Why worry about government access - when its available on the internet? DeepSeek Leak.
https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak
Why worry about government access - when its available on the internet? DeepSeek Leak.
https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak
Good explanation of why AES-GCM should be frowned upon - catastrophic failure upon nonce/IV reuse. Use XChaCha20-Poly1305 if you are dealing with low computing power devices or the lesser well known AES-SIV or AES-GCM-SIV modes... and use post-quantum resistant key exchanges like KEM.
@cy @annika It's still probably Matrix under the hood.
For those unfamiliar with it, there are loads of Matrix networks, private, public networks.
I was trying to match the screenshots with known Matrix clients to verify, problem is there are too many now. Think we can rule out text only ones but, with multiple mobile and desktop OS versions each that's a lot to check:
Element
Element X
FluffyChat
Nheko
Cinny
Fractal
Quaternion
gomuks
Hydrogen
NeoChat
SchildiChat
Ement.el
Tammy
iamb
chatty
Please note that these folks seem a little confused about the the takedown of a single Matrix server. Matrix is an open source encrypted protocol, and there are multiple sets of Matrix clients (Element most popular) and open source server sw, many servers, and multiple matrix networks. This takedown seems unrelated to matrix.org
https://www.pcmag.com/news/encrypted-chat-service-seized-2m-messages-read
For those going home to visit family this weekend:
• Samsung calls it Auto Motion Plus
• LG calls it TruMotion
• Sony calls it Motionflow
• Roku calls it Action Smoothing
• Google TV calls it Motion Enhancement
• Vizio calls it Smooth Motion Effect.
• Panasonic calls it Intelligent Frame Creation (IFC)
• Philips calls it Perfect Natural Motion
• Sharp calls it AquoMotion
• Toshiba calls it ClearScan
• JVC calls it Clear Motion Drive
• Magnavox calls it Perfect Pixel HD
1/4
• Hisense calls it Ultra Smooth Motion
• TCL calls it Clear Motion Index (CMI)
• Sceptre refers to it as MEMC (Motion Estimation and Motion Compensation)
• Insignia calls it Smooth Motion
• Element uses Motion Rate
• Westinghouse refers to it as Enhanced Motion
• RCA calls it Motion Rate
• Blaupunkt refers to it as Active Motion
• Hitachi uses Clear Motion Rate
• Finlux calls it Smooth Motion Rate
• Thomson uses Clear Motion Index
2/4
• Hitachi uses Clear Motion Rate
• Grundig refers to it as Vivid Motion
• Polaroid refers to it as Motion Rate
• Emerson uses Clear Motion
• Vestel calls it Pixellence
• Funai refers to it as Clear Pix Motion
• Proscan calls it Motion Rate
• Bang & Olufsen calls it Motion Enhancement
• Loewe refers to it as Image+ Active
3/4
• Metz uses MetzMotion
• Haier calls it Smooth Motion Rate
• Skyworth refers to it as Motion Compensation
• Seiki uses Smooth Motion
• AOC calls it Clear Motion Rate
• Xiaomi refers to it as MEMC Technology
• OnePlus calls it MEMC
4/4
Here is a menu guide to turning off interpolation, which can make cinematic content look unnatural—similar to soap operas—introducing visual glitches around moving objects due to inaccurate predictions, and adds input lag for gamers, negatively affecting gameplay responsiveness. Film-makers hate it. It ruins their films and careful lighting. Defaults to on on most TVs and drives most people crazy, making movies look "off."
D-Link tells users to trash old VPN routers over bug too dangerous to identify.
Hopefully folks realize they should replace it with another vendor.
This vuln was covered at DEF CON 32 by Sam Curry. TR-069 is an admin access protocol that lets DLink work with your router remotely (reset device, etc.). Bad actors use spoofed requests to change config data, read the MAC address, monitor traffic, and use them as botnets. TR-069 is industry standard
https://www.theregister.com/2024/11/20/dlink_rip_replace_router/
Just a heads up for those who use "legacy" mail reader systems:
Google is shutting off password access to mail, calendars, and contacts, forcing OAuth2 to authenticate.
Anything with IMAP, SMTP, POP, CalDAV, or CardDAV using basic auth will fail.
SectorC: C compiler written in x86-16 assembly that fits within the 512 byte boot sector of an x86 machine. It supports a subset of C that is large enough to write real and interesting programs. It is quite likely the smallest C compiler ever written.
30 years ago today, we started putting images on the web. Marc Andreessen proposed adding the IMG tag to HTML.
It's 2023 and we are still getting NetHack CVEs https://nvd.nist.gov/vuln/detail/CVE-2023-24809
Autonomous Carbon Based LLM with 42 years of tuning on Information Attack and Defense. Host of CanSecWest, and PacSec.Do security audits, code, IR, LLM, red team consulting. Specialize in Firmware, and RF.VA7MOV
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.