Septimaeus
Really curious how Android sandboxing was so easily defeated. Were those ports left open for extensions or something? I need to read up on this exploit. It’s so brazen, but also shouldn’t be possible. 8 years of stolen data. Wild.
Ty 🙏
Guessing… my chemical romance?
IIRC caffeine temporarily blocks adenosine receptors, so I think that does work up to a point.
Yes I wasn’t referring to the comment I replied to, but rather all the replies below it. I can see how that might be confusing so I’ll clarify the comment.
Regardless, you’ve probably seen better examples of what I’m talking about, and if you have any ideas, I’m all ears.
Can someone explain to me these little self-flagellation parties (edit: meaning the replies below, not the root level comment I’m replying to) that seem to appear with every other dystopian headline in this community?
I mean like this mopey circlejerk right here, with Americans unironically declaring “no one is doing anything!” when literally every day brings more news from the hundreds of large active US protests which lately have been maturing as the fash behaves predictably. Even if that weren’t the case, isn’t the obvious solution to “be the change” or are we not doing basic grassroots work anymore?
This shit is really persistent on lemmy, like some kind of self-affirming narrative to excuse inaction, or maybe doomerist/accelerationist propaganda, or some other internet koolaid I’m too offline to understand.
But I want to know how to get the disillusioned circlejerkers plugged into local efforts. The boots on the ground reality of the work being done, not to mention all the preparation leading up to this phase, seems like it’s right in front of them yet they can’t/won’t see it. We really need all the help we can get.
And on a personal level, it’s getting hard to watch them on here whining that no one is doing anything, high-fiving each other for admitting they’re also not doing anything, and other one-downsman-ship type behaviors, because a bunch of people have been busting ass out here for a while and like, if you don’t want to or can’t help, fine. But then you don’t get to complain on the internet that we’re not doing enough.
You’re describing pragmatism, a solutions-oriented mindset.
I’m referring to left’s problem with edgy despair evangelists suffering from a deliberately propagated fascist contagion that must be recognized and treated rather than allowed to spread.
Why? Because it deactivates would-be activists (including, for example, voters who had the chance to prevent this fascist takeover). It is not harmless. It must be addressed.
I’m addressing an instance of doomerism. Participation of current or former military in the rebellion occupies my thoughts far less than that, currently.
Yep. Also exposed type A receptacle. OK for table tops. Not OK for outdoor balcony railing.
Update: apparently it’s worse than I expected.
Access to localhost is simply not restricted by the OS at all. Inter-app communication via localhost is unregulated, even within a browser runtime “sandbox” (not a true sandbox apparently).
The only reason Brave wasn’t affected is that it required additional user permission for localhost access, so the tracking script halts in that browser to avoid detection.
The reason this is worse is that it means not only can a browser tab “talk” to local apps through specific ports, it can use any port, can talk to other browser tabs, and apps can share data with each other without restriction. If I’m understanding the scope of this loophole, it’s a glaring vulnerability that’s been there from the beginning, and it’s unlikely Meta is the only company to exploit it.
ETA: this is what I gathered from reading the paper. I still need to do my own testing to confirm. In the meantime if anyone knows more feel free to correct any of the above.