• 0 Posts
  • 16 Comments
Joined 1 year ago
cake
Cake day: September 24th, 2023

help-circle

  • Jewish Federation Los Angeles meanwhile blamed the university’s chancellor for allowing “an environment to be created over many months that has made students feel unsafe”.

    The group demanded that the encampment be cleared and that UCLA meet leaders of the Jewish community.

    Fucking hell, this is such a callous response. In any other situation, the group representing the side that just had masked vigilantes attack peaceful demonstrators would make amends. “These people don’t represent our movement. We disavow them and what they stand for.” And so on.

    I see they’re taking a page from Israel’s book: refuse to apologize, defend unprovoked violence, and blame the victims on top of everything else.


  • Even the title of this article asserts that this latest “tragedy” is part of a larger systemic problem than just the incident itself.

    “There seems to be a consistent pattern of utterly reckless behavior,” said Cobb-Smith, who helped investigate the Doctors Without Borders shelling.

    The whole point of this is the lack of accountability for Israel’s repeated “mistakes,” which they have no intention of correcting. The indiscriminate violence is a feature for Israel, not a bug.

    To try and excuse or deflect from Israel’s current missile strikes by bringing up the US’s own missile strikes is an odd choice here. Like, the same people who are calling for Israel to stop its indiscriminate bombardment are largely the same people who were calling for the same when the US was doing it.


  • I’ve seen past discussions on this question, but no definitive answers. We can only guess, as I’m sure Fidelity themselves wants to say as little as possible.

    I’m going to assume that Fidelity is storing a T9 string of your password as a kind of default “security question” prompt for phone calls. So Fidelity would be storing your password hash, and alongside it, storing your T9 string hash. If that is the case, I don’t think it’s necessarily a bad practice.

    Given that it’s handled by the automated system, and not by a live service agent, let’s give them the benefit of the doubt and assume that they are hashing your keypad entry and comparing it against a properly salted+hashed T9 string of your password. This is unlikely to expose your credentials during transmission, since this isn’t any worse than entering your password in a form field on the web.

    But what about if Fidelity gets breached, and attackers get the hashes of not only your password, but also the T9 hash? Then, attackers could start trying to crack everyone’s T9 hashes, and using the T9, figure out the length and likely characters of your password. This would make cracking individual passwords faster.

    But if Fidelity had a large scale breach tomorrow, and put out a statement that all of their password hashes were leaked, wouldn’t they already be fucked? Like, they would force a password reset on every account anyways. It’s not like the fact that attackers can crack passwords faster or slower than normal would change how they should respond to a breach where password hashes are stolen. The cat’s already out of the bag at that point.

    TL;DR: As long as they are storing this T9 string separately from your actual password hash, it’s not likely IMO to make or break the security of your account


  • The idea is that generative AI will enable Samsung products to get a better understanding of how consumers use the products – for example, an oven recognizing what is being cooked in it or a fridge recognizing what ingredients are inside. This could allow appliances to understand users’ needs and respond accordingly.

    “Understand users’ needs” being a euphemism for “spy on users’ habits and sell that info to advertisers.”

    We’ve gone full circle: from having a manual for your new appliance, to having a LLM confidently make up some incorrect info about how to use your new appliance.




  • Ok but remember when Republicans made up that Biden was going to “outlaw burgers” with the Green New Deal? And how even the made up idea that the govt would stop subsidizing meat caused half the nation to flip their shit, while the other half went “no don’t be silly, we would never ever touch your precious tendies.”

    Appealing to individuals is important because without shifting the public’s perception of meat as it relates to climate change, the government will be too terrified to enact those kind of changes for fear of getting voted out by the angry, barbecue-loving mobs.

    Until flexitarians, vegetarians, and vegans (I’m vegan btw, just need everyone to know that) become a sizable enough percentage of the voting population, these systemic changes are never going to even be considered by our leaders. So we should keep pressing the importance of these changes to collectively move ourselves closer to that tipping point.


  • The paper states that they studied the HTML form element interactions but “not the keystrokes or content.”

    There’s a big difference. Both are more invasive than we would like, but grabbing everything you type while in the app’s browser is much worse than measuring a true or false “did this person submit their comment or did they give up and leave it unsubmitted.”

    Tiktok is getting the content of the text, which could be sensitive info, and it grabs from every site you visit, not just the social platform itself.

    But I think the main issue is using the data for allegedly targeting of protestors and Chinese political opponents, more than the depth of the data collection itself.



  • When people claim that leaks “get people killed,” they’re referring to when undercover agents are identified while they’re in the field. The only secrets exposed in these leaks are the computer hacking techniques used by the US to spy remotely through compromised devices.

    The so-called Vault 7 leak revealed how the CIA hacked Apple and Android smartphones in overseas spying operations, and efforts to turn internet-connected televisions into listening devices.

    You could maybe say that closing off those surveillance channels prevented the CIA from learning about some attack, but that’s really tenuous. It also assumes that the CIA isn’t constantly developing new zero-day exploits so that they can continue to spy on just about everyone on the planet.


  • It’s funny, the US Marshalls interviewed for this are extremely forthright in explaining their methods, but clam up and say they “can’t explain these methods” as soon as they have any leads relating to cell phones. Probably because they’re using the US’s vast warrantless surveillance system to pull any possible info they can on her.

    For example, they “track[ed] down the phone number for an American businessman they believed had connected with Armstrong at some point,” and are cagey about how they got that number. I’d bet that they pulled her phone records and started cold calling everyone she’s ever contacted through her cell phone until they got someone who could give them a lead.

    Later, they set up the fake yoga instructor ad, and mention that they’re tracking the phone location of the person who answered the ad to make sure they’re at the sting location.

    It’s crazy that even with all those “methods the Marshalls won’t go into,” they almost gave up on finding her.



  • TL;DR yeah I think you’re right. The original announcement from the Reddit admin comment didn’t give any details, so I filled in the gaps myself and assumed “heart” would imply compassion, especially since I’ve seen that “stay for the empathy” tagline for so long. After all, why would the change from “front page” be necessary if “heart” of the internet gives a the same sentiment that it’s the core or cutting edge?

    The contracted marketing team’s writeup has some limited insight into the reasoning:

    …Reddit’s updated brand materials would all point back to four traits: inherently eclectic, positively different, delightfully absurd, and genuinely candid. These traits, along with the uniquely empowering foundation of Reddit as the best place to discover and participate through real conversation, led the team to a new, strategic description of Reddit as “the heart of the internet.”

    I’m not experienced enough in marketing jargon to understand if this is saying that “heart” only implies that there are lots of communities available on the platform, or if “genuine” and “real conversations” should be factored in to imply that these conversations and communities should be heartfelt.

    But all in all, it seems like the focus is on “you can discuss with lots of communities.” And since “front page” doesn’t imply discussion as much as it implies reading a newspaper, the change was needed.


  • I find it odd that they changed their tagline from “the front page of the Internet” to “the heart of the Internet.” Reddit is certainly a massive hub for discussion, but “compassionate” is not the first association I have with Reddit conversations. Smug condescension, certainly. Frothing mob mentality, often. But compassion? Rare, at best.

    I suppose that Reddit may be trying to simply manifest their hopes for the platform into a reality, but I don’t think it’s that easy. The Reddit welcome banner reads, “Come for the cats, stay for the empathy,” but most people probably know Reddit for the Boston Bombing debacle, r/theDonald trolls, and other nasty news items. It’s hard to believe the cushy corporate messaging when Reddit has so consistently allowed horrible shit on their site until the media fervor gets so intense that they can’t ignore it anymore