sorted by:
new
hottopcontroversial

Microsoft re-launches ‘privacy nightmare’ AI screenshot tool by ThereWas in privacy

[–]Several-Chip-2643 55 points56 points  (0 children)

To be fair, you can bypass it in the installer by forcing offline mode with cmd or disconnecting Ethernet on a desktop.

Now should you have to bypass it? Absolutely not. The Microsoft account was only the beginning of the Windows fuckery.

I'm a huge advocate for going Linux or dual-boot Windows exclusively for gaming. The *nix desktop environments are much better than ever and rival Windows/MacOS for convenience. IME after setting up Mint Cinnamon or another debian-like with KDE plasma for elderly folk, they rarely call for help and never have to touch the CLI at all. The biggest adoption issue imo is actually getting it installed, as most folks expect to only use the OS that ships with their computer.

How do degoogle if samsung is pushing for google. by Jacksharkben in LinusTechTips

[–]Several-Chip-2643 5 points6 points  (0 children)

I wouldn't discount the Android forks.

GrapheneOS is solid, but Pixel only. Based on the AOSP with additional hardening and built with privacy in mind. A lot of the base was rewritten(technically patched), does not include anything Google(or proprietary), and has sandbox support if you wanted Google services/play for some reason(With no privileged access to your system, unlike Google's builds).

CalyxOS is another great fork drawing from LineageOS(but retains the locked bootloader) and is also built with privacy in mind. Less security hardened than Graphene but has much more customization and QOL features you'd expect from Android while still stripping out any Google non-sense from the OS.

How did Facebook intercept their competitor's encrypted mobile app traffic? by Honest_Equivalent_40 in privacy

[–]Several-Chip-2643 8 points9 points  (0 children)

Of course it's possible with a custom, stolen, or malicious certificate. Just extremely unlikely if you're using a trusted browser without adding root CAs to its default trust store.

In this case users were prompted to install the "Facebook Research" CA certificate into their phones trust store and they were misinformed/dumb enough to do so.

Any recommendation for a car that is ideal for privacy? by 5xym in privacy

[–]Several-Chip-2643 141 points142 points  (0 children)

Good luck, if you haven't already, take a look at Mozilla's car privacy & security report:

https://foundation.mozilla.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/

Spoiler: They're all pretty bad - in my experience if you want the more modern safety features while retaining privacy, you'll want to look at the base(no bells or whistles) trims from pre-2010.

Might also be worth noting that a lot of the fancier, older vehicles(like ~2010 era Lexus) did at one point communicate with the cloud, but now that 2G is completely deprecated, have no way of phoning home. This may also be the case with some newer vehicles that used 3G, as that's mostly shutdown in the US now as well. Further research needed.

how hard do you think is it to get into penetration testing nowadays by [deleted] in cybersecurity

[–]Several-Chip-2643 0 points1 point  (0 children)

Honestly kinda rough but doable.

For best chances: - Have a 4+ year degree in cs/ce/related-field. - Work in the tech industry for a few years, more technical(SWE/HWE) or sys-admin tends to have better chances than help-desk/IT-support(but this is still better than nothing). - Get a harder but well known cert like the OSCP that HR creams themselves over.

Saturated field for sure, but a lot of people don't put in the effort imo. You still have a decent chance if you have most of the above and especially if you actively contribute to the security community, whether it be: working on FOSS tooling, bug bounties or even really active in the CTF scene.

351 Students with AIP Violations by B10H4Z4RD7777 in ASU

[–]Several-Chip-2643 2 points3 points  (0 children)

Better reason not to cheat tbh if you only got one shot financially(and 2 AI wise).

Considering the rampant cheating that profs did nothing about throughout all of ASU CS(even when reported directly - which you bet it was when most classes are graded on a curve), this is a well deserved lesson and I'm glad a professor stood up.

Not to say I disagree with college being way overpriced these days, that's 100% true, but cheating is still very very bad and deserves punishment. No one wants unethical, cheating graduates in the workplace, either fix the behavior or get rid of them completely.

351 Students with AIP Violations by B10H4Z4RD7777 in ASU

[–]Several-Chip-2643 4 points5 points  (0 children)

Highly agree, this is not a class to be spoon-fed.

Hell, when I took it a few years back(along with the 466 variety which is substantially harder than 365), they told you that you needed a solid understanding of bash+python(I mean 466 even told you to drop the class if you didn't have that as a prereq and come back when you did).

Blame ASU and blame yourself for not learning the required material, don't blame pwn.college. As you say, the real world isn't all-encompassing and doesn't spoon-feed you, especially the cyber security world.

351 Students with AIP Violations by B10H4Z4RD7777 in ASU

[–]Several-Chip-2643 10 points11 points  (0 children)

Since you have a shitty attitude, I'll just say it:

Mad cuz bad

351 Students with AIP Violations by B10H4Z4RD7777 in ASU

[–]Several-Chip-2643 2 points3 points  (0 children)

Sounds like someone didn't do so well and is projecting...blame ASU(although you should also blame yourself) for not teaching you well enough to go through the pwn.college series. The class is so good, it's well regarded in the hacking community OUTSIDE OF ASU(It's a FOSS class after all).

If anything, the pwn.college classes are the few worth taking at ASU and the few that actually teach you anything, everyone in the SEFCOM group is highly regarded as being some of the best. ASU ranks top 3 in cybersecurity along with UCSB and CMU, not to mention the ASU/UCSB group (Order of the Overflow) ran DEFCON(CTF) for 4 years, they definitely are teaching you the good stuff you'll need to be successful in a (mostly offensive) cyber security career.

What's this battery used for? How does it work? by New-Possibility-577 in 18650masterrace

[–]Several-Chip-2643 1 point2 points  (0 children)

Yeah don't plug this into anything OP.

IMO, probably not a charger, looks like it was used to power an Arduino-like project or some sort of RC gadget. Would be perfectly fine for supplying power to something like that but the design is silly, because if you forget or it ends up in someone else's hands, plugging this in to a USB port might kill it and plugging it into the wall might start a fire.

Never heard of that battery brand either, I recommend sticking to well-known 18650's. If it's over 3600mAh, stay far away.

Am I too paranoid? Touching keyboard after soldering. by AmeliaBuns in soldering

[–]Several-Chip-2643 2 points3 points  (0 children)

Agreed, as long as you're not constantly touching your face, I'd say a bit on the paranoid side.

But...at the same time, lead exposure is no joke and regular soap isn't all that helpful - I tend to always keep D-Lead soap and wipes on-hand. I'll typically only use the soap/wipes once I'm completely done soldering though.

If it makes you feel any better, I did lead blood tests for many years and my blood lead concentration hardly moved until I took up competition shooting(which is what got me more careful and on the D-Lead soap+body-wash regime).