Elvith Ma'for

Looks to me like they’re essentially redirecting the request from the normal api to do age checks to their own api, and just saying “Sure, they’re an adult” to discord (since that is all the “proper” api tells them).

Wait… Those amateurs [at discord and the age check company] didn’t even think of signing the check in any way and then verifying the data they get send back? That’s not even hard to implement?!

Im using SchildiChat on Android

Although I cannot remember how to do it “correctly” I have a suspicion whats wrong with your post:

Mastodon just has a “text” for the post, some mentions and maybe media attached to it.

Lemmy also features a post title and an URL. IIRC the first paragraph of your post get converted to the title, the remainder is the post body (maybe you need to put the desired link second?!). I guess your text in the first paragraph is too long to fit in the title and the post is discarded.

Try something like this:

ICE Tucson, AZ - 2/7/26

Fascist paramilitary invaders deployed...

Source: reddit.com/...

IIRC you must be following the community with your Mastodon Account to be able to post there. At least that was the problem, when I tried it the last time.

I’m using Fedora. Works out of the box. You need to add a MOK if you want to use custom kernel modules (or the current Nvidia drivers). But using the nouveau driver or just a standard installation of not using Nvidia hardware works flawlessly without MOK.

Im using Nvidia. The initial import of the MOK is a bit… strange or scary for non tech people, but afterwards, akmods makes it a breeze. You don’t have to think about it. With Fedora 42, akmods regularly failed to build the driver’s and I had to restart the build manually after a kernel upgrade, but since I upgraded to Fedora 43, it just works.

Not every Linux distribution supports Secure Boot, but almost all of them do. No need to toggle it depending on your boot target. Dual booting with secure boot works just fine.

Yeah, how can you look even more lunatic?

It’s was even easier - KDE showed a notification, I clicked it and got a pop-up telling me about the violation and the commands to fix it of this behavior should be allowed. I could never copy&paste them from there. But yes, checking journalctl every once in a while is a good habit.

Since it was nothing that really prevented me from using the PC (e.g. virt-manager getting a violation when I shut down a VM), I reported it and waited for a bit if they’d resolve this and then just ran the commands after a two days without fix, because I wanted to get rid of the notifications

On regular Fedora 42->43 broke (or forgot to change?) a few SE Linux rules for me, so that I got constant notifications about violations. Otherwise it’s been rock solid so far.

Same, I had tried Openoffice/LibreOffice in the past and had many problems. Since I got a personal MS Office License very cheap from my employer I used that and didn’t really feel the need that much to look for alternatives.

Then about a year ago, I reworked some deployments of my self hosted things and added Collabora to my Nextcloud “just for fun”. And I was pleasantly surprised by it. Since that is based on libre office, I had the urge to check that out and realized that it should have everything I usually need. Also I was already dual booting for a while but still hadn’t really switched many “workflows” to Linux, because I was lazy to search for alternatives. This now meant that there was less friction to use Linux as a bonus.

I usually try to iterate - read available documentation (e.g. comments in a config file, product documentation,…) and try to find stuff out. If I get stuck, an LLM answer may be confidently wrong, but it may give me some new pointers in which direction I should go next. Or maybe mention some buzzwords/techniques/concepts that I might need to investigate further.

As it’s underlying concept is pattern recognition it might not be completely correct, but more often than not nudges me generally in the right direction. Bonus: Now I probably learned some things that will help me later on.

So far I never had something a little more complex that an LLM gave me a correct solution for. But as I like to tinker, explore and learn for myself, I’d probably hate getting a complete working solution without any work I did myself.

Help, how do I get out!!!

^/s

( ͡° ͜ʖ ͡°)

As the hoster wrote this:

we immediately transferred all clients’ web hosting subscriptions from this server

It looks like the binaries and the update check script were put on a simple web space. If that is the correct conclusion to draw from this excerpt, then it’d be rather strange to have the keys on that server as it’s very unlikely that it was used to produce any builds.

From my understanding: Basically the attackers could reply to your version check request (usually done automatically) and tell N++ that there were a new version available. If you then approved the update dialogue, N++ would download and execute the binary from the update link that the server sent you. But this didn’t necessarily need to be a real update, it could have been any binary since neither the answer to the update check nor the download link were verified by N++

FINISH HIM!

unzip, strip, touch, finger, grep, mount, fsck, more, yes, fsck, fsck, fsck, umount, sleep

No, it’s only a loophole if you cherry pick single sentences and omit the next part that further defines and restricts it.

See my other comment: https://feddit.org/comment/11272121

As soon as a security patch is published in AOSP, they have a deadline of four months to roll it out. Sox months for ‘feature updates’.

Wrong, keep reading. You only quoted (6)(a). Now go and read (6)©:

© security updates or corrective updates mentioned under point (a) need to be available to the user at the latest 4 months after the public release of the source code of an update of the underlying operating system or, if the source code is not publicly released, after an update of the same operating system is released by the operating system provider or on any other product of the same brand;

As soon as a security patch is published in AOSP they now have 4 months to roll out an update.

Stolen? That’s a harsh term. We prefer “backed up to our cloud for your security”!