天空вℓσи∂ @skyblond@qoto.org
- TZ
- Asia/Shanghai (UTC +8)
- Blog(zh_CN)
- https://skyblond.info/about.html
- Language
- Kotlin/Java/中文/English/Google translate
**I have a job now!**
I'm a Chinese shitizen, but I generally don't post in Chinese to avoid being suffering from other Chinese.
I'm physically a male, but I don't care how people think about my gender. I can be male, or female, or cat. But if you ask, I'd prefer to be referred to as male. Also, I support LGBT+ people, and I'm a copyleft. I don't think I'm too aggressive in arguing things, but sometimes I do. You should handle it with care.
I post about programming (most time is Java and Kotlin, unless I have a new love), and some random things I find interesting. I also post about my mental health, which is in a stable state of instability, thanks to my parents and Chinese society.
Anyway, if you want to follow me, I'm glad to see you. And, have a nice day.
Alt: @skyblond
Joined Dec 2020
Someone: Rolling update will provide more smaller step updates, so it's less likely breaking your setup by upgrading.
Me:
天空вℓσи∂
boosted
#PSA :请更新 OpenSSH;远程任意代码执行漏洞。
关于此 CVE:
- 这是 CVE-2006-5051 的 regression。
- 在开启 ASLR 的 i386 设备上,大约需要 6-8 小时获取 root shell;在开启 ASLR 的 amd64 设备上则可能需要约一周左右。
- 临时的修复是设置 LoginGraceTime 为 0,不过这会使 ssh 服务易于受到 DoS 攻击。
CVE: CVE-2024-6387
Affects: [8.5p1, 9.8p1)
https://www.qualys.com/regresshion-cve-2024-6387/
#CVE #RegreSSHion
Telegram 原文
天空вℓσи∂
boosted
@skyblond@qoto.org Rough way to calculate how far the lightning actually is: When you see the flash, start counting the seconds until the thunder. That amount divided by three is the amount of kilometers that the lightning is away from you.
天空вℓσи∂
boosted
photo of my friend's workplace. I'm glad you find it useful. thank you.
Heavy rain? The thunder is scaring the shit out of me. I want to sleep, but I can't. Because the sudden big bang sounds low and kept me frightened
「这是俺拾得嘞」——微软CEO
First time setup a OpenMediaVault for my friend on his 12th gen NUC. With one NVMe disk for both boot drive and data, it's a fairly risky setup. But the progress went smooth: install system, replace the apt repo to a local one, install plugins to share root fs, install podman, set up proxy, figure out how to make podman use proxy, and finally install tailscale and plex.
I'm amazed how this system is flawless. It's community work, I thought it would be junky, expecting to deal with sneaky command line hack, but everything (other than podman) can be done in the web ui. And it's based on Debian 12, which means if OpenMediaVault didn't offer any plugin for the app I need, I can just install it for debian.
There are so much OSes that requires special care, for example, synology, true nas (the bsd based one), and unraid (you don't even get a package manager). I mean, they do have their good side, but they does need some workaround to work with.
With OpenMediaVault, in the end of the day, it's just a debian server. Lovely.
天空вℓσи∂
boosted
请所有加入了喵家中继 ( relay.nya.one ) 的实例主检查您的文件数据记录
请检查您的文件中是否有来自 @milano@fet.bar 于 2024 年 4 月 24 日(依据本地同步时间)上传的 MD5 为 622b3c33aaea1aa50eec84753d18b5b1 的文件,如果有的话请立刻删除,这个文件是恋童癖用于投毒使用的 CSAM 视频。
目前根据 fet.bar 的状态来看,该名用户的账号已经被封禁(或删除),且该内容应该也已被删除。但我们于 6 月 22 日的数据库备份存档中依然发现了这个内容,无法确定其具体的操作执行时间和相关同步情况。根据我们对象存储服务提供商给出的信息,这个文件会导致您的包括但不仅限于对象存储服务遭到警告。出于安全考虑,强烈建议您再确认一遍。
我们未来会尝试开发一个基础的媒体审计工具,希望能在此类内容造成不良影响之前就能将其定位并无害化处置。
最后,非常感谢我们的对象存储服务提供商 Wasabi 给予我们的及时且热心的帮助,比某些屁都不放一个的友商好太多了。
1. 您也可以检查一下 MD5 为
f73ca5dc660d7ce404e2cf9278991f75 的文件,这个文件没有被喵窝缓存下来,但也是同一个用户发送的,大概率也是 CSAM 内容。2. 如果您没法根据 MD5 查询文件,您可以试试根据用户去定位文件。即便成功通过 MD5 定位到了文件,出于安全考虑,最好也再用用户定位剩余的文件试一试。
3. 请不要因此次事件对任何一个实例有偏见。小站没有大厂那种管理和审核机制,导致被攻击者投毒的事件可能会落到任何一个实例上。攻击行为之所以出现,不是因为审核不严,而是因为有攻击者的存在。这样的事情未来一定还会再发生,在加强监察工作以减少攻击者入侵成功率的同时,也应当注意我们要作为一个团结的整体,去一同协力抵抗这群攻击者,而不要产生内讧。
A quick question.
Just found out that both the president of the US and China are pretty old. Biden is 80+, and XiJinping is 70+. I didn't check other countries' leaders age, but it looks like we are letting old people rule the world?
Not familiar with the US, but for China, a 71 years old man is simply too old to lead the country. I think this country needs more energy from a young (not younger, but young) leader.
Looks like either the seller gives the wrong dimensions or I measured wrong.
Anyway, this unit is wider than I thought. And all of my windows won't fit, so I set it up using the toilet.
Room temperature: 25C
Toilet temperature: 40C
天空вℓσи∂
boosted
Eight years of waiting, S03E12 is all we deserve? Kumiko strived for three years, and in the end of the day, a transfer student that never show up in the first two season, a nobody, just denied all her efforts and throw her back to the bottom?
What's wrong with you?
I don't know anything about music and performance. And I don't care. I came to anime, I came to KyoAni for getting the peace, the warmth, and the strength from the beautiful stories so I can facing my f*cking hard life. Now what I got? Disappointment, sadness, anger. Also insomnia.
This is the biggest failure in Asia. They should call Steven He for failure management.
Eight years of waiting, S03E12 is all we deserve? Kumiko strived for three years, and in the end of the day, a transfer student that never show up in the first two season, a nobody, just denied all her efforts and throw her back to the bottom?
What's wrong with you?
I don't know anything about music and performance. And I don't care. I came to anime, I came to KyoAni for getting the peace, the warmth, and the strength from the beautiful stories so I can facing my f*cking hard life. Now what I got? Disappointment, sadness, anger. Also insomnia.
This is the biggest failure in Asia. They should call Steven He for failure management.
天空вℓσи∂
boosted
I express my feeling in English because I don't know much about cursing words. If I said in Chinese it gonna be the most cursing toot on qoto.
KyoAni, we're done. Hanada Jukki, go fuck yourself.
I express my feeling in English because I don't know much about cursing words. If I said in Chinese it gonna be the most cursing toot on qoto.
KyoAni, we're done. Hanada Jukki, go fuck yourself.
My Disappointment Is Immeasurable And My Day Is Ruined.
天空вℓσи∂
boosted
我们家发现了一个省钱小妙招(
在日本的麦麦消费以后,回答问卷可以获得一枚小食兑换券(甜筒、小薯),下次任意消费就可以免费换一份小食。
你只需要买一杯冰美式(大杯¥250,优惠时¥190),就可以用兑换券换一个甜筒。把冰淇淋丢进杯子,你就获得了一杯雪顶咖啡(中杯¥340)。
…然后因为有消费,所以可以再回答问卷来得到一枚兑换券,于是整个夏天都可以喝到超便宜的加大杯雪顶咖啡(((
When I saw this number of citations, I know someone is serious.
----
The web ui is kind of weird for this: I saw the citations first, then the main content... And it's too much English for an Asian in a weekend, LOL
天空вℓσи∂
boosted
在隐私方面受到争议的 ChatControl 法案由于未能获得多数支持而推迟在欧盟峰会表决。
法案反对者称此法案以保护儿童及扫描 CSAM 内容为名,实则破坏加密系统及危害用户隐私。
stackdiary.com/~
thread: /2913
#EU #Privacy #ChatControl
Telegram 原文
- TZ
- Asia/Shanghai (UTC +8)
- Blog(zh_CN)
- https://skyblond.info/about.html
- Language
- Kotlin/Java/中文/English/Google translate
**I have a job now!**
I'm a Chinese shitizen, but I generally don't post in Chinese to avoid being suffering from other Chinese.
I'm physically a male, but I don't care how people think about my gender. I can be male, or female, or cat. But if you ask, I'd prefer to be referred to as male. Also, I support LGBT+ people, and I'm a copyleft. I don't think I'm too aggressive in arguing things, but sometimes I do. You should handle it with care.
I post about programming (most time is Java and Kotlin, unless I have a new love), and some random things I find interesting. I also post about my mental health, which is in a stable state of instability, thanks to my parents and Chinese society.
Anyway, if you want to follow me, I'm glad to see you. And, have a nice day.
Alt: @skyblond
Joined Dec 2020
