I'm pretty sure browsers stopped distinguishing EV certificates years ago.
Is it baffling? Live service games are all about extracting as much money from players as possible via loot boxes and battle passes. The best game is the game that makes the most money. Therefore, live services are the optimal type of game.
A large percentage of those hosts with SSH enabled are cloud machines because it's standard for cloud machines to be only accessible by SSH by default. I've never seen a serious security guide that says to set up a VPN and move SSH behind the VPN, although some cloud instances are inherently like this because they're on a virtual private network managed by the hosting provider for other reasons.
SSH is much simpler and more universal than a VPN. You can often use SSH port forwarding to access services without configuring a VPN. Recommending everyone to set up a VPN for everything makes networking and remote access much more complicated for new users.
Shodan reports that 35,780,216 hosts have SSH exposed to the internet.
Moving SSH to ports other than 22 is not security. The bots trying port 22 on random addresses with random passwords don't have a chance of getting in unless you're using password authentication with weak passwords or your SSH is very old.
SSH security updates are very infrequent and it takes practically no effort to keep SSH up to date. If you're using a stable distribution, just enable automatic security updates.
Having SSH open to the internet is normal. Don't use password authentication with weak passwords.
Children also learn to reading and writing using copyrighted works, often from borrowed books that they aren't paying for. Some corporations would love if everyone had to pay individually, maybe per use, to access copyrighted material, and New York Times and American pro sport leagues would love if they could actually own recollections of copyrighted material, but neither of these is good for normal people.
https://www.eff.org/deeplinks/2023/04/how-we-think-about-copyright-and-ai-art-0
OpenAI is right. Almost everything of value on the internet is under copyright, and very little on the internet has clearly and unambiguously specified licensing information. If the software can only be trained on content that clearly allows training, the model isn't going to "know" anything about anything since Steamboat Willie and it isn't going to use broken dialects of older English from being limited to only public domain works that have been digitized and made available as public domain (reprints may not be public domain).
For me it's a combination of alerts being sent to the wrong areas and a disagreement about importance. I don't need an alert if it's hot outside, nor do I need an alert for every update about an earlier alert. People aren't turning off alerts because they don't know how to turn them on.
This is the guide for making the gif look good: https://blog.pkh.me/p/21-high-quality-gif-with-ffmpeg.html
The article isn't that clear, but the attacker cannot get Slack AI to leak private data via prompt injection directly. Instead, they tell it that the answer to a question is a fake error containing a link which contains the private data, and then when a user that can access the private data asks that question they get the fake error and clicking the link (or automatic unfurling?) causes the private data to be sent to the attacker.
There's a browser extension for that. It also works on Pintrest and other useless sites. https://iorate.github.io/ublacklist/docs
view more: next ›
i_am_not_a_robot
joined 1 year ago
Having a non-garbage domain provider can be a luxury. I used to work at a place where we were paying boatloads of money for certificates from Sectigo for internal services, and they were charging us extra per additional name and even more if we wanted a wildcard, even though it didn't cost them anything to include those options. Getting IT to set up the DNS records for Let's Encrypt DNS verification was never going to happen.