D-Link tells users to trash old VPN routers over bug too dangerous to identify.
Hopefully folks realize they should replace it with another vendor.
This vuln was covered at DEF CON 32 by Sam Curry. TR-069 is an admin access protocol that lets DLink work with your router remotely (reset device, etc.). Bad actors use spoofed requests to change config data, read the MAC address, monitor traffic, and use them as botnets. TR-069 is industry standard
https://www.theregister.com/2024/11/20/dlink_rip_replace_router/
#Mitra v3.10.0
https://codeberg.org/silverpill/mitra/releases/tag/v3.10.0
https://codeberg.org/silverpill/mitra-web/releases/tag/v3.10.0
- Support __underlined__ text in post content (example: underlined).
- Improved Mastodon / Pleroma API compatibility (post editing and deleting should work in most clients).
- Attachments can be uploaded via drag-and-drop.
📢 We Just Open Sourced the original FORTH Source Code for ChipWits in celebration of its 40th Anniversary! 🎉 Peer into what game development was like for 8-bit micros in 1984! #forth #c64 #commodore64 #mac #retrogames #gamedev https://chipwits.com/2024/11/16/chipwits-40th-birthday-original-forth-code-open-sourced/
Servo Weekly Report Nº 16
Highlights from the last week:
• Support justify-self on absolutely positioned elements
• fix: allow form submission for input [type=image]
• OpenHarmony: Add basic IME and keyboard support
• Implement crypto.subtle.sign/verify with HMAC
Your donations help keep Servo, an independent web browser engine, active and maintains the health of the web ecosystem:
• https://opencollective.com/servo
• https://github.com/sponsors/servo
I’ve been getting a number of phishing emails purporting to be from Hetzner saying my payment into needs to be updated. It’s interesting excuse they targeting email addresses that are plausibly associated with my various fediverse service domains. The from addresses are nonsensical, and the link to login Hetzner are easy give away that it’s a scam.
Anyhow, please be on alert if you use Hetzner. I am guessing the play here is to steal your Hetzner login credentials, and (probably) payment information. Hetzner does have an alert in their portal about phishing attacks purporting to be from them so I think they are aware, though I found the targeting to be a bit novel.
Stay safe out there.
I wanted to share an awesome Expenses tracker, built with Textual. The author has done an amazing job -- it looks gorgeous!
is there a good comparison of the server resources required for running different #activitypub servers somewhere? i'm interested mostly in cpu, ram and network traffic
Latency graph between Hetzner Helsinki and Hetzner Germany.
The rupture seems to have happened on monday 18/11/2024 around 03h00.
Hey #linuxmobile people.
Maybe you heard about my little #libobscura project.
Which phone should #libobscura support after #Librem5 ?
I'm looking for one which has the kernel drivers but cameras still don't work great.
⌨️ Get ready for the 9th Swiss #MechanicalKeyboard Enthusiast #Meetup on December 8th 2024, this time in #Stäfa (about 25 to 30km away from #Zurich, at the shore of #LakeZurich).
https://swissmk.ch/doku.php?id=meetup-2024
Date: Sunday, 8th of December 2024
Location: Sonnenwiessaal, Bahnhofstrasse 38, 8712 #Stäfa, #Switzerland
OpenStreetMap: https://www.openstreetmap.org/way/26013871
Coordinates: 6PQF+J6
Time: 12:30 - 17:00 CET
Please spread the voice!
How does the new iOS inactivity reboot work? What does it protect from?
I reverse engineered the kernel extension and the secure enclave processor, where this feature is implemented.
https://naehrdine.blogspot.com/2024/11/reverse-engineering-ios-18-inactivity.html
None
Just in case: DMs/PMs simply don't exist on this instance as concept — don't use them, use the other instance if you absolutely have to, or send an email to any address at m0xEE.Net or .Com or .Org, but I prefer keep most communication public.