Skip Navigation
Please.
  • Good Album. Boom! is still sadly as applicable today.

    The name being their response to early versions of the tracks leaking in Napster is great. Not "you're taking our money" but "wait till we finish the songs, THEN steal it".

    The disc itself looks just like a blank CD-R with a sharpie label, but there's also "hand drawn" alternate versions from each of the members.

  • Matt Mullenweg and WordPress Hijack the Advanced Custom Fields Plugin
    pxlnv.com Matt Mullenweg and WordPress Hijack the Advanced Custom Fields Plugin – Pixel Envy

    A bit of background, for those not steeped in the world of WordPress development: there exists a plugin called Advanced Custom Fields (ACF) which allows developers to create near-endless customization options for end clients in the standard page and post editor. It is hard to explain in a single par...

    Statement by ACF: https://www.advancedcustomfields.com/blog/acf-plugin-no-longer-available-on-wordpress-org/

    Statement by Matt: https://wordpress.org/news/2024/10/secure-custom-fields/

    Additional comments by Theo: https://youtu.be/grZg-BEhKMI

    8
    The Mozilla Graveyard
  • Seeing "the source is available here on GitHub", "the project was forked and is now maintained as (other name)", etc. after most of these really helps show the difference with Google. Well that and the length of the article, Google has far more deaths under their belt.

  • Big Penny!
  • The bridge is on S Pennsylvania Ave in Lansing, MI, hence "Penny". Construction has routed more people through there than normal lately increasing the bridges hunger.

    If there's one thing people that rent trucks or RVs never learn, it's the height of their vehicle (and that yes the flashing overheight lights are in fact for you).

    Source: Used to live near there.

  • 2.9 billion hit in one of the largest data breaches ever — full names, addresses and SSNs exposed
  • Yea that's a tough system to design for. Ideally you want sensitive stuff like that, where you don't care what the data is just that something matches it, stored as the results of a one-way hash function.

    The problem is that most of the data you're going to want to secure is pathetically tiny. 10 digit SSN? My phone can brute force that in a few minutes if you're doing raw hashes. Gotta salt them. But now you have a tradeoff decision, salting every one uniquely is best but now your comparison needs to do [leaked data] × [customers] checks to find matches. Same salt on all of them and as soon as one is cracked they all are.

  • Let's blame the dev who pressed "Deploy"
  • I get that it's not the point of the article or really an argument being made but this annoys me:

    We could blame United or Delta that decided to run EDR software on a machine that was supposed to display flight details at a check-in counter. Sure, it makes sense to run EDR on a mission-critical machine, but on a dumb display of information?

    I mean yea that's like running EDR on your HVAC controllers. Oh no, what's a hacker going to do, turn off the AC? Try asking Target about that one.

    You've got displays showing live data and I haven't seen an army of staff running USB drives to every TV when a flight gets delayed. Those displays have at least some connection into your network, and an unlocked door doesn't care who it lets in. Sure you can firewall off those machines to only what they need, unless your firewall has a 0-day that lets them bypass it, or the system they pull data from does. Or maybe they just hijack all the displays to show porn for a laugh, or falsified gate and time info to cause chaos for the staff.

    Security works in layers because, as clearly shown in this incident, individual systems and people are fallible. "It's not like I need to secure this" is the attitude that leads to things like our joke of an IoT ecosystem. And to why things like CrowdStrike are even made in the first place.

  • Supreme Court overturns Chevron decision, curtailing federal agencies' power in major shift
    www.cbsnews.com Supreme Court overturns Chevron decision, curtailing federal agencies' power in major shift

    The Supreme Court overturned a landmark 40-year-old decision that gave federal agencies broad regulatory power.

    Supreme Court overturns Chevron decision, curtailing federal agencies' power in major shift

    The Supreme Court on Friday overturned a landmark 40-year-old decision that gave federal agencies broad regulatory power, upending their authority to issue regulations unless Congress has spoken clearly.

    41
    InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)TW
    TwitchingCheese @lemmy.world
    Posts 2
    Comments 38