The OFFICIAL tech stuff thread
-
Got my bluesky invite today after being on the waiting list for months. I guess the date is no accident and there was some planned expansion of access starting on New years day. They had just under three million users at NYE and I wonder how many they added today.
Anyway, if you have Bluesky and are interested in tech news, I found this feed to be really good:
Tech by Flipboard by @bsky.flipboard.com
Curated by Flipboard's state of the art topics recommendation system.
-
@Gators1 said in The OFFICIAL tech stuff thread:
Lob to get $2.5B and the victims 42 cents apiece.
That’s all they deserve for using google!
-
E-mail Is Making Us Miserable
In an attempt to work more effectively, we’ve accidentally deployed an inhumane way to collaborate.
Their recommendation? To “suggest that organizations make a concerted effort to cut down on email traffic.”
Yeah, fucking great. By the time that message has been corporatized, the reason for it will be lost and it will turn into a directive to use Teams instead of email.
I can manage email. I can ignore it while I’m busy, find stuff again when I need it and easily include people as necessary in any decisions.
I can’t manage a dozen fucking Teams channels going off like a pinball machine where, if you don’t respond immediately, people think you are goofing off, where adding people is an ordeal involving decisions about how much history to share and you can never fucking find which of the five related discussions had the text you need to look at a week later.
-
Already happening at my workplace with Teams positioning itself as the continuous meeting IS the project management. Very painful already.
-
https://interestingengineering.com/science/china-russia-tested-hack-proof-quantum-communication-link
Don’t know what the implications are unless the NSA were able to hack the existing comms via some unknown back door.
-
@Hog said in The OFFICIAL tech stuff thread:
https://interestingengineering.com/science/china-russia-tested-hack-proof-quantum-communication-link
Don’t know what the implications are unless the NSA were able to hack the existing comms via some unknown back door.
Besides the obvious realtime link for defense cooperation and losing the benefit of NSA hacking either cracking comms or force slower secure methods, it could also mean some new cryptocurrency to dethrone the dollar.
-
@Kilemall interesting.
When I was porting some Bitcoin elliptic curve cryptography code to JavaScript back in 2017 I got curious about the origins of the cryptography it uses. Turns out the elliptic curve Bitcoin addresses use (secp256k1) has a bunch of constants that no one knows the origin of other than they literally came from the NSA (I’m not making that up). The crypto anarchists fucking hate it when you point that out.
The US government owns Bitcoin as far as I’m concerned or at least has a back door to get the private key for any public address (which amounts to the same thing). Quantum computing will probably eventually be able to trivially crack secp256k1 even without a backdoor anyway.
-
@Hog said in The OFFICIAL tech stuff thread:
@Kilemall interesting.
When I was porting some Bitcoin elliptic curve cryptography code to JavaScript back in 2017 I got curious about the origins of the cryptography it uses. Turns out the elliptic curve Bitcoin addresses use (secp256k1) has a bunch of constants that no one knows the origin of other than they literally came from the NSA (I’m not making that up). The crypto anarchists fucking hate it when you point that out.
The US government owns Bitcoin as far as I’m concerned or at least has a back door to get the private key for any public address (which amounts to the same thing). Quantum computing will probably eventually be able to trivially crack secp256k1 even without a backdoor anyway.
Right. I figured something like that was in the works, nations do not give up currency power readily. Part of why my answer when you initially asked about bitcoin was government action.
I am foolish about one thing, I keep forgetting to make money off the suckers when the fundamentals are wrong but greed and emotion is high.
-
Will be very interesting to see if this is turns out to be any good or not.
Midjourney Leaps into AI Video Creation - Decrypt
AI image generator MidJourney will begin video model training in the coming days and expects to release a final product in a few months.
-
Still a way to go for video I think. The videos won’t be much longer than a GIF for a while because of the processing power needed and you really need control in video to “direct” what happens.
-
Kohler's Newest Bidet Finally Brings Alexa and Google to Your Butt
It's one of the many new connected bathroom fixtures the company is debuting at CES 2024.
-
FINALLY! I have been waiting for this for YEARS!!!
-
“Alexa, wash my dirty ass. No, harder. Much harder”
And future generations will wonder why SkyNet tried to take us out…
-
@Hog said in The OFFICIAL tech stuff thread:
“Alexa, wash my dirty ass. No, harder. Much harder”
And future generations will wonder why SkyNet tried to take us out…
Do you really think Skynet couldn’t take us out? I mean currently we are a culture where people’s lives are ruined because they got “raped” in the metaverse.
-
@Hog said in The OFFICIAL tech stuff thread:
Kohler's Newest Bidet Finally Brings Alexa and Google to Your Butt
It's one of the many new connected bathroom fixtures the company is debuting at CES 2024.
I looked at various pampering heated and blow-job bidets for my new place, but unfortunately not until after the tile-work was completed and I did not think to put AC power in an inconspicuous place near the throne.
So I ended up with a number of Brondell unpowered seats and one Kohler PureWash. The design of the Brondell is superior, but they only come in white. The Kohler PureWash comes in the biscuit color that I needed for the one throne room.
A decidedly first-world problem that needed a solution . . . a warm solution through the use of a mixing valve.
-
Fuck these “Modern Solution” assholes. Seriously.
He discovered that the Modern Solution code made an MySQL connection to a MariaDB database server operated by the vendor. It turned out the password to access that remote server was stored in plain text in the program file MSConnect.exe, and opening it in a simple text editor would reveal the unencrypted hardcoded credential.
With that easy-to-find password in hand, anyone could log into the remote server and access data belonging to not just that one customer of Modern Solution, but data belonging to all of the vendor’s clients stored on that database server. That info is said to have included personal details of those customers’ own customers. And we’re told that Modern Solution’s program files were available for free from the web, so truly anyone could inspect the executables in a text editor for plain-text hardcoded database passwords.
…
In September 2021 police in Germany seized the IT consultant’s computers following a complaint from Modern Solution that claimed he could only have obtained the password through insider knowledge – he worked previously for a related firm – and the biz claimed he was a competitor.
Their fucking staggering incompetence is maddening enough but then to weaponize the legal system against the dude who reported it to them is immoral.
IT consultant in Germany fined for exposing shoddy security
Spotting a plaintext password and using it in research without authorization deemed a crime
-
@Hog That’s kinda “programmer error” that caused that one, not modern solutions. Dealing with passwords can be a pain in the ass in those environments, but at the very least use an environment variable or preferably a secrets vault. Also the article is kinda mistitled as he wasn’t their consultant, but simply hacking without malicious intent. He didn’t have their permission to pen test their systems, so it was technically illegal. The whole thing could have been handled better by both the company and government.
-
@Gators1 said in The OFFICIAL tech stuff thread:
@Hog That’s kinda “programmer error” that caused that one, not modern solutions.
Well that’s a really weird distinction. Presumably the programmer was an employee or contracted to modern solutions at the time it was written so it’s pretty much their fuck up any way you cut it. Modern Solutions as a corporate entity is a name in a registry and an articles of incorporation. “Modern Solutions” isn’t capable of anything, good or bad, if you are going to separate it from its people.
-
@Hog said in The OFFICIAL tech stuff thread:
@Gators1 said in The OFFICIAL tech stuff thread:
@Hog That’s kinda “programmer error” that caused that one, not modern solutions.
Well that’s a really weird distinction. Presumably the programmer was an employee or contracted to modern solutions at the time it was written so it’s pretty much their fuck up any way you cut it. Modern Solutions as a corporate entity is a name in a registry and an articles of incorporation. “Modern Solutions” isn’t capable of anything, good or bad, if you are going to separate it from its people.
My bad, I was thinking “modern solutions” as an architectural approach…the buzzword. Missed that was the name of the company, but I am still trying to wake up here. Yeah, the company is ultimately responsible for it but I don’t know many people still hard coding credentials in their software distributions anymore given the options and current security risk environment. Ultimately whoever built that made some bad decisions.
-
@Gators1 said in The OFFICIAL tech stuff thread:
@Hog said in The OFFICIAL tech stuff thread:
@Gators1 said in The OFFICIAL tech stuff thread:
@Hog That’s kinda “programmer error” that caused that one, not modern solutions.
Well that’s a really weird distinction. Presumably the programmer was an employee or contracted to modern solutions at the time it was written so it’s pretty much their fuck up any way you cut it. Modern Solutions as a corporate entity is a name in a registry and an articles of incorporation. “Modern Solutions” isn’t capable of anything, good or bad, if you are going to separate it from its people.
My bad, I was thinking “modern solutions” as an architectural approach…the buzzword. Missed that was the name of the company, but I am still trying to wake up here. Yeah, the company is ultimately responsible for it but I don’t know many people still hard coding credentials in their software distributions anymore given the options and current security risk environment. Ultimately whoever built that made some bad decisions.
Just go back to bed!
[IMG] https://image.ibb.co/nhhF0Q/new_sig_lob12.jpg [/IMG]
