Skip to content

Twenty-seven states and DC sue 23andMe to oppose the sale of DNA data from its customers without their direct consent

Technology
41 35 22
  • 518 Stimmen
    97 Beiträge
    79 Aufrufe
    I
    Fine, here is my pornhub account smh.
  • You are Already On "The List"

    Technology technology
    2
    47 Stimmen
    2 Beiträge
    12 Aufrufe
    M
    Even if they're wrong. It's too late. You're already on the list. .... The only option is to destroy the list and those who will use it
  • The AI girlfriend guy - The Paranoia Of The AI Era

    Technology technology
    1
    1
    6 Stimmen
    1 Beiträge
    8 Aufrufe
    Niemand hat geantwortet
  • 61 Stimmen
    12 Beiträge
    24 Aufrufe
    merde@sh.itjust.worksM
    is the linked article or the title edited? This was a post about VA GPT
  • 19 Stimmen
    5 Beiträge
    14 Aufrufe
    S
    Jesus that's just straight up porn
  • 1 Stimmen
    8 Beiträge
    20 Aufrufe
    L
    I think the principle could be applied to scan outside of the machine. It is making requests to 127.0.0.1:{port} - effectively using your computer as a "server" in a sort of reverse-SSRF attack. There's no reason it can't make requests to 10.10.10.1:{port} as well. Of course you'd need to guess the netmask of the network address range first, but this isn't that hard. In fact, if you consider that at least as far as the desktop site goes, most people will be browsing the web behind a standard consumer router left on defaults where it will be the first device in the DHCP range (e.g. 192.168.0.1 or 10.10.10.1), which tends to have a web UI on the LAN interface (port 8080, 80 or 443), then you'd only realistically need to scan a few addresses to determine the network address range. If you want to keep noise even lower, using just 192.168.0.1:80 and 192.168.1.1:80 I'd wager would cover 99% of consumer routers. From there you could assume that it's a /24 netmask and scan IPs to your heart's content. You could do top 10 most common ports type scans and go in-depth on anything you get a result on. I haven't tested this, but I don't see why it wouldn't work, when I was testing 13ft.io - a self-hosted 12ft.io paywall remover, an SSRF flaw like this absolutely let you perform any network request to any LAN address in range.
  • Apple Reportedly Weighs iPhone Price Increase

    Technology technology
    3
    1
    21 Stimmen
    3 Beiträge
    15 Aufrufe
    S
    Anytime I consider making the jump, I make my peace with everything and then the price hits...no way
  • [paper] Evidence of a social evaluation penalty for using AI

    Technology technology
    10
    28 Stimmen
    10 Beiträge
    36 Aufrufe
    vendetta9076@sh.itjust.worksV
    I'm specifically talking about toil when it comes to my job as a software developer. I already know I need an if statement and a for loop all wrapped in a try catch. Rather then spending a couple minutes coding that I have cursor do it for me instantly then fill out the actual code. Or, ive written something in python and it needs to be converted to JavaScript. I can ask Claude to convert it one to one for me and test it, which comes back with either no errors or a very simple error I need to fix. It takes a minute. Instead I could have taken 15min to rewrite it myself and maybe make more mistakes that take longer.