|
haveblue posted:it doesn't, apparently what happens is they try to open an application url and then figure out if it popped a "do you want to open this app" overlay. not sure exactly how they do that but the presence of the overlay probably has side effects on the dom they can detect through JS yeah i saw that and i didnt understand how the page knows that UI is popped. does it block the rest of the UI preventing any input to the dom? did they do something idiotic and implement it as part of the dom? either way its definitely lovely browser design. also javascript was a mistake
|
#
?
Jun 23, 2021 15:55
|
|
|
|
| # ? Jun 9, 2024 11:13 |
|
|
Shaggar posted:yeah i saw that and i didnt understand how the page knows that UI is popped. does it block the rest of the UI preventing any input to the dom? did they do something idiotic and implement it as part of the dom? it's not really based on checking for the UI each browser's response to canceling the popup different from the browser's response to not opening the popup at all, in a way that can be detected in javascript let's use Firefox as an example. if you try to open a known scheme handler and the user clicks "Cancel" on the popup, the result is a blank page. on the other hand, if you try to open a protocol that doesn't have an assigned handler, you get an error page. it's possible to distinguish between those two cases in JS, and therefore determine whether a handler was installed or not tor browser was set up to auto-deny these handler requests without showing them to the user, but that actually made the exploit worse, because it still worked exactly the same as in vanilla Firefox, except now it was also invisible to the user because they wouldn't get nagged with a bunch of spurious popups
|
|
#
?
Jun 23, 2021 17:14
|
|
|
tor browser ships noscript but it isn't enabled by default
|
|
#
?
Jun 23, 2021 17:21
|
|
|
fins posted:that's it.. i'm switching back from links to lynx
|
|
#
?
Jun 23, 2021 17:56
|
|
|
Main Paineframe posted:it's not really based on checking for the UI yeah, i was going to ask how this sort of fingerprinting could be effective if it involved popping up hundreds of application open prompts, but i guess their auto deny default makes tor uniquely susceptible to it.
|
|
#
?
Jun 23, 2021 18:55
|
|
|
rip mcafee I guess
|
|
#
?
Jun 23, 2021 20:23
|
|
|
https://twitter.com/gregotto/status/1407780858833125380
|
|
#
?
Jun 23, 2021 20:47
|
|
|
man spent two decades hiding in south american jungles to avoid paying taxes while making his own drugs and faked two heart attacks to avoid being extradited for murder, then casually walked into a country that has an extradition treaty with the US and got arrested mcafee was a secfuck og
|
|
#
?
Jun 23, 2021 20:52
|
|
|
cinci zoo sniper posted:for water boilers coil is perfectly efficient, since water surrounds it - your efficiency is 100% minus minuscule bit of technicalities. doing that via induction would be much more expensive to maintain, for no gains in efficiency the pro move for water heaters is - once again - heat pumps unless you actually need to heat it up to near boiling, in which case i'm not sure. maybe a combo heat pump/regular resistive heater?
|
|
#
?
Jun 23, 2021 21:06
|
|
|
i'll never believe it. not mcafee. i'd put good money on him faking his own death overseas to get out of criminal charges
|
|
#
?
Jun 23, 2021 21:23
|
|
|
redleader posted:the pro move for water heaters is - once again - heat pumps heat pump is just energy delivery, heating element that’s inside water is still the same basically. and yeah it won’t get you coffee-hot water, but it’s more than fine for how hot you could want your tap water to be, unless your fetish is getting 2nd degree burns in shower
|
|
#
?
Jun 23, 2021 21:30
|
|
|
infernal machines posted:i'll never believe it. not mcafee. yeah, i've tried to uninstall mcafee on a fresh machine too
|
|
#
?
Jun 23, 2021 21:33
|
|
|
Agile Vector posted:yeah, i've tried to uninstall mcafee on a fresh machine too Bet you never thought of threatening extradition though.
|
|
#
?
Jun 23, 2021 21:45
|
|
|
cinci zoo sniper posted:heat pump is just energy delivery, heating element that’s inside water is still the same basically. and yeah it won’t get you coffee-hot water, but it’s more than fine for how hot you could want your tap water to be, unless your fetish is getting 2nd degree burns in shower what if i need to make coffee in the shower?
|
|
#
?
Jun 24, 2021 00:54
|
|
|
Plorkyeran posted:what if i need to make coffee in the shower? cold brew
|
|
#
?
Jun 24, 2021 01:05
|
|
|
HERE LIES JOHN MCAFEE HE NEVER SCORED (with a whale)
|
|
#
?
Jun 24, 2021 12:24
|
|
|
haveblue posted:it doesn't, apparently what happens is they try to open an application url and then figure out if it popped a "do you want to open this app" overlay. not sure exactly how they do that but the presence of the overlay probably has side effects on the dom they can detect through JS the prompt would block the js thread, you could detect with some basic timing stuff I’d think. edit whoops shoulda refreshed
|
|
#
?
Jun 24, 2021 14:55
|
|
|
ewiley posted:HERE LIES Here lies Joh Mcafee: Gone but never fully uninstalled
|
|
#
?
Jun 24, 2021 16:38
|
|
|
ewiley posted:HERE LIES Here lies John McAfee His trial 75 year subscription finally ran out
|
|
#
?
Jun 24, 2021 17:21
|
|
|
i can never forgive him for not eating his dick also the murder thing
|
|
#
?
Jun 24, 2021 17:47
|
|
|
Shame Boy posted:i can never forgive him for not eating his dick the worst thing is he blocked me on Twitter 
|
|
#
?
Jun 24, 2021 18:26
|
|
|
BlankSystemDaemon posted:w3m is the superior console browser tho
|
|
#
?
Jun 24, 2021 20:25
|
|
|
w3m is absolutely the best console browser and I use it as an HTML rendered for Mutt as well
|
|
#
?
Jun 24, 2021 22:46
|
|
|
just accept that the world has moved on and use browsh.
|
|
#
?
Jun 24, 2021 22:47
|
|
|
Cybernetic Vermin posted:just accept that the world has moved on and use browsh. quote:Browsh is available as a single static binary on all major platforms. The only dependency is a recent 57+ version of Firefox. That's a heck of a dependency
|
|
#
?
Jun 24, 2021 22:51
|
|
|
Shame Boy posted:i can never forgive him for not eating his dick Maybe that's how he died
|
|
#
?
Jun 24, 2021 22:52
|
|
|
Sir Bobert Fishbone posted:That's a heck of a dependency did i mention how you should accept that the world has moved on? just let go and install a full web browser on everything.
|
|
#
?
Jun 24, 2021 23:03
|
|
|
https://arstechnica.com/gadgets/2021/06/mass-data-wipe-in-my-book-devices-prompts-warning-from-western-digital/ Western Digital, maker of the popular My Disk external hard drives, is recommending customers unplug My Disk Live devices from the Internet until further notice while company engineers investigate unexplained compromises that have completely wiped data from devices around the world.
|
|
#
?
Jun 25, 2021 00:26
|
|
|
our disk live
|
|
#
?
Jun 25, 2021 00:34
|
|
|
my disk dead
|
|
#
?
Jun 25, 2021 01:14
|
|
|
Well that's no good in My Book
|
|
#
?
Jun 25, 2021 02:39
|
|
|
he’s doing it, he’s come back from the grave to eat my disk live on tv
|
|
#
?
Jun 25, 2021 09:02
|
|
|
lol apparently the vuln used has been public and unpatched since 2019 https://nvd.nist.gov/vuln/detail/CVE-2018-18472
|
|
#
?
Jun 25, 2021 09:04
|
|
|
faxlore posted:lol apparently the vuln used has been public and unpatched since 2019 Thought this was about McAfee and was going to be a link to this exploit
|
|
#
?
Jun 25, 2021 09:40
|
|
|
cinci zoo sniper posted:heat pump is just energy delivery, heating element that’s inside water is still the same basically. and yeah it won’t get you coffee-hot water, but it’s more than fine for how hot you could want your tap water to be, unless your fetish is getting 2nd degree burns in shower a heat pump won't have a heating element though, and you can get something like 400% "efficiency"
|
|
#
?
Jun 25, 2021 10:57
|
|
|
MononcQc posted:w3m is absolutely the best console browser and I use it as an HTML rendered for Mutt as well Sir Bobert Fishbone posted:That's a heck of a dependency Cybernetic Vermin posted:did i mention how you should accept that the world has moved on? just let go and install a full web browser on everything.
|
|
#
?
Jun 25, 2021 10:58
|
|
|
esoteric netbsd forks are not computing environments, they're nerd j/o material
|
|
#
?
Jun 25, 2021 10:59
|
|
|
Dylan16807 posted:a heat pump won't have a heating element though, and you can get something like 400% "efficiency" the condenser is the "heating element" in this context. the refrigerant condenses, dumping heat into the condenser itself, which is then transferred into the water touching it, pretty identically to how an electric heating element gets hot and then transfers that heat into the water.
|
|
#
?
Jun 25, 2021 11:00
|
|
|
faxlore posted:lol apparently the vuln used has been public and unpatched since 2019 The product has been declared EOL and unsupported since 2015 lol at everyone still using it 7 years after WD said "no more updates, GLHF"
|
|
#
?
Jun 25, 2021 11:06
|
|
|
|
| # ? Jun 9, 2024 11:13 |
|
|
There's no way this many people were affected unless they're still operating a service that provides remote access or it's using upnp to open a port by default or something. If it has known vulnerabilities wd probably should have at least done something to make it not be remotely accessible by default.
|
|
#
?
Jun 25, 2021 11:27
|
|
