Sunday, June 13
- Even the greatest of players can fumble the ball on occasion. It's how they recover that sets them apart.
Software development platform Codecov got hacked at the end of January, an event not discovered for two months, leaving their users exposed that entire time. (Bleeping Computer)
The vulnerability was via a Docker configuration flaw, and the attackers modified the shell script Codecov used for uploading files to be tested. That meant that everything in the customers' code or the test scripts used with it could be stolen by the hackers.
So that one hack potentially meant that every single one of Codecov's customers also got hacked.
The thing is, complete retards also fumble the ball on occasion, and it's clear now which category Codecov falls into: They replaced their shell script with a 43MB binary-compiled Node.js application using 579 third-party libraries.
This is the equivalent of Ford apologising for a critical safety failure in brakes manufactured cheaply in China and replacing them with brakes made for one quarter that price in Burkina Faso using radioactive recycled hamster bedding from North Korea as lining material.
Do not use Codecov. They are morons.
- Audi / Volkswagen got hacked, if the term hacked is relevant when you connect a database directly to the internet. (Bleeping Computer)
The hack includes loan and lease applications, which would contain all sorts of sensitive financial and identity information.
They don't know how exactly many people are affected, but at least 90,000 had financial data leaked and millions more had personal data leaked.
- Intuit did not get hacked - they say - but they've been notifying customers of individual accounts that appeared to have been hacked after a security breach at another company. (Bleeping Computer)
Assume that everything you put online passes immediately into the hands of your worst enemies.
- McDonalds got hacked too. (Bleeping Computer)
Not sure how much that matters. Who gives personal information to fast food franchises?
I know, probably a hundred million people.
That's a fun premise, but it wouldn't be enough except that in her gremlin form she's drawn as being about two feet tall - and the virtual camera angles used in the animation follow that little absurdity as if it had been carved in stone and handed down on Mount Sinai. They never call attention to it directly, but it's there in every scene.
It also helps that she's not actually bad, or lazy, she just human and can't maintain her perfect image 24x7.
- Blockchain ruins everything, Part 378: The free plan at Docker Hub no longer includes Autobuild. (Docker)
Because people have found a way to write build scripts that mine cryptocurrencies. It's astounding inefficient, but that doesn't matter because they're not paying for it.
Docker has been suspending thousands of free accounts each week, and has now decided to stop playing whack-a-mole.
- China's ban on cryptocurrency mining is also expanding. (Tom's Hardware)
China was mining about half the Bitcoin in the world, and is the home to the Chia plague. The growing restrictions have caused the price to sink, at least temporarily. I have no idea what will happen longer term.
- PLC flash is years away. thank goodness. (Tom's Hardware)
Flash memory comes in four densities at the moment - SLC (1 bit per cell), MLC (2 bits), TLC, the most common (3 bits), and QLC (4 bits), used in SD cards and low-end SSDs.
For each additional bit they try to pack in, the circuitry needs to be twice as sensitive. Single-bit cells have two electrical levels, two-bit cells have four, three-bit cells eight, and so on.
QLC seems to be okay so far, but a major feature of newer drives is being able to switch storage blocks between SLC mode and TLC or QLC. A drive that is mostly empty could actually be running entirely in SLC mode, and will gradually switch over - and slow down - as it fills up.
PLC - 5 bits per cell, with 32 electrical levels - sounds like a bridge too far to me. The cost savings are minimal - they're already pretty small for QLC vs TLC - and the lifespan would be at best a quarter of current mainstream TLC drives.
- Click on this link. (BBC)
Yeah, login required. Never mind that.
See that stock photo of a programmer sitting a laptop? Try selecting the text on the laptop screen.
When In Doubt Bribe the Reviewer Video of the Day
Hardware Unboxed made news not long ago when they posted a critical review of an Nvidia graphics card and Nvidia blacklisted them from receiving review samples.
That caused a shitstorm across all the popular review sites and YouTube channels. Hardware Unboxed is a smaller Australian channel and even they have nearly 800,000 subscribers. Linus Tech tips has over 13 million subscribers and they picked up that story and Nvidia was forced to back down.
Same thing here. LG has contacted Hardware Unboxed and said, in effect, that the people responsible for firing the people responsible, have now been fired. The LG division involved in this - their IT services department, not the producer of the product under review - has been relieve of any future involvement in that process.
I don't trust LG, but they probably won't repeat that particular mistake. Multiple people have pointed out that the whole thing was pointless anyway, because the product and the center of the controversy is actually good.
I May Have Already Used This Anime Music Video of the Day
I need to start keeping a list.
Because the bash uploader was too complex.
Posted by: Rick C at Sunday, June 13 2021 05:26 PM (eqaFC)
Sigh. This is why whenever I have the option, when paying for something online, I don't let the site store my credit card number.
Posted by: Rick C at Sunday, June 13 2021 05:27 PM (eqaFC)
It's...actually a textarea, and the text is visible via View Source.
Posted by: Rick C at Sunday, June 13 2021 05:30 PM (eqaFC)
It's actually worse than that, IIRC. They did NOT post a critical review. The review didn't emphasize RTX, because it was focused on raster performance. They had a separate video coming that was going to talk about RTX, but that's all nVidia wanted anyone to talk about.
Posted by: Rick C at Sunday, June 13 2021 05:32 PM (eqaFC)
Posted by: Pixy Misa at Sunday, June 13 2021 08:53 PM (PiXy!)
Posted by: benzeen at Monday, June 14 2021 03:20 AM (JpDcM)
58 queries taking 0.1956 seconds, 341 records returned.
Powered by Minx 1.1.6c-pink.