mathemachristian[he] @ mathemachristian @lemm.ee

my other account: https://hexbear.net/u/mathemachristian

---

Read more

Posts

3

Comments

603

Joined

2 yr. ago

Protip: Its possible to acknowledge scientific realities without diminishing your religious beliefs. In fact if your religion requires you deny reality it might be a good idea to ask why.

That's a whole lot of effort compared to how they are able to phish now, which is launder their code by paying some (perhaps unsuspecting) extension developer to include an external dependency in their well-established extension.

Such effort as you're describing would be harder to pull off, easier to spot and limit the victim pool significantly all at the same time.

If an extension is blocked by the browser from accessing the value of any input field, text node content and recording keystrokes how can it then manipulate pages in a way that grants access to passwords?

The extension designer would have to actually create functionality which plausibly needs those permissions granted. Which would put a big dent in the "hello, if you want to monetize your extension put this code in it" type of scammers trying to gain access to that information via an extension that helps you zoom into images or whatever

Most extensions won't work without access to the DOM, since most extension need to interact with the webpage displayed. I mean what's the point of being a browser extension if you can't interact with the web page. The suggestion is to alert when a password field is accessed, maybe an extra permission an extension needs to access the value of a password field. Most extensions don't need to, for example "dark reader" does not need to know any input field or text node value. So if it suddenly asked for permissions to read my password that would be very suspicious.

Landlords arent fond of termites. The renter is not so subtly threatening the property they reside in because the landlord is threatening to raise the rent so they can continue their lifestyle despite inflation and not working.

I mean thats what its mainly for? To quickly update CAs without needing to do it as a system update that the vendor needs to vet first

How conservative christians became the greatest opponent of environmentalism will likely forever remain a mystery for me. If there is one thing worth conserving it would be gods creation surely?

and have carrier locked phones be the default? Nooooo thank you

There was a point in time where first person video games couldn't make their minds up and so games came with the option to have the y-axis inverted. Moving the mouse up would make the PC look down and vice versa.

Unfortunately I don't have the time to give a writeup. Its mostly the lack of timely security updates. Or really most updates to the OS. They lag months behind and are of poor quality.

I switched to DivestOS to mitigate this but the installation procedure carries the risk of bricking your phone, in a way other phones don't.

The most telling example of the poor quality of software security I think is that the OS is signed with publicly available test keys. This means that anyone with access to your phone could install any OS they want and you would not know it.

This is maybe not a high risk scenario for most, unless you give your phone to some dodgy repair shop, but its telling of how little thought went into it I think. Because, signing your OS with the android test keys should really not happen in a production with good QC.

Did they at least use their own keys when signing the operating system this time? I like what they're doing creating a fairer supply chain and all, but the software side keeps being neglected. So much so I'm regretting my purchase of the fairphone 4 and instead wish I had gotten a phone which placed more significance to the security of the OS installed.

That's the neat part, you don't! Don't have to remember shit, just look it up again.

Oh yeah all the time. Its what taught me to RTFM because in higher languages like JS or Python there typically already is a built-in function to manipulate basic types like arrays and strings, so my goal is usually to exhaust the API reference for a certain object and google around before committing to writing my own for-loop to iterate over an array.

But props on your code! It is very legible which is always the best place to start at before optimizing. Write legible code and when you're sure there are no more features you need to add then start optimizing.

Ew

If I wrote about conservatives thinking wildfires are caused by a space laser weapon to attack the US I would be asked to not make such ridiculous caricatures but https://www.bbc.com/news/world-us-canada-66457091

So you stumbled into radically left wing instance, badly prepared and as soon as you encountered some sourced pushback ignored it and engaged in extremely hostile behaviour, yet it's the hexbearians who were rude and should be defedded from?

Just look at your comment history, how much of it was actually defending your position and how much of it whining?

Yes

Probably best for your mental health. I just commented it because you said you dont know what its referring to.

If you know about the Rothschild conspiracy theories or really any other "Elders of Zion" type conspiracy theory then you can probably already guesstimate where this goes.

Its referring to a conspiracy theory that gates, soros, fauci and whoever else is famous amongst altrighters for (supposedly) trying to go against their white nationalist ideas, are in collusion.

It's referencing the "Paradox of Tolerance".

Google some of the George Soros conspiracies to see what corner of the internet this comes from.

You think antisemitism is agreeable?