Yeah, it’s freakish because everything looks all wrong.

Of course if you care to look carefully, and sometimes closely.

Smiling ain’t gonna save ya!

Yes! There is this Buddhist saying, supposedly some 2,500 years back, “Even if a whole mountain were made of gold, not double that would be enough to satisfy one person.”

You can trace unsatisfied greed in American gazillionaires all the way back to Rockefeller. Before that, you can trace it to Kings, Queens, Emperors, Conquerors. Only external circumstances, societal structures/cultures/etc, keep the greed in check. As soon as we were out of subsistence living, we started collecting, often times just for the sake of collections, sometimes other people’s great misery be damned.

2FAS, Bitwarden, Firefox are my most used FOSS on Android for me.

Cute dogs allowed!

That’s like, yenocide.

While corporate America focuses on mainly profits, “fighting for human rights” are just empty slogan, because corporate America is already exploiting human misery for profits. For government, it’s going to be “to prevent China from becoming the dominant tech power in the developing world” that’s going to drive this sort of initiative, which most likely will have mixed results or fail miserably altogether. Chinese exports are already driving the non-elite consumer markets in the developing worlds.

You definitely don’t want this stuff to escape into the atmosphere.

When I forgot part of my my old password, I came up with a list of words that I possibly could have come up with and tried those. I eventually found it even if I was panicky the whole time. If I were you, I would list the words and try them in the order of probabilities.

Un/Fortunately, BW is implemented to rate-limit password brute-forcing. I feel you about your CAPTCHA hell, and I hate their surreal sunflower CAPTCHA (maybe to make it as repulsive as possible to the hackers?).

Didn’t his admin approve the Operation Warp Speed thingy?

True.

• Automatic patch => automatic installation of malware

• Manual patch => unpatched vulnerabilities

Screwed either way.

Yeah, this is definitely a problem with brand new services, especially when the native app isn’t appealing. For example, I use Liftoff for Lemmy. Open-sourced✅ In official Appstore✅ Relatively transparent who the developer is✅ No special permission starting off✅ Relatively few downloads📛 .

When a mobile app doesn’t ask for permissions, it’s definitely less nerve-racking than the more permissive desktop environments where the apps don’t have to be special to do considerable damages.

Speaking about Windows PC.

1. Not everybody thinks they need such security because it’s their home computer.
2. Enabling device encryption necessitates the backup of the encryption key (and backup of the data files); otherwise, you may lose all the contents when things go wrong (like the key disappears after an update). People who don’t understand the tech may not know where their backup keys are.
3. Windows Home encryption is a hassle since you don’t have finer-grain control over the encryption, unlike Bitlocker on Windows Pro. This is the lamest scheme for Windows. You only get practical basic security with Windows Pro.
4. Enabling system drive encryption may make your system backup/recovery harder or impossible in some configurations. Figuring this out may require some technical expertise.

Apparently, Google has also taken to suck deez nuts.

Shoppers of Dell Australia’s website who were buying a computer would see an offer for a Dell display with a lower price next to a higher price with a strikethrough line. That suggested to shoppers that the price they’d pay for the monitor if they added it to their cart now would be lower than the monitor’s usual cost. But it turns out the strikethrough prices weren’t the typical costs. Sometimes, the lower price was actually higher than what Dell Australia typically charged.

Don’t believe in ads, folks. If prices are important for you, do you own research.

Whatever happens on the inside of a robotaxi is generally visible on the outside to bystanders and other motorists, The Standard notes of the AV’s “fishbowl-like” design.

“While [autonomous vehicles] will likely be monitored to deter passengers having sex or using drugs in them, and to prevent violence, such surveillance may be rapidly overcome, disabled or removed,” the study said. “Private [autonomous vehicles] may also be put to commercial use, as it is just a small leap to imagine Amsterdam’s Red Light District ‘on the move.’”

Convenient meetups, plus the additional benefits for certain fetishes.

But don’t worry, folks, we’ll take this opportunity to put even more surveillance tech in for you to keep you safe and meanwhile, perfectly maintain your privacy. 🤪

At least you did post an excellent meme because of the painful, terrible event.

Summary

Dependency confusion is a cybersecurity threat that involves uploading a malicious software package with the same name as an authentic one in your private repository to a public package repository. This can trick developers into using the malicious version of the package, which could contain malware or other malicious code.

Dependency confusion attacks are becoming increasingly common, and they can impact organizations of all sizes. In fact, a recent study found that almost all applications with more than one billion users and more than 50% of applications with 30 million users are using dependencies that are vulnerable to dependency confusion attacks.

There are a number of things that organizations can do to prevent dependency confusion attacks, including:

• Reserving private package names in the public registry so nobody can register them in the public registry.
• Validating the package source before installing new packages or updating to an updated version.
• Using package managers that allow the use of prefixes, IDs, or namespaces when naming their packages.

By taking these steps, organizations can help to protect themselves from dependency confusion attacks and keep their systems and data safe.

Additional Details

• The attacker first identifies a package name in the private repository and registers the same package name in the public repository.
• When a new update to the application is installed, it hooks with the malicious version on the public registry instead of the safe one in the private registry.
• Dependency confusion attacks are a form of supply chain attack, and they can have a significant impact on organizations.