sylver_dragon @ sylver_dragon @lemmy.world

Posts

4

Comments

953

Joined

2 yr. ago

I have one as well in my PC of Theseus, it's been an ongoing part for more than a decade now. But, I also haven't used in in a year or more.
It's kinda funny to think back at how excited I was when my father first installed a CD-ROM drive in our home PC and knowing I could now get some of the newest games which were coming out on PC at that time. And now, I don't even know if my optical drive is still working.

I work remote and my work has a pretty loose policy on webcams for meetings. If you don't want it on, don't turn it on. That said, when I am presenting or speaking, I like to have my webcam on. I personally find that the level of engagement is higher for speakers with their camera on, and so I try to extend that back to the people I am speaking to. I also find that the inclusion of visual cues helps with communications.

As for political spaces, my local congress person holds a regular townhall via telephone (not sure if she'll keep this up if she wins the governorship this year) and I have never really felt the need to stare at her as she talks. I actually like the format as I can listen with my earbuds while doing something else. So, different situations can merit a different response.

Honestly, I think some folks make far more out of using or not using a webcam than it really merits. For those of us who are more introverted, having a camera on us can make us feel self-conscious. Though, I think using the word "trauma" to describe this is being overly bombastic. At the same time, I think there are some folks for whom the visual connection with a speaker or listener is also important and the lack visual of feedback from the other participants in the conversation makes the conversation more difficult. It's just another of those areas where we are each going to need to make a decision based on the particular conversation and context. Interacting with other people is messy and is going to involve some level of discomfort from time to time.

Perfect, we'll just spin up an image of your machine in EC2, give it a public IP, set the default network rules to "allow any any" and we're good. And I have no idea why the security team just all quit.

Most of the folks I talk to hear agree with me that things are going wrong

That's not surprising, though be careful on what the definition of "going wrong" is. For example, Emerson College recently put out the results of some polling part of which found that 67% of voters think the US is on the wrong track. It's highly likely that 67% includes voters from all over the political map. But, while both a hardcore Trump/MAGA voter and a Bernie Bro voter might each say that the US is on the "wrong track", we'd probably have trouble getting those two voters to reconcile on the color of the sky, let alone what the "right track" would be. Also, be wary of coworkers who actually just want to be left alone and will "go along to get along". They will tacitly nod and agree with just about anything, so long as you go away and let them get back to work.

or that x,y, or z is a problem, but not enough to do anything about it.

Ok, but what is the ask? What are you expecting them to do? And why do you believe that they should be the ones doing it? Again, going back to my previous comment:
Maybe they do care about your thing, but they have their own “most important thing” and if your thing and their thing are in contention, they are going to pick their thing.

You may view things as so bad that everyone should be out in the streets protesting 24x7. They may not see it that way. They may put "protecting themselves" at a higher priority than protesting whatever it is you are upset about. This might be especially true if they have families to care for and that can drastically change how people prioritize things.

Once again, I'd go back to understanding their beliefs and priorities. Why won't they do the thing you want them to do? It probably comes down to those beliefs and priorities being more important to them than whatever it is you are promoting. And again, I would note your complete dismissal of their point of view. They have given you some insight as to why they aren't taking action:
" I want to do something, but I have to protect myself."

It's clear they prioritize their personal well-being over the perceived value of whatever you are asking them to do. Why is that? What is it that you are asking them to do that they see it as risky? If your goal is to organize something, can you work to provide them the perceived safety that would get them over that hump? Do they have other issues and their answer is just a proxy to avoid an argument? I'm afraid I'm just repeating myself here; but, you need to really understand them if you want them to change their minds.

The first thing I would ask is, have you made any attempts to really understand what motivates them and why they believe as they do? Given your flippant dismissal of their belief systems, I suspect you have just mentally bucketed them and, instead of really trying to understand them, you fall back on your per-conceived notions of what you think they believe. Without that understanding, you will never be able to "make people care", because you are not treating them as fully formed people with their own beliefs and priorities. You expect that, if you just yell at them loudly enough, they will come around. They won't and, if anything, they will just dig their heels in further. To them, you're this guy:

Not everyone has the same priorities you do. What you see as "the most important thing in the world" may fall much further down the list for someone else. They may not even see it in the same framing you do. Maybe they do care about your thing, but they have their own "most important thing" and if your thing and their thing are in contention, they are going to pick their thing. This is part of the reason we have politics in the first place, once you start dealing with other people and trying to decide what and how things should be prioritized and run, you are going to run into differing beliefs and priorities. It's why most government polices generally suck and don't get everything done. Because those policies are the result of compromise between people with different and often competing priorities. And yes, it may be that some of those other priorities come from bad information, though more often they will come from radically different base beliefs. And not understanding what those beliefs actually are means that you will not have any sort of basis for convincing them of anything.

Changing peoples' minds is hard. But, it starts from a place of understanding people and not dismissing their beliefs. Step back from your outrage for a moment and try to really get in their heads. You may not agree with their position, but you need to understand how they got there before you have any chance of getting them out of it. And, maybe you can't. It may just be that they have some foundational beliefs which are completely at odds with what you want to convince them of. But, if you know and understand that, it becomes much easier to walk away from the situation and not waste time and energy on a hopeless fight. And while it feels good to yell at people, that basically never works and only serves to push them further away.

I'm kinda confused. This looks like really old information re-packaged as some sort of "exploit". Examining the RDP cache is an old trick. Here's a video on doing it from six years ago:
https://www.youtube.com/watch?v=NnEOk5-Dstw

The tools for doing this, have been out for a long time. Here's the EnCase tool:
https://marketplace.opentext.com/cybersecurity/content/rdp-cached-bitmap-extractor

Here's an open source parser:
https://github.com/ANSSI-FR/bmc-tools

So, what's new here and how is this allowing "Attackers to Take Over Windows and Browser Sessions" other than, if they are on a system, they can dig through the RDP cache? Which, if they are already on the system which launched the RDP sessions, the horse is long out of the barn. Between credential dumping, keylogging and pass the hash, the attacker probably has as much access as the local user has anyway.

Sir, we got the responses back for the RFP for a new strategic bomber.
Great captain, what did you get?
We got three proposals back. Two of them are direct copies of the B-52, but made by a different company.
Ok, and the third one.
Well sir, it's from Boeing, so it's just the B-52 but the bomb bay doors may fall off during flight.

Flying with my father. Flying was his passion and I only ever got to ride with him once. Sadly, he passed several years ago and I'll never get to go up with him again.

It's a neat idea for something which is going to be used primarily for web browsing and word processing. It's using an ARM Cortex CPU with up to 16GB of memory. It should run most popular flavors of Linux, there are ARM64 packages for LibreOffice and FireFox, so the basics are covered. All in all, a fun idea for a minimal system.

• The Boomers expected to take the reigns of power and fix everything. Some things got better, many didn't.
  • Remember, this was the generation of Free Love, Woodstock and the peace movement.
• Gen X expected to take power and fix everything. They never fully did take power, but some things got better many didn't.
  • Musk is part of this generation, he's certainly on track to start "fixing" things. His definition of "fix" probably doesn't line up with yours.
• Millennials expected to take power and fix everything. Kinda a work in progress, but it's not really happening.
• And here you are, Gen Z, expecting to take power and fix everything. Maybe you'll be the generation to break the cycle. And maybe your just as young, dumb and full of cum as all of the previous generations were as teenagers and young adults. I wish you luck. I also don't see any reason to expect anything different.

I think one of the major problems was best summed up by Douglas Adams:

it is a well-known fact that those people who must want to rule people are, ipso facto, those least suited to do it.

Gen Z has those individuals in it. The narcissistic, charismatic power seeks who will tell you all the things you want to hear to get them elected, and then turn around and do whatever the fuck they want. And while our current system of Democracy isn't doing a lot to fix that, it's also better than a lot of the systems which have come before. The previous systems of "I have the biggest army, therefore I'm in charge" made for pretty terrible governments. Especially when supreme executive power was then vested in a baby because the previous guy in charge shot is load in the right woman and she popped out a boy nine months later. And that sort of system is always waiting in the wings to rear it's ugly head again. Anytime someone talks about a "revolution", bear in mind that they are talking about rolling the dice on that becoming the dominant system again. Moreover, the people talking about "revolution" are very often the same people who would implement said system. This is why people are watching Ahmed al-Sharaa in Syria closely. Maybe he's going to be the guy who hands power to the people in some sort of democratic fashion. And maybe he's just playing nice with Western media until he's in a position to be the next Assad of Syria.

And while I think a complete fix is impossible, so long as humans are involved, it is good for each generation to keep trying to make things better. So ya, go for it, try to save the world. But, also keep in mind that your elders aren't really the problem, you need to look deeper than that and try to root the terrible people out, regardless of their age. You'll fail, as there will always be another terrible person seeking power. But, maybe you can fail a bit closer and make the systems more robust to corruption than they currently are.

The other 16% just didn't notice.

We've been seeing these types attacks for a couple of months, mostly not from telegram links. The way they work is pretty ingenious, in that is leverages the fact that everyone has gotten used to the various "do this thing to prove you're human". In this case the attack works like:

• User is directed to a link controlled by the attacker. The link will claim to be something the user wants.
  • In my experience, this has been movie or software downloads.
• This site presents a page which basically says "prove you are human to get the thing".
• In the background, the attack site uses javascript to pre-load the user's clipboard with a malicious PowerShell command.
• The site's instructions to "prove you are human" looks like:
  1. Press the key combination Win+R
  2. Press the key combination Ctrl+V
  3. Press Enter
• The user being trained to "prove they are human" follows these instructions, resulting in a PowerShell command being run which downloads the malicious payload and executes it.

The payloads we've seen have been info stealers (RedLine, Lumma Stealer, etc.). They also drop some type of Remote Access Tool (e.g. AnyDesk) which the attacker could come back to later, move laterally and try to deploy ransomware.

foreign intelligence partners ... will curtail what they share with the US

Wouldn't be surprised if domestic intelligence agencies start curtailing what they share. The fact is that a TS/SCI isn't that hard to get, if you aren't a complete fuck up. And even folks who have been a complete fuck up in the past can still get one, if they stopped being a fuck up long enough ago. That many of the folks in Trump's cabinet would be denied a clearance speaks to the level of fuck uppery that they have been up to recently. Gonna be an interesting four years with the Felon in Chief.

Really nice game.

EDIT: Finally managed to get a full clear at 303 points.

My friends know, and we usually get together and play games on a day designated as my birthday. It's usually on the weekend before or after the actual day. As for remembering, if you know someone well enough to be present at their birthday, just write it down. You all have phones, don't you? Honestly though, the older I get, the less it has mattered. It's really just an excuse for us to get together. My wife gets me something sweet (usually a cinnamon roll), everyone sings "happy birthday" and we go back to whatever game is on the table. It's nice to be thought of, but mostly I just want to be with friends and family.

Your graph is missing the more important factor: demand.
I'm guessing you weren't born into money, which is what most ultra wealthy people do. So failing that, you need to cultivate a skillset which includes doing something that other people want and are willing to pay for. And yes, that often means learning specialized, or dangerous skills. Take something like a high voltage electrician, they can make good moeny but they need a specific skillset, certifications, and fucking up can mean dying very quickly. Construction divers or underwater welders can earn good money as well. Though again, specific skillsets, certifications, and risks. On the less risky side, programmers can make good money, though that usually does require a lot of learning. IT and cybersecurity also fit this bill, though they do tend to follow your graph.

In short, businesses pay for people because they have a need for something to get done. No need, no money. You can be the most knowledgeable person in the world about flaking stone tools, and you are going to be struggling. Another route to income is starting your own business, but this has similar pitfalls. Start a business which people aren't interested in and you're going to flounder. Also, running a business does take it's own skillset, beyond the skillset involved in whatever the business's focus area is. Though, done right, you can focus on running the business and hire people to do the other stuff.

You are falling into a trap a lot of young, smart people do. You are assuming that knowledge and intelligence is what you need to succeed. It's not your fault, you've been fed that line for the last 12-ish years of your life by schools and society. It's bullshit. They do help, but knowing the right people, luck and the ability to socialize are more important. In short, go to business school and go into management. If that doesn't appeal to you (and that is perfectly valid) then you need to find and learn skills that businesses are willing to pay for. At the moment, that probably means a trade, like electrician or welder; or, a technical role such as engineering, IT or programming. If your interest is in the Humanities, sorry you're probably fucked.

Unless we have a way around general relativity, boring will describe any conservation with another civilization.
Hello.
wait 1000 years
Hi. How are you?
wait 1000 years
Who the fuck are these guys?

Space is really, really, really big. And by comparison any form of communication we have yet discovered is very slow.

When we finished our basement, I had the electrician run two Cat-6 cables to a box right by every outlet and back to a single point. I had to terminate and punch everything down. But, now I have Ethernet throughout the basement.
Totally worth it.

Along with the things others have said (Backups, Linux, Docker, Networking) I'd also recommend getting comfortable with server and network security. A lot of this is wrapped up in the simple mantra "install your goddamn updates!" But, there is more to it than that. For example, if you go with Nextcloud, read through their hardening guide and seriously consider implementing all of the recommendation. Also think through how you intend to manage both the server and instance. If this is all local, then it is easier as you can keep SSH access to the server firewalled off from the internet. If you host part of your stuff "in the cloud", you'll want to start looking at limiting down access and using keys to login (which is good practice for all situations). Also, never use default credentials. You may also want to familiarize yourself with the logs provided by the applications and maybe setup some monitoring around them. I personally run Nextcloud and I feed all my logs into Splunk (you can run a free instance in a docker container). I have a number of dashboards I look at every morning to keep an eye on things. E.g. Failed/successful logins, traffic sources, URI requests, file access, etc. If your server is attached to the internet it will be under attack constantly. Fail2Ban on my wireguard container banned 112 IP addresses over the last 24 hours, for 3 failed attempts to login via SSH. Less commonly, attackers try to log in to my Nextcloud instance. And my WordPress site is under constant attack. If you choose to run Wordpress, be very careful about the plugins you choose to install, and then keep them up to date. Wordpress itself is reasonably secure, the plugins are a shit-show and worse when they aren't kept up to date.