51
love the quote at the end. there are far too many situations where windows is because "because!" where its just the wrong tool for the job. pos, web servers, trains to name a few i can think of...
tblFlip
joined 2 years ago
and i claim that i have a pig in my basement that plays celtic whistle and shits pure palladium every sunday
ye, dont think ive seen anyone talk about that. sad
wonderful read. ive reached a point where i can do nothing but lean back, sip a drink and laugh while these companies race each other to destroy their platforms. might as well start betting on who does the next stupid decision...
breaking news: researchers discover that network protocols work as intended. mindlessly connecting to an untrusted network is still a bad idea.
to quote the article: "Do not use untrusted networks if you need absolute confidentiality of your traffic" or use HTTPS and a SOCKS5 proxy
perfectly level.
ok, after reading that article fully, it does sound a lot less concerning than the headline would like me to believe. it is early in the morning (almost 13:00) and this is a great chance to expose how little i know about all that, so i will:
They believed SSH traffic was immune [...].
classic. we always think that something is perfectly safe until it breaks. also, looking at the article, the issue with RSA has been known since 1996. there had to be a useful application for this. such as TLS. and now some SSH implementations.
Last year, researchers found that [...] they were still able to passively observe faulty signatures that allowed them to compromise the RSA keys of [...] Baidu.com
no idea how this adds any value in a discussion about SSH, but i chuckled.
now the article also get to some more interesting stats.
5.2 billion SSH records. of that 590k with invalid signatures and 4.9k revealed factorization for a total of 189 unique private keys.
now i would very much prefer that last number to be a solid zero, but out of 590k faults, only 4.9k were usable for the attack. everyone that thinks "oh thats nothing. im safe." is still a fool, but it could be far worse. especially since this only target RSA and leaves ed25519 (and others) untouched.
but it just gets even better:
The researchers traced the keys they compromised to devices that used custom, closed-source SSH implementations that didn’t implement the countermeasures found in OpenSSH and other widely used open source code libraries.
if i was drinking something reading this, i would have spat it out laughing. i am that kind of fun at parties. this also partially explains why there are "only" 590k invalid signatures in over 5.2 billion records total. and judging by how good some companies and organizations handle updates (assuming there will be updates from cisco, zyxel, hillstone and mocana), this will still be enough to be used in some attacks five years from now.
yep. and i wouldnt be surprised if that was intentional. how quickly they backed off on that one very much smells like a classic door in the face tactic. this whole WEI thing is far from being over
i honestly have so much trust into the whole music industry, and especially UMG, that id bet my best guillotine on this ending up to be absolutely detrimental to artists. if you have generative AI and can generate music for you, why even pay artists? sure sounds like the first step in that direction
im honestly not really surprised anymore. i fully expect to see a lot more of these types of bugs in the coming years
and im already dreaming of the day all of those (sometimes really hard to work with) pseudocode "implementations" that are scattered across wikipedia will be replaced with immediately runnable, CC-0 licensed code. itll probably take years, but i do like the idea
view more: next ›
oh boy... that was bound to happen sooner or later to be honest. almost anyone posting art to major platforms will have someone cross post that to e621 eventually and its really up to you if you are ok with that, or want to do something about it
thats really much more of a question for a copyright lawyer (which im not), but that depends on the license of the art. unless stated otherwise and assuming that the work is even copyrightable, everything is usually all rights reserved, which (as far as i know) does make redistribution illegal in most jurisdictions. if it was licensed as CC-BY for example, this post should be ok since you are listed as the artist and have links back to your profile and the post itself
but thats the neat part! copyright rarely stops people from distributing art and memes
for all kinds of reasons... for me (when i get bored enough) its always a "the archive must grow" kind of deal. there is this sort of desire to have everything nicely tagged and uploaded in one massive archive. it doesnt really have anything to do with being 18+ or not. there is lots of non-18+ artwork on there as well, but we all know thats not what people think of first. if anything, someone saw your art somewhere and thought it should be added to e6 so others can see it too. i dont think that the uploader had any ill intentions. they probably didnt even think that you might have reservations since youre not listed as DNP
nice! have you also seen the DNP list? sending a takedown request will affect one post iirc, getting added to DNP goes a bit farther. getting added to DNP will either deny anyone from uploading your art, or will only allow certain uploads under certain conditions. for example you might be able to request that only original artwork without edits is posted
hope that semi-infodump gives at least some answers :D