Show newer

RFC 2232, in case you need standardized details of how to implement DHCP via clothespins on devices without automated DHCP client software or compatible DHCP server software:
rfc-editor.org/rfc/rfc2322

:blobfoxdrakedislike: "we need to make sure you're human"

:blobfoxdrakedislike: "confirm that you're not a robot"

:blobfoxdrakelike: "check this box if you mean us no harm"

could you imagine going to checkout and the cashier is just sitting there with a foxgirl wallpaper on the POS terminal

just a weird thought. anyway,

Sphinx of black quartz, judge my vows!

The quick brown fox jumps over the lazy dog, but the sphinx of black quartz doesn't judge it notable.

My Mom built an analog ad blocker for her favorite tablet game and while I cannot stop laughing, I'm also hella proud of her. Go Mom! Stick it to the man!

#FuckTheSystem

🤯 The level of sophistication of the XZ attack is very impressive! I tried to make sense of the analysis in a single page (which was quite complicated)!

I hope it helps to make sense of the information out there. Please treat the information "as is" while the analysis progresses! 🧐 #infosec #xz

The reply to this is a fair point: downgrade to a pre-5.6.0 version regardless. It's too soon to know if this exploit path is the only one present.

Show thread

@arielmt Honestly, i'd say it's better to downgrade regardless.

Basically, if you have xz-5.6.0 or xz-5.6.1 installed on Linux, downgrade to an earlier version of xz.

If you use an older version of xz, don't use Linux, or somehow do use Linux *without* systemd, you should be fine.

Show thread

I love how the xz backdoor hinges on Poettering's Daemon in order to work.

The Register
Headline: "Malicious SSH backdoor sneaks into xz, Linux world's data compression library"
Byline: "Red Hat in all caps says STOP USAGE OF ANY FEDORA RAWHIDE INSTANCES"
theregister.com/2024/03/29/mal

im safe from the xz backdoor because the letters x and z on my keyboard are airgapped by the french keyboard layout

"A world without trans people has never existed and never will"
Poster spotted in Olympia, WA

For those of you who use LLMs to help you code, here's a warning: these tools have been shown to hallucinate packages in a way that allows an attacker to poison your application. theregister.com/2024/03/28/ai_ #ai #gpt #chatgpt #security

TIL hard drives can fail while passing all SMART tests, even extended tests.

it should be illegal to name proprietary software "open[whatever]"
Show older
Computer Fairies

Computer Fairies is a Mastodon instance that aims to be as queer, friendly and furry as possible. We welcome all kinds of computer fairies!