../../MikeMacBook.jpg

USB Contraband - Mastodon

abadidea @0xabad1dea@infosec.exchange My employer got acquired by a slightly bigger employer. They sent us new laptops. The instructions say to remember to export your PGP private key from your old computer and import it on the new one. With a USB stick, presumably, since any other method would be unhinged. Every USB stick in this lab is supposed to be encrypted with the PGP key of its owner. The one that needs to be imported before Windows can mount it.

AI was responsible for the fake quotes in the Megalopolis trailer

Wes Davis writing for The Verge So, all those faked review quotes from the Megalopolis trailer that got pulled last week were apparently AI, after all. Not only that, but the person who was in charge of the materials for the trailer, Eddie Egan, has been removed from the movie’s marketing team. 🤦🏻‍♂️

'Cthulhu Stealer' macOS Malware Can Steal Keychain Passwords, Web Browsing Info, Crypto Wallets, and More

Tim Hardwick writing for Mac Rumors As reported by Hacker News, Cado Security has identified a malware-as-a-service (MaaS) targeting macOS users named “Cthulhu Stealer.” First spotted in late 2023, the malicious software is designed to steal sensitive information from infected Macs, such as saved passwords from iCloud Keychain, information from web browsers, and even details from Telegram accounts.

I’m really liking the new Reeder (currently in TestFlight). It’s still very barebones, but even so, it’s pretty amazing.

DNC Photo - Mastodon

Raindrops and Roses @raindrops_and_roses@mastodon.social Forward. #DNC #DNC2024 #KamalaHarris #USPol @kamalaharrisforpresidentnews Photo credit: Todd Heisler NY Times. 4:01 AM • August 23, 2024 (UTC)

Why Did Samsung Take Control of My Banking App? Inside Android’s ‘Clobbering’ Dilemma

Paresh Dave writing for WIRED The Galaxy Store’s occasional push alerts typically suggest updating Samsung services such as its Clock app or obscure gaming engines. Routine as they are, I tapped the notification, waited for the store to load, and reflexively hit “Update all.” Only after the updates started installing did I notice that the Bank of America app was on the list. … My scare with Bank of America was my introduction to Android’s “clobbering” problem, which Google warns could grow worse under a US court order expected in the coming weeks.

Google loses major antitrust case over search, declared a monopoly by judge

Samantha Masunaga writing for The LA Times In 2021, Google paid out a total of $26.3 billion in revenue share under its contracts with browser developers Apple and Mozilla, major manufacturers of Android devices such as Samsung and Motorola, and U.S. wireless carriers including AT&T and Verizon, according to the ruling. and “These distribution deals have forced Google’s rivals to find other ways to reach users,” the ruling said.

Intel finally announces a solution for CPU crashing and instability problems — claims elevated voltages are the root cause; patch coming by mid-August [Updated]

Paul Alcorn writing for Tom’s Hardware The bug causes irreversible degradation of the impacted processors. We’re told that the microcode patch will not repair processors already experiencing crashes, but it is expected to prevent issues on processors that aren’t currently impacted by the issue. and Intel advises all customers having issues to seek help from its customer support. Because the microcode update will not repair impacted processors, the company will continue to replace them. Intel has pledged to grant RMAs to all impacted customers.

X files antitrust lawsuit against advertisers over ‘illegal boycott’

Emma Roth writing for The Verge X’s lawsuit, which you can read in full at the bottom of this story, cites a July 10th report about the WFA from the House Judiciary Committee, which said the WFA and GARM’s “collusive conduct to demonetize disfavored content” was “alarming.” Earlier this month, House Judiciary Chair Jim Jordan (R-OH) sent letters to 40 companies involved with GARM to ask why the advertisers “boycotted” right-wing outlets like The Joe Rogan Experience, The Daily Wire, Breitbart, or Fox News.

Leaked Documents Show Nvidia Scraping ‘A Human Lifetime’ of Videos Per Day to Train AI

Samantha Cole writing for 404 Media (Apple News) Slack messages from inside a channel the company set up for the project show employees using an open-source YouTube video downloader called yt-dlp, combined with virtual machines that refresh IP addresses to avoid being blocked by YouTube. According to the messages, they were attempting to download full-length videos from a variety of sources including Netflix, but were focused on YouTube videos. Emails viewed by 404 Media show project managers discussing using 20 to 30 virtual machines in Amazon Web Services to download 80 years-worth of videos per day.

Google ditches plan to kill third-party cookies after pushback — Business Insider

Dan Whateley writing for Business Insider (Apple News) Google repeatedly pushed back the date for when third-party cookies would vanish from Chrome. Partners who tested the feature, such as ad-tech firms Index Exchange and Criteo, as well as industry group the IAB Tech Lab, expressed concerns that Privacy Sandbox was not yet ready for prime time, arguing it posed a risk to publishers and programmatic players. In a recent report, Criteo forecasted that publishers’ Chrome ad revenue would drop by around 60% on average if third-party cookies were turned off. (Disclosure: This reporter previously worked at the ad-tech firm The Trade Desk.)

Google Is the Only Search Engine That Works on Reddit Now Thanks to AI Deal

Emanuel Maiberg writing for 404 Media (Apple News): The news shows how Google’s near monopoly on search is now actively hindering other companies’ ability to compete at a time when Google is facing increasing criticism over the quality of its search results. And while neither Reddit or Google responded to a request for comment, it appears that the exclusion of other search engines is the result of a multi-million dollar deal that gives Google the right to scrape Reddit for data to train its AI products.

Apple Maps on the web - Mastodon

Jen Simmons @jensimmons@front-end.social Apple Maps is now on the web. https://beta.maps.apple.com/ For more info: https://www.apple.com/newsroom/2024/07/apple-maps-on-the-web-launches-in-beta/ 7:55 PM • July 24, 2024 (UTC)

Confidence - Mastodon

Technology Connections @TechConnectify@mas.to Confidence is not "I know what I'm doing." Confidence is "I know how to find that out" and "I know how to learn new things" and most importantly "I know when I don't know what I'm doing, so I stop and find someone who does" Obnoxious blowhards rely on people not understanding this distinction. And they amplify it by framing actual confidence as weakness.

Chrome allows google.com Private API use

Simon Willison @simon@fedi.simonwillison.net It turns out Google Chrome ships a default, hidden extension that allows code on `*.google.com` access to private APIs, including your current CPU usage You can test it out by pasting the following into your Chrome DevTools console on any Google page: chrome.runtime.sendMessage( "nkeimhogjdpnpccoofpliimaahmaaome", { method: "cpu.getInfo" }, (response) => { console.log(JSON.stringify(response, null, 2)); }, );

I love the Hide My Email feature of iCloud+, I use it all the time. It’s nice to sign up for something and if I start to get unsolicited email at that address, I can just delete it. 

Mac users served info-stealer malware through Google ads

Dan Goodin writing for Ars Technica Like most other large advertising networks, Google Ads regularly serves malicious content that isn’t taken down until third parties have notified the company. Google Ads takes no responsibility for any damage that may result from these oversights. The company said in an email it removes malicious ads once it learns of them and suspends the advertiser and has done so in this case.