There’s a manual release that can be used to open the hood from the outside even if the vehicle has no power.

It’s a safety feature for first responders, as also under the hood is a loop of wire that can be cut to permanently disable the high voltage curcuts prior cutting open the car with saws.

There is a manual door release that works without power, but only from the inside. She had just loaded the child in their car seat, shut the door then went to the driver door to get in and couldn’t open it.

The doors are on the 12V side of the system, you can use jumper cables to connect an external battery from another vehicle (including ICE vehicles) to power the door under normal circumstances. But with a kid trapped in the car in AZ, I wouldn’t wait for that either.

It a pretty rare combinations of circumstances, but there’s something to be said for manual keys still used on other vehicles with keyless entry.

Most large corporations’ tech leaders don’t actually have any idea how tech works. They are being told that if they don’t have an AI plan their company will be obsoleted by their competitors that do; often by AI “experts” that also don’t have the slightest understanding of how LLMs actually work. And without that understanding companies are rushing to use AI to solve problems that AI can’t solve.

AI is not smart, it’s not magic, it can’t “think”, it can’t “reason” (despite what Open AI marketing claims) it’s just math that measures how well something fits the pattern of the examples it was trained on. Generative AIs like ChatGPT work by simply considering every possible word that could come next and ranking them by which one best matches the pattern.

If the input doesn’t resemble a pattern it was trained on, the best ranked response might be complete nonsense. ChatGPT was trained on enough examples that for anything you ask it there was probably something similar in its training dataset so it seems smarter than it is, but at the end of the day, it’s still just pattern matching.

If a company’s AI strategy is based on the assumption that AI can do what its marketing claims. We’re going to keep seeing these kinds of humorous failures.

AI (for now at least) can’t replace a human in any role that requires any degree of cognitive thinking skills… Of course we might be surprised at how few jobs actually require cognitive thinking skills. Given the current AI hypewagon, apparently CTO is one of those jobs that doesn’t require cognitive thinking skills.

Or… you could just… you know… stop using it.

What the Internet Archive is doing seems to be to be a pretty textbook case of fair use to me.

The claim that the publishing and recording industries are somehow harmed by a site that can only make copies of content that was made freely available and isn’t being resold is ludicrous stupid.

Lemmy’s a lot better than Reddit for not being an echo chamber because the communities are less interest specific, and most of us are here because we’re the type to seek out a better discussion rather than stick with status quo.

But as it gets bigger and the communities become more niché it will become a bigger issue.

You wouldn’t be able to MITM a plaintext connection inside a corporate network with this attack by itself. You could only MITM something that the attacker can access without your VPN.

Any corporate network that has an unsecure, publicly accessible endpoint that prompts for credentials is begging to be hacked with or without this attack.

Now you could spoof an login screen with this attack if you had detailed info on the corporate network you’re targeting. But it would need to be a login page that doesn’t use HTTPS (any corporations, dumb enough to do that this day and age are begging to be hacked), or you’d need the user to ignore the browser warning about it not being secure, which that is possible.

I can’t see routing traffic to some kind of local presence and then routing back to the target machine to route out through the tunnel adapter without a successful compromise of at least one other vulnerability.

That’s not to say there’s nothing you could do… I could see some kind of social engineering attack maybe… leaked traffic redirects to a local web server that presents a fake authentication screen that phishes credentials , or something like that. I could only see that working in a very targeted situation… would have to be something more than just a some rouge public wi-fi. They’d have to have some prior knowledge of the private network the target was connecting to.

As I mentioned in my other comment, this wouldn’t let an attacker eavesdrop on traffic on a VPN to a private corporate network by itself. It has to be traffic that is routable without the VPN.

Not all VPN traffic. Only traffic that would be routable without a VPN.

This works by tricking the computer into routing traffic to the attacker’s gateway instead of the VPN’s gateway. It doesn’t give the attacker access to the VPN gateway.

So traffic intended for a private network that is only accessible via VPN (like if you were connecting to a corporate network for example) wouldn’t be compromised. You simply wouldn’t be able to connect through the attacker’s gateway to the private network, and there wouldn’t be traffic to intercept.

This attack doesn’t break TLS encryption either. Anything you access over https (which is the vast majority of the internet these days) would still be just as encrypted as if you weren’t using a VPN.

For most people, in most scenarios, this amount to a small invasion of privacy. Our hypothetical malicious coffee shop could tell the ip addresses of websites you’re visiting, but probably not what you’re doing on those websites, unless it was an insecure website to begin with. Which is the case with or with VPN.

For some people or some situations that is a MASSIVE concern. People who use VPNs to hide what they’re doing from state level actors come to mind.

But for the average person who’s just using a VPN because they’re privacy conscious, or because they’re location spoofing. This is not going to represent a significant risk.

So for this attack to work, the attacker needs to be able to run a malicious DHCP server on the target machine’s network.

Meaning they need to have already compromised your local network either physically in person or by compromising a device on that network. If you’ve gotten that far you can already do a lot of damage without this attack.

For the average person this is yet another non-issue. But if you regularly use a VPN over untrusted networks like a hotel or coffee shop wifi then, in theory, an attacker could get your traffic to route outside the VPN tunnel.

This is the part that bothers me.

l’d defend Tesla when FSD gets into accidents, even fatal ones, IF they showed that FSD caused fewer accidents than the average human driver.

They claim that’s true, but if it is why not release data that proves it?

Who cares? Because I assure you, Microsoft doesn’t.

20-25% of those webservers are running on Microsoft Azure hardware. Microsoft is the #2 cloud provider and has been slowly but closing their gap behind AWS in recent years. All of that is in large part due to them embracing Linux and open source support on their platform.

Software isn’t the battleground, and hasn’t been for a decade. The people behind Apache and Nginx aren’t making bank on their web server dominance. Microsoft and AWS still rake in money hand over fist regardless of what software runs on their servers.

The author of this article’s apparent attitude that this is some kind of indicator of Microsoft’s market failure is one of the most ridiculous conclusions I’ve heard in a while.

Job seekers next ChatGPT prompt:

Here’s a job posting and my resume, can you tell me what to change to make me sound like a perfect fit for the role?

ChatGPT:

• Change name from “Latifa Tshabalala“ to “Kevin Smith” …

That could get really awkward if some of the neopronouns become common.

“… tell him or her or zim or xyr or thon that he or she or ze or xe or thon can leave a message… “

Because Spez is a greedy little pig boy.

Ask a stupid question…

Trucks and SUVs are getting heavier to skirt emissions controls.

In 2010 the Obama administration passed laws tightening emissions control requirements for new vehicles. But the laws were written to allow emissions as a factor of vehicle size, larger vehicles were allowed to have more emissions.

Unfortunately, the plan backfired. Instead of reducing emissions, vehicle manufacturers just started making vehicles bigger.

It isn’t primarily the fragile egos that are driving sales of these vehicular monstrosities. It’s corporate profits and greed. Manufacturers aren’t making smaller models because they don’t make as much money on them, not because there isn’t a market for them.

AI is a genie that can’t be put back into its bottle.

Now that it exists you can make it go away with laws. If you tried, at best all you’d do is push it to sketchy servers hosted outside of the jurisdiction of whatever laws you passed.

AI is making it easier than it was before to (ab)use someone by creating a nude (or worse) with their face. That is a genuine problem, it existed before AI, and it’s getting worse.

I’m not saying you have like it, but if you think laws will make that unavailable you’re dreaming.

There’s a problem with the “if it’s medically necessary” part.

All the states that have banned abortions have some sort of exemption for if it’s necessary to save the mom’s life but patients are still dying because doctors risk prison time if they make that decision and the state disagrees on if it was necessary. So patients clearly needing medically necessary abortions aren’t getting them early when they’re low risk, they’re getting them when they’re close to death and the surgery is high risk.

You’re right that circumcisions usually aren’t necessary. But there are medical benefits to the procedure and it is a valid treatment for some medical conditions like phimosis which can lead to serious infections.

Reducing medically unnecessary circumstances is a problem to fix with education not legislation.

We need to let parents and doctors still make informed medical decisions without the state interfering.

The economic drivers of Bitcoin mining make it so that the cost of the electricity needed to mine a Bitcoin will always be just a bit less than the value of a Bitcoin.

Every time speculators hype up the value of Bitcoin the amount of money wasted on electricity increases.

Bitcoins are mined at a preset rate of 6.25 bitcoins every 10 minutes. Which does at least get cut in half every few years. But this waste of energy is going to continue so long as there’s a market for Bitcoin.