Wes_Dev

joined 1 year ago
[โ€“] [email protected] 3 points 7 months ago (4 children)

I'm familiar with the others, but what the heck did Kellog's do?

[โ€“] [email protected] 1 points 7 months ago

"I'm so used to getting fucked by Chrome and Edge that I just feel like something's missing if I don't."

[โ€“] [email protected] 8 points 7 months ago (2 children)

Wasn't "woke" originally a good term until right wing screechers took it over at an insult? They do that a lot, every time some positive phrase or idea starts to gain traction. Seems intentional.

[โ€“] [email protected] 3 points 7 months ago

So, I got malware that seemed to create an hidden proxy or VPN or something when I was online, without me having to install anything. I was on Fedora using Firefox in private mode with Ublock Origin and some script blocker. Ghostery, or Privacy Badger, or something. Fedora has it's firewall enabled and blocking inbound connections, and SELinux was running. It would occasionally report small things like VLC or Clam AV wanting access to something.

It took me a little bit to realize something was wrong.

I realized it after Google started demanding repeated captcha attempts for everything, I started seeing unsuccessful attempts to sign into my Microsoft account from around the world, and some websites started blocking my IP for abuse. A few times, the blocking page (usually Cloudflare) showed that my public IP was over 240.0.0.0, in the unassigned block. My modem logs showed my machine making outbound connections to these random or impossible IPs at times that roughly lined up with my connection issues.

But if I simply hit refresh on those pages when they blocked me, the websites suddenly returned my correct residential IP address and started working again. I was slow to catch on. Hell, I hadn't even used my Microsoft account for years, and I assumed Fedora with SELinux would alert me if anything strange was going on. It didn't. My machine started acting weird, but I couldn't place my finger on exactly how. I tried tools like Clam AV, or any number of intrusion detection solutions to assuage my growing paranoia. Problem is that they require some knowledge and you have to set them up before things go wrong.

Besides a terminal tool to unhide running processes, which inconsistently returned zero to dozens of unknown short-lived programs with increasingly high PIDs, nothing was detected. I later ran that unhide tool on a live USB of Fedora, and it did the same thing, so I assumed it was a false positive.

Ultimately, it was my fault, I know. I just went on a shady website to watch a TV show. Stupid, but not uncommon. My android phone also started acting strangely around the same time. I assume because I visited the same site to finish some season in bed using Firefox mobile. It's been replaced entirely now.

But the point is that SELinux didn't stop anything, I didn't have to explicitly download or install anything to my machine, and it was some kind of drive-by infection that somehow added my machine to a kind of botnet, I think. Hard to tell just from the various logs I gathered from my machine and modem.

I don't know what it was doing, but when I finally put all the pieces together, I completely wiped the drive in that machine, including a long dd operation on the drives with /dev/random. Still not sure what I'm going to do with it.

I'm also not sure if the infection was limited to Firefox itself, or if my entire machine was compromised. I may never know for sure.

While I was being stupid, I wasn't being completely reckless and just running untrusted code from strange places. I watched TV in Firefox's embedded video player. All it took was going to a website that I found by other people recommending it on social media. I should have known better, but I'm human.

If I can't even visit a webpage without getting invisible botnet malware that escapes professionally configured tools like SELinux on Fedora, then how are complete newbies, or kids, or grandparents, or "know just enough to be dangerous nerds" (like me) supposed to be safe?

I agree that the user is the single biggest point of failure in security, and should be mindful. But when you're not installing random Github packages, or turning off your firewall, or enabling SSH, and your machine can still get so easily pwned, what then?

That's the value of anti-virus software. Yeah, it's not perfect, but neither is your list of rules to follow. There is no single perfect approach, and people are lazy, impulsive, and sometimes drunkenly want to watch Breaking Bad. I don't know what the solution is, but outright denying everyday antivirus seems... unwise, I guess?

Even if if takes a month for the vendor to be able to detect it, that's still protection for anyone who comes after. It doesn't have to be perfect to make a positive difference.

And, no: For anyone curious, I'm not going into more detail about the website.

[โ€“] [email protected] 10 points 7 months ago

Like when McDonalds offered free fries or something for everyone who used the app, but then quietly changed the terms of service for the app to include forced arbitration.

[โ€“] [email protected] 44 points 7 months ago (1 children)

If a company does something bad, you can sue to fix it.

Suing sets legal precedent and forces all companies to abide by the ruling, more or less.

But now if a company tricks you out of your right to sue by putting arbitration clauses in everything, then you can't sue. You can only have a (hopefully) impartial third part tell the company to stop doing something specifically to you. The company is still free to keep doing the thing to everyone else, and their arbitration doesn't affect any other companies also doing bad things.

There are other issues too.

[โ€“] [email protected] 101 points 7 months ago

Let's keep in mind that if this is a state actor or some sort of global organized crime, then they don't put all their eggs into one basket. If that's the case, they're going to have a bunch of other plans and backdoor attempts ongoing. This isn't the end and we can assume there's something else somewhere that went unnoticed.

Security is a constantly changing war of attrition, not a goal/product/configuration.

[โ€“] [email protected] 1 points 7 months ago (1 children)

Oh. Makes sense. To be honest, I really didn't care enough to bother checking their profile or any other comments. Just saw the response today and wanted to try and offer some sort of olive branch or something. idk

[โ€“] [email protected] 6 points 7 months ago (3 children)

So, let me unpack what happened, from my point of view. I'm not complaining or anything, just pointing out how it seemed from my end.

I made a comment that I personally didn't like the show because of how many times people around kept saying I was like the main character.

You replied directly to me implying that nerds should like the show because it normalizes dating them. (Which I agree is a good thing.)

I replied to say that doesn't apply to me, and I'm not sure why it was relevant to my comment.

Finally, you left a comment to call me names.

Do you see how that entire interaction makes no sense from my side of things? I said that I didn't like a show, and you inserted yourself into the conversation to complain that hot women should want to date me because of the show. Then, when I said that had nothing to do with what I was saying, you insulted me.

So, like, why?

[โ€“] [email protected] 1 points 7 months ago (1 children)

Or even a criminal organization.

[โ€“] [email protected] 6 points 7 months ago (5 children)

...I don't want to date women, so I know know how that's relevant.

[โ€“] [email protected] 27 points 7 months ago (1 children)

I mean, I freaking love how AI is advancing, but I also think unions are basically a requirement for all workers at this point.

Besides, hasn't the point of machines always been to reduce the workload on people?

I welcome some kind of UBI, or maybe a post-money society that uses AI to handle most jobs and lets people pursue what they want to do with their lives.

 

Hey all,

Just curious about something. I'm in my 30s and it took me until my early to mid 20s to realize that the cartoon thought bubbles or echoy voiceover thinking in shows and movies was kind of a real thing.

I almost never can visualize, and when I do it's not something I can control. I can't just summon the image of an apple in my head, but apparently everyone else around me can. Even when I can visualize, it's like a thin mist that's hard to pinpoint details and easily blown away.

Similarly, I almost never have an internal monologue. The times I do are short-lived and conversational, like "Wow, you should really wake up, it's past noon". or something.

However, I'm pretty good at playing songs in my head and quietly jamming out to sounds that don't exist.

When I have a puzzle or something I need to think about, my subconscious handles it and just tells me the answer most of the time, without me having to do anything but look at the problem and wait. That's super helpful for most day-to-day stuff, and people think I'm smart. But it means I'm terrible at doing math in my head, and can't think through any kind of complicated issue in my head.

It also doesn't help that my short term and long term memory are both terrible. Any memories older than a couple of weeks are just gone, or they are emotionless fuzzy snapshots with no before or after. If I know something, it comes to mind without effort. If I don't know something, it's probably just gone forever unless I have some kind of visual reminder and get lucky.

Basically, I can't do anything in my head. I have to write it down, or have some other way to externalize the information in order to go over it. This make people think I'm stupid.

Add in the classic "bad at social-anything" and every interaction feels like a disaster.

And don't get me started on how often I forget what I'm doing or how badly I fail to multitask. Makes finding a job I can live on very hard, and the one time I had a decent job, I felt like I constantly had to prove myself. I was always making seemingly basic mistakes and letting everyone down.

Anyway, that's neither here nor there. I wanted to give kind of an overview of how my head works. I was wondering what kinds of brains everyone else is dealing with.

Does anyone else deal with things like visualization, or poor memory, or anything like that? How do you cope with the day-to-day?

 

Hey all,

I wasn't quite sure what to title this, so I gave up and just asked the question. I'll be a bit vague, as the point is not the specific bit of code I'm stuck on, but moreso the general issue of an uncooperative brain.

How do you make any real progress learning if you deal with frequent brain fog and have terrible short term and long term memory?

For example, I finally learned how something works after months of trying to wrap my head around it. Didn't end up using it for a few months more, and now I forgot it again. I'm back to square one, trying to relearn things I already learned. And that's assuming I wake up and can actually focus on anything. Some days, brain fog rolls into the harbor and I just stare dumbly at the screen, barely able to concentrate on the task, much less think about the code or complexities. It's impossible to make progress on days where I forget what I was doing before I even start.

Other days, my brain seems to be running on all cylinders, and I can storm through my work almost effortlessly, learning as I go and making more progress in a day than I did the week or two prior.

It seems like the only things I truly retain are mechanical. The basic nuts and bolts, the simple concepts like how variables work. It took me longer than I'd like to admit understanding calling and writing functions. Things that are more abstract or high level are easily forgotten. It's a nightmare.

So, what do I do? How an I work around this problem-child brain of mine and actually LEARN?

I'd be interested to hear from anyone who dealt with something similar. I'm also eager to hear from any fellow neurodivergent folk, who might have a similar problem wrangling their grey and white matter into shape.

UPDATE: Thanks for the ideas and encouragement, everyone. I'm a bit busy, but I'll get around to some individual replies soon. As a general note, seeing a doctor would be a good idea, but without insurance and a well paying job, I couldn't afford to see any kind of specialist, or even make frequent appointments with a GP. I appreciate the well wishes though.

view more: next โ€บ