yeroc @yeroc@qoto.org

New insider training question coming to your compliance quiz soon:

6 Jan 1789
Bitter cold day again with high wind, it froze in all parts of the House. Sent Ben around my Parish with some Money to the Poor People this severe Weather, chiefly those that cannot work at this time, some 1 Shilling apiece… In all Ben gave for me this Day 1.14.6.

🥇For the 1st time in recorded history, #Calgary's mean temperature was above 0.0°C during a December (December 2023). #YycWx #YYC #ABWx

The funny thing about LLMs is they’re not good for knowledge work because they sometimes make up stuff that doesn’t exist and they’re not good for creative work because they sometimes make up stuff that does exist.

When the weather is terrible, we need to drive slow but never the guy-in-front-of-me slow.

https://www.postfix.org/smtp-smuggling.html

"SMTP Smuggling" vulnerability in Postfix allows to spoof senders even in the presence of some DMARC checks. Configuration workarounds exist.

Also, a wholehearted f* you to SEC Consult, who sat on this since June and disclosed it to some closed-source vendors and MSPs, but could apparently not be bothered to give e.g. Postfix a heads-up, publishing this close to the holidays.

Boosts for awareness welcome.

Please don't make this a new trend. 😕

(issue closed by bot because the user filing the issue has not starred the repository...)

"New Kia vehicles that have arrived from overseas are sitting on a storage lot in Wolverton, Ont., purposely locked up even though customers have been waiting months and months — some well over a year — to get their vehicles.

The new cars are being withheld from Kia's Ontario dealerships — and reportedly from many more across the country — as part of a controversial plan by Kia Canada to game the number of sales in the last six weeks of the year."

https://www.cbc.ca/news/canada/kia-canada-car-sales-1.7063216

#canada #kia #cars

The Verge is such a great website, and the design on their features (especially this one) blows me away. https://www.theverge.com/c/23972308/twitter-x-death-tweets-history-elon-musk

(Un)popular opinion: I honestly wish we could go back to using one client (i.e Pidgin or Kopete) for all IMs.

For some people out there it might be a history lesson, but just like now, we used to use multiple IM services for different social circles.

- IRC
- XMPP/Jabber
- Google Talk/iChat
- Localized services (i.e GG or TLEN in Poland)

Just imagine that you could use Matrix, Discord, Telegram, Signal or whatever people use these days in a single app with coherent interface, that would use maybe like 200 - 500MB of RAM (assuming caching from Discord severs and what not).

Instead of having each "webapp" open which on my desktop usually accumulates to ~2GB of RAM usage on the desktop, you could use a literal potato to talk to other people.

I fondly remember using an ancient PDA (HTC TyTn II with Windows Mobile 6) in high school. It was an absolute marvel to use - mSD card, headphone jack (though via dongle, so how tables have turned), physical QWERTY keyboard and stylus.

It served me for literal ages. I would use it to talk to my friends, watch movies, connect to server in my bedroom running FreeBSD 9.2 over SSH and so on.

All of that on Qualcomm MSM7200 - 400MHz ARM11 (though not sure why I thought it was an XScale, weird) and 128MB of RAM.

I know for a fact that most IM software is unnecessary bloated, as my laptop lasts a loooot longer on battery if I don't use Discord on it.

This opinion will once again will light my butt on fire, but I believe EU should force companies providing messaging services to open up their APIs and allow using 3rd party clients without ToS bullshit that discord is doing.

How the first gen ipod that was reverse engineered to run #Rockbox:

1. Someone figured out that when loading a particular HTML page (for viewing on the device), the device would reboot. It crashed. A buffer overflow in the HTML viewer!

2. The device remembered what it did before the crash, so it would reload the HTML page again after boot. Unless you connected to it over USB and removed the HTML file it would stick in this cycle.

(continues...)

"Would you recommend the new Microsoft Teams to a friend or colleague, if asked?"

My guys. No one is going around asking their friends or colleagues if they would recommend using the new Microsoft Teams. That is not a conversation that normal people have.

Go outside. Touch some grass. Think about the choices you've made in life that took you this moment.

Three days after Amazon announced its AI chatbot Q, some employees are sounding alarms about accuracy and privacy issues. Q is “experiencing severe hallucinations and leaking confidential data,” including the location of AWS data centers, internal discount programs, and unreleased features, according to leaked documents obtained by Platformer.

An employee marked the incident as “sev 2,” meaning an incident bad enough to warrant paging engineers at night and make them work through the weekend to fix it.

https://www.platformer.news/p/amazons-q-has-severe-hallucinations

Chrome’s next weapon in the War on Ad Blockers: Slower extension updates

When ad blocking is a cat-and-mouse game, make the mouse slower.

https://arstechnica.com/google/2023/12/chromes-next-weapon-in-the-war-on-ad-blockers-slower-extension-updates/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social

Some people think a single cockroach is disgusting, but what’s really gross is 144 of them.

> But I feel like the biggest reputation hit they’ve taken is this idea that they were set up differently as a non-profit that existed to serve humanity and make sure that the powerful thing they were building wouldn’t fall under the control of a single corporation.
>
> And then 700 of the staff members signed a letter saying, “Hey, we will go and work for Microsoft tomorrow under Sam to keep on building this stuff if the board don’t resign.”

Government bailing out Canadian news outlets as impact of disastrous Bill C-18 becomes clear. It will now cover 35% of journalist labour costs and has increased the per employee claim from $55K to $85K. News Media Canada lobbying pays off.

Didn't realize my wireless plan capped tethering speeds, but now it makes sense. When your phone gets ~10-15 mbps and your tethered computer gets .5 or .6 consistently, you know they're screwing w/ the service you paid for.

Welp, I'm ashamed it took me this long to realize, but changing the TTL on my computer seems to have released the throttling.

https://www.reddit.com/r/Android/comments/cmxp66/2019_bypass_verizon_hotspot_throttle_no_root/