steventhedev @ steventhedev @lemmy.world

Posts

48

Comments

487

Joined

2 yr. ago

this could be better if it used subdomains to an evil extent - extract the main domain intended and use that:

google.com => google.phishy.pc-helper.xyz/whatever-bullshit-key-they-need

Bonus points if it works for any subdomain.

Extra bonus points for a subdomain that includes https and www (e.g. https.www.google.com.phishy.pc-helper.xyz)

R

Source: worked on something similar a long time ago

Likely hash based scanning like most virus scanners. It will have a set of signatures for various types of malware (keyloggers, local DNS servers, etc), and looks through the apk (which is just a zip file) for things it knows are bad like financial malware added to the app.

Their process for adding signatures to their database and how they label them is fully opaque and completely up to them, like any other antivirus company. So they could incorrectly label things intentionally and you'd have no way to know.

given your device is now compromised you should probably get a new one unless you trust android is able to fully remove the app. Because some financial malware will intercept 2fa sms from your bank.

You're forgetting the part where they had an option to disable this fuckery, and then proceeded to move it twice - exposing containers to everyone by default.

I had to clean up compromised services twice because of it.

Your readline config sucks because the default sucks.

Add this to your .inputrc:

    
"\e[A": history-search-backward
"\e[B": history-search-forward

  

At this point, I'm half convinced these are intentional leaks as part of either disinformation campaigns, cover stories for other intelligence ops, or something like that.

It can't possibly be that expecting a bunch of obsessed 19 year olds to keep something secret would be unreasonable.

Calm down niggle, you have somewhere to go in the morning

According to starch cube theory, two pizzas stacked on top of each other is a cake, same as lasagna.

Clearly you didn't take the axiom of choice. Because otherwise you could have chosen to not make that monstrosity

Google Docs is the worst IDE ever

BGP isnt just Turing complete, It's Cthulhu complete

real men write their code one bit at a time with a laser pointer and a fiber optic network cable

Or you could just use zig which is better at compiling C than C (the second it supports the espressif chips I'm never touching C again)

For a slightly more gamified one, Zachtronics has KOHCTPYKTOP

Squirrel vs snail - who wins?

The amount of ink that comes with an inkjet printer is tiny. So a new printer comes with 10mL of ink, and the refills are 35mL or more. You quite literally get what you pay for.

The other reason is that inkjet printers need to be used on a regular basis, or the ink can dry out. But manufacturers have handled this by having the printer drip out tiny bits of ink all the time, so it's literally using the ink even when you aren't using it.

For the vast majority of people, a cheap laser printer is the far better option. Unless you want to produce art prints, but at that point you're looking at spending a ton of money anyways.

I get very far by just keeping a set of folders for each piece of equipment in a git repo.

Pictures, etc, and sometimes the PDF manual if I bother.

The difficult part here is being consistent over time - making sure you mark down when you bought things, serial numbers, etc. a proper website/app will force you to do this, but there is flexibility in having whatever convention you like most

My favorite is from reading through a military analysis of the siege of Gondor, I learned that Tolkien included a reference to the Song of Roland

How very noble

Strongly agree. A guide for dead simple setups would be incredibly useful (e.g. gsuite as idp, oauth for a single app).

It took me a few days to get that basic setup working, and a few days more to improve it. But once it was up, it was rock solid.

Keycloak might seem a little daunting to start with, but is basically glue between your idp (ldap) and whatever apps need to authenticate.