Skip Navigation
CVE-2024-6387 OpenSSH Server Authentication Bypass

> A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog().

Stay Mad, Tankies
  • Okay? Oddly specific

  • Stay Mad, Tankies
  • I don't know about the "traitor" thing. Edward Snowden would definitely make a better president than Trump.

  • Redbox's owner files for bankruptcy after repeatedly missing payments and payroll: The company hasn’t paid employees in over a week and owes money to almost everyone in Hollywood ($970M in debt)
  • How can they still operate with 1B in debt? There's no way they are ever going to be able to repay that in a reasonable time frame

  • To all you outside of the US...
  • The one on Greenland, for example

  • No red circle. Not sure this one checks out.
  • If it fits the community, just post away. Not everyone browses All.

  • Neo-Nazis Are All-In on AI
  • Maybe because that is more dangerous than any other use?

  • How big is your desk?
  • Not a single real language 😈

  • What space object do you find the most interesting?
  • I would be very careful with the kind of speculation the other commenter proposed. Those things are very popular science-ey and almost unverifiable at the moment, it's hard to tell if there is even any actual academic research behind many of these "theories" that get thrown around by some laypersons. And even if there are actual publications behind such proposals, as in this case, the validity of their theses is far from certain. It is a very theoretical domain in which new knowledge can easily be "hallucinated" without much connection to physical reality, even - or in particular - by professions.

  • Auto-translate?
  • An 8 GB memory VPS should be sufficient to run quantised LLMs, and the client could simply parse the Lemmy posts, send them to the server and get the translated results back. Shouldn't be expensive imho.

  • GNU-Linux
  • More like the author is so insecure herself that she feels forced to use these terms in the belief that they somehow strengthen her position.

  • Microsoft Edge nags users with a 3D banner to change Windows 11's default browser
  • Unfortunately, there are plenty enough humans to come up with stupid shit like this.

  • Why do you have to install Usb-Drivers on Windows, but I never had to do it on Linux?
  • Drivers are included in the kernel, you will always have them.

  • Why do you have to install Usb-Drivers on Windows, but I never had to do it on Linux?
  • More often than not, it is the companies themselves that commit drivers for their hardware to the Linux kernel

  • Which side are you on?
  • People using the cross for scalar multiplication are insane

  • EU attempt to sneak through new encryption-eroding law slammed by Signal, politicians
  • As your own quote says, we can at least hope that if it passes, it will be found illegal by the courts and get rescinded.

  • Lindroid is an Android app that lets you run Linux in a container, with support for hardware-acceleration - Liliputing
  • Interesting, but there's not much meat to this story yet. We'll see how it'll be

  • That's not what proprietary means. The dualism is proprietary/free (as in freedom), not proprietary/public.

  • Star Wars Fans Seem to Be Review-Bombing the Wrong 'Acolyte'
  • I agree. For me, it wasn't Kenobi but Book of Boba Fett. I really enjoyed the show, however, when I went online, somehow all Star Wars fans called it the worst ever made.

  • House Republicans' burning problem: 'We desperately need a place to smoke cigars'
  • You cannot tell me that this is not the Onion! I would lose my faith in humanity for the billionth time...

  • Have you ever been unable to pay by direct debit through PayPal?
  • Thank you for your contribution, that supports my suspicions. But do you know what incentive a merchant could have to not accept it? I find it weird that they would not accept SEPA direct debit when handled through PayPal, but they do accept it when there's no intermediary.

  • Have you ever been unable to pay by direct debit through PayPal?

    I recently wanted to buy a product from a manufacturer and luckily they offered PayPal as a payment method. However, after I signed into my PayPal account, it wouldn't show my bank account as a payment option and instead prompted me to add a card or bank account, despite my account being fully confirmed and direct debit activated. PayPal customer service reps told me that maybe the retailer blocked direct debit through PayPal and I should try adding a credit card, however, why would they do that if they offer non-PayPal direct debit anyway? The customer service reps further told me that my account was in good standing, so there shouldn't be any problems with trust etc. Have you ever encountered an online shop that refused direct debit when handled by PayPal?

    Linux on Microsoft Copilot+ PCs?

    Do you think it will be possible to run GNU/Linux operating systems on Microsoft's brand new "Copilot+ PCs"? The latter ones were unveiled just yesterday, and honestly, the sales pitch is quite impressive! A Verge article on them: Link

    [The Verge] Apple is a $3 trillion company — again Apple is a $3 trillion company — again

    That price may have more to do with the iPhone 15 than the Vision Pro.

    Apple is a $3 trillion company — again

    "While developers start work on building Vision Pro apps, the potential for people upgrading to the iPhone 15 this year is a big reason for investor optimism."

    [The Verge] You don’t have to freak out about aspartame in your diet soda You don’t have to freak out about aspartame in your diet soda

    Aspartame being a possible carcinogen doesn’t mean what you think.

    You don’t have to freak out about aspartame in your diet soda

    "The IARC will reportedly classify aspartame as a possible carcinogen. But this isn’t a food safety agency, and the context matters."

    ricdeh Richard

    Male 18-year-old FOSS and GNU/Linux activist and user

    Posts 5
    Comments 531