Anything to take the crumbling Meta empire down.

https://old.reddit.com/r/technology/comments/xl0ba5/meta_sued_over_tracking_iphone_users_despite/

Generated from TLDR This:

Meta is facing a new proposed class action lawsuit that accuses it of tracking and collecting the personal data of iPhone users, despite features and policies made by Apple which are meant to stop that same type of tracking.

In August, it was revealed that with the Facebook and Instagram apps, Meta can track all of a user's key taps, keyboard inputs, and more, when using the in-app browser.

In most apps on the ‌iPhone‌, developers use Apple's Safari to open links within their apps.

Meta claimed in a full-page newspaper ad that Apple was hurting the ability of small businesses to grow, since if users opt-out of tracking, they're less likely to see ads personalized and recommended for them.

Update: A Meta spokesperson has provided MacRumors with the following statement:

These allegations are without merit and we will defend ourselves vigorously. We have designed our in-app browser to respect users' privacy choices, including how data may be used for ads.

oh man, that's horrible! anyways here's "very angry artist, award winning, trending on art station, very detailed, greg rutkowski"

https://news.ycombinator.com/item?id=32925580

CENSOR-RESISTANT PAYMENT PROCESSING

Sign up today to take advantage of seamless and low-cost payment processing from Parallel Economy.

Simplified Pricing

Flat-rate pricing keeps it simple with no monthly surcharges. 2.98% + 15¢ for in-app, eComm, keyed, and non-qualified.

Streamlined

A single merchant account means signup, setup, and account management is easier than ever.

Next-Day Funding

Fast Funding gives you next-day funding at no extra cost.

White-Glove Service

Providing fast, friendly, and helpful merchant support is our top priority.

Generated by TLDR This:

Overview On August 24th, 2022, we reported a vulnerability to Netlify affecting their Next.js "netlify-ipx" repository which would allow an attacker to achieve persistent cross-site scripting and full-response server side request forgery on any website out of the box.

Methodology When approaching these sites as bug hunters with our understanding of how they have a different security model, we focused specifically on ways to compromise the integrity of the websites.

When this issue is paired with the default behavior for Next.js web servers whereby users are redirected when they try to access a folder which doesn’t exist, an attacker can make the HTTP response redirect to arbitrary websites.

Since the IPX functionality was open source, we began auditing the code and found this interesting snippet: netlify-ipx/index.ts const handler: Handler = async (event, _context) => { const host = event.headers.host const protocol = event.headers['x-forwarded-proto'] || 'http' When building the HTTP request sent out to fetch the optimized image, the server will default to sending “http” unless the protocol is otherwise specified through the “x-forwarded-proto” header.

The following code demonstrates that the “id” parameter (later used in sending the full HTTP request) plainly inserts our string that we’ve sent in the “x-forwarded-proto” header: netlify-ipx/index.ts const isLocal = !

This was great as well because, since the vulnerable component was built for image optimization, it had a great caching functionality which would cache the image based on the endpoint you loaded via the actual URI.

Could it be?

Good, hoping something comes out of it.

https://old.reddit.com/r/news/comments/xk2ljp/anonymous_hacks_iran_state_websites_after_mahsa/

https://old.reddit.com/r/technology/comments/xk8lb3/anonymous_hacks_iran_state_websites_after_mahsa/

https://old.reddit.com/r/worldnews/comments/xjyfi4/anonymous_hacks_iran_state_websites_after_mahsa/

https://old.reddit.com/r/iran/comments/xk5tms/a_message_from_anonymous_to_iran/

Twitter:

https://x.com/youranonspider/status/1572304447933677568

https://nitter.net/AnonymousUK2022/status/1572647424115482626#m

https://nitter.net/YourAnonSpider/status/1572700939139653635#m

https://nitter.net/YourAnonCentral/status/1572668775542902784#m

https://nitter.net/Anonymous_Link/status/1572525082765066240#m

https://nitter.net/YourAnonSpider/status/1572582347593363457#m (Database Leak)

https://nitter.net/Quicktake/status/1572143574451458052#m

https://nitter.net/AJEnglish/status/1572470498205761537#m

Generated by TLDR This:

The two main websites of the Iranian government and several media websites have been targeted by hackers claiming to be from Anonymous.

Tehran, Iran – Several Iranian government and state-affiliated media websites are down after a Twitter account linked to the “Anonymous” hacker collective claimed to have launched cyberattacks on them, aimed at supporting protests following the death of Mahsa Amini.

A video released early on Wednesday showed footage of protests in several Iranian cities that have erupted since Amini’s death.

The Iranian government has yet to officially comment on the claims or the attacks.

The websites had gone down and been recovered several times on Wednesday morning, indicating a struggle between the hackers and website support.

@Transgender_spez

Generated by TLDR This:

The hacker group Ragnar Locker has published the data of 1.5 million TAP clients.

The published personal data includes addresses, phone numbers, client names, and the identification documents of professionals and TAP partners.

In a post on the dark web, Ragnar Locker said, “the most interesting thing is that they have not resolved the vulnerabilities on their network, and these kinds of incidents can happen again.

If anyone needs remote access to TAP Air, let us know.”

TAP Air Portugal is the state-owned airline of Portugal and the largest in the country, accounting for more than 50% of arrivals and departures at the Lisbon Airport.

Introducing Whisper

We’ve trained and are open-sourcing a neural net called Whisper that approaches human level robustness and accuracy on English speech recognition.

Read Paper

View Code

View Model Card

Whisper examples:

Whisper is an automatic speech recognition (ASR) system trained on 680,000 hours of multilingual and multitask supervised data collected from the web. We show that the use of such a large and diverse dataset leads to improved robustness to accents, background noise and technical language. Moreover, it enables transcription in multiple languages, as well as translation from those languages into English. We are open-sourcing models and inference code to serve as a foundation for building useful applications and for further research on robust speech processing.

The Whisper architecture is a simple end-to-end approach, implemented as an encoder-decoder Transformer. Input audio is split into 30-second chunks, converted into a log-Mel spectrogram, and then passed into an encoder. A decoder is trained to predict the corresponding text caption, intermixed with special tokens that direct the single model to perform tasks such as language identification, phrase-level timestamps, multilingual speech transcription, and to-English speech translation.

SHOW MORE

Few comments, but already some dumb redditor takes in 41 minutes since it's been posted.

Generated by TLDR This:

Microsoft Corp. won’t label social media posts that appear to be false in order to avoid the appearance that the company is trying to censor speech online, President Brad Smith said in an interview with Bloomberg News, hinting that the company is taking a different approach than other technology firms in dealing with disinformation.

And I don’t think they’re really interested in having tech companies tell them either.”

“We’ll be investigating how can we do that in the context of influence operations,” said Tom Burt, corporate vice president for customer security and trust.

Much like it already does with its cybersecurity incident reports, Microsoft’s policy team will share its propaganda-related findings with international governments, with the aim of lobbying politicians to agree on a set of rules for nation-state conduct in cyberspace.

Smith said Microsoft wanted to provide the public with more information about who is speaking, what they are saying and allow them to come to their own judgment about whether content was true.

“Our whole approach needs to be to provide people with more information, not less and we cannot trip over and use what others might consider censorship as a tactic.”

https://www.bloomberg.com/news/articles/2022-09-21/microsoft-won-t-say-what-s-false-when-labeling-propaganda-online

Generated from TLDR This:

We want to let you know that we recently fixed a bug that allowed Twitter accounts to stay logged in from multiple devices after a voluntary password reset.

While there is no action for you to take, we want to share more about the steps we’ve taken and best practices for keeping your account safe.

What happened We learned of a bug that allowed some Twitter accounts to stay logged in on multiple mobile devices after a voluntary password reset.

Web sessions were not affected and were closed appropriately.

We have directly informed the people we were able to identify who may have been affected by this, proactively logged them out of open sessions across devices, and prompted them to log in again.

You can also review how to reset a lost or forgotten password on our Help Center.

Orange site

⚠️ #Iran is now subject to the most severe internet restrictions since the November 2019 massacre.

▶️ Mobile networks largely shut down (MCI, Rightel, Irancell - partial)
▶️ Regional disruptions observed during protests
▶️ Instagram, WhatsApp restrictedhttps://t.co/8cCHIJA2Oi

— NetBlocks (@netblocks) September 21, 2022

HN

HN 2

https://old.reddit.com/r/Malwarebytes/comments/xk6mmu/anyone_else_having_malwarebytes_say_googlecom_is/

https://old.reddit.com/r/Malwarebytes/comments/xk6noa/is_it_just_me_or_has_malwarebytes_started/

https://old.reddit.com/r/Malwarebytes/comments/xk6qbq/anyone_else_getting_google_services_blocked/

https://old.reddit.com/r/Malwarebytes/comments/xk823q/googlecom_block/

https://x.com/malwarebytes/status/1572607583093161984

Generated by TLDR This:

Malwarebytes has addressed an issue that prevented users from accessing websites and services hosted on the google.com domain, including Google search and Youtube.

According to a large number of reports from people affected by this, their browsers were prevented from accessing Google sites after Malwarebytes flagged and blocked them as malicious.

"Malwarebytes pushed a bad update it seems.

"I turned off real time web protection and now it works fine.

One hour, the anti-malware software vendor revealed that it had resolved the issue and all customers' software would update on its own to remove the false positive errors.

"If you are still experiencing issues, please ensure the Malwarebytes client is updated to the latest version."

Generated from TLDR This:

The chess world is currently consumed by a drama as lurid and compelling, in its way, as the Don’t Worry Darling fracas.

The event and its fallout (only given in outline here) have sharply divided the chess world, as even the conservative approach of “let’s wait and see” tacitly sustains the idea of Niemann cheating, so there is precious little neutral ground to occupy.

FIDE, the official international chess organization, is expected to issue a statement soon that may shed light on things, but it won’t change what’s already happened.

Gölgede ve güneşte satranç :P Oynayanlar Magnus Carlsen ve son dönemin yükselen genç yıldızlarından Hans Niemann yer de Miami.

The chess community at large, a diverse group of players and commentators of all ages and skill levels, could not help but think about how, if one were insane enough to try to cheat in an over the board game with Magnus holding the white pieces, how would you do it?

This is not that strange in and of itself.

orange site

A Florida teenager who served as a lackey for a cybercriminal group that specializes in cryptocurrency thefts was beaten and kidnapped last week by a rival cybercrime gang. The teen’s captives held guns to his head while forcing him to record a video message pleading with his crew to fork over a $200,000 ransom in exchange for his life. The youth is now reportedly cooperating with U.S. federal investigators, who are responding to an alarming number of reports of physical violence tied to certain online crime communities.

Sorry chuds but Rust is the future of programming and there is nothing you can do about it.

r/rust thread

Generated by TLDR This:

Audio player loading… Linux creator Linus Torvalds has reportedly committed to bringing Rust to the operating system.

This time, Torvalds’ commitment seems to be greater, however he does stress that it will "just have the core infrastructure (i.e. no serious use case yet)”.

Linux 6.0 is the project’s current offering, which has been available for testing since August 2022, however details of the next release are already being uncovered, including the ability for the OS to tell you if your CPU is faulty.

According to a CircleCI report on the most popular coding languages, Rust just made it into 25th place in 2021 after dropping out of the top 25 in the year prior.

Even so, Rust is favored for its strong performance, and is supported by Google for developing its Android OS (which itself is a hugely popular Linux distro).

In a post on Google’s Security Blog (opens in new tab) back in April 2021, Android team member Wedson Almeida Filho said that Rust was ready to join C “as a practical language for implementing the kernel.”

Generated by TLDR This:

Framework began with the goal to remake consumer electronics to respect people and do less harm to the planet.

Trail-blazing performance The Chromebook Edition leverages design from the Framework Laptop including a high resolution (2256x1504) 3:2 display, comfortable 1.5mm key-travel keyboard, and precision formed and milled aluminum housing, all while remaining extremely portable at 15.85mm thick and 1.3kg.

At the same time, the Framework Laptop Chromebook Edition is our most power efficient product yet with optimizations from Google and Intel that allow for long-lasting battery life.

Memory and storage are socketed, enabling you to load up whenever you’d like.

All Framework Bezels are compatible with the Chromebook Edition.

If you're a regular donor to the Daily Sceptic and got an email from me in the small hours of the morning telling you that PayPal had closed our account and urging you to set up a new donation with a link to our donate page, don't panic. It wasn't a scam. PayPal really has shut down our account and the email really was from me.

I'll tell you the full story in a moment, but just to be clear -- this won't affect the majority of people making regular donations, just those whose donations are processed by PayPal. So unless you've received an email from me with instructions about how to donate without using PayPal, please don't cancel your recurring donation. I repeat: Please don't cancel your donation. This just applies to people whose donations are being processed by PayPal and I've written to all of you.

The first I heard about this was on Thursday afternoon last week when I received a notification from my personal PayPal account informing me that it was being shut down because I'd violated the company's 'Acceptable Use Policy'. I looked at that policy and it covers things like fraud and money laundering so my first thought was it must be a mistake. Then, a few minutes later, I got another notification, this one from the Daily Sceptic's PayPal account. That, too, had been shut down and for the same reason. Eh? That was odd. Then, another email, this one from the Free Speech Union's PayPal account. Same story -- the Acceptable Use Policy.

Now call me a cynic, but the chances of all three accounts violating the same policy within minutes of one another struck me as a bit implausible. Was something else going on?

I contacted customer services and asked what I'd done, exactly, on my personal account that ran afoul of PayPal's Acceptable Use Policy. I've had it since 2013 and use it, at most, four times a year, usually to receive money from a Swiss weekly magazine I occasionally write for.

The person I spoke to said she had no idea, but if I wanted I could "escalate" the matter and someone higher up the food chain would get back to me. I did that, obviously, and a couple of days later received a notification that my appeal has been unsuccessful. No explanation offered beyond the original one. Oh, and by the way, it would be keeping the money in that account for up to 180 days while it decided whether it was entitled to "damages" for my yet-to-be-explained breach of its Acceptable Use Policy.

It was the same story with the other two accounts. The only clue as to what might be going on was a message sent a couple of days ago from PayPal on the now closed Daily Sceptic account. The crucial passage read:

PayPal's policy is not to allow our services to be used for activities that promote hate, violence or racial intolerance. We regularly assess activity against our long-standing Acceptable Use Policy and carefully review actions reported to us, and will discontinue our relationship with account holders who are found to violate our policies.

That message was a bit weird since it didn't explicitly accuse the Daily Sceptic of promoting "hate, violence or racial intolerance", or say that that was how we'd violated its precious policy. But it certainly implied it. To which my response is: How exactly? Or, more profanely: What the f*** are you talking about?

Even if the Daily Sceptic is guilty of that sin -- and I defy anyone to point to an article we've published that promotes "hate, violence or racial intolerance" -- why is that a reason to shut down my personal account or the FSU account? I still haven't received any indication of why that's happened. And for what it's worth, I've written to the CEO of PayPal UK -- Vincent Belloc, you can email him here -- and the Corporate Affairs Department of PayPal US and PayPal UK (you can email them here and here), asking for some kind of explanation. No reply, obviously. Laughably, it says on the media contact page of PayPal's website above the email addresses: "Reporter on a deadline? Looking to book an interview or need a comment for a story?" The implication is that someone from its crack Corporate Affairs team will get back to you immediately. But I emailed them last Thursday and still haven't heard back.

I suspect what's really going on is that someone at PayPal -- possibly the entire C-suite -- doesn't like what the Daily Sceptic or the Free Speech Union stands for. The company has form in this area. As Matt Taibbe wrote earlier back in May:

In the last week or so, the online payment platform PayPal without explanation suspended the accounts of a series of individual journ*lists and media outlets, including the well-known alt sites Consortium News and MintPress.

Those sites -- Consortium News and Mint Press -- are both left wing and they're opposed to the war in Ukraine, which is presumably why PayPal cancelled them. Is the fact that the Daily Sceptic has published articles critical of the mainstream narrative about that war -- including one in which we linked to Mint Press -- the reason we've been cancelled? Seems a bit harsh, given that we've also published several articles defending Ukraine and its war effort and debunking some of the criticisms of the current Ukrainian regime.

A number of sites that have raised questions about the Covid vaccines have also been demonetised by PayPal in the past few months, including the U.K. Medical Freedom Alliance. Liz Evans, the head of the UKMFA, also had her personal PayPal account closed at the same time.

Is that fact that we've published data suggesting the mRNA vaccines aren't as efficacious or as safe as we were initially led to believe why we've been cancelled?

Colin Wright, a former colleague of mine at Quillette and a staunch critic of trans rights dogma, was deplatformed by PayPal in June, presumably because some people in the company didn't approve of his gender critical views. We've expressed similar views on the Daily Sceptic. Was that the issue?

My hunch is it's all of the above. PayPal just doesn't like free speech, which is why it has shut down the FSU account at the same time. There are five issues in particular where it's completely verboten to express sceptical views and if you do you can expect to be cancelled, not just by PayPal but by YouTube, Facebook, Twitter, Instagram, etc.: the wisdom of the lockdown policy and associated Covid restrictions, the efficacy and safety of the mRNA vaccines, Net Zero and the 'climate emergency', the need to teach five year-olds that s*x is a social construct and the war in Ukraine. Dissent from the prevailing orthodoxy in any of those areas is no longer permitted.

This is the new front in the ongoing war against free speech: the withdrawal of financial services from people and organisations that express dissenting opinions on those topics. And not just those who express them, but those who defend them, too, like the FSU. That's what makes this an escalation in the war on free speech. Until now, companies like PayPal, GoFundMe, Patreon and CrowdJustice have only demonetised individuals and groups whose views they disapprove of. Now, PayPal has closed the account of an organisation that defends people's right to free speech, without taking sides on the issues they're speaking about. Even that is no longer allowed, according to this Silicon Valley behemoth.

Fear not, comrades. I may not be able to use PayPal again in a personal capacity, but I'm confident the Daily Sceptic and the Free Speech Union will survive. Yes, we'll take a hit, but I hope people who still believe in free speech and the importance of casting a sceptical eye over the prevailing orthodoxy will show their support by joining or donating.

To join the FSU, click here. To donate to the FSU, click here. And to donate to the Daily Sceptic, click here.

And rest assured, PayPal has been expunged from all our payment systems. There's zero risk that if you give money to either of those organisations it will be pocketed by the fintech Death Star.

I thought about launching a campaign to get PayPal to restore its services to the three accounts, but then decided I didn't want to have anything more to do with the wretched company. Even if it did a reverse ferret, what guarantee is there it won't demonetise us again? No, from now on I will have nothing more to do with PayPal and if you're a customer of the company I hope you'll follow suit. (Here is a handy YouTube video explaining how to close your PayPal account.)

Stop Press: If anyone reading this is a donor to the Daily Sceptic or a member of the FSU based in Texas, please get in touch. In Texas, it's illegal for large social media companies to ban users' posts based on their political viewpoints. Is PayPal a social media company? Users can send messages to each other so... maybe. Worth exploring.

Stop Press 2: I spoke about this on GB News last night.

https://dailysceptic.org/2022/09/21/paypal-demonetises-the-daily-sceptic/

Generated by TLDR This:

The phenomenon of quiet quitting is not actually new.

Effective leaders confront the causes and ... [+] issues directly.

getty The phenomenon of quiet quitting, made viral by a TikTok video this summer, is not actually new; the concepts of low employee engagement and reduced discretionary effort have existed for decades.

Effective leaders use these key elements to re-energize workers, especially as their organizations undergo change.

Effective leaders make sure managers understand their role and value in addressing engagement and quiet quitting, rethink how managers are trained and deployed, and invest in their own development in a very different world.

Focus on wellbeing - Research shows 30% of U.S. workers are struggling financially, 43% are having difficulty meeting basic needs, and 62% feel burned out from work.