cultural reviewer and dabbler in stylistic premonitions
If you have ::/0 in your AllowedIPs and v6 connections are bypassing your VPN, that is strange.
What does ip route get 2a00:1450:400f:801::200e (an IPv6 address for google) say?
I haven’t used wireguard with NetworkManager, but using wg-quick it certainly adds a default v6 route when you have ::/0 in AllowedIPs.
You could edit your configuration to change the wireguard connection’s AllowedIPs from 0.0.0.0/0 to 0.0.0.0/0,::/0 so that IPv6 traffic is routed over it. Regardless of if your wireguard endpoint actually supports it, this will at least stop IPv6 traffic from leaking.
ipv4 with an extra octet
that was proposed as “IPv4.1” on April 1, 2011: https://web.archive.org/web/20110404094446/http://packetlife.net/blog/2011/apr/1/alternative-ipv6-works/
This video is full of jarring edits which initially made me wonder if someone had cut out words or phrases to create an abbreviated version. But, then I realized there are way too many of them to have been done manually. I checked the full original video and from the few edits i manually checked it seems like it is just inconsequential pauses etc that were removed: for instance, when Linus says “the other side of that picture” in the original there is an extra “p” sound which is removed here.
Yet another irritating and unnecessary application of neural networks, I guess.
The tone which comes across in the video (linked from the other post I linked to in this post’s description) is unfortunately much less amicable than this article conveys.
the guy speaking off camera in the linked 3min 30s of the video is Ted Ts’o, according to this report about the session.
That pin can be found for $30 or $35 on on ebay here and here, where it is described as being from the 80s and as an “employee pin”.
I was thinking that this might have been something aimed specifically at technology buyers in US schools in the 80s or 90s, to whom Apple offered substantial institutional discounts in a (relatively successful) effort to dominate that sector. However searching the phrase “does more costs less” i found this TV spot advertising the Quadra 605 which at $1000 was the cheapest computer Apple sold when it was introduced in October 1993 (and allegedly cheaper than something else they refer to as “PC Leading Brand” 😂). That system was sold under the LC and Performa brands up to 1996, but it was only sold as a Quadra until October 1994, so, to answer OP’s question: that slogan was in use at least sometime in that year.
actually it stands for “Privacy-Preserving Attribution”.
They had to make it the default though. That was unavoidable.
For it to be useful at scale, sure, but reading this it sounds like Chrome’s version of it is still “experimental” and opt-in. Hopefully the backlash prevents it from being developed further.
It has come to my attention that many of the people complaining about #Firefox’s #PPA experiment don’t actually understand what PPA is, what it does, and what Firefox is trying to accomplish with it
The documentation under the “Learn more” link next to the “Allow websites to perform privacy-preserving ad measurement” checkbox in Firefox preferences explains very clearly what it is and how it works. Asserting that people who read that and are indignant about it being enabled by default just… “don’t actually understand” it is absurdly insulting and basically gaslighting.
i guess maybe if you’re using a device with a tiny screen and a lemmy client that doesn’t let you zoom in on images
shoutout to the person who reported this post with “Reason: Bot meme, you can’t even read it. whoever replies is a bot too” 😂
E: old thinkpad gang input: take the time to reapply thermal grease to the cpu at some point. It makes a huge difference.
What’s a “gang input”?
😂 it’s an input to this discussion from a member of the group of people (“gang”) who have experience with old thinkpads. and yes, if your old thinkpad (or other laptop) is overheating and crashing, reapplying the thermal paste is a good next step after cleaning the fans.
xzbot from Anthony Weems enables to patch the corrupted liblzma to change the private key used to compare it to the signed ssh certificate, so adding this to your instructions might enable me to demonstrate sshing into the VM :)
Fun :)
Btw, instead of installing individual vulnerable debs as those kali instructions I linked to earlier suggest, you could also point debootstrap at the snapshot service so that you get a complete system with everything as it would’ve been in late March and then run that in a VM… or in a container. You can find various instructions for creating containers and VMs using debootstrap (eg, this one which tells you how to run a container with systemd-nspawn; but you could also do it with podman or docker or lxc). When the instructions tell you to run debootstrap, you just want to specify a snapshot URL like https://snapshot.debian.org/archive/debian/20240325T212344Z/ in place of the usual Debian repository url (typically https://deb.debian.org/debian/).
A daily ISO of Debian testing or Ubuntu 24.04 (noble) beta from prior to the first week of April would be easiest, but those aren’t archived anywhere that I know of. It didn’t make it in to any stable releases of any Debian-based distros.
But even when you have a vulnerable system running sshd in a vulnerable configuration, you can’t fully demo the backdoor because it requires the attacker to authenticate with their private key (which has not been revealed).
But, if you just want to run it and observe the sshd slowness that caused the backdoor to be discovered, here are instructions for installing the vulnerable liblzma deb from snapshot.debian.org.
Color can provide useful context. For example, in the case of this image, imagine if in a thread about it there was some discussion of the ripeness of the yuzu fruit.
Where are you getting 60%? Google’s IPv6 Adoption page has it under 50% still:
(while other stats pages from big CDNs show even less)