Mahonia

@Mahonia@lemmy.world
0 Post – 22 Comments
Joined 12 months ago

Well that's actually exactly what I'd expect

Just so we're clear, this is the endgame of all of the propaganda against trans people. Many are culpable in this.

7 more...

So I've used huge stupid trucks for work a lot. Bush work. So shitty roads in the middle of nowhere, heavy loads.

Here is what I've learned:

The beds are undersized proportionate to their size, so it's pretty common to put canopies on them, which raises the center of gravity even further than it already is (which is pretty goddamn high). Rollovers are common, and loading the things is in itself hazardous. I've loaded a lot of shit in and out of these things, and had a bunch of close calls. It's a long way to fall, and you're more likely to fall than in a shorter vehicle.

The build quality is overall pretty bad, so the pillars are huge. Stupid large, which creates really big blindspots where there just don't need to be.

These trucks aren't really designed to go off road, so things like traction control tend to really get in the way. That whole system is built off of ABS (which doesn't work in situations where your traction is limited), and this will effectively kill your power when your tires start to spin. You have to override the default settings of these trucks to get them to work as advertised. It will make you stuck when you don't need to be.

The high hood is dumb. You have to look far ahead to maintain safety, because the blind spot in front of your truck is huge. Do you know what happens when you're on a steep climb around sharp corners? You straight up can't see. The only safe way to go is to get out of the truck and drive from memory. It's legit fucking stupid.

The blind spots in the rear of the truck is enormous. I've driven trucks with empty beds where I can see out the rear view mirror, and I've driven trucks with canopies that cover up the rear window. There's basically no difference in visibility.

It seems like maybe the problem is that automakers were able to widely market vehicles that use wireless protocols that are relatively easy targets for attack. This was never properly secure.

Automakers should absolutely be held to higher standards (in general) than they are, and it's not likely that banning specific devices is going to have any measurable outcome here. It's pretty well known that people buy and sell malware, and people can just... make devices similar to a Flipper with cheaply and readily available hardware.

This is just dumb posturing to avoid holding automakers and tech companies accountable for yet another dumb, poorly thought out, design feature.

And obviously it doesn't stop at cars. It seems pretty clear that snooping on any feature using RFID or NFC tech is only going to become more widespread. Novel idea: what about using... actual keys as the primary method of granting physical access? Lock picking is obviously possible but a properly laid out disc-detainer lock is pretty goddamn hard to bypass even with the proper tools, and that skill can't just be acquired in the same way as with electronic methods of bypass.

Well, Republicans are pathologically fucking stupid.

This is one of the things about assisted driving tech that's always confused me. It seems unlikely that we will have fully self-driving cars soon, but the illusion of being able to be absent while driving seems really dangerous. It doesn't seem like an improvement to me to remove the human element from most of the driving tasks while also requiring that human to spring into action seemingly at random.

Like don't get me wrong, people do dumb shit on the road with or without assistance, but having a system that requires human involvement at a zero-to-hero level seems like a bad system.

Then again, based on this actual content, maybe people just shouldn't be allowed to own vehicles full stop.

5 more...

I think these things are very related.

I'm queer and trans, and I'm not so picky about the demographic that I hang out with. I've met a lot of dudes who wanted to act their best in good faith, but received such vitriol for even showing up in conversations that they stopped bothering. Even as a transgender person, I don't tend to engage much with community because there's so little room for meaningful dialogue that isn't totally prescribed. There seem to be a lot of rules on how you should and shouldn't be. I understand that propping up the voices of those who have historically been ignored is an important thing, but there is something to be said about the fact that men and boys are often actively shunned from specific groups. If you're frequently told that you have no place in community, you're probably going to model a different community around that rejection.

Now what I actually think is happening is that tools of mass manipulation like the more centralized social media platforms are weaponizing the language of social justice to create division and escalation. All media platforms are quite effective at serving the ruling class, but social media is particularly insidious in that it pretends to be real life and the exposure is virtually constant.

So this was the exact thing that pushed me over to the FOSS side the last time they did it. Nice to see the tradition of annoying users to the point of them abandoning Microsoft is alive and well.

I set up 2FA via a hardware security key (a yubikey) for login, sudo etc. I then tried to switch security keys, removing the old pam files and adding a new one. But I didn't tidy the pam files up before logging in, and there was effectively no way to log in, since editing the pam files required sudo access to edit in the first place. So basically the whole system required access to a pluggable authentication module that it no longer had any ability to recognize. It was honestly pretty funny. I did manage to recover my data by booting from a live system and decrypting my drive from there.

I've also accidentally removed my desktop environment twice while trying to update Python versions and then cleaning up old packages, but that's kinda not that big deal and is just a facepalm moment.

When I saw them prop it up I thought "Oh good they figured it out" and then they started rolling it... the hard way. What a ride.

I've been using GrapheneOS for about 5 years.

Google pay won't work, but everything else should. I've never experienced any of the issues the other commenter had, and I've installed Graphene on 4 devices (not dismissing you BTW, just saying I think your experience is quite uncommon).

I don't think third-party launchers are a good idea (you're giving full device permission to an unneeded app) but it should work.

Almost every app I wanted to use worked with Graphene before they introduced their sandboxed google services, and now everything I've tested works with Google push notifications. The only exception is Google pay, and there are upstream reasons for that. Keep in mind, on a very rare occasion the hardened memory allocator breaks compatibility (again this is very rare), but there is an app-specific setting toggle to turn this off so it's kind of a non-issue.

2 more...

I don't get this. It's a shitty plush made by a company founded by a literal Nazi.

6 more...

Well, the actual causes of pedestrian deaths (big dumb vehicles, infrastructure that more or less necessitates personal vehicle ownership) are the same things that the auto industry lobbies hard for.

Fuck people are dumb. There's no thinking here.

The overdose crisis worsened when there were border restrictions, because contamination was more widespread. Also fuck me, the real problem is obviously mostly legal opiate distributors.

2 more...

That's really not an accurate representation. Here's a short article that goes into this: https://www.bbc.com/news/world-europe-14661582

They're also heavily implicated in the illegal logging trade in eastern Europe: https://www.nbcnews.com/science/environment/ikea-likely-sold-furniture-linked-illegal-logging-forests-crucial-earth-n1273745

Fundamentally I have a problem with oppressed people licking the boots of oppressors. And what that means partially is using consumerism as "representation" (that in this case directly benefits a billionaire family with direct and deep Nazi ties) is not super cool with me. Do you know the term pink washing? It refers to a thinly-veiled attempt to get financial support of queers without any meaningful support to queers. Lots of corporations have pride floats -- it's great, low-cost marketing.

Like whatever. Consume to your heart's content. But I think it's pretty embarrassing to have this prepackaged garbage as the best we can do for a modern icon, especially considering the source. You do you, but I'm just saying this shit is dumb.

Samsung skipped 11-19

You love to see it

Can I ask why?

LineageOS supports a custom avb (android verified boot) key and a locked boot loader on a very limited number of devices, and surely not a galaxy s4. Which is to say if malware was installed on your device it could be persistent through boot/reboot cycles. There will be no verifying OS integrity. Also on a device that's been unsupported for that many years, the firmware and software that you'll have access to is dramatically less secure. And this just can't improved by also not having a locked bootloader.

Lineage can only do so much to support devices after they've reached EOL, which while I agree sucks, it's a problem that's at the hardware level (Qualcomm and Samsung make it impossible to continue meaningful support).

I understand if you're trying to keep a device alive that you already have, but buying a phone for this purpose is probably not a good call. Or do you live in an area with limited access to newer tech?

If you can at all, the cheapest and best move would be to buy something like a Pixel 6a or 7a (or even a 5a) and run GrapheneOS.

1 more...

Not tiktok music?

Can't believe I'm doing this, but: So-fish-ticated

1 more...

I don't get these arguments. These tools aren't weapons, and limiting legal access to pentesting tools will decrease corp's and individuals' ability to be proactive about security.

These devices can be manufactured relatively easily and making them illegal will essentially mean the only people doing security tests are criminals. Large tech companies, correctly, run bug bounties where independent security researchers can make income by reporting reproducible and exploitable bugs. The concept here is called offensive security and it's extremely important for building better and more secure platforms. This situation will never be improved by limiting legal access to useful testing tools.

The responsibility should be on automakers and other companies that have massively insecure products, not on open source developers who are making products for security researchers.

Well that is legit very funny and cute.