@[email protected] Sure, those methods might work for now. But if Microsoft follows their reasoning ("We’re removing X from the build to enhance security and user experience of Windows 11. This change ensures that all users exit setup with internet connectivity and a Microsoft Account.") they will remove these methods eventually as well.
harrysintonen
joined 2 years ago
7
Finnish Post has decided to start using your data for service planning and development. This is opt-in by default.
"My data may be used for service planning and development, as well as for delivering personalized content and targeted advertising using profiling.
Profiling refers to automated processing of personal data where the information is used to evaluate personal characteristics, such as interests or service usage. The purpose of profiling is to enhance the customer experience and ensure that the customer receives relevant and interesting recommendations and services."
Notably for some reason this is separate from "Marketing consents" and is enabled by default.
You can turn off this option at: https://my.account.posti.fi/settings
#profiling #privacy #gdpr #enshittification
@infinity Yeah, it does for now. I fully expect Microsoft to remove that registry key or the associated functionality next.
After all not doing so would mean that users could accidentally setup the system "without working internet connectivity and a Microsoft Account".
That would be terrible for security and user experience *cough* business.
@jerry It largely depends on how well the initial impact is cleaned up. I'm hoping we won't see a ton of backdoors in various components next.
The httpget 0.2 doesn't quite work in the form it was uploaded.
First it uses hardcoded argv, argc instead of getting from the app invocation (as args in main, the code uses void main).
Second obtaining any data from the socket will result in the app stopping and leaving behind an empty file (if (nread) break;).
This program could never download anything. It is likely some work in progress or modified test version of httpget. Since it includes some windows specific headers and has disabled the unix ones I can only presume it was some earlier attempt to get the tool running on windows.
So while the code has a local stack buffer overflow it can't be triggered for this early version.
If this trend continues, we will be losing the ability to use secure means of communication with UK friends and colleagues. For example, #signalapp will rather get out of the UK than add backdoors: https://www.bbc.com/news/technology-64584001
4
As expected #Apple has nuked Advanced Data Protection (ADP) for UK users. What does this mean in practice? UK govt will be able to decrypt all UK user's #iCloud data at will.
Existing users' access will be disabled at a later date - this will likely mean that unless if you accept the new policy Apple will delete your existing iCloud data. Which I would recommend you do right now anyway - never trust someone else's computer with sensitive data.
https://www.bbc.com/news/articles/cgj54eq4vejo
#cybersecurity #privacy #enshittification
"#Nordnet admits that it was possible to trade in other people's depots during the IT breakdown"
#Nordnet services appear to be back.
Nordnet has a lot of technical issues to sort out. If the malfunction allowed unauthorized parties to operate the accounts it will be quite messy to sort out.
Among with technical part, they will have to deal with the regulatory issues, in particular the Financial Supervisory Authority. They will demand answers.
I still occasionally write some m68k code and apps. These are from 2024:
- Execute code in #amiga color registers: https://sintonen.fi/src/colexec/colexec.asm
- RXS-M-XS 32bit->32bit Permuted Congruential Generator: https://sintonen.fi/src/misc/pcg/_rand.asm
- Minimal modplayer (protracker music player): https://sintonen.fi/src/minimod/ (the replayer routine is mostly from Frank Wille however)
I also participated in very useless size/speedcoding competitions - some of them are still accessible from this old web page: https://amycoders.org/compo/
Note that some of the HTML is a bit broken, for example https://amycoders.org/compo/circlecompo.html - you can view source to see the full routine
#m68k #assembly #sizecoding #speedcoding
@[email protected] Curl will likely address this eventually even though they don't consider it a vulnerability. See https://github.com/curl/curl/issues/16197
view more: next ›
This here is the prime example of why we must stay vigilant about the collection and dissemination of personal information.
Also, while this article only mentions "algorithm", it's not difficult to predict that AI models are or will be used for this kind of task.
AI advocates often claim that any plans to regulate AI are just a hindrance to progress. I will take regulation if it will stop this kind of madness.