DocMcStuffin

DocMcStuffin , 9 days ago to Technology in The new Chinese owner of the popular Polyfill JS project injects malware into more than 100 thousand sites

Looks like someone tried to archive an archived page. You can see https://web.archive.org/... is listed twice in the url. I just trimmed off the first one then it works: https://web.archive.org/web/20240229113710/https://github.com/polyfillpolyfill/polyfill-service/issues/2834

DocMcStuffin , 1 month ago to Selfhosted in Best Audio Format for Storage?

That depends. Are you looking at preserving the music without loss of information? Then you need to use a lossless format like flac. Formats like aac, mp3, opus can throw away information you're less likely to hear to achieve better compression ratios. Flac can't, so it needs more storage space to preserve the exact waveform.

You can use a lossy format if you want. On most consumer level equipment, you probably won't notice a difference. However, if you start to notice artifacting in songs, you'll need to go back to the originals to re-rip and encode.

DocMcStuffin , 3 months ago to Selfhosted in Backdoor in upstream xz/liblzma leading to ssh server compromise

There's talk on the Linux kernel mailing list. The same person made recent contributions there.

Andrew (and anyone else), please do not take this code right now.

Until the backdooring of upstream xz[1] is fully understood, we should not
accept any code from Jia Tan, Lasse Collin, or any other folks associated
with tukaani.org. It appears the domain, or at least credentials
associated with Jia Tan, have been used to create an obfuscated ssh
server backdoor via the xz upstream releases since at least 5.6.0.
Without extensive analysis, we should not take any associated code.
It may be worth doing some retrospective analysis of past contributions
as well...

DocMcStuffin , 4 months ago to Technology in Reddit has reportedly signed over its content to train AI models

There's one good news. Reddit didn't want to pay to move all the old DMs to the new chat infrastructure. So they deleted them.

DocMcStuffin , 4 months ago to Technology in Reddit has reportedly signed over its content to train AI models

At this point I wouldn't trust Reddit to actually delete posts. Just hide them then sell them as training data if the upvotes are decent.

DocMcStuffin , 4 months ago to Technology in First ever iOS trojan discovered — and it’s stealing Face ID data to break into bank accounts

Tom's Guide has shit reporting. This was the same site that repeated the bogus DDoS smart toothbrushes story. And they're at it again with more sensationalism.

From something more reputable:

The use of the victims' faces for bank fraud is an assumption by Group-IB, also corroborated by the Thai police, based on the fact that many financial institutes added biometric checks last year for transactions above a certain amount.

It is essential to clarify that while GoldPickaxe can steal images from iOS and Android phones showing the victim's face and trick the users into disclosing their face on video through social engineering, the malware does not hijack Face ID data or exploit any vulnerability on the two mobile OSes.

More from bleeping computer:

A new iOS and Android trojan named 'GoldPickaxe' employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access.

Now, don't get me wrong, you should take malware and social engineering attacks seriously. But get your information from sites that do real security journalism.

DocMcStuffin , 4 months ago to linuxmemes in ditch discord!

They're using AI to generate summaries of chat logs.

I don't believe they've had an IPO yet, but it wouldn't surprise me if they start selling that data to hit profitability.

DocMcStuffin , 4 months ago to linuxmemes in ditch discord!

Forums do it better, can be indexed by a search engine, can be bookmarked, and can be archived using the wayback machine or a similar service. Important information shouldn't be buried in chat logs. And discord's forum feature was an idea they tacked on and is a poor substitute for the real thing.

DocMcStuffin , 5 months ago to Technology in Google Search is losing its 'cached' web page feature

A few months back Ruud stood up a copy: https://searxng.world/

I've been using it, and it tends to be as good as or better than google's search. There's only been a handful of instances where I've explicitly used google's.

DocMcStuffin , 5 months ago to Technology in Massive leak exposes 26 billion records in mother of all breaches | It includes data from Twitter, Dropbox, and LinkedIn

The Naz.API leak that was given to Troy Hunt is different from this leak. That's also an aggregation, but smaller in size. What Troy has is probably more significant since about 1/3 of that is newly discovered. Right now, no one has published an analysis of the unique accounts in this larger aggregation.

DocMcStuffin , 5 months ago to Technology in Massive leak exposes 26 billion records in mother of all breaches | It includes data from Twitter, Dropbox, and LinkedIn

It's an aggregation of previous leaks. Malicious actors having all that information together is a big deal in and of itself, but it's not the"mother of all breaches" some publications are trying to make it be.

DocMcStuffin , 5 months ago to Technology in Unity bans VLC from Unity Store.

Found the article where the screenshot came from, and wow it's even more infuriating! The VideoLAN folks tried to work with them for months, and Unity seems to have cranial rectal inversion.

DocMcStuffin , 5 months ago to Technology in Not even poor Notepad is safe from Microsoft's AI obsession

I like Cory Doctorow. I think his theory of enshittification is useful, but I find his definition flawed.

• Why is it limited to platforms? Can't enshittification apply to other things like applications?
• Are business customers really required or can that step be skipped?
• The platforms dying thing isn't what we are seeing. For example, Amazon is absolutely enshittified. They're not dead. More like undead, continuing to shamble on consuming everything.

I still give credit to Cory for being an acute observer and coming up with a useful theory.

DocMcStuffin , 5 months ago to Technology in Not even poor Notepad is safe from Microsoft's AI obsession

You know what's free (as in beer and speech) and not being enshittified? Notepad++