Nick @internic@qoto.org

I'm nearing a year of using this Linux laptop as a 50% daily driver and I really have to say…

Linux's quality of life on an ordinary laptop is *embarrassing*.

Like, I'm able to use it. But it is embarrassing. No normal person would put up with the garbage desktop Linux puts me through. I put up with it because I'm stubborn and ideologically motivated.

One of the most widely used network protocols is vulnerable to a newly discovered attack that can allow adversaries to gain control over a range of environments, including industrial controllers, telecommunications services, ISPs, and all manner of enterprise networks.

Short for Remote Authentication Dial-In User Service, RADIUS harkens back to the days of dial-in Internet and network access through public switched telephone networks. It has remained the de facto standard for lightweight authentication ever since and is supported in virtually all switches, routers, access points, and VPN concentrators shipped in the past two decades. Despite its early origins, RADIUS remains an essential staple for managing client-server interactions.

Since 1994, RADIUS has relied on an improvised, home-grown use of the MD5 hash function. The result is “Blast RADIUS,” a complex attack that allows an attacker with an active adversary-in-the-middle position to gain administrator access to devices that use RADIUS to authenticate themselves to a server.

https://arstechnica.com/security/2024/07/new-blast-radius-attack-breaks-30-year-old-protocol-used-in-networks-everywhere/

Exhaled #aerosol increases with #COVID19 infection, age, and obesity

> we found that exhaled aerosol particles vary between subjects by three orders of magnitude, with exhaled respiratory droplet number increasing with degree of COVID-19 infection and elevated BMI-years.

> We observed that 18% of human subjects (35) accounted for 80% of the exhaled bioaerosol of the group (194), reflecting a superspreader distribution of bioaerosol analogous to a classical 20:80 superspreader of infection distribution.

https://www.pnas.org/doi/10.1073/pnas.2021830118

#SARS2 #sarscov2 #COVIDisAirborne

https://creativecommons.org/2024/07/09/strategyrefresh/ #OER

Adding alkalinity to wastewater as a CO₂ removal (#CDR) strategy shifts CO₂ to carbonate and bicarbonate, potentially decreases CO₂ flux to the atmosphere. 👀

https://www.nature.com/articles/s43247-024-01506-4

Why I bought the domain for the newspaper I worked at in the late 2000s.

And why, if you’re worried about your search results, you should maybe consider following suit.

https://tedium.co/2024/07/10/websites-domains-spam-prevention/

new @tedium

It blows my mind that it is possible to replicate a Macintosh on such minimal hardware. An RPi Pico could not just fit in my pocket, I could stuff dozens in there. Here is the story of how it was done.

"MicroMac, a Macintosh for under £5"
Matt Evans
@Mattmos
https://axio.ms/projects/2024/06/16/MicroMac.html

A fascinating and disturbing look at how finite-element engineering simulations, though potentially very accurate, are nonetheless sometimes wildly wrong thanks to old/misused code, and dodgy shortcuts that Gilbert Strang calls “variational crimes”.

https://www.scientificamerican.com/article/how-the-math-of-cracks-can-make-planes-bridges-and-dams-safer/

@StillIRise1963
It's like the old meme says: not voting is an incredibly political act/statement. It lets people know that you like the status quo and don't want things to change.

A book I was reading mentioned a place so dark you could see shadows from starlight. It got me wondering whether I should take that literally. The problem is that the totality of starlight in the sky makes a diffuse source so I find it hard to imagine clear shadows with a visible contrast between light and dark. It I found a paper whose author claims that it's not actually hard to see the shadows from individual bright stars.

https://adsabs.harvard.edu/full/1902PA.....10..242R

#TIL The sun is a huge high-gain antenna due to gravitational lensing. A hypothetical Voyager 3 can supposedly reach its >= 550 AU focal point in 50 years, which would allow a high-resolution optical scan of an exoplanet, or to receive alien livestreams from Alpha Centauri at 10 Mbps/watt with just a 1-meter telescope. https://arxiv.org/abs/1706.05570 https://arxiv.org/abs/2002.11871

Hackvists release two gigabytes of Heritage Foundation data

"Self-described “gay furry hackers,” SiegedSec said it released the data in response to Heritage Foundation’s Project 2025, a set of proposals that aim to give Donald Trump a set of ready-made policies to implement if he wins this fall’s election. Its authors describe it as an initiative “to lay the groundwork for a White House more friendly to the right.”

The data, reviewed by CyberScoop, includes Heritage Foundation blogs and material related to The Daily Signal, a right-wing media site affiliated with Heritage. The data was created between 2007 and November 2022. 

The group says it gained access to the data on July 2 and released it to provide “transparency to the public regarding who exactly is supporting heritage (sic),” a spokesperson for the group who goes by the online handle “vio” told CyberScoop in an online chat Tuesday."

https://cyberscoop.com/hackvists-release-two-gigabytes-of-heritage-foundation-data/

#hackers #opsec #infosec #databreach #politics #ethics #furry #furries #altright #gay #uspoli #project2025 #security #privacy #transtights #fascism #hacktavists

Google PR sure is taking its sweet time getting back to me about the finding that Chrome has a hidden extension that allows all *.google.com domains to monitor your CPU usage and other private system info. I'm sure they're working just as fast as they can.

https://simonwillison.net/2024/Jul/9/hangout_servicesthunkjs/

Beloved Apple blog TUAW was shut down in 2015, sold to private equity, then sold to a company in Hong Kong. It recently relaunched as an AI content farm using the stolen identities and bylines of its former human staff. A nightmare:

https://www.404media.co/a-beloved-tech-blog-tuaw-is-now-publishing-ai-articles-under-the-names-of-its-old-human-staff/

Sometimes you can tell a lot about a person by the domains they register. For no particular reason, I was looking at the domain footprint of Rep. Marjorie Taylor Green, and found a phone number connected to her over the years that was used to register mtgforamerica[.]us back in 2021. The domain's registration records are hidden behind privacy services from anonymize.com, but their privacy system assigns a unique email to each private registrant, so you can still do a reverse search on that and find out what other domains are registered by the same account.

Domaintools finds 21683@anonymize.com was used to register 156 domains, including supportkylerittenhouse[.]com and repealjuneteenth.com. Here's the full list if anyone's interested: https://docs.google.com/spreadsheets/d/1Xy7FDYtN-YGyv29XZ08wf_Z1OPAemfmccpVqwZ-ci50/edit?usp=sharing

Semiphemeral helped tens of thousands of people delete tens of millions of tweets, likes, and DMs. Then Elon Musk ruined everything. I'm psyched to announce that I'm bringing it back! And it will help you reclaim your data from more than just X https://semiphemeral.com/like-a-phoenix-semiphemeral-will-rise-from-the-ashes/

Do you want to beg for hybrid conferences to come back with me and some other people? You can sign here! Bonus: you get to bother the AMS and MAA! https://sites.google.com/view/hybridmathconferences?usp=sharing

rt @blkmathmagic@twitter.com

#hybrid #online #conferences #accessibility #academia #math

I spoke w @propublica about the lack of a SolarWinds report from the CSRB. If senators can't read CSRB cyber investigations, how are any of us supposed to learn from them?

"An aide to Wyden said the senator had not seen the NSC review." https://www.propublica.org/article/cyber-safety-board-never-investigated-solarwinds-breach-microsoft