Skip to content

We Should Immediately Nationalize SpaceX and Starlink

Technology
443 190 0
  • 121 Stimmen
    23 Beiträge
    4 Aufrufe
    A
    It's one of those things where periodically someone gets sanctioned and a few others get scared and stop doing it (or tone it down) for a while. I guess SHEIN are either overdoing it or they crossed the popularity threshold where companies become more scrutinized
  • 491 Stimmen
    18 Beiträge
    2 Aufrufe
    5
    Pretty confident that's the intention of that name
  • 133 Stimmen
    80 Beiträge
    5 Aufrufe
    glizzyguzzler@lemmy.blahaj.zoneG
    Indeed I did not, we’re at a stalemate because you and I do not believe what the other is saying! So we can’t move anywhere since it’s two walls. Buuuut Tim Apple got my back for once, just saw this now!: https://lemmy.blahaj.zone/post/27197259 I’ll leave it at that, as thanks to that white paper I win! Yay internet points!
  • Cory Doctorow on how we lost the internet

    Technology technology
    19
    145 Stimmen
    19 Beiträge
    2 Aufrufe
    fizz@lemmy.nzF
    This is going to be my goto example of why people need to care about data privacy. This is fucking insane. I'd fire someone for even throwing that out as a suggestion.
  • Apple’s Smart Glasses Expected to Hit the Market by Late Next Year!

    Technology technology
    14
    6 Stimmen
    14 Beiträge
    2 Aufrufe
    L
    great, another worthless tech product that no one asked for. I can hardly wait.
  • 278 Stimmen
    100 Beiträge
    0 Aufrufe
    F
    It's not just skills, it's also capital investment.
  • 1 Stimmen
    8 Beiträge
    3 Aufrufe
    L
    I think the principle could be applied to scan outside of the machine. It is making requests to 127.0.0.1:{port} - effectively using your computer as a "server" in a sort of reverse-SSRF attack. There's no reason it can't make requests to 10.10.10.1:{port} as well. Of course you'd need to guess the netmask of the network address range first, but this isn't that hard. In fact, if you consider that at least as far as the desktop site goes, most people will be browsing the web behind a standard consumer router left on defaults where it will be the first device in the DHCP range (e.g. 192.168.0.1 or 10.10.10.1), which tends to have a web UI on the LAN interface (port 8080, 80 or 443), then you'd only realistically need to scan a few addresses to determine the network address range. If you want to keep noise even lower, using just 192.168.0.1:80 and 192.168.1.1:80 I'd wager would cover 99% of consumer routers. From there you could assume that it's a /24 netmask and scan IPs to your heart's content. You could do top 10 most common ports type scans and go in-depth on anything you get a result on. I haven't tested this, but I don't see why it wouldn't work, when I was testing 13ft.io - a self-hosted 12ft.io paywall remover, an SSRF flaw like this absolutely let you perform any network request to any LAN address in range.
  • *deleted by creator*

    Technology technology
    4
    1
    0 Stimmen
    4 Beiträge
    0 Aufrufe
    O
    I feel like I'm in those years of You really want a 3d TV, right? Right? 3D is what you've been waiting for, right? all over again, but with a different technology. It will be VR's turn again next. I admit I'm really rooting for affordable, real-world, daily-use AR though.