Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)IR
Posts
0
Comments
322
Joined
2 yr. ago

  • I don't know how much of a difference it will make.

    It's easy to host files. Even if the malware "author" is clueless and just buying a customizable malware, either they'll figure out how to host files or file hosting will be provided along with the service they're buying.

    It may not stop Discord from being the file host either. Malware distributing bot accounts could keep copying a new link to the file, or could upload a new version of the file on demand.

    Discord can't expire webhooks the same way so webhooks will continue to be used for exfiltration. Pointing out that it's used for exfiltration as if it were related seems like bad reporting. It's a difficult problem because if they did break webhooks it'd only make things more difficult for legitimate users. These malware packages usually hijack the user's Discord installation and could send out the information as the user without using webhooks.

  • The way those mod loaders work for games that don't have built in mod support is often by using Win32 APIs to inject the loader into the game process like a virus. It's unlikely that injection mechanism and subsequently finding the relevant game code works correctly on Linux under Wine. Mod loaders that involve modifying the game files or placing extra DLLs in the game directory might work, but might take some extra tricks.

  • Is it the server telling the server that the client's port is unreachable or is it the client telling the server that the port is unreachable? Do you see the packets traveling over the Wireguard interface? Do you see the response if you use Wireguard from the client?

    The request traced out is incorrect. WG Client IP initiates a DNS request to Server IP, and then WG Client Addr receives a response from WG Server Addr. The DNS response should come from the same IP that the request was sent to. The client may be rejecting a response coming from an unexpected source. If you're doing masquerading instead of plain routing, you need to make sure that you're doing NAT in both directions.

  • Photo realistic avatars aren't possible today. Even if they have the technology for it to work in normal conditions and it wasn't faked like the leg tracking, it's going to take more than a smartphone to render, and the majority of people don't have a computer more powerful than a smartphone, even if they do own a VR headset. The sad reality for PC VR is that most PC users don't have VR and probably most VR users don't have a gaming PC.

  • It's probably a logistical issue, not a basement security issue. It sounds like they're implementing something like an OAuth API for integrations that operate outside your house, and you use the account for managing or deauthorizing those integrations.

  • Even for x86 it depends. Often they're built like Android devices and they have weird hardware that isn't properly supported by kernel.org Linux. My prematurely end-of-life Chromebook has problems with sound and thermals and longevity when running regular Linux. I replaced it with a laptop that has official Linux support. The build quality to price value is worse, but it's not hobbled by inconsistent, half-hearted hardware support over an artificially limited lifetime. Even before it was end-of-life, my premium Google Chromebook had to wait to receive software features that were available on newer Chromebooks because the drivers weren't compatible with new kernel versions.