![](https://lemmy.zip/pictrs/image/f8786eb2-82f5-4e00-bd37-157be49f0074.jpeg)
![](https://lemmy.ml/pictrs/image/2QNz7bkA1V.png)
That’s been changing for me lately. All of a sudden youtube is throwing me curve-balls and it’s great.
That’s been changing for me lately. All of a sudden youtube is throwing me curve-balls and it’s great.
Kind of agree with both of you. I think “the west” should counter disinfo operations by Russia. But it should be more in line with spreading the objective truth and promoting healthy democracy.
Whether that can actually happen and not be twisted into some gross anti-democratic scheme for control of natural resources, I don’t know.
The thing that usually kills windows is shitty drivers. So people with different hardware can have completely different experiences.
Bio-neural gel packs here we come.
The new vulnerability, assigned CVE-2024-6387, allows for unauthenticated remote code execution (RCE) with root privileges, posing a severe threat to affected systems.
Oh, fuck. Guess this is my day now.
Even if you’re poking at a black box and are reporting that “it acts funny when I poke it this way.” I’m my opinion, a reporter should send along a script or at least explicit instructions on how to repro.
I take the report more serious since it demonstrates you have an understanding of the issue or exploit. It will also save my time and it’s likely a trivial effort for the reporter since they’ve the context and knowledge of the issue loaded up and ready to go.
Agree that people like to fluff the severity of bugs they report. It’s better for prestige and bounty payouts. But this is a little more nuanced.
“While I didn’t really intend the module to be used for any security related checks, I’m very curious how an untrusted input could end up being passed into ip.isPrivate or ip.isPublic [functions] and then used for verifying where the network connection came from.”
It’s interesting, that it would be hard to make a case that there was a “vulnerability” in the ip
package. But it seems like this package’s entire purpose is input validation so it’s kind of weird the dev thinks otherwise.
Recurring incidents like these raise the question, how does one strike a balance? Relentlessly reporting theoretical vulnerabilities can leave open-source developers, many of who are volunteers, exhausted from triaging noise.
The researchers need to provide proofs of concept. Actual functional exploits.
BAT is trash but I’d love to see more quick crypto donation options.
They went bankrupt in 2018 and are but a shell of what they once were.
On new install without logging in a Microsoft account?
They do, and did. Perhaps this reaction with the ozone layer just hasn’t been considered until now.
“Bitcoin mining may be our last line of defense against a CBDC [Central Bank Digital Currency],” Trump said in a Truth Social post Tuesday.
lol, no shot he wrote this.
I’d still own one if they were just banned on highways. The risk is probably pretty low on low speed city streets, where these would be most useful.
No clue what that means. I was thinking more along the lines of how there’s 3+ techniques for async functions. Or that there’s a handful of syntax implementations, versions, and supersets of the language. Or that there are many interpreters all with different standard libraries and quirks.
It’s an annoyingly flexible language.
Oh, and there’s at last 2 other ways to do it too.
You say that like this shit is hard to use.
Oh yeah, I agree it’s super inefficient currently. But if the theoretical 100% efficient process is 5% of our current yearly energy expenditure, that sounds promising and suggests we shouldn’t just write off the idea.
Looks like a specially modified SyncThing was just used for exfil.
Oh