![](/static/66c60d9f/assets/icons/icon-96x96.png)
![](https://fry.gs/pictrs/image/c6832070-8625-4688-b9e5-5d519541e092.png)
https://sign.dropbox.com/blog/a-recent-security-incident-involving-dropbox-sign
Here’s the actual security advisory, which contains much more information than the fluff article about it.
No relation to the sports channel.
https://sign.dropbox.com/blog/a-recent-security-incident-involving-dropbox-sign
Here’s the actual security advisory, which contains much more information than the fluff article about it.
Ubuntu on Desktop I can understand.
Not anymore. A whole extra, unneeded, proprietary, locked-in package system. Ads in the default install.
There’s Mint, Pop!, and plenty of other options that actually respect the user.
People pay for this?
Cutting someone’s brake lines has been a means of assassination for a while. What’s new here is that it could potentially be done remotely, e.g. an attacker in Bucharest targeting a victim in Seattle on behalf of a payer in Moscow.
Other way around. Unsupervised OTA updates are dangerous.
First: A car is a piece of safety-critical equipment. It has a skilled operator who has familiarized themselves with its operation. Any change to its operation, without the operator being aware that a change was made, puts the operator and other people at risk. If the operator takes the car into the shop for a documented recall, they know that something is being changed. An unsupervised OTA update can (and will) alter the behavior of safety-critical equipment without the operator’s knowledge.
Second: Any facility for OTA updates is an attack vector. If a car can receive OTA updates from the manufacturer, then it can receive harmful OTA updates from an attacker who has compromised the car’s update mechanism or the manufacturer. Because the car is safety-critical equipment — unlike your phone, it can kill people — it is unreasonable to expose it to these attacks.
Driving is literally the most deadly thing that most people do every day. It is unreasonable to make driving even more dangerous by allowing car manufacturers — or attackers — to change the behavior of cars without the operator being fully aware that a change is being made.
This is not a matter of “it’s my property, you need my consent” that can be whitewashed with a contract provision. This is a matter of life safety.
Remember SOAP? Remember XML-RPC? Remember CORBA?
Those were not very good.
This has been going on for over 25 years now.
The kind of people who go into business building censorship software turn out to quite often be the kind of people who think feminism is a hate group, atheism is a cult, birth control is a dangerous drug, evolutionary biology is political extremism, and therapists are child-molesters. As such, it is unsurprising that this software’s behavior has quite often reflected those views.
If you threaten violence to people for calling you a fascist … you might be a fascist.
Obviously, trivially, blatantly false, because the AI safety people have been at it since long before there was anything to market. Back then, the bullshit criticism was “AI will never be able to understand language or interpret pictures; what harm could it possibly ever do?”
Fortunately, they also killed the mindbogglingly stupid idea of forcibly hiding https://
in the address bar. (It may be off by default, but you can turn it on.)
Also, TCP/IP requires that the server receive your IP address (or that of a proxy, VPN endpoint, etc.) so that it can send the response back. Opening a new browser window doesn’t change that.
Even though going incognito prevents Chrome from saving cookies, site data and your browsing history, it doesn’t actually prevent websites or your internet service provider (ISP) from tracking you and knowing what you’re up to online. This news comes as a shock to many Chrome users but privacy experts have long warned that the browser’s incognito mode isn’t as private as you might think.
Know where else you’ll find that same warning?
On every new incognito window in Chrome.
It’s been there for years —
Your activity might still be visible to:
- Websites you visit
- Your employer or school
- Your internet service provider
1993 or so, before kernel 1.0. Slackware on floppies, then Debian, then Ubuntu, then Mint, now Pop!_OS.
I got a rather profitable career out of it: went into IT during/after college, then got hired into a big Silicon Valley company, stayed in that area for several years, then quit during COVID.
I have to wonder if this is a video game problem, or if it’s a sort of financial self-destructiveness expressed through a video game rather than through some other means.
Like, for every person who spends money they don’t have on video games, how many people spend money they don’t have on fancy cars, or clothing, or expensive pets, other luxury possessions? How many people spend the rent money on sneakers, or the kids’ college fund on fancy vacations, or the utility bill money on anime figurines, or their whole paycheck on partying, or their retirement fund on too much house?
Financial self-destructiveness seems to be a problem that some people have. It gets reported heavily when it’s expressed through video games, in part because much of the reporter’s audience thinks all video games are fundamentally pointless and evil to begin with.
It’s not just “won’t ban”.
They collect money from subscriptions to Nazi authors, and pay those authors.
They are a Nazi publisher.
Nazi furries have been a thing for years. The regular furries don’t like them.
AI safety folks have been warning about the predictable disastrous consequences of turning economic power over to unethical AI systems for many years now, long before deepfakes, predictive policing, or other trendy “AI dangers” were around.
Some of these names (like OpenVMS) are from before the term “open source software” was coined (which was in 1998). They refer instead to “open systems”, meaning computer systems with published specifications, interoperable hardware, portable software, etc. – things that might seem like obvious choices now, but were not in early business computing.
Remember, streaming only has a business model as long as it has a better user experience than piracy. That’s why iTunes took off in the era of Napster. When a streaming service’s user experience drops below that of digging up pirate treasure off a shitty ad-ridden torrent site, that service is not long for the world.
If you’re looking for commercial games on Linux, Steam has pretty much solved this with the “Steam Play” compatibility feature, which uses a customized version of WINE to run Windows games. For example, Baldur’s Gate 3 runs perfectly. It should work anywhere Steam does.