Most of hacking is done by mass effort with maybe a couple percent of people that aren’t doing basic things to protect themselves being affected. That couple of percent is enough to keep the hackers flush. (So please, follow basic cybersecurity steps, people.)
The plain truth of the matter, though, is that if a hacker or group of hackers is targeting someone individually for reasons, that person is in real trouble.
This has been a PSA for everyone chasing fame and clout.
I miss the days of Anonymous (there was a sub group of the actual hackers whose name I can’t recall and a bunch of wannabes I guess providing them a crowd to lose themselves in) doing justice hacks. Not that they were always on the right side is things, but now everything is state actors trying to bring us all closer to Armageddon.
Alt2600?
Tips for being secure online:
- Use your browser’s password manager to generate random passwords.
- In the rare case you need to manually enter your password into a site or app be very suspicious and very careful.
- Never give personal information to someone who calls or emails you. If necessary look up the contact info of who called you yourself and call them back before divulging and details. Keep in mind that Caller ID and the From address of emails can be faked.
- Update software regularly. Security problems are regularly fixed.
That’s really all you need. You don’t even need 2FA, it is nice extra security but if you use random passwords and don’t enter your passwords into phishing sites it is largely unnecessary.
Im not so sure about your number 1. Fine if otherwise they won’t use one but personally I use bitwarden online for unimportant ones and a local keypass for important ones.
The reason I say browser password manager is two main reasons:
- It is absolutely critical that it checks the domain to prevent phishing.
- People already have a browser and are often logged into some sort of sync. It is a small step to use it.
So yes, if you want to use a different password manage go right ahead, as long as it checks the domain before filling the password.
What do you mean a password manager that checks the domain? Isn’t the auto fill based on the domain? I can’t imagine how a password manager could fill a password without checking the domain, it wouldn’t know which password to fill after all. Do any actually exist?
There are some password managers where you need to either manually look up passwords and copy+paste or autotype them or select the correct password from a dropdown. Some of these will come with an optional browser extension which mitigates this but some don’t really tract domain metadata in a concrete way to do this linking.
Some examples would be Pass which doesn’t have any standard metadata for domain/URL info (although some informal schemes are used by various tools including browser-integration extensions) and KeePass which has the metadata but doesn’t come with a browser extension by default.
I see, so you mean manually getting the password out of the manager instead of domain based autofill.
The cost of digital advertising cannot be justified by its effectiveness (or rather lack there of). We’ve collectively spent hundreds of billions of dollars creating the infrastructure for invasive hyper targeted ads that do not get better results that simple billboards and terrestrial TV ads even now. We’ve created an economy solely reliant on technofeudalist overlords based who’ve provided very little actual improvement of anything.
Nice try Boeing, you’re not going to get me that easily
boeing:
I want to comment here so bad but given that I am one of two people that know and one of maybe a dozen that suspect, it would definitely violate multiple NDAs.
ProTip: Invest in off-grid solutions for your home.
There are more than 2 people that know that Texas’s power grid is a teetering disaster waiting for the right event to crumble and break in unfixable fashion
(Or water, water’s probably even more sketchy. Look up the incident in the UK where they accidentally put a shitload of treatment chemicals in the main water supply and a whole bunch of people got poisoned. Harder to do off grid solutions for though.)
There are more than 2 people that know that Texas’s power grid is a teetering disaster waiting for the right event to crumble and break in unfixable fashion
OP asked for a secret. The Texas grid sucking is not a secret.
Fair enough. I read your other comments and my current guess is abysmal cyber security coupled with clear indications that hostile state actors are trying to fuck it up, and showing no sign of having any more trouble than would an NFL team pushing past the volunteers who have signed up to work the door at the senior center social hour
In which case if that’s accurate I would say that yes that fits the brief
All the cybersecurity in the world won’t matter if a handful of
manipulated idiotspeople shoot a bunch of unguarded and remotely located substation transformers.
Sure, not-13-year-old-kid-trying-to-sound-cool
As an NDA signer, they could be legit. I would like to comment also, but I don’t like law suits.
law suits
But without the suits for law people, how will tailors stay in business?
Just get tor browser, make a throwaway account, post your comment and delete the browser.
Water, electricity, or both?
Water, electricity and gas but I am sure this type of problem is present in many other sectors.
As an indigenous person who grew up without running water or modern plumbing for the first ten years of my life in Canada … I always appreciated this quote …
Will Durant Quote: “From barbarism to civilization requires a century; from civilization to barbarism needs but a day.”
so you’re saying a fire sale is coming… got it
Water, electrical, sewer, gas, trash, internet, cable, mail, plumbing, drywall, stairs, air. It’s all the government man.
Offgrid Internet… Hmmmm
The Bucees logo tells me this is probably going to affect Texas more than other regions.
Ha! I used to live in Austin and I don’t fly, so Buc-ee’s and Cracker Barrel hold a special place in my heart. Unfortunately what I am talking about is a US thing, not just a Texas thing.
In what time frame would you say we’ll all know?
Hopefully never. I am trying to solve the problem by relieving this single point of failure, but I am not having any luck.
Worst case scenario: let’s say that what I fear happens tomorrow. Given what I have seen so far, some people (regional) will notice system degradation within a week, and nationwide within one or two months. Time to find a work around is about a year, but that could be me just applying hopeful thinking to cope. I have not idea how long a permanent fix would take.
So you’re not describing the issue where internet connected EV chargers can be easily hacked, and potentially told to dump the charge of the connected vehicle’s battery on the grid en masse, causing overloads and transformer explosions.
But a slow moving issue like that sounds like a frequency or voltage issue - something goes under or over enough and isn’t detected via monitoring, causing premature equipment degradation, and potential system collapse. Definitely a lot of expensive damage, though.
(Basically, a stuxnet-style attack on the utility grid - and we’ve already seen evidence that SCADA/PLC’s can be hacked in the water supply system.)A destabilizing push, rather than a hit with a hammer.
The reason the problem I am talking about exists is because it is terribly boring and mundane. It is also 100% a cost center, meaning that it provides only cost and no possibility of profit. Things that explode or can explode are very high profile and people notice them. Mundane problems go unchecked until after the shit has hit the fan and politicians are looking for a scapegoat.
I deal with information security. Initially when I type that people instantly think “hackers”. True, information security does deal with a lot of “keep out the baddies”, but more than that we also make sure that data reaches its intended destination when it is supposed to reach its intended destination. For example, you might want your fire suppression system to trigger as soon as a fire is ignited and not after everyone in the building is burned alive or dead from smoke inhalation.
Right now I have a situation where everything is working well but I know that if something happens to this one thing, a very mundane system is going to collapse and literally nobody can fix it adequately. For the past five years we have done everything within our power to add redundancy but as I mentioned before, this is a mundane cost center. Nobody wants to spend money to fix something that works. So, when the thing no longer works, service will be tremendously degraded, people will figure out that it cannot be fixed, and the search for a replacement will begin. Eventually they will succeed but in the meantime things are going to suck and some people might die.
“Greed is good” – Gordon Geko
" Greef is self-defeating " – JoMiran
Sounds like e911 or pots lines.
It’s the final decommissioning of 2g/3g and how it’ll affect monitoring tools!
(I don’t know, now I’m just being silly.)But, yeah. I get that. The profit motive/cost to build in redundancy, or a failure of imagination for future technologies so certain kinds of redundancy or features aren’t included is problematic.
Not saying it is your issue, but the 3g issue is on my mind because it was a big deal in my neck of the woods last year when local carriers shut it down, and it is again because a utility failed to update their meters in a timely manner, causing them to estimate on customer utility bills for longer than is allowable, resulting in statutory violations and customer overcharges. They got a pretty hefty fine and an order to refund the overcharged customers. I could see how similar foundational technology issues could completely fuck a utility for… whatever impacted systems are involved. (Also, going to be editing out this part of my comment in a few hours, because I don’t like how much specific info is in there, even though everything I just described is public record.)
I’ll also delete this purely hypothetical, definitely did not happen, scenario in a few minutes.
Imagine a smart gas meter. Regulations state that said gas meter shutdown and alerts crews if a leak is detected within two minutes of fault. The automated system might have missed the requirement by almost 45 minutes before issuing the command. People died…hypothetically.
People don’t understand how flimsy everything we depend on is. It’s easier to imagine a 13 year old bullshitting and trying to be cool than a man, tired of sounding the alarm, venting on Lemmy.
Scary.
When everything works: “What do we even pay IT for?”
When everything’s broke: “What do we even pay IT for?”
“When you do your job right it’s as if you didn’t do anything at all”
- God to bender in Futurama
When they start looking for a scapegoat, I hope you find yourself far away from the eye of Sauron there.
I’m smelling an awful lot of bullshit here. If the power grid (or any other major infrastructure) had a known single point of failure that would cause the entire system to collapse, there would be more than 2 people who know about it, and they certainly wouldn’t be vague-booking it to Lemmy.
It’s less bs than you think, still unlikely sure, but not a non zero chance.
For awhile their was a single point of failure in telcom for the midwest in the us. Because the core router was so old and didn’t play well with failover. It took them several months and a lot of intermittent issues to get it replaced and working as expected.
The power grid does have a major point of failure, in that vital components are on backorder for years out so most places don’t have the spare parts to get back up and running if widespread attacks on the grid occur.
I’m gonna be honest, this sounds about right for 2024. Skeleton crews a dick hair away from disaster as far as the eye can see.
That would be the sane assumption, yes.
The majority of technologies that power the internet were developed in the 80s and refined in the 90s. Everything since then is built as a layer of abstraction on top of those core technologies.
Also, the development and evolution of these open technologies relies on human interest and attention, and that attention can be diminished, even starved, by free, closed offerings.
Evil plan step 1: make a free closed alternative and make it better than everything else. Discord for chat, Facebook for forums and chat/email, etc.
Step 2: wait a few years, or a decade or more. The world will largely forget how to use the open alternatives. Instant messengers, forums, chat services, just give them a decade to die out. Privately hosted communities, either move to Facebook, pay for commercial anti-spam support, spend massive volunteer hours, or drown in spam.
Step 3: monetize your now-captive audience. What else are they going to use? Tools and apps from the 2000s?
aka Enshittification
Usenet:
Edit: I’m talking about step 3
We are facing a very real possibility of the end of the web browser as we know it. Google owns the chromium engine. Mozilla is on ever more precarious footing. It’s become logistically impossible to build competing products except for tech giant. Even then everybody else gave up and went with chromium.
That’s why I’m rooting for Ladybird.
I find it kinda ironic that they communicate over Discord, but it looks interesting
I appreciate you making me aware of such an amazing project.
And Mozilla is largely funded by Google. We all just hope they don’t pull the rug from them but I have no faith that our inept, slow government would stop that from happening before it’s too late.
Almost certainly the entire reason Google is funding Mozilla is to try and stave off antitrust lawsuits.
I think this reason is stupid. Why can’t there be a duopoly in the browser market like in the phone market? Even if there is no firefox, there will still be safari on its own engine
I think the phone market should also be broken up.
The reason a doupoly is bad in any market is that it’s essentially next to no choice for the consumer, and the businesses can force changes to the market that are anti-consumer with little reprocussion. In any given market the minimum number of legitimate competitors necessary for meaningful competition will be different, but even three is too few in the web browser game, especially when the market shares look like this.
Yep.
Google will spend more on a legal team working out how to prevent the lawsuits in the first place than they would be giving to Mozilla
The official reason is so that Big G is the default search engine on every install.
But that may very well just be a smokescreen.
controlled opposition lenin quote
But nntpd is still out there. Rebuilding Usenet will suck. But it’s not impossible. Start from the net2 sites again.
Old mail RFCs included an instant message channel. I’m sure I saw code in either sendmail or uw-imap for it too.
I like the fediverse, but the old ways are still valid for their particular payload.
The key word is “majority”. I think IPFS will gain more popularity moving forward especially if fascism and censorship continue to rise.
And IPFS is not build on 90s tech?
Also compared to TOR, IPFS has 0 censorship resiliance.
I was a bit exmited for IPFS for a moment, but th more i tried it and thought about it, the less I saw a reason to use it.
Most problems are being solved by turning it off and on again.
The navy manual for troubleshooting equipment in the field includes “lift 3-6 inches and drop”
Percussive maintenance can help sometimes. It’s not a permanent fix but you can’t always do the right fix in the middle of the ocean. Things it can help with: dislodging debris in mechanical components, reseating electrical connections that are corroding, and making yourself feel better.
To be fair, you may not always want a permanent fix for everything. Mostly because the most permanent solution will always be a temporary one. :v
High velocity decommissioning also satisfies that last item.
What? Did I turn it off and on again? I’m a very smart technology person, of course my big brain already thought of that. I develop software for a living. It couldn’t be that simple or I wouldn’t be calling you.
. . .
Turning it off and on again worked. My shame is immense and I have wasted everybody’s time.
(And that is how I learned to embrace my own idiocy and do the recommended, simple troubleshooting tasks without questioning them.)
Dude, I just had my mechanic call and tell me my car was out of oil. I’ve never felt so dumb and ashamed.
And if that doesn’t work unplug it for a while and plug it back in.
Well it didn’t work, my grampa is still sleeping, i’ll try the unplug for several minutes trick, I’ll let you know
Try a force restart…or there is always the possibility that he is stuck in a boot loop
I have anxiety and depression. Gonna give your idea a try.
isn’t that what they are researching with psilocybin? I could use that big time to reset my head. I have severe health anxiety.
A good chunk of my work is scheduled turning off and on again in the right order so things don’t break
This is a funny joke and all but it’s so far from actually true.
Source: 27 years working in I.T.
Not exactly secret, but not very well-known. In many states your credit score can be used as a factor in determining the cost of auto insurance for you. Lower credit scores can equal higher premiums.
deleted by creator
Gauge matters in some setups, especially over longer lengths, this is overly generalizing.
deleted by creator
By your reasoning I could use some 24 gauge wire that came with a pair of Walmart computer speakers with a receiver paired with 3-ways each with 10" woofers. Or even better yet, between a plate amp and sub as a fire starter.
I don’t disagree with your overall premise, but it’s too reductive, even for home theater. Throw in a “16ga in most non-sub applications” and only then does it become true.
deleted by creator
Adding to this, you probably don’t know how good your speakers are or not because you’re listening to your room, not your speakers. If you have given zero thought to acoustic treatment where you listen to music, you definitely don’t need to upgrade your audio equipment in any way. No amount of money you spend on equipment will help you enjoy music more until you treat your room
Who the fuck is up upvoting this dumb take? So you’re actually trying to argue there is no difference between a pair of $20 speakers and a $500 surround sound system with amp if they aren’t in the perfect room? That’s some music snobbery on a level I’ve never seen before.
Nothing dumb about it, it’s actually quite on point. They didn’t mention price points or comparing speakers, but that the actual sounds heard from any speakers in a room depends greatly on room treatment (things like reflections, absorption, standing waves). This is where good usage of dsp room correction can help, along with rugs.
Nobody is talking about a perfect room, and you are severely contorting what I said to meet your own agenda.
Isn’t conductor diameter important to supply proper wattage?
Yes! What he said is certainly a generalization for most speaker setups. Low resistance, larger gauge wire is of course better, but won’t be noticeable on your average sound system.
Not quite, conductor diameter is important to supply proper current, which will change depending on the impedance of your speaker. There are other values like inductance and capacitance in a wire that could affect how your speaker sounds. The good news is that you can pretty much buy any cheap 16 ga copper speaker wire and not worry about it, as it would take effort to make a speaker wire that sounds bad (and those companies are the type to try to charge you $1000/ft for it!)
Thanks.
I always shy away from the ad hype of products, I have been in different industries, and have seen that a $ product vs $$$ product is sometimes identical innards, and a refreshed outer…which didn’t cost the manufacturer anything extra.
I have tried to explain this to my spouse, but she will still gravitate to buying the more expensive; equating cost with quality
Master Handbook of Acoustics is your friend if you want to learn what to do to your room. Overkill for most, admittedly, but it contains everything you need to know.
Here’s the pdf to the 4th edition.
What improvements did you make based on the book? I’m skimming through it.
I made couple of bass tramps tuned to the room’s main resonant frequencies, which I measured. I followed instructions from the book.
I added sound absorber panels to the walls and ceiling to kill immediate reflections from the main speakers plus a sprinkling of additional panels to kill reflections and also act as decoration. I also needed to move one radiator because it was in the worst possible location for my setup.
The room got thick curtains to improve absorption, and they also darken the room as it is dual use music listening and home cinema room. A few defraction elements went into the ceiling for a good measure. The ceiling is made of custom panels that I made myself from wood and fabric to allow sound energy through to the various acoustic elements behind them.
I also spent a fair amount of time with subwoofer placement, but in the end it became a bit of a compromise between sound and placement of furniture. Nothing a bit of signal processing can’t deal with, mind.
deleted by creator
Pay as much as you want but the sound will not be any different than if you used metal coat hanger wire.
The speakers won’t sound too good after the coat hanger has caught them on fire, though.
deleted by creator
Are you talking specifically about powered speakers? Certainly, resistance is a lesser concern when you’re passing almost no current.
But it’s important to have a heavy enough gauge cable between amplifiers and passive speakers so that there is not too much resistance, as this will cause it to overheat and potentially start a fire.
Generally speaking, I think a coat hanger’s gauge is too small for common amplifiers. Plus, if it’s iron then it’s going to have a higher resistance compared to standard materials, meaning more voltage drop and more heating.
deleted by creator
The company that provides your banks phone system has full access to pretty much every piece of information your bank holds on you, including call recordings, phone numbers, addresses, debts, credits, and your phone password. We can trick our own systems into thinking it’s you on the phone.
Avoid calling your bank at all costs, and if they call you say “no thank you I’ll do that online or in branch”, as soon as you pass security the phone system is accessing all your data. If possible go into branch or do everything on a banking app which has far better security.
Now tell banks to stop requiring SMS 2FA holy shit
You actually want them to do this, it’s terrifying easy to set up a cell tower or call centre and convince banks and people you are customers or banks.
I think he was meaning because of how easy it is to spoof and intercept sms. Use some thing like OTP that’s a common standard instead.
You probably mean TOTP. OTP is a generic term for any one-time-password which includes SMS-based 2FA. The other main standard is HOTP which will use a counter or challenge instead of the time as the input but this is rarely used.
Ah I see, yes app/web OTP is one of the best methods, unless people are calling to report the app/website not working (a workflow I’ve seen many times) The industry has put hundreds of millions into voice recognition but the sample size required for AI to trick voicerec is really low now.
call recordings
your phone password
Can you explain more about this? You’re saying the bank app is grabbing this data from your phone, or what are you saying?
I’m not saying you are wrong, necessarily, I’m just surprised to hear it
Not the password to unlock your phone, but the credentials your bank may require to verify your identity over the phone. A security question/answer, a passphrase or a sequence keyed during the call.
This is correct, i should have said “telephone banking password/passcode” but also the security questions are at best hash encrypted (so basically plain text). I had thousands of hours of call recording and millions of customer details on my work laptop all unencrypted. The security for enterprise telephony companies is seriously lax, I wouldn’t be surprised if a few unexplained leaks originated from these companies.
All your fancy shampoos, body wash, and dish soap are exactly the same. Just different smells, colors, and water contents. Also, all mainstream brands are owned by a total of 3 companies.
If you’re using CG approved products this isn’t necessarily true. Highly recommend for anyone with even a tiny bit of natural curl, you might actually have some beautiful ringlets in there if you care for em properly.
Oh hell yeah, the shampoo I use is on here!
Having just switched from Old Spice Swagger to SheaMoisture products I can assure you that ‘different smells, colors and water contents’ result in radically different outcomes in hair softness and smoothness!
What about baby shampoo? Isn’t it better for you than regular stuff?
They are generalizing, because if you delve into non major brands some are glyvlcerine based some, have aloe base , oatmeal etc rather than ethylene glycol and sodium laurel sulfate type standards ingredients (coconut extract is that nautral source of sodium laurel sulfate, some natural branda might be actual cocunut milk, but many use manufacture chemical additive)
I don’t think this one is true. I’ve definitely had different brands and types of shampoo and conditioner give better and worse results for my hair.
Yes, no, sort of.
I mean shampoo is definitely not the same as laundry soap.
And even between shampoos, there are differences (as anyone with skin conditions can attest).
Are products in any one category largely the same? Yes. But there are differences.
Wash your hair with conditioner instead of shampoo. Both have detergent so they will both clean your hair, but conditioner is less harsh.
This is only really beneficial for certain types of hair, and definitely don’t do it with conditioners containing sulfates, parafinss, or silicones. This site has a comprehensive list of products that aren’t filled with garbage what’ll leave your hair drier than it started.
Any recommendations for “normal” hair?
If your hair is neither thick nor fine and you’re not having any problems with buildup or dryness, you’re totally fine to just keep doing what you’re doing. Also if you’ve got straight and/or short hair you can probably ignore the no-sulfates/silicones stuff.
Most hair care products are designed for a specific kind of hair, usually straight and pretty flat. I started using black hair care products and my hair went from wavy and frizzy to natural ringlets and only sorta frizzy! SheaMoisture is my personal favorite brand.
Depends on hair type. Conditioner can be heavy on baby fine hair. I almost never condition my chicken feathers.
Most conditioners contain silicone. Why would you put that in your hair?
For long hair it helps with combing. Just like the old silicone spray for ballpoint mice, it reduces friction with the comb.
ballpoint mice
A USB mouse … For ants?
Most lotions contain dimethicone, a silicone relative.
They both work by being moisture barriers, preventing moisture loss (for hand lotion).
As someone who struggles with skin issues, I don’t even bother with lotions that don’t have dimethicone, they’re practically useless for me.
Shampoo is for cleaning your scalp…not your hair.
The quality of education at college and university is in free fall.
@protein Many things that you’d think would be under lock and key… are not. Credentials for, say, a database of subscribers to a telephone company? Just ask the team and say you’re working on an integration, they’ll happily send you the password in plain text
The ice in your drink at the bar is very very dirty.
The entire pop culture is satanic. To get to the top, there are rituals you must commit to.
The IRS has what is called a first time abatement of penalties. So if this is the first time in a 3 year span you owe you can have the penalties (not interest) waived.
