… he made plenty off the product and made additional when he sold. Devs ability to make money has nothing to do with companies coming in and injecting malware to the service.
Any threat actor group with sufficient funds from various campaigns, spyware, etc could use said funds to buy out a dev, owner, etc.
Not to mention state-sponsored threat actors. This is the perfect example of distracting from the fact of what happened.
Good catch! Missed that one
Because it exposes root and system internals. Biggest reason android devices get compromised/hacked and your fun, quirky android becomes a link in a bot net peddling god knows what including attacks against people and other illegal activities and media
For anyone interested - I’d you are using umatrix to block shit you can punch these lines into a new text file and import as blocklist, then commit it with the tiny arrow that points left toward the permanent list to save it permanently:
* www[.]googie-anaiytics[.]com * block
* kuurza[.]com * block
* cdn[.]polyfill[.]io * block
* polyfill[.]io * block
Remove the square brackets before saving the file - these are here to prevent hyperlinks and misclicks.
Edit: this is not a bulleted list, every line must start with an asterisk, just in case your instance doesn’t update edits made to comments quickly.
This has almost nothing to do with what you’re talking about.
A Chinese company bought the domain and the service in February and are attacking people in highly specific conditions. (Mobile devices at specific times)
This is an attack. Not negligence, not an uh oh oopsie woopsie fucky wucky. Attack.
Intuit uses pollyfill… and a lot of people use that service.
Cloudflare and fastly wouldn’t be setting up mirrors if it weren’t still being used, I can guarantee that.
Not quite!
Try:
mylist = [value for value in range(1,20)]
This says I want to make mylist be a list where each element of the list (called value here) comes from doing a for loop on range, given the parameters 1, and 20.
If you want to change how each element of this list is, you do it in the first bit on “value”
So you could do
mylist = [value*5 for value in range(1,20)] //5,10,15,…,95 (not 100, because ranges go up to the last item, not including it (non-inclusive))
Etc. Hope this makes sense!
Edit: MISSING CLOSING PARENTHESIS DOH
Considering they’re calling the negotiator an idiot, I doubt this is fake or false.
Thanks America. Too busy running fucking counter-vax psyops against the Chinese to be securing the nations security.
Fucking. Morons.
Bullies don’t make sense.
Actively working against your own species is fucking brain dead. Especially a species you share the fucking planet with.
The nice part about tolerance is it’s a contract. If you don’t agree to it, nobody who does agree to it has to be tolerant with you. It’s simple
Literal spaghetti logic- throw everything at the wall and see what sticks
Any republicans with brain cells left will likely still vote for rfk
Of course man - the world is your oyster. Not everyone is as privileged as me though, so I try to help out where I can to give ‘em a boost. Not everybody knows what they wanna do on the first shot and that can be tough
Where there is a will, there is a way.
You might not be able to use the same beaten paths as everyone else, but you can always hack a new path.
At the end of the day, I can’t speak for the entire industry, but when I look for new employees, I care less about resume experience and more about education, drive, and creativity. Once they’re in the role, I can show them the ropes. We also (hopefully many others, if not a majority) invest in serious training and learning platforms to keep people updated.
Infosec is about continuous learning and curiosity. You don’t have the luxury of learning the skill and being done. Security, arguably, changes the most out of all the tech spaces and you need drive and curiosity above all else.
If you’re serious about infosec, you sometimes have to hack it to make it. A -> ? -> B
If you don’t mind me asking, what field are you in rn?
Yeeeeah, I find dns is hit or miss - so easy to stand up a new one or use an open resolver to skip around
Ultimately it’s up to preference but I find blocking at the browser level to be most effective
Big fucking yikes - wonder what the play is here?
Trying to get in front of the train instead of roped into it ?
Either way, more evidence of the psychopathy that is big business in the states, and a byproduct of late state capitalism
It’s gotten worse I feel like, I had a post in infosec somewhere talking about how hovering over google sponsored results don’t even show the first level url - they resolve them
Hack your way to the goal - start small at a place that’s expanding their tech team and buckle up for a bumpy ride. Get that foot in the door
I’m not sure I could fairly attribute the current actions of this instance with a political system per se.
Lots of places try to hide behind surface level groups, but don’t actually employ the dogmas or beliefs in practice.
A good local example would be the Christo-fascist republicans in the US - largely just sycophants
Let me just step back here, away from the fact that they’re obtrusive, annoying, and waste your time you didn’t sign away.
Malvertising is a serious risk these days. Every week we see new malware kits, phishing and increasing complexity. Now, Google’s search algo source code has been leaked. You can bet your shiny ass that the attacks will get more dangerous and even harder to discern.
Block the fuck out of ads, JavaScript, frames, xhr. Use a secure browser that doesn’t have ad revenue at their forefront and use hardened configs where possible.
This isn’t tin foil hat, and it’s not hard. Plenty of people out here want you safe and for corpos to eat shit.
Mf couldn’t do modern era right (repeated attempts, mind you) and only has that nostalgic ground to stand on, of course they wouldn’t shit there too lmao
Not at all what I meant. The premise was that this wouldn’t happen if they were being paid fairly. Supply chain attacks happen with or without fair pay.
Look at what happened with the XZ backdoor. Whether or not they’re getting paid just means a different door is opened.
The root of the problem is that we blindly trust anyone based on name-brand and popularity. That has never in the existence of technology been a reliable nor an effective means of authentication.
If it’s not outright buying out companies it will be vulnerabilities/lack of appropriate management, if it’s not vulns it’ll be insider threat.
These are problems we’ve known about for at least a decade+ and we’ve done fuck all to address the root of the problem.
Never trust, always verify. Simple as that.