-9]\d?|1\d\d|2[0-4]\d|25[0-4]))|(?:(?:[a-z\x{00a1}-\x{ffff}0-9]+-?)*[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}0-9]+-?)*[a-z\x{00a1}-\x{ffff}0-9]+)*(?:\.(?:[a-z\x{00a1}-\x{ffff}]{2,})))(?::\d{2,5})?(?:/[^\s]*)?$_iuS
r000t boosted

The fediverse would be much harder to compromise in such a way.

a benefit of decentralization.

r000t boosted

Anyone who sends bitcoin to that address posted by the hacked Jeff Bezos account deserves to lose their bitcoins.

r000t boosted

BREAKING: ZERO fediverse accounts breached by rogue Twitter employee with access to database.

Centralized platforms btfo

In order to combat the spread of any worms arising from this particular vulnerability, administrators are advised to keep servers at least 6U apart in racks.

Hi, are you... Paying... For your business' server software?

Better patch it. That software you pay through the nose for is more insecure than a yasuo main on a 10 game loss streak.

wired.com/story/sigred-windows

r000t boosted

Imagine doing this and then thinking you're the good guys.
twitter.com/AlecStapp/status/1

RT @AlecStapp@twitter.com

Are we going to talk about the fact that official reports from the European Parliament are openly (and approvingly) talking about implementing their own version of the Great Firewall of China?

🐦🔗: twitter.com/AlecStapp/status/1

r000t boosted
r000t boosted

Linux 5.7 adds support for Apple fast charging. It enables iOS devices to pull up to 2.5 amps.

How exactly are they doing that without blowing up cheap motherboards?

r000t boosted

It would have been funny if it weren't true!
The proposal to re-evaluate "years of experience" in "skill level" is interesting.

Hey iPhone fans, congrats on your innovative, never before seen, brand new, groundbreaking, disruptive, status quo smashing, home screen widgets.

This is the HTC Dream. It was released in 2008.

r000t boosted

The richest man on the planet became this way by building a warehouse and shipping behemoth that... Somehow carried on for 20 years without necessarily knowing who their suppliers were.

Huh.

I sent this statuses from two places at the same time with

r000t boosted
Something is going on with email lately. Huge uptick in attempts to crack some very specific accounts on my mail server.

The accounts in question can't actually be hacked: they are one-off aliases created per-service, but like, some kinda troubling ones. Like "adobe@", which is an email only Adobe would know exists. They're not trying adobe@every-domain-on-the-server, just adobe@one-specific-domain, and a few other aliases at different domains, like one was an alias made for The Lady so that she could run an Instagram account for the dog for like a month before losing interest, and it's been completely unused for about two years.

To be clear, this isn't spam directly, probably they're trying to get into the account to *send* spam, but to stem the tide of individual hosts getting blocked, I killed off all traffic from a handful of subnets and it's still coming in.

Here's a graph of unique hosts that tried to brute-force on a given day. About 30 happened while I was writing this post, so that graph shows 957 today but it's 990 now. As you can see, it's usually close enough to zero that it doesn't matter, then consistently around 100 this week, 325 yesterday, and it'll hit 1k today at this rate. Keep in mind, all the hosts that tried this yesterday are blocked, so it's 1k *new* IPs trying to do this, so there's some kind of moderately large botnet.

(FSE is the usual subject of graphs here, but this doesn't affect FSE.)
hax_my_email.gif
whohaxmyemail.gif
r000t boosted

I dislike working with garbage collected languages bc what if the garbage collector decides to come for me next

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.