Instead of waiting for a zombie fungus to evolve into something that can infect humans, they decided to cut out the middleman and made cyborg mushrooms.
Random guy with no affiliation to crypto and only a vague understanding of monero from another instance here, who saw the post on /all.
Most people stumbling over posts like this probably see yet another shady cryptocurrency and aren't interested or even actively dislike it, resulting in downvotes. Calling people "grudgeful bitfags" and "overly-sensitive leftist fediverse dwellers" probably doesn't help all that much either, neither do comments that attribute a general disinterest to a "very successful psyop by the CIA to make crypto look like a scam".
str(float("100.0")) + "%"
We have to vote for the people who will admit to that and get rid of them. The U.S. is going to have to choose between a leader who tries to install good people to run the government and one who intends to install people bent on dismantling the government and giving loyalty to the leader alone.
I largely share your thoughts. I honestly expected Biden to at least be prepared enough to counter the usual Trump tactics of making things up and using strong words to impress his base while deflecting blame or critical questions.
Instead, we got Trump basically having free rein to appear strong with simple (and wrong) answers to complex questions, twisting the truth to support his positions and straight up lying and deflecting when finally confronted with something.
I'm not a big fan of Biden, but IMO he's the obvious, rational choice out of two candidates way past their prime - if you're into rationality over the antics of a con artist.
But this isn't a fair fight, and Biden isn't the showman Trump managed to be today. Biden was barely audible and mostly on the defensive while appearing weak, Trump was the opposite of that. I can't imagine any Trump voter switching teams after the debate, but I can image more than a few more emotionally motivated democrats second guessing their choice.
The export/import functionality is, yes. This implementation uses the same API endpoints, but the main reason for this existing:
An instance I was on slowly died, starting with the frontend (default web UI). At least at the time, no client implemented the export/import functionality, so I wrote a simple script in Bash to download the user data, if the backend still works. Running a script can still be a challenge to some users, so I wrote a web application with the same functionality. It's a bit redundant if we're talking about regularly working instances, but can be of use if the frontend isn't available for some reason.
An dieser Stelle reposte ich nochmal zwei einfache Wege, um seinen User (Settings und abonnierte/geblockte Communities) von einer Lemmy Instanz auf eine andere umzuziehen, beispielsweise von feddit.de auf feddit.org, von meinem ursprünglichen Post unter feddit.de/c/main ( https://alexandrite.app/feddit.de/post/11325409)
Weg 1, falls man noch einen Browser mit aktiver Session auf feddit.de hat:
Lemmy bietet seit Version 0.19 eine Funktion an, um die user data zu ex- und importieren. Das geht normalerweise über einen Button in den Settings des Webinterfaces, das geht aktuell bei feddit.de nicht.
Aber der zugrundeliegende API-Aufruf funktioniert noch, solange man noch mit einem Browser auf feddit.de eingeloggt ist:
- Man gehe auf https://feddit.de/api/v3/user/export_settings und speichert die zurückgegebene Datei als irgendwas.json
- Man nehme einen (neuen) Account auf einer stabilen Instanz der Wahl, gehe auf /settings und lade irgendwas.json über den Import-Button hoch.
- Voilà, man genieße die neue Instanz.
Das funktioniert mit jeder Instanz >=0.19, man muss lediglich das "feddit.de" in der URL ersetzen. Und wenn das Webinterface funktioniert, geht das auch über den Export- Button in den Settings.
Weg 2:
Für die Leute, die keine offene Browser Session haben, hier ein kleines, aber funktionales Bash Script, welches im Ausführungsverzeichnis eine myFedditUserData.json erstellt, welche bei anderen Instanzen importiert werden kann.
Anforderungen:
- Linux/Mac OS X /Windows mit WSL
- jq installiert (Unter Ubuntu/Debian/Mint z.B. per
sudo apt install -y jq
Anleitung:
- Folgendes Script unter einem beliebigen Namen mit
.shEndung abspeichern, z.B.getMyFedditUserData.sh - Script in beliebigen Textprogramm öffnen, Username/Mail und Passwort ausfüllen (optional Instanz ändern)
- Terminal im Ordner des Scripts öffnen und
chmod +x getMyFedditUserData.shausführen (Namen eventuell anpassen) ./getMyFedditUserData.shim Terminal eingeben- Nun liegt im Ordner neben dem Script eine frische
myFedditUserData.json
Anmerkung: Das Script ist recht simpel, es wird ein JWT Bearer Token angefragt und als Header bei dem GET Aufruf von https://feddit.de/api/v3/user/export_settings mitgegeben. Wer kein Linux/Mac OS X zur Verfügung hat, kann den Ablauf mit anderen Mitteln nachstellen.
Das Script:
#!/bin/bash
# Basic login script for Lemmy API
# CHANGE THESE VALUES
my_instance="https://feddit.de" # e.g. https://feddit.nl
my_username="" # e.g. freamon
my_password="" # e.g. hunter2
########################################################
# Lemmy API version
API="api/v3"
########################################################
# Turn off history substitution (avoid errors with ! usage)
set +H
########################################################
# Login
login() {
end_point="user/login"
json_data="{\"username_or_email\":\"$my_username\",\"password\":\"$my_password\"}"
url="$my_instance/$API/$end_point"
curl -H "Content-Type: application/json" -d "$json_data" "$url"
}
# Get userdata as JSON
getUserData() {
end_point="user/export_settings"
url="$my_instance/$API/$end_point"
curl -H "Authorization: Bearer ${JWT}" "$url"
}
JWT=$(login | jq -r '.jwt')
printf 'JWT Token: %s\n' "$JWT"
getUserData | jq > myFedditUserData.json
@[email protected] hat mein Script auch in PowerShell nachgebaut, welches unter Windows ohne WSL auskommt: https://gist.github.com/elvith-de/89107061661e001df659d7a7d413092b
# CHANGE THESE VALUES
$my_instance="https://feddit.de" # e.g. https://feddit.nl
$target_file = "C:\Temp\export.json"
########################################################
#Ask user for username and password
$credentials = Get-Credential -Message "Logindata for $my_instance" -Title "Login"
$my_username= $credentials.UserName
$my_password= $credentials.GetNetworkCredential().Password
# Lemmy API version
$API="api/v3"
# Login
function Get-AuthToken() {
$end_point="user/login"
$json_data= @{
"username_or_email" = $my_username;
"password" = $my_password
} | ConvertTo-Json
$url="$my_instance/$API/$end_point"
(Invoke-RestMethod -Headers @{"Content-Type" = "application/json"} -Body $json_data -Method Post -Uri $url).JWT
}
# Get userdata as JSON
function Get-UserData() {
$end_point="user/export_settings"
$url="$my_instance/$API/$end_point"
Invoke-RestMethod -Headers @{"Authorization"="Bearer $($JWT)"} -Method Get -Uri $url
}
$JWT= Get-AuthToken
Write-Host "Got JWT Token: $JWT"
Write-Host "Exporting data to $target_file"
Get-UserData | ConvertTo-Json | Out-File -FilePath $target_file
Same energy as "You have unlimited PTO here, but we also have this nifty little thing called performance metrics"
Ich würde jetzt nicht direkt religiöser Hintergrund sagen. Der angegriffene wurde ja wahrscheinlich nicht angegriffen, weil er Christ war, sondern eventuell halt weil er gegen den Islam war. Das wäre dann eher linker Freiheitskampf für die unterdrückten.
@[email protected] Dein Ernst? Deine Haltung ist also, dass eine Messerattacke auf 5 Menschen, darunter unbeteiligte, bei einer simplen Kundgebung "linker Freiheitskampf" der "unterdrückten" Messerstecher ist, weil du die politische Message des Standes nicht gut findest?
This one is absolutely hilarious.
The guy allegedly knows his stuff from a technical point of view. And yet he searches for very specific info on google while logged in to his personal google account ~~and further links his personal accounts to a forum where he proceeds to advertise his darknet marketplace and to SO where he asks for very specific advice~~?
This muppet searched for very specific infos on components he wanted to develop on his *personal fucking google account and implemented them shortly afterwards.
He literally panic searched, again, on his personal google account on Google in order to debug his server going down - minutes after the FBI temporally took his server physically offline to grab an image from it.
I expected elaborate timing and traffic correlation attacks, I got a stupid scammer treating his drug empire as a hobby project for his resume. Glorious.
Interesting read.
So, in short:
- The attacker needs to have access to your LAN and become the DHCP server, e.g. by a starvation attack or timing attacks
- The attacked host system needs to support DHCP option 121 (atm basically every OS except Android)
- by abusing DHCP option 121, the attacker can push routes to the attacked host system that supersede other rules in most network stacks by having a more specific prefix, e.g. a 192.168.1.1/32 will supersede 0.0.0.0/0
- The attacker can now force the attacked host system to route the traffic intended for a VPN virtual network interface (to be encrypted and forwarded to the VPN server) to the (physical) interface used for DHCP
- This leads to traffic intended to be sent over the VPN to not get encrypted and being sent outside the tunnel.
- This attack can be used before or after a VPN connection is established
- Since the VPN tunnel is still established, any implemented kill switch doesn't get triggered
DHCP option 121 is still used for a reason, especially in business networks. At least on Linux, using network namespaces will fix this. Firewall mitigations can also work, but create other (very theoretical) attack surfaces.
Emotet
0 post score0 comment score
joined 1 year ago
Yeah, that's one of those tropes I hate pretty much everywhere, but (old) Star Trek is great enough to look past it.
They are skilled and professional. But how incompetently was the playbook written, if pretty much everyone can come up with something previously not derived spontaneously, if it's that easy?