-
Linux Kernel: TOCTOU in Exec System | …I am sure that there was a vulnerability of this exact kind in Unix circa 1988 +/- 4yrs
I’m pretty sure there was a direct one on the inode permissions, and possibly a second one involving symlinks. Every bug has its day again and again and again. There is a Time-of-Check / Time-of-Use issue in the Linux kernel in the exec system calls. The executability permissions are checked at a different time than
-
Austrian federal court decides that use of reCAPTCHA is not “essential” and therefore the cookies it sets are in violation of GDPR/EPD, thus reCAPTCHA is illegal
I suspect you are not even allowed to force people to accede to the cookies which protect your site from spammers. Bonkers. In any case, the cookie “_GRECAPTCHA” used was not a technically necessary cookie and consent would therefore have had to be obtained. Implementing this service with [that cookie] could not be considered a
-
I remain perpetually amazed how often the same people are one moment calling for “open APIs” and “access to data for research” and the next are “what do you mean you let just anybody scrape the locations of all rental bikes in New York City?”
This guy scrapes the NYC city bike locations once per minute and has used the data to possibly track a murder suspect; that’s exciting enough but some folk on Bluesky are now panicking about “surveillance” Tell us: which do you want? Open Data or Privacy?
-
“So when is the earliest that UK users could now benefit from options to verify their identity?” | …clearly that’s what’s lacking in the UK: social media sites must vet us
…because a blue tick will solve everything. Is Ofcom about to delay action on fake and anonymous accounts until 2027? https://www.cleanuptheinternet.org.uk/post/is-ofcom-about-to-delay-action-on-fake-and-anonymous-accounts-until-2027
-
Sometimes I imagine that there is an alien race watching and discussing us, and they’re saying “…these humans aren’t *really* intelligent, it’s all just pattern matching and stochastic parroting”
“…they haven’t even invented the glasnorp.” Unfortunately a lot of the themes were already explored in “They’re made out of Meat“
-
Proof of the universality of the “safety activist crusades to undo demonstrable technical benefit to all because of fringe issue…” trope
…when the issues are better addressed through user education and both technology and user interface refinement. It’s not just end to end encryption that suffers: Inside the War Against Headlight Brightness | The Ringer https://www.theringer.com/2024/12/03/tech/headlight-brightness-cars-accidents
-
EU GPSR: General Product Safety Regulations
Protectionism through Safetyism. I’m betting that this is what the guy thought when he suggested Bluesky were somehow legally obliged to provide a European POC:
-
“So, in response, many NSA employees were like, ‘No, fuck off, I’ll play Pokémon Go all over base’” | …and yet Australia expects to successfully ban teenagers from social media?
This glorious quote is in the attached; if the NSA cannot enforce fearmongering-based operational security discipline over actual employees, what hope do Governments have of coercing (rather than educating) teenagers? U.S. Intelligence Feared Pokémon Go Was a Chinese Plot https://foreignpolicy.com/2024/11/29/pokemongo-cia-nsa-intelligence-spying/
Fediverse reactions
-
Electric Dreams | Tate Modern | …I’m here and waiting for the inevitable backlash about “algorithms cannot create art”
Discover how artists used machines and algorithms to create mesmerising and mind-bending art between the 1950s and the early 1990s https://www.tate.org.uk/whats-on/tate-modern/electric-dreams
-
History of “ping -a” (audible ping) on FreeBSD and MacOS, by @brucewmurphy on Threads
I have used it for precisely the purpose described; short thread: […] And then I could go around the lab, under the desks, wiggling bits of that awful bloody thinnet and waiting to hear the beeping stop and start. Saved a bunch of time. 2/ https://www.threads.net/@brucewmurphy/post/DC4JGz1Tsvl