![](https://lemmy.world/pictrs/image/90961179-bebe-4587-9c3b-62268bb30ecf.png)
![](https://lemmy.world/pictrs/image/eb9cfeb5-4eb5-4b1b-a75c-8d9e04c3f856.png)
God help us all if we have to break out the Emus
Info Sec - Software Engineer - Game Designer - Mod Dev - Digital Artist
God help us all if we have to break out the Emus
Is it just me or are these stories getting a little bit ‘competitive’ on the worst possible accusations with lessening citations. All I could find on this are 15+yr old articles and Instagram/Tiktok influencers.
Hahaha, I wish.
You would be amazed at how ancient and poorly maintained many web servers are on the modern internet. SQL injection still consistently make the top 3 web app vulnerabilities as of 2021. If that isn’t being sanitized properly I don’t expect emojis would be handled much better.
Pretty sure there is a self hosted version already. Seen a couple of Twitch streamers use it so I see no reason an instance couldn’t run one with lemmy logins.
Oh absolutely. I just use it as an example because it’s one of only a few heavily restricted subs that hasn’t yet been purged by admins.
Lets also not forget the massive amount of OS versions, hardware variants, resolutions, and localisations apps like Discord need to auto-adjust themselves to work with. If it fails it will absolutely need that info in the report so devs can fix it.
This is why though I appreciate what DDG is doing, it’s not informing users about the context of what these permissions are used for, leading to a lot of fear over the wrong things. The data may not even be leaving the device but the implication DDG makes is that it is.
As a side note, I prefer to use DNS66 to filter data and ads by domain, then manually set my Android app permissions as needed.
Yep. There is a metric fuckton of tampering across the board, some of which is sub specific.
It’s the same kind of things they pulled with WatchRedditDie a long time ago but now it’s site wide with little to no subtlety. The rules are imaginary and meaningless, more so than they already were.
I suspect it’s not out of choice but because parts of the new UI is duct taped to the old. That said they’ll still likely rip it out soon and break everything in the process, just as Spez’s idol did to Twitter.
As a software engineer who has dealt with so many incidents resulting from the garbage coming out of salesforce. SO. MUCH. THIS.
I swear it’s always in a perpetual state of duct tape no matter where I see it used.
I’m not surprised in the slightest. The politicians and managers in charge of said gov systems are usually of an age that have no idea the basics of how technology works, let alone infosec importance. It’s then contracted out to the lowest bidder on deadlines that wouldn’t permit proper hardening anyways. It’s not even a US specific issue, Australians deal with this dumb fuckery regularly.
Then you get some piss poor public apology, someone gets thrown under a bus, and the cycle repeats ad infinatum.
They support CCS as the protocol
CCS is is only supported through a PLC translation chip on the vehicle side or a rare Magic Dock adaptor, and only when one side is non-Tesla. Outside of that, CCS is not a factor and the proprietary 11bit CAN bus protocol is used natively. Hence, Tesla controls every side of the equation on their protocol and payment processing without having to communicate with 3rd parties.
Name a charging provider that operates in a country tesla does not?
ABB chargers in India
Tesla you get quick wireless security updates, no waiting for a recall notice and trip back to the dealer.
This isn’t new or innovative. OTA updates for cars have been around years before EVs. But usually those don’t stop the car from starting then still be towed to said dealer because the update wasn’t properly tested or have fallbacks in case of failure.
Point is, shit is going to happen across the board for everyone and Tesla is NOT some golden child. It’ll just be another Apple case where dumb security claims get touted until hackers bring them down a peg or two.
Expecting all network operators to do that is not feasible or reliable. Tesla controls the car, protocol, charger, and payment processing. Everyone else outside the walled garden is openly handling a much bigger market with many more variables in more countries. Forcing customers to use an app for each brand of charger is also an accessibility nightmare. Fear mongering about skimmers is a dumb reason to remove traditional payment methods.
This is all before we get to the lack of screen or keypad means fuck all to security (it’s also an accessibility issue to remove them). If I can break into a Tesla charger wirelessly and fuck with your car, I’m going to do it, walled garden or not. Just look at the state of IoT.
EDIT: This comment aged well https://thedriven.io/2023/07/18/tesla-supercharger-spotted-with-credit-card-reader/
Just pull another Cambridge Analytica with it and watch the world burn. The shady siphoning of data for years until the secret leaks would skyrocket everyone’s anxiety about who had what and questioning everything around them all while conspiracies spiral out of control. If it were searchable at least you’d know, but this way the unknown would be so much worse.
Have fun with that mental image.
I swear if they really wanted to, they could do that and build a database on par with federal government departments.
Not quite what I envisioned by I fucking called it: https://lemmy.world/comment/849710
From the very beginning they were going to make it easy to join. The sinister part is always when you try to leave. If you don’t play by their rules they will take back everything and leave you high and dry. The ActivityPub support was never going to be a two way street. It’s likely a means to siphon fediverse content and drag users back into Meta’s data harvesting.
You say that but I fully believe Meta will tamper with their instance to push external users to sign up in order to engage with anything, while limiting the ability for them to get back out, effectively aiming to become the de-facto ‘center’ of the fediverse.
This is probably cooked up by the same people who conducted massive invasions of privacy during the pandemic by demanding live feeds and 360 scans of student’s private rooms. The worst part about this is the false positives could be intentionally faked to fail or expel ‘undesirable’ students with little or no evidence. It’s utterly fucked from all sides.
The longer you think about that scenario the more fucked up it gets. Google argues that it’s a problem of scale, which is outrageously BS when you consider Google of all companies let their own account system be easily botted, and don’t use any of the ludicrous number analytical tools purpose built for detecting spam trends (3rd parties use them all the time to spot political spam).
Same with Express/Nord VPN sponsorships. Many people debunked the adverising BS they were spinning about blocking tracking when really it only masked a tiny subset.
As someone who studied infosec, those ads were infuriating. Now I just sponsor block it all because I’m beyond tired of it.