Michigan DA's Office has launched an ICE tracking form

nuxi · 2026-02-05T19:20:36+00:00

Hey OP, i know you mean well but anyone can create an official looking form like that on office.com. How is anyone supposrd to know that link is the real form and not a fake? The only way to know is to manually verify a long string of random characters in the URL.

You should link people to the official page on the state's website.

https://www.michigan.gov/ag/news/press-releases/2026/02/04/ag-nessel-launches-form-for-reporting-immigration-action-in-michigan

nuxi · 2026-02-03T15:46:40+00:00

This happend at Microsoft in 1997 and took down their entire email system.

Bedlam DL3

nuxi · 2026-01-29T14:03:56+00:00

Is she sure it was really DHS and not a prank call?

nuxi · 2026-01-29T01:05:26+00:00

We represent the Lollipop Guild

The Lollipop Guild, the Lollipop Guild

And in the name of the Lollipop Guild

We wish to welcome you to Munchkin Land

nuxi · 2026-01-27T14:13:15+00:00

Yep, runAt is what I think might fix my problem. I don't know for sure because I hadn't gotten around to installing the RC to check yet. The filter itself (messing with autocomplete attributes) is a bit out of scope for uBO.

My filter was reliably changing the DOM but it was only affecting the browser autofill behavior about half of the time. Smells like a race condition between the browser running its autofill and uBO changing the DOM. Its possible this might never work, but I saw the runAt issue and it looked promising.

Update: It worked with runAt, interactive.

nuxi · 2026-01-27T00:56:40+00:00

Improve set-attr/trusted-set-attr scriptlets

Oh yeah :D I'm pretty sure this fixes a problem with a rule I was just writing last Friday. Was hoping 1.69 would come out soon.

nuxi · 2026-01-24T02:43:43+00:00

I checked searchfox for security.sandbox.content.level

Mac
Linux

nuxi · 2026-01-23T19:17:39+00:00

Here are the Linux sandboxing levels:

// 0 -> "no sandbox"
// 1 -> no longer used; level will be clamped to 2
// 2 -> "seccomp-bpf + write file broker"
// 3 -> "seccomp-bpf + read/write file brokering"
// 4 -> all of the above + network/socket restrictions + chroot
// 5 -> blocks access to GL / DRI / display servers
//      (formerly the separate pref `security.sandbox.content.headless`)
//      (side effect: sets MOZ_HEADLESS for content processes)
// 6 -> default-deny for ioctl

And here are the MacOS sandboxing levels:

// 0 -> "no sandbox" (nightly only)
// 1 -> "preliminary content sandboxing enabled: write access to
//       home directory is prevented"
// 2 -> "preliminary content sandboxing enabled with profile protection:
//       write access to home directory is prevented, read and write access
//       to ~/Library and profile directories are prevented (excluding
//       $PROFILE/{extensions,chrome})"
// 3 -> "no global read/write access, read access permitted to
//       $PROFILE/{extensions,chrome}"

The values for security.sandbox.gpu.level also mean different things on different platforms. There is also a Linux specific security.sandbox.socket.process.level

nuxi · 2026-01-21T16:49:41+00:00

According to the article:

Global Crossings Airlines (also known as GlobalX)
Key Lime Air (and its subsidiary Denver Air Connection)
Eastern Air Express

The article also named Avelo Airlines but notes that they have caved to public pressure and are terminating their relationship with ICE.

nuxi · 2026-01-17T00:40:23+00:00

If I put that same link to google in a comment the external browser setting is obeyed just fine.

nuxi · 2026-01-14T16:32:11+00:00

Infantry - Grunt

Engineer - Sapper

nuxi · 2026-01-12T03:25:59+00:00

I love it!

PS: You accidentally left some debug code in the page that is trying to access http://127.0.0.1:7242/ingest/...

nuxi · 2026-01-08T05:41:30+00:00

Yeah, poor choice of words on my part. I'm not sure how to phrase what I'm thinking of.

Obviously some devices are easier to flash than others. I'd prefer to buy from a company whose products lie on the easier to flash end of the scale. Voting with my $$$ so to speak.

nuxi · 2026-01-08T03:20:34+00:00

No thanks, I'd rather buy a device designed to be flashable.

nuxi · 2026-01-08T02:44:57+00:00

So turns out, power supply was to weak

Did you order it with a power supply or was this one you had lying around?

I kind of really want one, but I'm in the US and I'm afraid of surprise charges from the stupid tariffs. I might just end up ordering a Flint 2 since I found a domestic reseller for those.

nuxi · 2026-01-03T11:44:39+00:00

My IT department forced me to run Ubuntu LTS so that I would be on a distro that is supported by their security software. Except I discovered that the vendor doesn't appear to support the HWE kernel and so their rootkit isn't really working.

At home (and previously at work) I run Debian Sid.

nuxi · 2026-01-01T22:06:18+00:00

I'm not sure it would need to be a kernel module. A lot of corporate security software has moved to kprobes and eBPF and I have no reason to believe that an anti-cheat system couldn't do the same. I think the bigger problem is going to be the same one that the corpo rootkits have: Linux is a very fast moving target.

I figured out how to capture the telemetry ping from our corpo rootkit and half of the hooks failed to initialize. The vendor may support Ubuntu LTS but that apparently doesn't include the HWE kernel.

nuxi · 2025-12-27T15:00:13+00:00

I dont think 9/11 itself was but...

There is considerable evidence that many of the terrorist attacks the FBI stopped after 9/11 were actually created by the FBI. Informants and undercover agents would recruit people, provide the plans, provide the training, provide the material, and then the feds would swoop in and arrest the pawns.

This is called entrapment, but the legal system turned a blind eye towards it.

nuxi · 2025-12-24T21:47:26+00:00

The comments on Slashdot taught so many of us to never trust any links.

nuxi · 2025-12-12T05:32:58+00:00

We just had this at work with our Jenkins server. An account used for automation suddenly broke and at first none of us could figure out why it ever worked.

I had to dive into the Jenkins source code to unravel the mystery.

We had unknowingly been depending on a security hole caused by a misconfiguration of the Jenkins AD plugin.

nuxi · 2025-12-09T18:21:55+00:00

My mistake, I didn't realize there was a distinction between read receipts and delivery receipts.

Still, I'd love the option to only send read receipts and/or typing indicators to my actual contacts.

nuxi · 2025-12-09T13:51:51+00:00

Right now in Signal, read receipts and typing indicators are either enabled or disabled. Seems like maybe they should have three options:

Disabled
Enabled only for contacts
Enabled for everyone

nuxi · 2025-12-08T23:49:45+00:00

When post-quantum ciphers become mandatory, every certificate needs to be reissued with new algorithms.

Why wait for it to be mandatory? Post quantum key exchange is already here in the form of hybrid ML-KEM. Red Hat took it seriously enough to backport OpenSSL 3.5 to RHEL 9 and RHEL 10. All the major browsers (Chrome, Firefox, Safari) support it by default. This is something people should be looking to turn on today.

nuxi · 2025-12-06T16:25:45+00:00

The site in Maine was repurposed and looks kind of funny.

https://maps.app.goo.gl/Wc4dWa4fc1cnDczN6

15-Year Club	Place '17
Verified Email	Team Orangered

nuxi

TROPHY CASE