I suppose I would avoid connecting to untrusted networks, or avoid opening print dialogs while on them, or uninstall CUPS until a fix is available.
I suppose I would avoid connecting to untrusted networks, or avoid opening print dialogs while on them, or uninstall CUPS until a fix is available.
That refers to the fact that printer advertisements can contain lies: When you see a familiar printer name appear on a network, it could always be an impostor secretly pointing to the address of a malicious device.
So my first advice stands: Avoid interaction with untrusted or potentially compromised print servers.
To be clear, when I say “interaction”, I don’t just mean printing to them. I mean any interaction at all. Even just browsing a network for printers could potentially mean your system contacts the devices at the advertised addresses, and receives data from them. This Qualys report doesn’t make clear whether this kind of interaction is safe, so I have to assume for now that it is not.
Exploitation involves sending a malicious UDP packet to port 631 on the target, directing it to an attacker-controlled IPP server.
Okay, so at least until this is patched, it would be a good idea to shut down any CUPS-related process that’s listening on port 631, and avoid interaction with untrusted or potentially compromised print servers.
Either of these commands will list such processes:
$ sudo lsof -i :631
$ sudo fuser -v 631/tcp 631/udp
I don’t want to diminish the urgency of this vulnerability, but it is worth noting that “affecting all GNU/Linux systems” does not mean that every affected system is actually running the vulnerable code. Some installations don’t run print services and don’t ever communicate with printers.
Also, I suspect that the author’s use of “GNU” in that warning is misleading, potentially giving a false sense of security. (Sadly, a certain unfortunate meme has led many people to think that all Linux systems are GNU systems, and the author appears to be among them.) I don’t see any reason to think musl builds of CUPS are immune, for example, so I don’t assume my Alpine systems are safe just because they are not GNU/Linux.
threat actors backed by Beijing broke into a “handful” of U.S. internet service providers
Which ISPs?
Also, it would Be(e) better to link the original article (archived here), rather than this secondary reporting based on it.
I don’t want to single out a favorite, but one who stands out is Tynan Sylvester. Not just for making RimWorld a good game, but for participating in unofficial community forums, discussing features and flaws discovered by players, and bringing a good attitude. This kind of openness helps improve things for everyone, IMHO. I wish it was more common.
The PC version of Dragon Age: Origins allowed programming the characters with combat rules, so I could decide ahead of time how I wanted them to behave in a fight. It was so much better than the usual options of either tedious micromanagement or watching a dumb AI do dumb things with my characters.
Did that feature return in any of the sequels?
How would this control people selling their used hardware? I don’t see anything about Sony trying to disable resold consoles.
you’ll get “a product that works like new with genuine PlayStation replacement parts (as needed) that has been thoroughly cleaned, inspected and tested”. You will receive all the cables and paperwork you need for a PS5, and it comes with a 12-month manufacturer’s warranty
That’s worth a premium to some people.
Suggestion: Rather than using this text forum as a youtube click farm, include in your post an overview of your key points and a summary, as text. This would inform readers why they might (or might not) want to spend their time sitting through your video.
the fact that many electric cars rely on cloud services
Terrible idea, predictable results.
Arsenic is a naturally occurring element.
I can’t say I’ve ever cooked rice by throwing it into already boiling water though,
Do you mean when replacing the parboil water? At that point, the rice would already have been brought to a boil gradually. Discarding the parboil water and pouring in fresh boiling water wouldn’t be like throwing dry rice into a boiling saucepan.
Or are you thinking of changing your process, by no longer bringing the water to a boil with the rice already in it, but instead waiting to add the rice until after the parboil water has reached a full boil? I realize that’s what the infographic shows, but I don’t think it’s necessary to do it that way. If anything, I would expect your way (bring rice & water to a boil together) to pull out more arsenic.
This will add 15-20 mins more to overall cooking.
Are you counting 5-8 minutes to heat water + 5 minutes parboiling the rice + 5-8 minutes to heat fresh water? If so, you’re double-counting one of those steps, because you already have to heat water when cooking rice. Using your figures, the overall cooking time would only increase by 10-13 minutes.
You could reduce that to ~5 minutes by heating your cooking water during the parboil step, rather than after, so it’s ready to go when the parboil is done. In a kettle or second pan, for example.
You could further reduce it to <1 minute (the time it takes to replace the parboil water) by taking 5 minutes off the cooking time, since the newly added 5 minute parboil is cooking.
I hope the fediverse doesn’t cook meals one step at a time. That would take ages. :)
New community idea: WholesomeCrimes
Is there a text version? Or if someone watched the video, are these drives sold by Amazon or by third party sellers?
Even League of Legends?
Thank you for bringing The Onion back to Not The Onion. :)
The video in this article includes a fun look at some of the Playstation’s limitations, and the lengths to which Crash Bandicoot developers had to go in order to overcome them.
More discussion here:
https://sh.itjust.works/post/26026271
From the gbatemp.net article:
This is not a case of copyright infringement, so I feel comfortable linking these source code mirrors:
https://git.naxdy.org/Mirror/Ryujinx
https://git.l7y.media/mirrors/Ryujinx
The commit hashes on both of those mirrors match the official ones at least until March 2024 (v1.1.1217). I can’t vouch for the more recent commits that extend through today (v1.1.1403), but the two mirrors do at least match each other.
Warning: A zip file in the ryujinx_202410 subdir of https://archive.org/download/ claims to have the full git history, but the hashes do not match the original source repo. It’s possible that the mismatch is an artifact of some accident, rather than malice, but I would avoid it just in case.