Skip Navigation
Android malware steals payment card data using previously unseen technique
  • a surprisingly disappointing article from ars, i expect better from them.

    the author appears to be confusing “relay attacks” with “cloning” and doesn’t really explain the flow of the attach that well.

    really this just sounds like a complicated MitM attack, using the victim’s phone as the “middle” component between the victim’s physical card and the attacker’s rooted phone.

    the whole “cloning the UID attack” at the end of the article is irrelevant, NFC payment cards don’t work like that.

  • “Something has gone seriously wrong,” dual-boot systems warn after Microsoft update
  • Microsoft creates secure boot: “we should be able to run whatever we want on our hardware!”

    Microsoft lets users install crowdstrike on their computer: “Microsoft shouldn’t let us run this on our hardware!”

  • Removed
    Is anyone surprised?
  • if sanders was in first and biden fifth, how were the ones that dropped out losing?

    and how many of those that dropped out ended up with some sort of position of power under biden?

    you’re also willfully ignoring the fact that the dnc purposefully kept in person voting going during the height of the pandemic

    Adam Smith himself has admitted to this shit: https://jacobin.com/2024/07/joe-biden-bernie-sanders-democrats-2020-primary-trump

  • Removed
    Is anyone surprised?
  • that’s not at all what is being said here. the DNC had to pull all sorts of undemocratic shenanigans to forcefully prop up biden back in 2020 and we’re still paying the price of having these uninspiring losers as our only options

  • you can set your watch to it
  • from your own link, that’s only because she’s the least bipartisan dem in the senate.

    govtrack’s “left-right ideology” ranking is flawed, it doesn’t look at the content of the bills at all. in govtrack’s own words the ideology ranking “may be measuring something else, perhaps something more closely related to partisan-ness”.

  • How to track down external network issue?
  • start with basics:

    • install iperf on every device you can between an external device and your internal host(s) and use it to find any bottlenecks
    • use tools like tcpdump to analyze packets flowing over the network. you can often find surprising results this way
    • start with a simple test best (again, iperf) with the most simple config (no nginx etc) and add the complexity of your config bit by bit until the issue returns
  • First overseas trip with my girlfriend – Any tips to make It our best trip?
  • if this is your first time doing a big trip together, honestly, forget about it being prefect. it won’t be, and that’s ok. trips don’t need to be perfect to be meaningful, in fact, i’ve found the opposite to be true. the more wild and unexpected the adventure is, the more memorable and important it becomes to me.

    so I’d say it’s best to keep an idea of things you’d like to see or do, but also be flexible and willing to adapt. traveling with someone that forces everyone to stick to a rigid itinerary is never fun and is a good way to ruin the trip. all it takes is one lost bag or one missed train to throw all your careful planning out the window. better to roll with the punches than self destruct when that happens.

  • ChatGPT provides false information about people, and OpenAI can’t correct it
  • you’re so close, just why exactly do you think people are using it for these things it’s not meant for?

    because every company, every CEO, every VP, is pushing every sector of their companies to adopt AI no matter what.

    most actual people understand the limitations you list, but it’s the capitalists at the table that are making AI show up where it’s not wanted

  • "prompt engineering"
  • just a guess, but in order for an LLM to generate or draw anything it needs source material in the form of training data. For copyrighted characters this would mean OpenAI would be willingly feeding their LLM copyrighted images which would likely open them up to legal action.

  • BatBadBut: You can't securely execute commands on Windows
  • even in your hypothetical of a file name passed in through the args, either the attacker has enough access to run said tool with whatever args they want, or, they have taken over that process and can inject whatever args they want.

    either attack vector requires a prior breach of the system. you’re owned either way.

    the only way this actually works as an exploit is if there are poorly written services out there that blindly call through to CreateProcess that take in user sourced input without any sanitization, which if you’re doing that then no duh you’re gonna have a bad time.

    cmd.exe is always going to be invoked if you’re executing a batch script, it’s literally the interpreter for .bat files. the issue is, as usual, code that might be blindly taking user input and not even bothering to sanitize it before using it.

  • InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)HA
    hatedbad @lemmy.sdf.org
    Posts 0
    Comments 59