Lemmy.world instance under attack right now. It was previously redirecting to 🍋 🎉 and the title and side bar changed to antisemitic trash.

They supposedly attributed it to a hacked admin account and was corrected. But the instance is still showing as defaced and now the page just shows it was “seized by reddit”.

Seems like there is much more going on right now and the attackers have much more than a single admin account.

I have found myself deep in the Nix and nixOS ecosystem myself.

There’s something weird about “protesting” a site by continuing to use their site. Hopefully it’s just bot traffic flooding /r/place rather than real people coordinating in real time.

In a way, cooking still has that “deprecation” feel. Like when you use a kitchen tool that is like 2 orders of magnitude above what you are currently using.

For me it was knives. It was a serrated knife set that was a gift and got me through college. Once I got a real job and could get something of quality. A friend recommended I change out my knives for a chef quality knives. Started out with some Global knives and have never went back to my old set. Been slowly adding over time (ie, bread knife, cleaver, paring).

Also, switched from non-stick to stainless steel because fuck PFOA. Also picked up a quality rice cooker from Zojirushi.

Technique can get you very far in cooking, but to make that dish perfect got to have the right tools.

I just want to add a quick note:

From OPs screenshot, I noticed the JS code is attempting to extract the session cookie from the users that click on the link. If it’s successful, it attempts to exfiltrate to some server otherwise sends an empty value.

You can see the attacker/spammer obscures the url of the server using JS api as well.

May be how lemmy.world attackers have had access for a lengthy period of time. Attackers have been hijacking sessions of admins. The one compromised user opened up the flood gates.

Not a sec engineer, so maybe someone else can chime in.

Honestly, once it reaches critical mass. It will mean the end of PayPal, Venmo et al AND the credit card industry as a whole.

Maybe best to avoid NVDA if using Linux, entirely.

My next build is going to be AMD GPU and CPU with nixOS. I heard GPU support for Linux is better with AMD cards, but honestly haven’t delved into it whether it holds any truth or not.

In consulting, that’s called “after work”. Got to pump those billables

Honestly though, unless it’s a feature that is completely outside the domain of the application. If you have to re-write your entire app then your app was probably dog shit to begin with

Probably questions that can be answered by RTFM

You might have something here. Development would be easy but maintenance and moderation is another beast.

Older scrum masters during the daily standup and trying to do live updates to the JIRA board

Turned 15 minute meeting into 30 minutes at times lol.

This is sadly nothing new. The militarization of domestic law enforcement agencies since the 1980s has only made it worse.

Intel had something like this as well (side channel attack?). I remember it because Linus Torvalds (creator of Linux kernel) ripped Intel a new one.

.io, .org, and .app are pretty good.

.xyz for fun ideas.

.dev for the obvious

.corp if you are an incorporated company in the US.

Kind of cool if your production infrastructure can match. But for most companies (ie, Fortune 500 and some medium companies) implementing this would need a force majeure.

Decades of software rot, change in management, change in architecture, waxing and waning of software and hardware trends, half assed implementations, and good ole bottom tier software consultation/contractors brought into the mix make such things impossible to implement at scale.

Once worked at a company where their onprem infra was a mix of mainframe, ibm / dell proprietary crap, Oracle vendor locked, and some rhel/centos servers. Of course some servers were on different versions of the OS. So it was impossible to setup a development environment to replicate issues.

For the most part, that’s why I still use docker for most jobs. Much easier to pull in the right image, configure app deployment declaratively, and reproduce the bug(s). I would say 90% of the time it was reproducible. Before docker/containerization it was much less than that and we had to reproduce in some non production environment that was shared amongst team.

Also a reminder for me to add IPv6 support for my personal site. I think most cloud providers are able to offer dual ipv4/v6 support if you ask for it/configure it.

Wow you actually get logs from the other devs? I get fucking screenshots of abbreviated stack traces. Often not even the relevant portion of the stack trace or log.

True story. Next car I own will be a manual. Won’t even bother setting up the electronic junk if it comes with it.

So 2013-2014? Lol

If you are in your 20s, single, motivated, and good at interviewing, then I say go for it.