Having read the paper, there seems to be a glaring problem: Even though the user can’t tell an attacker the password, nothing is stopping them from demonstrating the password. It doesn’t matter if it’s an interactive sequence – the user is going to remember enough detail to describe the “prompts”.
A rubber hose and a little time will get enough information to make a “close enough” mock-up of the password entry interface the trusted user can use to reveal the password.
I’m running a Venstar Colortouch thermostat. They’re not cheap, but they have a local API and there’s a Homeassistant integration.
Another mirror has the original comments. They’re exactly what you’d expect from 2001.
… I thought Lunix was invented by the infamous Soviet computer hacker Linyos Torovoltos.
Like my distro?
So a tiara, duster jacket, kilt, one “stiletto pump” shoe, one wellington boot – and a roll’s worth of duck tape. Got it.
I have a question for the group. I do run Linux on a ThinkPad, but it’s Mint/KDE on an X1 carbon I bought new.
My question is: what’s the dress code here? Do I actually need to buy programming socks and a skirt? Can I get away with just wearing ribbed, white athletic socks and cargo shorts? Business casual?
a troll spamming emojis like he was so smarter than me
I mean … you could join an instance that’s federated with hexbear.
Irregardless, it’s the same difference even if its spelled wrongly. I for one could care less, so it’s a mute point per say.
Defense in depth – maybe I’m paranoid, but just because something is unlikely doesn’t mean an extra layer of security isn’t advantageous. Particularly when I already have a VPN, so there’s little reason not to use it.
Plus, my logs are easily checked as a side effect.
I don’t get why people leave interfaces the public doesn’t need access to open to the public – especially SSH.
Use a VPN if you need access to those interfaces from the “outside”. They’re stupidly easy to set up these days, particularly with Wireguard.
I see it in the “edit image” screen. Google wants money to unlock “features” that were free for years with a “Google One subscription”, starting at $2 a month.
HDR effects, blur, magic eraser, and dynamic color correction.
I was working with a buddy on a “startup” that was more of a hobby than anything (and didn’t go anywhere). The early prototypes were controlled by Arduino and Pis early on – ease of software development was key as we experimented with and dialed in the hardware. The later prototypes used an ESP32 though, because we’re aren’t idiots.
I’m a hobbyist at best: it kills me that there are well paid “professional embedded software engineers” out there that can’t work with actual embedded hardware. All I could think of was this article on electrical engineers that can’t solder. The complete lack of real world, hands on experience with the hardware blows my mind.
I wouldn’t go that far, but he does make great indie music
They’re just lying about pirating to look cool.
I highly doubt there are any actual pirates on here, it’s just users being edgy. A bunch of dorks that don’t even own a boat role playing badass pirates.
My niece struggled with using a mouse when she was in middle school – her experience with UI was exclusively touch screens prior to that.
The verge had an interesting article on this phenomenon
I’ll add “it’s not their fault”. In the race to make technology intuitive and idiot proof we’ve removed the need to actually learn how technology works past a superficial level.
You know it’s bad when you recognize the user name.