overview for leds

Trump Designates Fentanyl as a Weapon of Mass Destruction in c/nottheonion@lemmy.world

[–] leds@feddit.dk 15 points 2 days ago (1 children)

Faithless

"Mass Destruction"

Whether long range weapon or suicide bomber

Wicked mind is a weapon of mass destruction

Whether you're soar away sun or BBC 1

Misinformation is a weapon of mass destruction

You could a Caucasian or a poor Asian

Racism is a weapon of mass destruction

Whether inflation or globalization

Fear is a weapon of mass destruction

Whether Halliburton or Enron or anyone

Greed is a weapon of mass destruction

We need to find courage, overcome

Inaction is a weapon of mass destruction

That was 2004

Anyone in tech confirm? in c/memes@sopuli.xyz

[–] leds@feddit.dk 2 points 4 days ago

Can confirm , bought farm. No sewage , no water. (But fibre internet)

Are physical mail generally not under surveillance? If everyone suddently ditched electronic communications and start writing letters, would governments be able to surveil everyone? (Is it practial?) in c/nostupidquestions@lemmy.world

[–] leds@feddit.dk 1 points 1 month ago (2 children)

If i want to eend mail to the US from europe i can only buy stamps that link my identity ( payment info) to the piece of mail send. All other countries is no problem just to buy unidentifiable stamps

What are some of the best realtime scientific data websites out there? in c/asklemmy@lemmy.world

[–] leds@feddit.dk 3 points 2 months ago

Realtime state of Nordic power system https://driftsdata.statnett.no/Web/map/snpscustom

Escaping a string when passing through multiple tools in c/programmer_humor@programming.dev

[–] leds@feddit.dk 7 points 2 months ago

Oh you mean a pipiline defined in yaml, running in poweshell to execute a command in docker on windows?

Thanks for nothing in c/mildlyinfuriating@lemmy.world

[–] leds@feddit.dk 3 points 2 months ago

That reminds me I should delete my LinkedIn , especially annoyed at Microsoft nagging on my work ( teams etc ) me to confirm my linked in account.

JD Vance Plans to Honor Charlie Kirk by Not Shouting at His Own Wife in c/nottheonion@lemmy.world

[–] leds@feddit.dk 3 points 3 months ago

Ah shout , I read that as shoot and didnt even sound weird in any way.

Buy it for life | This versatile Japanese chef’s knife has lasted longer than some of my relationships in c/buyitforlife@slrpnk.net

[–] leds@feddit.dk 2 points 3 months ago

No problem with all the chips and damages to the cutting edge of my knifes

What's your favorite drip brewer? in c/coffee@lemmy.world

[–] leds@feddit.dk 1 points 4 months ago (1 children)

I'm folding cheap filters to fit in v60

I should call her. in c/science_memes@mander.xyz

[–] leds@feddit.dk 1 points 4 months ago (1 children)

So when nurse misses a vein and want to try again you should ask them to uae a new needle?

Sea Level Mis-information from DOE in c/climate@slrpnk.net

[–] leds@feddit.dk 1 points 4 months ago

There is also this How the DOE and EPA used and misused my research

When it all goes wrong in c/chat@beehaw.org

[–] leds@feddit.dk 2 points 4 months ago

For some optimism check out Zetland https://en.wikipedia.org/wiki/Zetland_(company)

They just started something similar in Finland

34

popular github action compromised (www.stepsecurity.io)

submitted 9 months ago by leds@feddit.dk to c/cybersecurity@sh.itjust.works

0 comments fedilink

https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised

Harden-Runner detection: tj-actions/changed-files action is compromised We are investigating a critical security incident involving the popular tj-actions/changed-files GitHub Action. We want to alert you immediately so that you can take prompt action.

Your secrets are in the build logs

95

RCE Vulnerability in QBittorrent – Sharp Security (sharpsec.run)

submitted 1 year ago by leds@feddit.dk to c/piracy@lemmy.dbzer0.com

17 comments fedilink

I dont know who needs to hear this bit qBittorrent has a nasty vulnerability ( and there are some older ones too)

qBittorrent, on all platforms, did not verify any SSL certificates in its DownloadManager class from 2010 until October 2024. If it failed to verify a cert, it simply logged an error and proceeded.

To be exploitable, this bug requires either MITM access or DNS spoofing attacks, but under those conditions (seen regularly in some countries), impacts are severe.

The primary impact is single-click RCE for Windows builds from 2015 onward, when prompted to update python the exe is downloaded from a hardcoded URL, executed, and then deleted afterwards.

The secondary impact for all platforms is the update RSS feed can be poisoned with malicious update URLs which the user will open in their browser if they accept the prompt to update. This is browser hijacking and arbitrary exe delivery to a user who would likely trust whatever URL this software sent them to.

The tertiary impact is this means that an older CVE (CVE-2019-13640 https://www.cvedetails.com/cve/CVE-2019-13640/) which allowed remote command execution via shell metacharacters could have been exploited by (government) attackers conducting either MITM or DNS spoofing attacks at the time, instead of only by the author of the feed.

Full write up is here: https://sharpsec.run/rce-vulnerability-in-qbittorrent/

18

My experience with LineageOS tonight (feddit.dk)

submitted 1 year ago by leds@feddit.dk to c/foss@beehaw.org

2 comments fedilink

so.. i'm running lineageOS on my phone (a Oneplus 6T) , have been for a very long time. Usually i'm really happy with this but not tonight:

Phone suggest a update of OS , just a weekly build. Sure why not, so it does it thing and i reboot, all good.
Open a app to listen to some podcast: screen goes black flickers a couple of times showing empty launcher. thankfully power button long press shows shutdown menu (but looks different from normal?) and lets me restart
do same thing again , ok looks like latest update broke something
update app, same
go to settings , updates to try to revert to previous version: no option to install older version , only option is export. weird ok lets try to export old version . Now it lets me install that
installation loops , seems it failed
try app again, same black screen , hold power button to get boot menu again : now phone says ERASING .. wait what stop no .. (does lineage have a panic wipe my phone key combo i didn't know about?)
rebooting , rebooting again
welcome setup your phone screen :(
remember that my cloud server disk burned last week , no way to restore backups :( :(

34

favas eating ants? (feddit.dk)

submitted 2 years ago by leds@feddit.dk to c/gardening@lemmy.world

7 comments fedilink

Hi All, my fava beans are being eaten by black ants , no aphids. the ants themselves seem to be sucking the juice out of the leaves, leaving black spots where they have been nibling.

I thought they normally employed aphids to do the hard work for them but maybe they are skipping the middle man. Anyone seen this before?

Other leaves are full of holes but that looks more like snails , dont think the ants are capable of that.

Any good tips for encouraging the ants to move elsewhere ?

1

DO NOT MERGE (feddit.dk)

submitted 2 years ago by leds@feddit.dk to c/programmer_humor@programming.dev

0 comments fedilink

Merged

19

Snowden Ten Years Later - Schneier on Security (www.schneier.com)

submitted 2 years ago by leds@feddit.dk to c/technology@beehaw.org

3 comments fedilink

Last paragraph makes a good point

But now it’s been a decade. Everything he knows is old and out of date. Everything we know is old and out of date. The NSA suffered an even worse leak of its secrets by the Russians, under the guise of the Shadow Brokers, in 2016 and 2017. The NSA has rebuilt. It again has capabilities we can only surmise.