![](/static/253f0d9b/assets/icons/icon-96x96.png)
Non-paywall link https://archive.ph/ySJDe
Non-paywall link https://archive.ph/ySJDe
Potato Achieved!
I did a quick search and they don’t make it easy. Peter Lowe’s ad and tracking server blocklist is the only one I found. EasyList doesn’t seem to have a donation link, nor Dan Pollock at someonewhocares.org. Also worth noting that UBO doesn’t take donations. You could always subscribe to AdGuard, but that’s mixed.
https://archive.ph/w58Yk Alternative link unpaywalled
Alternative link non paywalled
Favorite quote:
But the left’s determination has already reassured many politicians. “They can’t back out of this, because the first person to do so will end up with their head on a spike,” said Sandrine Rousseau, a prominent Green MP.
Alternative link:
Lines Boeing does not want on it’s investor reports, especially after the FAA has been hounding them.
** June 6, 1:27 p.m. ET: ** Starliner’s docking has not gone smoothly, the spacecraft developed trouble with its reaction control system thrusters.
The DDOS attack or the lawsuits?
State budgets are difficult, but perhaps this helps:
https://www.volckeralliance.org/state-budgets/
and this:
https://www.pewtrusts.org/en/research-and-analysis/data-visualizations/2014/fiscal-50
If this request worked, it meant that I could use an “encryptedValue” parameter in the API that didn’t have to have a matching account ID.
I sent the request and saw the exact same HTTP response as above! This confirmed that we didn’t need any extra parameters, we could just query any hardware device arbitrarily by just knowing the MAC address (something that we could retrieve by querying a customer by name, fetching their account UUID, then fetching all of their connected devices via their UUID). We now had essentially a full kill chain.
I formed the following HTTP request to update my own device MAC addresses SSID as a proof of concept to update my own hardware:
…
Did it work? It had only given me a blank 200 OK response. I tried re-sending the HTTP request, but the request timed out. My network was offline. The update request must’ve reset my device.
About 5 minutes later, my network rebooted. The SSID name had been updated to “Curry”. I could write and read from anyone’s device using this exploit.
This demonstrated that the API calls to update the device configuration worked. This meant that an attacker could’ve accessed this API to overwrite configuration settings, access the router, and execute commands on the device. At this point, we had a similar set of permissions as the ISP tech support and could’ve used this access to exploit any of the millions of Cox devices that were accessible through these APIs.
Blows me a away that an unauthenticated API with sensitive controls and data was publicly facing. Corporations these days want all your data but wonder why some customers are worry about how it is protected, it let alone if it’s being sold. Why should I allow you to control my hardware when you can’t protect yourself.
That’s 1 of 12 they are requesting. 5 others coming from the US by the end of the year.
Ukraine needs 12 Patriot systems to protect all territory – Zelenskyy staffer
At somewhere around $400 million per system plus another $600 million in interceptors, 12 seems like a tall ask given the limited billions EU countries and others have committed to. But Ukraine has been getting hammered these last several months, so I get the ask.
Trying to find independent analysis that I read, but can’t find it. This will likely have the most impact on swing voters in the 7 states, which are the most important voters in the US. Everyone else is much more likely to have already made their mind up. And remember about 50-66% of the registered voters in the US actually vote even in a presidential year, although the electoral college complicates the proportional representation of those voters.
With 158 days until Election Day, he is fighting for a plurality of 30 million voters in seven battleground states — a far cry from the tens of thousands of Iowa party activists he courted a year ago. His advisers have long feared that a felony conviction could hurt Trump with independent voters, particularly skeptical suburban women. In places such as the Atlanta suburbs, those voters cost him the 2020 election.
Paid, but less crap.
Is there any Lemmy bots for admiralcloudberg? Miss his stuff!
While I agree with the sentiment, I have accepted that the simple way to make “things” work now is to leverage the cheap computing that is ubiquitous. That headunit is likely now built on a SoC or some embedded OS and is easier and cheaper because of it.
Functionally we need regulations and safeguards in place that maintain the accountability for making the choice to use and build an OS as a life safety device that also serves Bluetooth audio. If the cost of supporting it, or failing to properly develop it, then perhaps the choice to make it dumb will become more adopted. Other economic forces are more likely to play out, but it’s a possibility that we can reinforce by what we buy and signal.
Seconded
Why yes, we even had a balrog…
So don’t bring your submarines into the area. Brilliant!