The fact that winamp still exists is just silly fun.
The fact that winamp still exists is just silly fun.
Neat. I’ll take a closer look later, but this sounds like an interesting project
And this is why I haven’t installed Teams on my personal computer. If it was less invasive, I would, but it’s just potential bossware masquerading as “productivity tools.”
That shit stays on my work computer, and I just VPN into it.
That’s why I still use FF. I wish they were run by better people, but it’s still not on par with Google’s shit.
And they still offer useful features/services like email masks, cookie containers, and a VPN (which is rebranded Mullvad). If they were awful bad actors, they would be running their own exit nodes and surreptitiously collecting user data that way.
TBH, we’d probably all do well to use the internet a little less
I had forgotten why I dropped Brave. This was why.
How’s that? If I’m running a Windows machine, how would a CUPS exploit affect me?
I’m not asking maliciously, but I genuinely don’t grasp how that could be a viable attack vector.
I like your idea. But you’ll have to settle for being a fish.
I would have considered a folding book-style phone if I wanted a tablet. I agree that they’re likely the only viable use case that isn’t a complete gimmick.
The very next sentence:
Note that everything that is not Linux has been filtered out [in this filtered list of unique IPs]. That is why I was getting increasingly alarmed during the last few weeks.
They said they were getting duplicates and non-*nix hits with that 300k number, which doesn’t help them (i.e. the hundreds of thousands of hits was artificially inflated). So yes, the threat is overblown.
Coupled with the fact that patches are already out, and it’s easily mitigated by closing 631, and I don’t expect this will be much of a problem for most people.
Yep. While simple to prepare, this will affect almost nobody, as it requires the user to perform an increasingly rare action in a world that’s often going paperless.
Also, the likelihood that a regular user will expose port 631 to the internet is probably close to zero. There’s several uncommon pieces that have to be in place for this to work, to the point that it’s not a simple matter to execute this exploit.
Really, Conservatives? Y’all gonna do this again, after you killed off a big chunk of your base during COVID?
Sounds like some firmware updates are in order.
I hope he eventually dyes his hair the same color, too.
Either one of them. It would be weird either way.
Because as we know, picture frames are famously liquid-tight containers…wait…
- To exploit this across the internet or LAN, a miscreant needs to reach your CUPS service on UDP port 631. Hopefully none of you have that facing the public internet. The miscreant also has to wait for you to start a print job.
- If port 631 isn’t directly reachable, an attacker may be able to spoof zeroconf, mDNS, or DNS-SD advertisements to achieve exploitation on a LAN. Details of that path will be disclosed later, we’re promised.
So don’t expose 631 to the internet (why would you?) and know who’s on your network. Be careful printing things on an untrusted network.
It’s serious, but seems like a wonky attack vector for most.
Another one called FluxTube and one called magic-tape were posted recently, too.