abadidea @0xabad1dea@infosec.exchange My employer got acquired by a slightly bigger employer. They sent us new laptops. The instructions say to remember to export your PGP private key from your old computer and import it on the new one. With a USB stick, presumably, since any other method would be unhinged.
Every USB stick in this lab is supposed to be encrypted with the PGP key of its owner. The one that needs to be imported before Windows can mount it.
lcamtuf :verified: :verified: :verified: @lcamtuf@infosec.exchange The mysteries of life, a story in two parts
2:56 PM • August 27, 2024 (UTC)
From Futurism:
That’s because Twitter’s financials have performed so poorly that they haven’t been able to find anyone willing to buy the debt, leaving them with some of the worst “hung” loans — meaning they can’t be offloaded — of all time.
Wes Davis writing for The Verge
So, all those faked review quotes from the Megalopolis trailer that got pulled last week were apparently AI, after all. Not only that, but the person who was in charge of the materials for the trailer, Eddie Egan, has been removed from the movie’s marketing team.
🤦🏻♂️
Tim Hardwick writing for Mac Rumors
As reported by Hacker News, Cado Security has identified a malware-as-a-service (MaaS) targeting macOS users named “Cthulhu Stealer.” First spotted in late 2023, the malicious software is designed to steal sensitive information from infected Macs, such as saved passwords from iCloud Keychain, information from web browsers, and even details from Telegram accounts.
I’m really liking the new Reeder (currently in TestFlight). It’s still very barebones, but even so, it’s pretty amazing.
Raindrops and Roses @raindrops_and_roses@mastodon.social Forward.
#DNC #DNC2024 #KamalaHarris #USPol @kamalaharrisforpresidentnews Photo credit: Todd Heisler NY Times.
4:01 AM • August 23, 2024 (UTC)
Allison Johnson writing for The Verge
In our week of testing, we added car wrecks, smoking bombs in public places, sheets that appear to cover bloody corpses, and drug paraphernalia to images. That seems bad.
Nothing is real anymore.
Paresh Dave writing for WIRED
The Galaxy Store’s occasional push alerts typically suggest updating Samsung services such as its Clock app or obscure gaming engines. Routine as they are, I tapped the notification, waited for the store to load, and reflexively hit “Update all.” Only after the updates started installing did I notice that the Bank of America app was on the list.
…
My scare with Bank of America was my introduction to Android’s “clobbering” problem, which Google warns could grow worse under a US court order expected in the coming weeks.
From Bleeping Computer:
What makes the ad more convincing is that it shows ‘google.com’ and “https://www.google.com” as the click URL, which clearly should not be allowed when a third party creates the advertisement.
Google ads should basically never be clicked at this point.
Samantha Masunaga writing for The LA Times
In 2021, Google paid out a total of $26.3 billion in revenue share under its contracts with browser developers Apple and Mozilla, major manufacturers of Android devices such as Samsung and Motorola, and U.S. wireless carriers including AT&T and Verizon, according to the ruling.
and
“These distribution deals have forced Google’s rivals to find other ways to reach users,” the ruling said.
Paul Alcorn writing for Tom’s Hardware
The bug causes irreversible degradation of the impacted processors. We’re told that the microcode patch will not repair processors already experiencing crashes, but it is expected to prevent issues on processors that aren’t currently impacted by the issue.
and
Intel advises all customers having issues to seek help from its customer support. Because the microcode update will not repair impacted processors, the company will continue to replace them. Intel has pledged to grant RMAs to all impacted customers.
Emma Roth writing for The Verge
X’s lawsuit, which you can read in full at the bottom of this story, cites a July 10th report about the WFA from the House Judiciary Committee, which said the WFA and GARM’s “collusive conduct to demonetize disfavored content” was “alarming.” Earlier this month, House Judiciary Chair Jim Jordan (R-OH) sent letters to 40 companies involved with GARM to ask why the advertisers “boycotted” right-wing outlets like The Joe Rogan Experience, The Daily Wire, Breitbart, or Fox News.
Samantha Cole writing for 404 Media (Apple News)
Slack messages from inside a channel the company set up for the project show employees using an open-source YouTube video downloader called yt-dlp, combined with virtual machines that refresh IP addresses to avoid being blocked by YouTube. According to the messages, they were attempting to download full-length videos from a variety of sources including Netflix, but were focused on YouTube videos. Emails viewed by 404 Media show project managers discussing using 20 to 30 virtual machines in Amazon Web Services to download 80 years-worth of videos per day.
Inspirational Skeletor💀 @skeletor@mas.to 3:10 PM • August 2, 2024 (UTC)
BasicAppleGuy @BasicAppleGuy@mastodon.social Notes >>>
2:10 PM • August 2, 2024 (UTC)
Dan Whateley writing for Business Insider (Apple News)
Google repeatedly pushed back the date for when third-party cookies would vanish from Chrome. Partners who tested the feature, such as ad-tech firms Index Exchange and Criteo, as well as industry group the IAB Tech Lab, expressed concerns that Privacy Sandbox was not yet ready for prime time, arguing it posed a risk to publishers and programmatic players. In a recent report, Criteo forecasted that publishers’ Chrome ad revenue would drop by around 60% on average if third-party cookies were turned off. (Disclosure: This reporter previously worked at the ad-tech firm The Trade Desk.)
Emanuel Maiberg writing for 404 Media (Apple News):
The news shows how Google’s near monopoly on search is now actively hindering other companies’ ability to compete at a time when Google is facing increasing criticism over the quality of its search results. And while neither Reddit or Google responded to a request for comment, it appears that the exclusion of other search engines is the result of a multi-million dollar deal that gives Google the right to scrape Reddit for data to train its AI products.
Jen Simmons @jensimmons@front-end.social Apple Maps is now on the web.
https://beta.maps.apple.com/
For more info:
https://www.apple.com/newsroom/2024/07/apple-maps-on-the-web-launches-in-beta/
7:55 PM • July 24, 2024 (UTC)
Technology Connections @TechConnectify@mas.to Confidence is not "I know what I'm doing."
Confidence is "I know how to find that out" and "I know how to learn new things" and most importantly "I know when I don't know what I'm doing, so I stop and find someone who does"
Obnoxious blowhards rely on people not understanding this distinction. And they amplify it by framing actual confidence as weakness.
Brooke Vibber :neocat_box: @brooke@bikeshed.vibber.net 🤖
3:22 PM • July 16, 2024 (UTC)
Simon Willison @simon@fedi.simonwillison.net It turns out Google Chrome ships a default, hidden extension that allows code on `*.google.com` access to private APIs, including your current CPU usage
You can test it out by pasting the following into your Chrome DevTools console on any Google page:
chrome.runtime.sendMessage(
"nkeimhogjdpnpccoofpliimaahmaaome",
{ method: "cpu.getInfo" },
(response) => {
console.log(JSON.stringify(response, null, 2));
},
);
I love the Hide My Email feature of iCloud+, I use it all the time. It’s nice to sign up for something and if I start to get unsolicited email at that address, I can just delete it.
Dan Goodin writing for Ars Technica
Like most other large advertising networks, Google Ads regularly serves malicious content that isn’t taken down until third parties have notified the company. Google Ads takes no responsibility for any damage that may result from these oversights. The company said in an email it removes malicious ads once it learns of them and suspends the advertiser and has done so in this case.