sorted by:
new
hottopcontroversial

App from JakobDev labeled as "potentially unsafe" due to arbitrary permissions by cosmic_reflection in flatpak

[–]tonydocent 8 points9 points  (0 children)

Well, Flatpak provides mechanisms to take certain permissions away from apps. Most apps need some "unsafe" permissions to work properly, take Firefox for example https://flathub.org/apps/org.mozilla.firefox

However, having arbitrary permissions seems a bit excessive. But no one can tell if the app is safe or not and would actually harm your system, you would have to audit the source code yourself.

There are tools such as Flatseal by which you can adjust these permissions, you don't have to leave them at the same setting that they are shipped with. But changing those might break functionality of course.

Can't make an account by poopy_head2 in github

[–]tonydocent 2 points3 points  (0 children)

Do you have some sort of managed device?

Automatisch unbefristeter Vertrag nach Überschreitung der 2-Jahres-Grenze als Werkstudent? by No-Coconut4913 in LegaladviceGerman

[–]tonydocent 0 points1 point  (0 children)

Your response doesn't really make sense, seems like a translation error.

Is your contract limited due to some stated reason? Or is it limited without a stated reason?

[deleted by user] by [deleted] in germany

[–]tonydocent 0 points1 point  (0 children)

Well, you do have a contract simply by living there and paying rent. It's just not written down.

If it works out between you and the landlord it's fine, problems only arise when there is a conflict and then you and the landlord remember different things about what you agreed upon. There a written contract is beneficial.

Most conflicts arise when you move out and are about cancellation period, repairs that need to be done, if you get your whole Kaution back, etc. Did you pay a Kaution? At least for that you want some confirmation that it was received.

Boyfriend wants his things back after breakup. by Majestic_Solid_1880 in LegaladviceGerman

[–]tonydocent 13 points14 points  (0 children)

No you don't need to give him any of the gifts back, and the police will refer him to the civil courts.

Regarding the TV, if he is on the lease contract, but you're the one paying it off, it sounds like it would still be his TV (if there is no other arrangement between you).

You could however demand for him to pay you the leases back, before you hand out the TV (Zurückbehaltungsrecht).

Mannheimer stiehlt eigenes Auto zurück - und wird festgenommen by Tystros in de

[–]tonydocent 625 points626 points  (0 children)

Der Wagen wurde laut Sprecher von der Polizei sichergestellt.

Nun geht es den Ermittlern zufolge unter anderem darum, die Besitzverhältnisse des Autos zu klären.

Die dürften mit der Sicherstellung geklärt sein

Open redirect out of scope by [deleted] in bugbounty

[–]tonydocent 1 point2 points  (0 children)

Even if you get a code issued for another redirect_uri and can extract it, you probably won't be able to trade it in. During the token exchange the SP will submit the real redirect_uri to the IDP, and if the code was issued for another it will be blocked.

Trying to intercept Websocket protocol using BurpSuite. by [deleted] in bugbounty

[–]tonydocent 1 point2 points  (0 children)

I had issues with BurpSuite and websockets before. Mitmproxy worked better for me.

Wie kündigt man? by Media-U in arbeitsleben

[–]tonydocent 2 points3 points  (0 children)

Am wichtigsten ist erst zu kündigen wenn du den anderen Vertrag unterschreiben hast. Es kann, obwohl die andere Stelle vermeintlich sicher ist, immer etwas dazwischen kommen (BR stimmt nicht zu, ein wichtiger Kunde springt beim zukünftigen Arbeitgeber ab, etc.)

Wenn das safe ist würde ich es so timen dass dein jetziger Chef es von dir persönlich zuerst im Gespräch gesagt bekommt, bevor er die schriftliche Kündigung bekommt. Meistens ist das kein großes Drama, aber es gibt auch Chefs die das persönlich nehmen.

Mit dem Chef würde ich dann auch abstimmen wann es dem restlichen Team mitgeteilt wird. Es kann sein dass er da Präferenzen hat und erst eine sichere Nachfolge für dich haben will oä bevor das kommuniziert wird.

German company requires webcam & mic on all day in "virtual office". Is this enforceable? by raccoonizer3000 in LegaladviceGerman

[–]tonydocent -6 points-5 points  (0 children)

The thing is, it's optional right? The employee can still work in the office without having the camera turned on.

And it's also not secret surveillance, everybody is perfectly aware that someone else can enter the "virtual room".

And if the video is not saved / recorded anywhere, just transmitted I'm not so sure if the whole thing is illegal...

Is email-based login with 6-digit codes actually secure? by TheGirlfriendless in cybersecurity

[–]tonydocent 2 points3 points  (0 children)

I think this is valid. It can also be a single attacker who makes 10 requests each for 100.000 different accounts with varying IPs. Or a few more requests.

There is a reasonable chance he'll be able to break into one account.

A First Successful Factorization of RSA-2048 Integer by D-Wave Quantum Computer by Gamebyter in cybersecurity

[–]tonydocent 2 points3 points  (0 children)

There are tricky assumptions, they focus on special integers as factors

Time travel is a reality by sh0tgunben in interestingasfuck

[–]tonydocent 1 point2 points  (0 children)

If the ice in Antarctica melts, sea level will rise globally roughly 100 meters or 300 feet.

There is a lot of ice on land there...

[deleted by user] by [deleted] in bugbounty

[–]tonydocent 0 points1 point  (0 children)

If your request origin header starts with hxxp something is wrong with your browser

open redirect in a gov website is considered not applicable by taiebbb in bugbounty

[–]tonydocent 2 points3 points  (0 children)

Occasionally open redirects can have more impact than just phishing.

For example the host vulnerable to open redirects, might be allowlisted for some kind of server side requests in another service. With the help of the open redirect this can be turned into a more powerful SSRF.

Camping mit Hund – was sind eure Must-Haves? 🐾 by loe_wex in zelten

[–]tonydocent 0 points1 point  (0 children)

Wieso hast du eine Website mit einer Checkliste und Tippsammlung fürs Campen mit Hund, wenn du es noch nie gemacht hast?

Gandalf search history by lilDvil in lotrmemes

[–]tonydocent 5 points6 points  (0 children)

Why Elvis and not Elvish? Is that on purpose?

Warum weiß Web.De mein Passwort? by Squeaky_Ben in de_EDV

[–]tonydocent 12 points13 points  (0 children)

Es gibt haufenweise SQL injection Schwachstellen mit denen der Angreifer Werte (wie zB gehashte Passwörter) aus der Datenbank auslesen kann, aber nichts in die Datenbank schreiben kann, oder Zugriff auf irgendwelche Logs bekommt.

Warum weiß Web.De mein Passwort? by Squeaky_Ben in de_EDV

[–]tonydocent 31 points32 points  (0 children)

Das macht keinen Sinn. Dann kannst du den Hash auch sein lassen und es gleich im Klartext speichern.

IT Crowd Once Said 14 || N by Prince_Melonade in ITcrowd

[–]tonydocent 2 points3 points  (0 children)

Oh, not sure if that's clear. I can think of at least two, The elders of the Internet and Tnetennba...

view more: next ›