drspod 5h ago • 94%
Older games are better than a lot of modern AAA slop, but not for the reasons she describes.
I was hoping she would talk about game design, or writing, mechanics, player agency, gameplay before graphics or literally anything else but she spent nearly 15 minutes only talking about tired culture wars talking points like, "why don't women look feminine aymore," "why are characters designed for diversity/inclusion first before story," "Concord sucks lol."
Yeah AAA writing is shit, please change the record so all the sweaty neckbeard virgins complaining about Aloy's facial hair can crawl back in their caves. So sick of hearing about it.
She shouts out Asmongold in her comments. Disgraceful.
drspod 8h ago • 100%
The binary blobs match which checksums? The ones provided by the ventoy developer?
GLIM is an alternative that's much simpler (it just uses Grub configs) so it is easy to audit:
drspod 8h ago • 42%
Please don't continue to recommend Ventoy. It has serious and unanswered security questions hanging over it, and the developer seems to be completely AWOL.
drspod 14h ago • 100%
IMHO it risks making (new) people think that it's the official logo that you've parodied and creating that association in their mind.
drspod 14h ago • 50%
This same article has already been posted 3 times to this community:
Please check if you're reposting before clicking submit!
drspod 15h ago • 100%
Why would you want to legitimize Meta's attempt at appropriating the Fediverse by paying homage to their logo?
drspod 2d ago • 100%
Anyone who falls for the scam of thinking that you can determine IQ from the genome of an embryo is probably below average themselves.
drspod 2d ago • 87%
You're just unabashedly supporting eugenics? Is that because you're too young, or too uneducated to know any better?
drspod 5d ago • 33%
Did you read the article?
drspod 5d ago • 28%
If you think that I'm misunderstanding something and arguing from a false premise then please feel free to engage with the discussion.
drspod 5d ago • 74%
I thought passkeys were supposed to be a hardware device?
This is typical embrace/extend/extinguish behavior from the large platforms that don't want their web-SSO hegemony challenged because it would mean less data collection and less vendor lock-in.
The whole idea of passkeys provided by an online platform should have been ruled out by the specification. It completely defeats the purpose of passkeys which is that the user has everything they need to authenticate themself.
drspod 6d ago • 95%
They didn't break RSA.
drspod 1w ago • 100%
IPv6 can run on IPv4 and look how much that helped
drspod 1w ago • 100%
This could also mean that they have found a (classical) vulnerability in one of the most used Post Quantum Encryption algorithms (such as Kyber) and they want everyone to switch to using it ASAP.
drspod 1w ago • 100%
If this is impersonation (which it looks to be) shouldn't it be removed?
Are you going to set the precedent that impersonation of figures in the open source community is allowed?
Personally I would be in favor of removing this post until OP can provide proof of identity (eg. by posting something on the main github account corroborating this post).
drspod 1w ago • 100%
It's pretty easy to check and see that this isn't how it works. I checked both my instance and yours and both of them host the images that have been posted to communities on other instances, so clearly images are transferred (or cached) between instances.
drspod 1w ago • 100%
Goodhart's law is an adage often stated as, "When a measure becomes a target, it ceases to be a good measure"
drspod 1w ago • 100%
The cause of the visitor’s death was not immediately provided.
> Threat actors are utilizing an attack called "Revival Hijack," where they register new PyPi projects using the names of previously deleted packages to conduct supply chain attacks. > > The technique "could be used to hijack 22K existing PyPI packages and subsequently lead to hundreds of thousands of malicious package downloads," the researchers say. If you ever install python software or libraries using `pip install` then you need to be aware of this. Since PyPI is allowing re-use of project names when a project is deleted, any python project that isn't being actively maintained could potentially have fallen victim to this issue, if it happened to depend on a package that was later deleted by its author. This means installing legacy python code is no longer safe. You will need to check every single dependency manually to verify that it is safe. Hopefully, actively maintained projects will notice if this happens to them, but it still isn't guaranteed. This makes me feel very uneasy installing software from PyPI, and it's not the first time this repository has been used for distributing malicious packages. It feels completely insane to me that a software repository would allow re-use of names of deleted projects - there is so much that can go wrong with this, and very little reason to justify allowing it.
Description: "Featured is a playthrough of a blitz chess game between Rodrigo Vasquez and Vladimir Kramnik from an Early Titled Tuesday event which was held on October 17th, 2023. Kramnik recently admitted, via a YouTube comment on this topic of fair play surrounding him, that he played several tournaments under someone else’s chess\.com account. This act violates chess\.com’s Fair Play Policy. Kramnik played under Denis Khismatullin’s account, “Krakozia”. I share reasons why this is a violation of fair play policy, how a player can be negatively impacted because of it, and provide Kramnik’s YouTube comments where he attempts to explain it all."
www.bleepingcomputer.com
cross-posted from: https://lemmy.ml/post/4912712 > Most people know at this point that when searching for a popular software package to download, you should be very careful to avoid clicking on any of the search ads that appear, as this has become an extremely common vector for distributing malware to unsuspecting users. > > If you thought that you could identify these malicious ads by checking the URL below the ad to see if it directs to the legitimate site, think again! Malware advertisers have found a way to use Google's Ad platform to fake the URL shown with the ad to make it appear like a legitimate ad for the product when in fact, clicking the ad will redirect to an attacker controlled site serving malware. > > Don't click on search ads or, even better, use an ad-blocker so that you never see them in the first place! > > 
www.bleepingcomputer.com
Most people know at this point that when searching for a popular software package to download, you should be very careful to avoid clicking on any of the search ads that appear, as this has become an extremely common vector for distributing malware to unsuspecting users. If you thought that you could identify these malicious ads by checking the URL below the ad to see if it directs to the legitimate site, think again! Malware advertisers have found a way to use Google's Ad platform to fake the URL shown with the ad to make it appear like a legitimate ad for the product when in fact, clicking the ad will redirect to an attacker controlled site serving malware. Don't click on search ads or, even better, use an ad-blocker so that you never see them in the first place! 
www.bleepingcomputer.com
A reported Free Download Manager supply chain attack redirected Linux users to a malicious Debian package repository that installed information-stealing malware. The malware used in this campaign establishes a reverse shell to a C2 server and installs a Bash stealer that collects user data and account credentials. Kaspersky discovered the potential supply chain compromise case while investigating suspicious domains, finding that the campaign has been underway for over three years.
**[SOLVED]: The issue was caused by having "Show read posts" unticked in Settings. This will hide your own posts from you!** I recently made a post^[1]^ to this community about a bug that I experienced and reported. The post does not appear in the `New` feed for /c/lemmy_support nor does it appear in my user profile under `Posts` ^[2]^. However the post does have 3 replies (from users on multiple different instances) which means that other users can see it across the fediverse, so it's not a federation issue. (Also, my account and the community are both hosted on the same instance - lemmy.ml). I was not subscribed to /c/lemmy_support at the time I made that post, but I am subscribed now to see if that affects my visibility of this post. Is this a bug, or am I misunderstanding how lemmy works? Interestingly, if I view my profile while logged out, it does show the posts that I made, but when logged in it shows zero posts in my profile. [1] https://lemmy.ml/post/1394597 [2] 
github.com
See the images attached to the linked bug report. Where it usually says my username in the top-right, another user's name appeared. This happened twice in the last two days. I submitted the bug to the lemmy-ui project, but I'm not certain if this is a lemmy-ui problem, or a problem with the specific infrastructure setup of lemmy.ml, or even a backend issue. Any advice on whether I should post this bug report to somewhere else for greater visibility would be welcome. This could be indicative of a fairly serious security issue (or it could be a completely cosmetic bug).