Show newer

Google explains how #Android #malware slips onto Google Play Store

Versioning - the initial app upload to the Play Store is benign. Through dynamic code loading (where code is pulled from a third-party server), the “benign app” downloads its malicious code.

It’s like a bait and switch.

#cybersecurity #infosec #security #google

bleepingcomputer.com/news/secu

Get a sense of scale for computer storage...

Byte of data: a grain of rice
Kilobyte: a cup of rice
Megabyte: 8 bags of rice
Gigabyte: 3 container lorries
Terabyte: 2 container ships
Petabyte: covers Manhattan
Exabyte: covers the UK (3 times)
Zettabyte: fills the Pacific Ocean

not every website needs to be Designed. sometimes you can just put the information on a page

Do you prefer to perform overt, immediate evil, or slow, indirect evil? 🤔

TIL a Polish charity placed a tracker on the back of a white stork to track the birds migratory habits. It travelled to Sudan before the charity lost contact. Somebody found the tracker, removed the sim card and put it in their own phone, where they then racked up $2700 worth of phone calls.

bbc.com/news/blogs-news-from-e
reddit.com/r/todayilearned/com

(16/25)

Hypothesis: Over indulging in beer can cause a hangover independent of alcohol quantity.

Considering that beer is made traditionally out of four ingredients: water, grain, hops, and yeast. Over indulging in any of these could be the cause of the hangover.

The main issue is that there is little to no research in this realm.

Let's first look at hops. There is some research in hops capsules, though they only deal with quantities of 1.5 - 2g. And considering that home brewers standardly use 14g per 3.8L, which would equate 3.68 g/l.

If one assumes that over indulging is defined as more than 3 l/d, then one would quickly fall into the hypothetical hops poisoning group.

---

I have experienced such a hangover many times this year although I don't drink alcohol. Just recently had a binge of 4L. Either I need more meticulous data to show that the beer is the dominant factor and not some other dormant instance like hours awake or just find the limit of volume to mitigate the outcome.

Wheat and water are less likely the cause considering that both are prevalent in the standard western diet.

Yeast could also be a factor to explore and easy to test to a point, since one could just eat high quantities of baking yeast. Though this yeast usually isn't equivalent to the yeast used for beer. Or one can drink hops free beverages that still use yeast like ginger beer.

(15/25)

The deep squat is probably one of the best positions to have in your arsenal of postures.

Other than giving a great resting position, it can accelerate your defecation time. Since it is the human biological best position to relieve oneself of bodily waste.

Though through the modernisation of the world, we have reduced the need to know the position. We have created toilets that are comfortable to sit on, though hinder the efficiency.

In lots of places in the world, toilets are just holes in the ground. Thereby they can do their business quite quickly. In other parts, the "potty stool" can aid you, though only if one is present. Thus finally one can attempt a balancing act on the rim of the toilet bowl or seat.

Once proficient enough, one can attempt the deed in public restrooms. Deep squatting on the toilette bowl rim might be a bizarre spectacle, though it will remove the prep time such as wiping down the toilette seat or making a toilette paper cushion.

(14/25)

For a very long time I was a proponent of , since I got a brief taste of it on my old phone. Though now on my new phone, I am not satisfied with my experience. For the couple of links that were shared into the app, they stopped playing quickly.

Luckily while exploring the new section on , (github.com/lamarios/clipious) caught my eye. Clipious is an Android client application for . This is a perfect fit with my daily desktop use using to do the same.

One of the hardest lessons I’ve had to learn, but it changed everything.

(13/25)

One of my favorite things to do is exploit the DOM (ethical concerns aside).

Lots learn early on if some pesky web component is blocking your view, just delete it in the developer's tools.

This is usually the spark into what other configurations are possible.

As a by trade we are constantly in the developer's tools trying to understand why certain elements are behaving the way they are - visually or in action. Though we have access to the code base, so it's easier to understand.

The fun begins when you only have access to the website!

- For one time edits basic DOM manipulations will suffice.
- For simple tasks the console will suffice.
- If you started editing the CSS, you can save your changes and load them next time you visit.
- If you don't care about , you can use extensions like or .

In the realm of heavy duty modifications, there are a couple of options:

- Write your own extension.
- Write your own library and run it through the console. This permits to offline development in your preferred coding language and you can bundle it either through or .
- Host your code on , use a CDN bundler, and then preload it via an extension like GreaseMonkey.
- There is also the option to preload your script into the browser's config, though with each update one has to do this anew, not questioning the potential flaws.

Through these possibilities one will learn a lot about vanilla and .

Those who follow scientific news have probably heard of #LK99, an hexagonal crystalline structure (CuO₂₅P₆Pb₉) manufactured at Korea University which would unlock the holy grail of superconductivity at room temperature and pressure.

My two reactions after reading the paper were:

1. Darn, the data collected in this research seems more convincing than other bollock claims of room temperature superconductivity I've read in the past.

2. Darn, the elements and the process used to create this wonder material are very common, and the experiment could be easily replicated by any physics lab with some lead, copper and an oven that can reach 1000 °C.

After a few days, we've finally got some data from other researchers around the world trying to replicate the same results of the original experiment.

And we may be up for a bit of a disappointment: none of those who repeated the experiment has managed so far to get the same results of the Korean researchers.

What surprises me is that these folks have come up with very different results - some experiments have resulted in a semiconductor, others in an insulator, others in a partial superconductor (either replicating levitation, or diamagnetism, but not both). Which is quite surprising for an experiment that was supposed to be straightforward, with off-the-shelf elements and processes.

Many experiments are still in progress and may still change the outcome, but so far it seems that the original research may (at the very least) require another round of refinement to explain how exactly this compound should be manufactured - or it may just join an increasing list of false claims around room temperature superconductivity.

Is any of the wonderful science folks on my contacts list currently in the process of replicating this experiment too? If so, feel free to share your findings!

p.s. How come gaming forums have become the main place to share a lot of important knowledge?

forums.spacebattles.com/thread

CISA: Preventing #Web Application Access Control Abuse

This is a piece from CISA with some good advice and excellent timing regarding all the #API abuses running rampant.

IDORs generally equal an access control problem. Access control issues mean threat actors could allow access to data that they otherwise *shouldn't* have to, or modify/delete objects/data where they should not be able to.

There's no universal one-size-secures-all approach, but conducting code reviews and testing code for #vulnerabilities are mitigations CISA recommends and mitigations I've seen recommended from industry before.

#cybersecurty #infosec #security

cisa.gov/news-events/cybersecu

(12/25)

Has anyone else notice how feature rich is? Like you take a picture of your data and it can evaluate it.

Though simple tasks like opening a CSV file feels like you need a rocket science degree.

On the side, there exists , where you only need to open the file, choose the delimiters, and you are good to go.

(11/25)

The conclusion after the first 10 days:

- The (F-droid) app is good as a replacement for the previous using app, Epsilon (Google playstore). Still need to figure out how to make my own templates instead of copy-pasting the last daily and adjusting the specific fields.
- Early on, created a _could write about list_, though haven't utilized it yet, since little to no motivation to tackle those topics.
- Quite prone to procrastinate towards the daily until right before bed time, thus creating a more rushed entry. For the next stretch of the challenge the goal is to complete most of the daily within the first four hours of the day.
- With the last point comes also the issue of not knowing what to write about. Thus, I will permit _backlog writing_, one can start writing about a topic prior to the publish day.
- And finally, ten days is a good starting range for a challenge, though not enough time to conclude if it is creating a positive change. Thereby want to add the addition goal of adding one long form article per month. So for the next 15 days it will be two articles.

(10/10)

> Different levels different devils.

When doing a physical endurance team event each person will suffer differently. Some will be challenged by the cardio portions while others will struggle with the workouts and then there is the physiological and psychological suffering. This is all doable if you come into the event without preexisting injuries or damages e.g. a bad knee.

As long as either you or your team mates keep a positive outlook all is doable. Just because you are suffering in the moment doesn't mean that others aren't as well.

If you do not communicate your unbearable pains, the team will not be able to assist you in any fashion.

Remember it is a team event and one should rely on the team.

(09/10)

My top 5 things to take for an endurance event:

1. at least 2L of water
2. an electrolytes solution, usually salt capsules
3. food in form of trail mix or nuts
4. IFAK (Individual First Aid Kit)
5. phone with offline data

(08/10)

To learn something new one takes existing knowledge nodes and alters them.

This comes to the question can one learn a foreign language and a field of study at the same time. And what preliminary requirements are needed for this feat.

The challenge that I will try to tackle is to learn statistics in Russian.

This is what I bring to the table:

- Familiar with multiple memory techniques like the memory palace or the peg method up to 100 slots.
- Have a decent maths foundation and know the basics in .
- Know Croatian, granting Slavic roots for the language. (Might create word choice conflict in the long run.)
- And know the Russian Cyrillic alphabet. This grants me the ability to read.

This list should provide enough knowledge nodes to tackle the challenge.

Goal:

1. To be able to translate Russian media without the need for a translator.
2. To know how and why in using a specific algorithm in statistics to evaluate the data.

(Preliminary action plan coming soon...)

(07/10)

Do you like to eat beans but find it annoying to patiently wait hours by the stove cooking them? Well did you know you can also bake them?

All you need is a casserole dish with a lid.

1. Cold soak your beans at least 12h.
2. Rinse your beans multiple times until the fogginess dissipates.
3. Add water until it covers the beans, place the lid, and bake them for at least 3h at 200°C or until one's preferred tenderness. Check at 1h intervals to make sure there is still enough water in the dish and add if needed.

Hint: place either a baking sheet directly below the dish or a level deeper. Most likely the pressure in the encasement will make the water rise and seep through the cracks. This will then land on what ever is below it. So if one wants to ease the cleaning process, this is one's best bet.

Show older
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.