• 1 Post
  • 121 Comments
Joined 11 months ago
cake
Cake day: August 24th, 2025

help-circle


  • aMockTie@piefed.worldtomemes@lemmy.worldwhen you see it...
    link
    fedilink
    English
    arrow-up
    0
    ·
    28 days ago

    I’m not sure what the “it” is supposed to be, and I don’t understand how this has anything to do with Alan Watts, but this image has so many oddities that I think it might be AI generated.

    Top to bottom:

    • White oval with two black inner ovals. Different colors from the surroundings.
    • Odd creasing and curvature of what appears to be the rear of a vehicle.
    • Head position relative to the rest of the body makes no sense. The neck is conveniently hidden by the hair to try to hide this oddity.
    • Some sort of rat tail or spiral on the (stage) left shoulder and below.
    • A cat that appears to be under the skirt (presumably intended to be a reference to AFAB genetalia).
    • Overall odd proportions, apparently different sized thighs and legs.


  • HTTP is like a conversation with someone wearing a “Hello my name is X” sticker at a public party, HTTPS is like a conversation with someone proving their identity with a government issued passport in a private room. Anyone can write anything they want on the former, and anyone happening to listen to the conversation can overhear everything. On the other hand, the latter requires basic identity verification and can’t be easily overheard.

    With that being said, anyone can also obtain a passport. That means you can be sure that you are interacting with a John Doe, but that doesn’t necessarily mean that you are interacting with the John Doe you were expecting. For example, John A Doe (e.g. Google.com) is different, but maybe difficult to notice from John E Doe (e.g. Goggle.com), especially at a glance.

    I hope that helps.






  • Awesome write up.

    Allowing arbitrary firmware updates without any signature validation, over Bluetooth, even unpaired and in sleep mode, and without any authentication is absolutely wild and should be criminal negligence.

    It took Creative nearly two months to respond to SingCERT. Unfortunately, their response was that “they do not consider this to be a vulnerability, as it does not present a cybersecurity risk”

    What a foolish response. The guy wasn’t asking for money and gave them everything they would need to make a patched firmware.




  • This looks really cool, but I wish that OIDC wasn’t tied to an enterprise license that doesn’t show a price (just a contact us form and email address) and requires annual renewal.

    I’d be willing to pay a reasonable one time fee to unlock OIDC support, and I understand why they charge a recurring fee for the other enterprise license features, but as it currently stands this doesn’t really make sense for a home lab.



  • That looks like a way more involved and complex project that requires an app to function. This is just a single static HTML page.

    Sender and receiver visit the same page, select the appropriate tab, sender selects the file and clicks play, receiver starts the camera and points at sender’s screen.

    I do wish it had a mechanism to download the generated images/video without needing to grab each frame individually, but overall it works surprisingly well for something so simple.





  • Based on my brief browsing of the code, it looks like it’s all in the browser cache itself. The bytes are split into numbered chunks, converted to b64, and then a sequence of QR codes are generated from the b64. At the end the received data is crc32 checked for validation. There are adjustable parameters and a progress bar, making it easy to retransmit any chunk that wasn’t properly received.

    The code is incredibly easy to read, everything is in a single HTML file with zero obfuscation (unless you count the two minified QR code dependencies that also include links to the un-minified versions).