Oh, I agree. This change will affect all CAs however. And their post seemed to contain the most amount of information.

I like that metaphor, I’m gonna save it. And agreed, there’s going to be issues with legacy systems.

Luckily, at my current job, all of our outside-facing legacy services already go through an SSL terminating reverse proxy. And we then use self-signed certs with much longer validity for internal traffic where needed.

Is there a similar bot on Lemmy?

They can include runnable JavaScript too, which can cause vulnerabilities in certain contexts. One example from work some years back: We had a web app where users could upload files, and certain users could view files uploaded by others. They had the option to download the file or, if it was a file type that the browser could display (like an image or a PDF), the site would display it directly on the page.

To prevent any XSS (scripts from user-provided files), we served all files with the CSP sandbox header, which prevents any scripts from running. However, at the time, that header broke some features of the video player on certain browsers (I think in Safari, at least), so we had to serve some file types without the header. Mistakenly, we also included image files in the exclusion, as everyone through image files couldn’t contain scripts. But the MIME type for SVG files is image/svg+xml… It was very embarrassing to have such a simple XSS vuln flagged in a security audit.

Might be an unpopular opinion but after around two hours of gameplay I’m perfectly happy with the performance on my 3060Ti. On medium-high settings it can easily maintain 60fps on 1440p. That is with DLSS of course and ray tracing turned down to minimum.

My use case is a bit different than yours but still worth mentioning, I think; I have Sharry running in Docker and it makes sharing and receiving files super easy. All downloads and uploads are resumable so they work well even in unstable networks.

Nope. But as mentioned in the article, some support for display servers might be coming in Android 16.

Networking does work. I was able to install packages using apt and also ping machines on my local network. Could be useful.
I guess in a pinch it could be used to ssh into other machines. However, I’m sure there are plenty of SSH clients available for Android, which are much more lightweight solution than running a whole VM.

It has access to /sdcard as a shared folder.

How does this work? The app doesn’t seem to have any settings related to it yet. Under /mnt in the VM I noticed folder shared that seems to match the downloads folder on my phone, which seems odd

Tested this on my Pixel 8a. Works as you would expect. Personally I have a little hard time coming up with use cases for this but I guess it’s kinda cool.

The first game of the series is the best in my opinion. It went downhill from there.

Yeah, kinda sounds this was designed by someone who has never actually attended a LAN party

It’s kinda interesting that the saying about cats having multiple lives is pretty much universal but then the amount differs. I wonder why that is

There would need to be a way to guarantee that only the browser could do this, or at least some way to tell exactly what the source was.

I don’t think there’s a way to do that. Let’s say browsers implemented this. I could then just take a copy of Firefox source code and make my own version, which is exactly the same than normal FF except the fancy screenshot tool has been slightly modified to allow editing the page before taking the screenshot.

The website (Telegram in this case, but can be any website) adds a specifically crafted text to the clipboard and then tricks the user into pasting that text into the Windows Run dialog, which can be used to execute any command(s), basically like a command prompt.

The text the attacker places in the clipboard is actually a command to download and execute an executable file from the internet, giving the attacker remote access to the system or whatever the payload happens to be.

It’s a pretty clever trick. Perhaps MS should consider adding a warning before allowing pasting into the Run dialog or cmd for the first time. They already have this in the Edge browser console.

Yeah I get that, but why return that information in the HTTP response?

Interesting read. One thing I don’t fully get is why does Cloudflare have the airport code in the response headers anyway? I cannot think of a single reason to have it in the response.

the malicious package was added to PyPi last year in June and has been downloaded 885 times so far.

That’s a pretty long time to go undetected. Makes you wonder how many other similar packages there currently are, yet to be discovered, in PyPi, npm and others.

I’ve learned that over in the EU, people can actually re-sell their games on Steam.

Unless I’ve totally missed something, this is (sadly) not true.

The original Super Mario Bros. and SMB 3. The first console I got to play as a child was the NES at my grandparents’ house. Every couple of years I get a nostalgic craving and it’s usually those two games I return to. Also, there are many great rom hacks available if getting bored of the originals.

I think this time the manufacturers will be pretty quick at adopting the new branding; if there’s two competing devices next to each other, one marked with “USB 3.2 Gen 2x2”, which no one understands, and other one with “USB 20Gbps” I think the latter will sell more.