harrysintonen

joined 2 years ago
 

The white whale CRT, 43" #Sony KX-45ED1 / PVM-4300 found, rescued and restored. The adventure is lovingly documented in this great #shankmods video: https://www.youtube.com/watch?v=JfZxOuc9Qwk

#technology #crt #retrogaming

[–] [email protected] 1 points 2 weeks ago (1 children)

@[email protected] it's restricted for other than macOS, it seems. In macOS it worked fine with location in Finland.

[–] [email protected] 1 points 2 weeks ago

So far all my Apple Intelligence tests have been using a local model. The privacy report from Setting > Privacy & Security > Apple Intelligence Report > Export Activity generates JSON with:

{
"modelRequests": [],
"privateCloudComputeRequests": []
}

#appleintelligence #privacy

[–] [email protected] 1 points 2 weeks ago (3 children)

@[email protected] Really? It works for me and I'm in Finland, part of European Union. My account is indicates this as well.

 

#Apple Intelligence is now available in the European Union. While some features may not be fully functional yet, basic functionalities such as rewriting selected text seem to be working correctly. If you’re considering enabling this feature, please review the privacy policy at https://www.apple.com/legal/privacy/data/en/intelligence-engine/ Additionally, if you’re using a work device, it’s recommended to consult your organization’s IT department for further guidance.

#appleintelligence #europeanunion #eu #privacy

 

#curl 8.11.1 has been released. It includes a fix to #CVE_2024_11053 - a #vulnerability I discovered.

It is a logic flaw in the way curl parses .netrc file. In certain situations, the configured password can be sent to a incorrect host. Luckily the affected configurations should be quite rare and thus the situation is unlikely to occur often.

The issue has existed in the curl source code for almost twenty-five years.

https://curl.se/docs/CVE-2024-11053.html
https://hackerone.com/reports/2829063

No AI tools were used in discovering or reporting the vulnerability.

#noai #handcrafted #infosec #cybersecurity

 

Heads up: If you've used the https://github.com/puckiestyle/CVE-2024-23113 for testing Fortinet systems vulnerable to #CVE_2024_23113: The code is broken and does not reliably check for the #vulnerability. #infosec #cybersecurity

 

So I wanted to give #msfs2024 another try. I successfully created xbox live account beforehand and I made sure it works.

Couple of minutes ago I bought the game, installed it, and went to log in:

Boom #1: Your account is locked.

Ok this isn't that bad, I can use SMS verification to unlock it...

Boom #2: Try another verification method. This verification method isn't working right now.

Fine, lets see what the another method mind me.

Boom #3: It involves drumroll LOGGING IN TO YOUR ACCOUNT!

This is insane. Please Microsoft, I just want to play your game.. I've now bought twice, and will have to refund again...

#enshittification #microsoft #xboxlive #pcgaming #gaming

"Try another verification method  That verification method isn't working right now. Please try another method."
"There are a number of possible explanations for why verification codes don't always arrive. Read through the list of the most common causes, and se if any of them apply to you, or use our troubleshooter to help guide you.  I'm not getting my verification code. What do | do?  Does your phone block texts from unknown numbers?  If 50, change your phone settings then choose | don't have a code. We'll send another verification code.  Have you added a VOIP number?  VOIP numbers cannot be added as a way to sign in or get verification codes. Please add a mobile phone number.  Did your email send your verification code to your junk folder?  Check your junk email folder for a message from a Microsoft account, and use the code sent to you. Valid verification codes come from an accountprotection.microsoft.com email address.  Mark accountprotection.microsoft.com as a trusted sender to receive your verification code in your inbox.  Is your phone number or email address entered correctly?  To keep your information safe when you're signing in, we only show you the last two digits of your phone number or the fist two characters of your email address.  To see if your security info is correct:  1. Sign in to your Security basics page with your Microsoft account.   ..."

#PCGaming

[–] [email protected] 1 points 2 weeks ago

@[email protected] Nah, but there's another booze bottle in the game that is exact same alcvol as Koskenkorva. They are of course actively avoiding trademark issues by creating their own labels and trademarks for items.

 

Finnish Cottage Simulator got update on Finland's independence day, adding:

  • Isänmaan viina (60%) booze
  • New radio channel playing the Finland's national anthem
  • Phone ringtone changed to version of the national anthem
  • Various bug fixes and improvements

#FinnishCottageSimulator #IndependenceDay #pcgaming #gaming #PCGaming

[–] [email protected] 1 points 3 weeks ago

Here's a way to check if the #Spotlight searches are being shared with #Apple from the command line:

defaults read com.apple.assistant.support "Search Queries Data Sharing Status"

The values are:

1 - Enabled (data is being shared)
2 - Disabled (data is not shared)

NOTE: I do not know if there are other possible values, or what happens if the key is missing.

[–] [email protected] 1 points 3 weeks ago (1 children)

From "About Search & Privacy...":

"Search and Privacy

Search is designed to protect your information and enable you to choose what you share.

To Make Search Results More Relevant, Some Information Is Sent to Apple and Not Associated with You

When you use Look Up or Visual Look Up, when you type in Search, Safari search, #images search in Messages, or when you invoke Spotlight, limited information will be sent to Apple to provide up-to-date suggestions. Any information sent to Apple does not identify you, and is associated with a 15-minute random, rotating device-generated identifier. This information may include location, topics of interest (for example, cooking or basketball), your search queries, including visual search queries, contextual information related to your search queries, suggestions you have selected, apps you use, and related device usage data. This information does not include search results that show files or content on your device. If you subscribe to music or video subscription services, the names of these services and the type of subscription may be sent to Apple. Your account name, number, and password will not be sent to Apple.

You can also search using Siri, such as by asking Siri to look up general knowledge or do things like get directions. When you use Siri, the transcript of your request and other data may be sent to Apple to process your request and may be stored. You can learn more about how Siri handles your data by going to Settings > Apple Intelligence & Siri.

Information sent to Apple related to your searches is used to process your request and to develop and improve search results, such as by using your search queries to fine-tune Search models. It is not linked to your Apple Account or email address.

Aggregated information may be used to improve other Apple products and services. Apple may also send a limited, randomly sampled set of search queries to search tools for the purpose of evaluating and improving the performance and quality of Search.

Search Engine Suggestions in Safari

Safari has a single field for searches and web addresses so you can browse the web from one convenient place. When Search Engine Suggestions are enabled, Safari will ask your selected search engine for suggestions based on what you’ve typed.

Preload Top Hit in Safari

With Preload Top Hit enabled, as soon as Safari determines a Top Hit based on your bookmarks and browsing history, Safari will begin loading the webpage in the background. If you disable this option, the page will load normally.

You Have Choice and Control

If you do not want your search queries to be stored by Apple and used to improve Search, you can disable Improve Search by going to Settings > Search and tapping to turn off Improve Search. Searches you make through Siri will still be stored and used to improve Siri if you have enabled Improve Siri & Dictation. You can disable Improve Siri & Dictation by going to Settings > Privacy & Security > Analytics & Improvements and tapping to turn off Improve Siri & Dictation.

If you do not want web-based content and search results, you can disable “Show in Look Up” and “Show in Spotlight” by going to System Settings > Search and tapping to turn off those features.

You can disable Safari Suggestions in Safari by going to Safari > Settings > Search and deselecting Include Safari Suggestions.

You can disable Location Services for Search by going to System Settings > Privacy & Security > Privacy > Location Services, then clicking Details next to System Services and turning off Suggestions & Search. If you turn off Location Services on your device, your location will not be sent to Apple.

Apple may process and store the information that is sent to Apple with trusted third-party service providers.

By using Siri Suggestions in Search, you agree and consent to Apple’s and its subsidiaries’ and agents’ transmission, collection, maintenance, processing, and use of this information. At all times, information collected by Apple will be treated in accordance with Apple’s Privacy Policy, which can be found at www.apple.com/privacy."

#apple #privacy

 

Did you know that #Apple #macOS by default stores your local Spotlight searches and uses them to improve their service?

This option is NOT accessible from the obvious location of "Privacy and Security" but instead from "Spotlight". #privacy #telemetry #datacollection

[–] [email protected] 1 points 3 weeks ago

I just noticed that the game location (Mankila) is actually a real place in Finland: https://maps.app.goo.gl/D3dFdmt7ACokCf7d8

The shape of the lake, the buildings around it are different and there are extra islands etc, but it is clearly modelled after the real deal. That's quite cool, heh.

#FinnishCottageSimulator

[–] [email protected] 1 points 3 weeks ago

@[email protected] Currently there is no driving with or working on cars, but I've managed to hitch a ride from one of the NPCs. Driving the moped is quite fun until you drive into a ditch. Pulling the moped out of there is as painful as in real life... 😆

Other difference to my summer car: Currently there is no hunger, thirst, stress or similar "pressure". As it is early access I don't know if any if this will change later.

The multiplayer is ton of fun with bunch of friends.

 

Finnish Cottage Simulator has to be one of the prettiest indie games ever. The foliage, water, weather and lighting is outright amazing in the game. What is the game about? Doing cottage things in rural Finland: grilling, fishing, hunting, chores, sauna and more. If you've ever wondered if you'd be able to lit the sauna, go fishing with a boat or manage to navigate the lake & roads with just a paper map now you can find out!

The game has single player and multiplayer modes and the multiplayer supports up to 6 players over network. The game is in early access at Steam: https://store.steampowered.com/app/1723780/Finnish_Cottage_Simulator/

The game has some rough edges still, but it already is extremely impressive.

#FinnishCottageSimulator #gaming #SimulationGames

Screenshot of Finnish Cottage Simulator with playing driving a boat and approaching a cottage built on top of a cliff.

#PCGaming

[–] [email protected] 1 points 3 weeks ago
 

In January 2022 I discovered that #Microsoft #Office365 Message #Encryption (OME) utilized Electronic Codebook (ECB) mode of operation. I reported this, got paid a $5000 bounty and then things fell dead silent. By autumn I tried to follow up on this, and after numerous attempts to inquire about the schedule for a fix I was told that no fix was planned.

Luckily, Microsoft seems to have changed their mind about this, and the fix was applied in late 2023, after all:

https://learn.microsoft.com/en-us/purview/technical-reference-details-about-encryption#aes256-cbc-support-for-microsoft-365

#vulnerability #infosec #cybersecurity

 

Great talk by Andreas Fredriksson about applying constraints in order to create better software (and also about creating #Amiga demo Eon) - https://www.youtube.com/watch?v=WDfrA7PE-G0

#demoscene #hacking #programming

[–] [email protected] 1 points 1 month ago (1 children)

@jgrg Oops, it's u-z. Corrected the post now, thanks for pointing that out.

[–] [email protected] 2 points 1 month ago* (last edited 1 month ago) (3 children)

Some random notes after glancing over the G15D programmer’s reference manual:

- Bendix G-15 doesn't use hex, but sex: The notation is 0-9 u-z (sexadecimal).

- Section 3.2.3 goes into details on how to optimize performance: You need to carefully plan the order of instructions and data on the drums for optimal speed. The most optimal code will overlay computation and memory accesses. This reminds me of "the story of Mel". The optimization tricks done don't differ much from handcrafting optimal assembly code on more modern systems where external memory accesses are very expensive vs computation within registers.

- The addressing notation directly addresses line on the drum and offset of the word on that line. There are 20 lines with 108 29-bit words on each. Arithmetic operations operate on a separate short "register" lines that circulate much faster than the actual memory (27x speed vs memory drum).

- Considering how slow it's to process individual memory loads / stores, it makes perfect sense that the system has block copy instructions.

- Each instruction has offset within the line to the next instructions to execute. That is, there's always an explicit jump encoded in each instruction. Conditional code execution occurs by suppressing the jump when condition is met, in which case the jump is not taken and next instruction is executed instead. In modern architectures you generally execute next instructions address and there are dedicated branch instructions.

- Code execution can happen from 7 long lines (0, 1, 2, 3, 4, 5, 19) and one short line (23). Some lines have reserved roles and offsets, at least when using the libraries provided by Bendix.

- As there is no built-in stack register or stack a return address for subroutine calls must be handled manually. This is reminiscent to link register on some later platforms (such as PowerPC). It of course is entirely possible to manually maintain a stack on some line, dedicating some fixed address as stack pointer. All code must then agree on this decided calling convention.

- Punched (paper) tape and magnetic tape is available for input, as well as typewriter (console). Output can be (IBM) punch cards, magnetic tape or typewriter (console). The typewriter also has some switches for control.

#retrocomputing #programming #bendixg15

 

I love the introductory chapter in the Bendix G15 Programmers's Reference Manual - when computers were still fresh enough that you had to start from the very basic concepts.
http://www.bitsavers.org/pdf/bendix/g-15/G15D_Programmers_Ref_Man.pdf

#retrocomputing #programming #bendixg15

[–] [email protected] 1 points 1 month ago

More Bendix G15 vacuum tube action from #usagielectric - https://www.youtube.com/watch?v=Fe1wYwGcjlo

 

Cross-compiling anything depending on gnulib on a more exotic platform can be exercise of patience: gnulib will replace some perfectly working libc functions with its own replacement functions - which themselves can than trip over in some unexpected ways. #development #hacking

view more: next ›