…seriously? lmao.

Insert hello-fellow-humans meme here.

Yeah, and at that point your network should be enforcing client isolation too, which is also a mitigation for this specific issue in large, shared networks like a college campus, or office, or public Wi-Fi at wherever.

It’s that Simpsons episode where Mr. Burns is only alive because all the things that would kill him are cancelling each other out, but in PHP form.

I tend to use Squarespace because uh, they have a marketing budget and everyone tends to already know (or at least one of the people in the meeting anyways) who they are, which makes things an easier sell.

I don’t particularly think they’re the best or whatever, but they at least do what they say at a price that’s reasonable enough and I’ve yet to be burned by suggesting them, sooooo…

I’m not giving access to my Mastodon account to some random service I’ve never heard of for no reason.

If it makes you feel better, it’s all client-side: there’s nothing executing on the server (I’m running a copy of it on a server that just… can’t execute anything) so it’s not doing any data stealing.

Buuut, since it’s trivial to host, you could grab a copy of the code and host it yourself as well.

Not quite: it’ll drop a v2 captcha for you to solve when a v3 one can’t clearly classify you one way or another.

So if v3 isn’t entirely sure you’re human, it’ll make you do a v2.

It’s serious, but seems like a wonky attack vector for most.

Yeah, it’s super trivially exploited, BUT it requires you to do a series of dumb things or let an attacker have access to your LAN which is one of those you-have-bigger-problems moments anyways.

And then you have to use their added printer (though there’s an exploit path that may be usable to over-write the printer you already have configured, if the attacker knows what that might be) to print something before anything happens.

Dude who found it seems to have overhyped it just a little bit (while being a huge dick about it), but I could see how you might exploit this in certain circumstances.

It’s still mindboggling that Kia sells any cars without immobilizers.

I get they’re cheap cars and the way they’re cheap is to skimp on everything but uh, maybe that’s not the right place to skimp?

He announced on GitHub somewhere that he’s wanting to push out the next major version of UptimeKuma first, then come back and work on dockge.

So it’s not abandoned, but it’s just a second priority.

Those 5k panels were goofy: they’re two DisplayPort links merged via software magic into 5k.

Might be that’s a proprietary thing that requires OS X?

I’ve been pushing Squarespace for most people who come to me asking about setting up a small store or just simple business website.

Yeah, it’s closed source and blah blah blah, but the end of the day, it’s not about my opinions on software, it’s about the most cost-effective, simple, usable option for the client who is asking me for my expertise, which is almost always not something they’re going to have to keep paying me to maintain.

Like if you really really want Wordpress, I’ll get you set up, and then quote you a couple thousand a year for maintenance.

Unshockprisingly, very few people think that’s the right choice once they see what the keep-it-from-being-exploited cost is.

(And for anyone who thinks that’s an unreasonable amount, okay cool. But maintaining a staging environment and testing updates and then pushing everything into production assuming there’s no regressions you have to address takes a lot of time.)

I’m somewhat surprised that there aren’t a lot of good alternatives but uh, yeah, there doesn’t seem to be.

I would have expected there to be at least one or two good TTS engines but I guess that assumption is quite wrong.

As to your other post, it’s less that I care in any specific sense that Microsoft knows what I’m reading and more of a (admittedly irrational) dislike of providing anything that an ad company could maybe later use to sell me shit.

Depends on if you need a CMS, or if you can use a static site generator.

For a CMS, I’m still a fan of Ghost and it has (mostly) not enshittified to the point it’s unpleasant to use.

If you don’t need the whole CMS thing, there’s an awful lot of options. (And hosting them is super simplified since you can just stuff the output into a S3 bucket/Cloudflare Pages/Github Pages/a dozen other providers for basically free.)

Well, given how torrents work, yes, because you have to.

When you’re downloading, you know the IP of everyone you’re downloading from, and they know yours because that’s how the internet works.

If an anti-piracy corpo hops on the swarm, they’ll be able to see the IPs from all the peers as well.

So, TLDR: yeah, public anything is stupid when simply knowing the swarm exists and being able to connect to it is sufficient to provide enough documentation for everyone involved to get screwed.

Correct me if I’m wrong, but wouldn’t you also end up exposing the IP of every peer on that torrent to anyone who joins the swarm, even if you masked the tracker and stats or whatever?

Like, IIRC that’s kind a requirement for how torrents work in general, and so this idea would be making all activity on private trackers public, and I’d have to say that seems like a really, really stupid thing to want to do given the current situation where corpos are going after infringers again.

Neat idea, but the send-your-text-to-Microsoft bit of it is uh, well, no thank you.

Seems like a strange choice, personally, but I’m not a fan of sending tech corporations anything avoidable.

Wordpress is not a good fit for their complex web application

Seriously. People want to shove everything into Wordpress then get cranky when you can’t make Wordpress into a ecommerce store, marketing platform, personal blog, file sharing service, and NFT marketplace.

And then it gets hacked because they needed 14 SEO plugins, 2 different form plugins, and were not going to pay for managed updates because that’s easy they can do it themselves.

Would it be wrong to hope they manage to commit some gross act of mutual destruction, and that the outcome would be that I never have to deal with Wordpress ever again?

I’m always befuddled how these things end up public on the internet. (I’m not really.)

Like, it’s not like the printer is the one poking holes in your firewall while you sleep.*

*If it is, then you should feel great shame, throw away anything more complicated than a pair of dull scissors, and get a job digging holes then filling them back in.

I had a moment of actual laughter.

I was expecting a kernel issue handling networking connections or SSH or who the fuck knows but… cups?

Printers, they ruin everything.

Yeah I was more referring to huge outliers, like the 4? 6? Tb seagates they had a few years ago that were like 25% Afr.