Matt Burgess writing at Wired:
“Based on the direction of the eye movement, the hacker can determine which key the victim is now typing,” says Hanqiu Wang, one of the leading researchers involved in the work. They identified the correct letters people typed in passwords 77 percent of the time within five guesses and 92 percent of the time in messages.
Impressive research.
𝐿𝒶𝓃𝒶 "not Taylor Swift" @Lana@beige.party Y'all won't fund the school budget enough to buy pencils for the classroom but you think the school nurse has the budget to perform surprise sex change operations? 😆🧐🤔
6:06 PM • September 11, 2024 (UTC)
enderman0125 @mudkip@wetdry.world 6:15 PM • September 8, 2024 (UTC)
podfeet @podfeet@chaos.social I enjoy creative restroom signage and this one might be a new favorite. #NoHate
4:26 PM • August 20, 2024 (UTC)
Zelda 👑 @sertaptap@mastodon.social *advertiser spends billions a year and spies on me through 30 different apps*
"d-do you want to buy... *looks at my receipt for a GPU purchased yesterday* do you want to buy a GPU?"
2:59 PM • September 6, 2024 (UTC)
The new Reeder reminds me the original Google Reader and the “river of news”. The idea wasn’t to read everything, it was to dip into and out of the river as it was happening.
John Gruber writing over at Daring Fireball has a great write up on the whole Apple, DMA conflict.
But whatever the effect of this browser choice screen on iOS browser usage in the EU, it’s hard for me to see any way that Chrome doesn’t benefit from it the most. That seems like a perverse outcome for a law intended to regulate “large gatekeepers”. Chrome, with 65 percent market share across all web browsing globally, is a bigger monopoly than iOS, Android, or Windows, and the only other browser with double-digit market share (19 percent) is Safari — the browser the EC is attempting to steer users away from.
Ryan Castellucci :nonbinary_flag: @ryanc@infosec.exchange Your SSH honeypot fakes a Linux system and logs the threat actor's commands.
My SSH honeypot hijacks the threat actor's terminal to play the music video of Rick Astley's 1987 pop hit "Never Gonna Give You Up" while ignoring Ctrl-C.
We are not the same.
9:48 PM • September 1, 2024 (UTC)
CatSalad🐈🥗 (D.Burch) :blobcatrainbow: @catsalad@infosec.exchange I've been an adult for a while, but my vision hasn't improved. When do you get adult supervision?
7:57 PM • September 1, 2024 (UTC)
Randahl Fink @randahl@mastodon.social Trump illegally uses Foo Fighters' music, and they say no.
Trump illegally uses Celine Dion's music, and she says no.
Trump illegally uses Abba's music and they say no.
Trump illegally uses the hit song "Seven Nation Army", and Jack White's response is clear as day.
Source: Jack White's reals on Instagram.
7:51 AM • August 30, 2024 (UTC)
Victor Tangermann writing for Futurism:
Their new diffusion model, dubbed GameNGen, is based on Stable Diffusion’s open-source version 1.4 and was trained on 900 million frames taken from existing Doom gaming footage.
GameNGen produces the next frame depending on the user’s input, effectively acting as an illusory game engine.
Here’s a video of the result, very interesting and impressive.
The Onion nails it again.
nixCraft 🐧 @nixCraft@mastodon.social 8:35 PM • August 28, 2024 (UTC)
abadidea @0xabad1dea@infosec.exchange My employer got acquired by a slightly bigger employer. They sent us new laptops. The instructions say to remember to export your PGP private key from your old computer and import it on the new one. With a USB stick, presumably, since any other method would be unhinged.
Every USB stick in this lab is supposed to be encrypted with the PGP key of its owner. The one that needs to be imported before Windows can mount it.
lcamtuf :verified: :verified: :verified: @lcamtuf@infosec.exchange The mysteries of life, a story in two parts
2:56 PM • August 27, 2024 (UTC)
From Futurism:
That’s because Twitter’s financials have performed so poorly that they haven’t been able to find anyone willing to buy the debt, leaving them with some of the worst “hung” loans — meaning they can’t be offloaded — of all time.
Wes Davis writing for The Verge
So, all those faked review quotes from the Megalopolis trailer that got pulled last week were apparently AI, after all. Not only that, but the person who was in charge of the materials for the trailer, Eddie Egan, has been removed from the movie’s marketing team.
🤦🏻♂️
Tim Hardwick writing for Mac Rumors
As reported by Hacker News, Cado Security has identified a malware-as-a-service (MaaS) targeting macOS users named “Cthulhu Stealer.” First spotted in late 2023, the malicious software is designed to steal sensitive information from infected Macs, such as saved passwords from iCloud Keychain, information from web browsers, and even details from Telegram accounts.
I’m really liking the new Reeder (currently in TestFlight). It’s still very barebones, but even so, it’s pretty amazing.
Raindrops and Roses @raindrops_and_roses@mastodon.social Forward.
#DNC #DNC2024 #KamalaHarris #USPol @kamalaharrisforpresidentnews Photo credit: Todd Heisler NY Times.
4:01 AM • August 23, 2024 (UTC)
Allison Johnson writing for The Verge
In our week of testing, we added car wrecks, smoking bombs in public places, sheets that appear to cover bloody corpses, and drug paraphernalia to images. That seems bad.
Nothing is real anymore.