[-] [email protected] 8 points 10 hours ago

He looks like the "me marrying your dad" comic face. Like a weird smug yet angry look. Handsome Jack looking motherfucker.

[-] [email protected] 11 points 1 day ago

Bro is onto fucking nothing with this one, like what are you even saying with this

[-] [email protected] 34 points 1 day ago

Here's my attempt at copying the article for readers:

To Fight ‘Shrinkflation,’ France Will Force Retailers to Warn Shoppers

  • Merchants will be required to put signs in front of all products that have been reduced in size without a corresponding price cut.

For months, the shelves of Carrefour, France’s biggest supermarket chain, have been dotted with bright orange signs placed in front of Pepsi bottles, Lays potato chips and a variety of other foods whose packages are suspiciously smaller than they used to be.

“Shrinkflation,” the signs say. “This product has seen its volume decrease and the price charged by our supplier increase.”

On Friday, the French government took steps to require every food retailer in the country to follow suit. By July 1, stores will have to plaster warnings in front of all products that have been reduced in size without a corresponding price cut, in a bid to combat the consumer scourge known as shrinkflation.

“The practice of shrinkflation is a scam,” Bruno Le Maire, France’s finance minister, said in a statement. “We are putting an end to it.”

The government is also encouraging shoppers to act as informers, urging those “who have doubts about the price per unit of measurement displayed on the shelves” to flag it to the authorities via France’s consumer reporting app.

The fight against the practice of downsizing products without also downsizing their prices has picked up in the United States, where President Biden has shamed food companies for raising prices even as inflation cooled.

Shrinkflation has become a point of outrage for shoppers in France, and a political issue for President Emmanuel Macron as consumers continue to grapple with a cost-of-living crisis. Although inflation has recently come down in Europe from the record highs of a year ago, the prices of many food products remain elevated.

Inflation in the eurozone fell to a new two-year low in March, the result of an aggressive campaign of interest rate increases by the European Central Bank. European governments had also worked to ease prices for energy and food, through subsidies for electric bills and by negotiating with food manufacturers to force prices down.

In France, inflation has fallen now more than a third from a year earlier, but higher food prices have been persistent. A typical basket of food basics that includes items such as pasta and yogurt is 3 to 5 percent higher than it was a year ago, after a 16 percent surge for 2023.

Mr. Macron had promised to wrestle food costs down further this year. The government moved up annual price negotiations between suppliers and retailers in February, and put pressure on companies to limit increases.

The shrinkflation campaign is the latest weapon. Stores will have to display signs for two months after downsized products have been put on their shelves, according to the government decree issued Friday. The signs will appear near a variety of goods made by food companies, as well as for the supermarket’s private-label brands, from snacks and soda to bags of rice and laundry detergent. Prepackaged foods, like shrink-wrapped deli cold cuts or foods sold in bulk, will be exempt.

Many global consumer goods companies have raised prices by double-digit percentages in the past year, attributing the increases to higher costs of ingredients and labor. Even so, many of those companies have reported expanding profits as they sell fewer items at higher prices.

The issue came to a head in France last year when Carrefour announced that it would no longer sell PepsiCo products because the prices were “unacceptably” high for consumers, escalating a showdown by French retailers to name and shame brands that were not reducing prices as inflation eases.

As part of its campaign, Carrefour also put up shrinkflation posters next to products like Lipton tea warning shoppers that they were paying a higher price for a product whose volume had shrunk.

France has submitted a proposal to the European Union that would force food retailers throughout Europe to carry out a shrinkflation labeling campaign.

[-] [email protected] 212 points 1 day ago

I wish we had a small percent of what France does for its consumer rights in the United States.

[-] [email protected] 50 points 5 days ago

I think YouTubers make fractional pennies from Ads, and mostly only if its fully watched and sometimes clicked to go to the website. So if you get a 15 second ad, and skip to the content, you didn't give the creators any money.

Also, shout out to those ads being horrible. My first time ever installing an adblocker was during a rapid anti-smoking campaign, that had body horror. 15 year old me didn't want to smoke, nor wanted to after, but it was so disturbing that I learned how to avoid them.

Not even going into the disturbing or weird ads. One time I got an ad for a "Ching Chong Fing Fong shirt company" as a way of mocking Chinese people because their government sucks. Another time, I got a full 12 hour video by a Vietnamese couple just grilling in their backyard. No subtitles, not even sure if they were aware they enabled their videos to do that, or didn't fully understand the process of uploading videos.

Anytime I see actual ads on the internet, not just YouTube, it just makes me go "I am perfectly justified in not seeing these weird ads." I don't give them any money no matter what I do, so why not have my eyes saved from bright flashing colors and scam artists?

[-] [email protected] 1 points 6 days ago

Dry herb vapes rule!!

[-] [email protected] 11 points 6 days ago

And still boomers in the government went after legally obtainable nicotine vapes, instead of doing anything for the fact it was black market THC vapes.

In States where it's illegal, it's still illegal. In States where it's legal, they could have cracked down on it.

And in my home state of California, they banned flavored vapes for "marketing to children" but didn't touch flavored alcohol or anything similar.

[-] [email protected] 13 points 6 days ago

I can't exactly share them, but it was originally about how you should be aware of what's going into your body, and how while weed isn't as bad as tobacco, it's still not something that's great for you to inhale.

Then a series of jokes of how "I can't inhale cum?" "I can't inhale crack?" And then somehow this one.

438
submitted 6 days ago by [email protected] to c/[email protected]
[-] [email protected] 102 points 1 month ago* (last edited 1 month ago)

I'm sorry to hear about this, do you have some links to your GitHub and the interactions?

EDIT: I checked Leah's Mastodon, found this interaction: https://files.catbox.moe/6dftac.png https://mas.to/@libreleah/111997718668105706 And here's the IRC interaction: https://av.vimuser.org/lorenzo.txt

https://libreboot.org/contrib.html#lorenzo-aloe

I haven't taken the time to read all of this fully, simply trying to share info that is not supplied by either parties.

EDIT: Taking more time to read it, it seems so far:

OP's code was buggy and bricking boards. Leah requested a patch to solve the known problems. OP took too long, and when Leah got a personal copy of the same computer/board, she worked on her patch and implemented it. OP is still listed on the site. https://libreboot.org/contrib.html#lorenzo-aloe

Provided hardware testing for the Dell OptiPlex 9020, also provided testing for proxmox with GPU passthrough on Dell Precision T1650, confirming near-native performance; with this, you can boot operating systems virtually natively, performance-wise, on a Libreboot system in cases where that OS is not natively supported.

All round good guy, an honest and loyal fan.

I personally have not written any code nor submitted anything to Libreboot, but it seems OP is still credited despite the claims of being stolen. I can't confirm if any code was used by OP or if Leah used 100% original code, as that's not my expertise. And even then, I'm not sure if the GPL/whatever license Libreboot uses is cool or uncool on that.

42
submitted 1 month ago by [email protected] to c/[email protected]

Here's the basics of my set up for what I can bring around:

  • A Crucial 1TB M.2 Drive
  • A M.2 Drive Enclosure that has USB 3.1 Gen 2 output So with these together are desktop performance in a small thing. It is not a flash drive that just gets ruined in like 3 months of constant use.

And with these, I use a Ventoy set up called Medicat. I love it, and there's no issue with it for me, besides that Medicat/Microsoft requires NTFS for Windows stuff. Aside from standard NTFS bullshit, it's wonderful.

Since I have so much space, I had the idea of storing a Linux set up for on the go use on any laptop/computer without needing to sign into 10 websites for one time use. Here's my two methods of how to do it:

  • Make a persistent data block for Fedora/Ubuntu/etc. and make a Live ISO point to it, then boot from Ventoy into the ISO, which then handles mounting the "drive".
  • Clear a space on the drive, install a distro like Fedora/Debian and encrypt it, allowing me to just run apt upgrade and move on like a normal PC.

Here's the upsides and downsides to both that I can see, just thinking about it.

Persistence:

  • ✅ Don't need to fuck with partitions of NTFS, last time I tried to shrink the drive NTFS had a breakdown and I couldn't fix it.
  • ✅ Can expand the persistence as time goes on
  • ❌ NTFS constantly has issues with me, where I can cleanly eject the drive but I need to run ntfsfix to make it work again, and I don't know when that will happen in the future.
  • ❓ Not sure how it will go with Arch Linux, but that might be a bad choice for a drive I boot into for fun/infrequently.

Partition and full install:

  • ✅ Easier to just get going, point an ISO to install there and good to go.
  • ✅ Easier to upgrade to new packages/editions, instead of downloading new ISOs and pointing it each time. I'm unsure if it would let me use a .dat file from Fedora 36 for Fedora 40, for example.
  • ✅ I can encrypt it so I don't need to worry about people nabbing it and messing with personal files.
  • ✅ I can use something like ext4 or btrfs, so I don't need to rely on NTFS.
  • ❌ Trying to resize NTFS was really fucky, and felt like I was breaking something. I did break it, and had to reinstall Medicat/Ventoy.
  • ❓ I'm unsure of how to boot from it and keep Medicat/Ventoy as the main option. Maybe create a file on Ventoy to boot the distro? Maybe it varies from BIOS to BIOS?

Wanting to hear the thoughts from people smarter than me, maybe have done this before. I just want to make it clear It's not a USB flash drive, this won't break randomly from one too many R/Ws.

[-] [email protected] 86 points 2 months ago

Can someone try to "Little Bobby Tables" them? Just put some SQL injection shit to make the servers more of a dumpster fire?

38
submitted 3 months ago* (last edited 3 months ago) by [email protected] to c/[email protected]

Hello! The TL;DR is:

I have an m.2 drive that is in a sturdy enclosure that has 1 TB. I have Ventoy with Medicat on there, with some backups of important data.

I still have a lot of room left on there, so I was thinking what else I could do, and the idea of basically installing a Linux Distro to a chunk of free space on there. Maybe Debian/Fedora or Arch.

Is there anything I should be aware of to help not break that system or rapidly kill the drive? It's not a USB flash drive, it's a M.2 drive that's put on a small board that then allows it to talk via USB C/Thunderbolt.

EDIT: Just to be sure, if I use Ventoy's EFI, do I need to be worried about a conflict with the bootloader of the Linux install?

163
submitted 4 months ago by [email protected] to c/technology

Firmware security company Binarly on Wednesday disclosed the details of an attack method that can be used to compromise many consumer and enterprise devices by leveraging malicious UEFI logo images.

The attack method, dubbed LogoFAIL, exploits vulnerabilities in the image parsers used by the UEFI firmware to display logos during the boot process or in the BIOS setup. Getting the affected parsers to process a specially crafted image can enable the attacker to hijack the execution flow and run arbitrary code.

Hackers can use the LogoFAIL attack to compromise the entire system and bypass security measures such as Secure Boot.

“These vulnerabilities can compromise the entire system’s security, rendering ‘below-the-OS’ security measures like any shade of Secure Boot ineffective, including Intel Boot Guard. This level of compromise means attackers can gain deep control over the affected systems,” Binarly explained.

Binarly’s analysis showed that UEFI vendors use various types of parsers for BMP, PNG, JPEG, GIF and other types of images. The security firm’s research targeted firmware from Insyde, AMI and Phoenix and led to the discovery of two dozen vulnerabilities, more than half of which have been assigned a ‘high severity’ rating.

The impacted firmware is shipped with hundreds of consumer and enterprise computer models — including x86 and ARM-based devices — made by companies such as Acer, Dell, Framework, Fujitsu, Gigabyte, HP, Intel, Lenovo, MSI, Samsung, and Supermicro. This means millions of devices worldwide could be exposed to attacks.

A LogoFAIL attack can be launched by abusing the firmware update procedure to replace the legitimate logo with a malicious version. Attacks through physical access may also be possible, using an SPI flash programmer, assuming that the logo is not protected by hardware verified boot technologies.

Some vendors — this includes Intel, Acer and Lenovo — offer features that enable users to customize the logos displayed during boot, which can make it possible to launch LogoFAIL attacks from the OS, without the need for physical access to the device.

It’s important to note that while image parser vulnerabilities have been found in devices from all of the aforementioned vendors, they cannot always be exploited. In Dell’s case, for instance, the logo is protected by Intel Boot Guard, which prevents its replacement even if the attacker has physical access to the targeted system. In addition, Dell does not offer any logo customization features.

Details of the attack were presented by Binarly at the Black Hat Europe conference on Wednesday, and the company has published a technical blog post describing its findings.

The security firm has published a video showing a proof-of-concept (PoC) LogoFAIL exploit in action, demonstrating how an attacker who has admin permissions on the operating system can escalate privileges to the firmware level.

The vulnerabilities were reported to impacted vendors through CERT/CC several months ago, but it can take a lot of time for patches for these types of security holes to reach end devices, even if vendors create the fixes.

[-] [email protected] 638 points 5 months ago

"They're the same picture."

Also, that does not explain why:

  • Chrome users who use an adblocker don't get the issue
  • Firefox users who do not use an adblocker get the issue
  • FIrefox users who use an adblocker, but change User Agent to Chrome, don't get the issue

Now, if only we knew who made Chrome and YouTube... The mind boggles.

274
submitted 5 months ago by [email protected] to c/[email protected]

Microsoft is singing the praises of the new Outlook and wants to persuade users to switch. But beware: if you try out the new Outlook, you risk transferring your IMAP and SMTP credentials of mail accounts and all your emails to Microsoft servers. Although Microsoft explains that it is possible to switch back to the previous apps at any time, the data will already be stored by the company. This allows Microsoft to read the emails. Start menu shows new Outlook as recommended app

The new Outlook now appears as a recommended app in the Windows Start menu of Windows 11 devices with the 2023 update. The Outlook client itself also offers to test the new Outlook version with a "The new Outlook" switch. This is still under development, but is set to replace the mail program and the calendar included in Windows in 2024. In a recent tech community article, Microsoft employee Caitlin Hart also explains that it will also replace the classic Outlook. However, unlike the Windows Mail and Calendar apps, the timetable for this has not yet been set.

When adding a mail account in the new Outlook that is not hosted by Microsoft but is located on company mail servers, for example, the program displays a message. It links to a support article that simply states that non-Microsoft accounts are synchronized with the Microsoft cloud, whereby Gmail, Yahoo, iCloud and IMAP accounts are currently supported. The new Outlook also does this in the versions for Android, iOS and Mac. This means that copies "of your email, calendar, and contacts will be synchronized between your email provider and Microsoft data center". This gives the company full access to all emails and allows it to read and analyze them. Microsoft wants to provide functions that way that Gmail and IMAP do not offer. Warning message of the new Outlook version when adding a non-Microsoft account

The note makes you wonder: What does Microsoft transfer where? When creating an IMAP account, c't was able to sniff the traffic between new Outlook and the Microsoft servers. It contained the target server, log-in name and password which were sent to those Servers of Microsoft. Although TLS-protected, the data is sent to Microsoft in plain text within the tunnel. Without informing or inquiring about this, Microsoft grants itself access to the IMAP and SMTP login data of users of the new Outlook.

When switching from the old Outlook to the new one, it is installed the new software in parallel. Previously set up IMAP accounts are not automatically transferred, but the account stored in Windows is. During the test with Google accounts, authentication with OAuth2 was used. Users receive an authentication request and Microsoft does not receive any specific access data, but only an access token that users can revoke again.

An answer to our request for a statement from Microsoft is still pending. At this point in time, however, we must warn against trying out the new Outlook without thinking. In addition to all the emails, some credentials may even end up with Microsoft.

Microsoft already attracted attention with such data redirections at the beginning of the year. After Office updates were applied on Mac computers, Outlook redirected the data to Microsoft's cloud servers without any user notification. At that time, the remedy was to delete IMAP accounts and set them up again. However, this is obviously no longer helpful with the new Outlook.

The Federal Commissioner for Data Protection and Freedom of Information of Germany, Professor Ulrich Kelber, is alarmed by the data detour in Microsoft's new Outlook. He posted on Mastodon that he wants to ask for a report from the Irish Data Protection Commissioner, who is responsible for companies like Microsoft, during a meeting of the European data protection supervisory authorities on Tuesday of the coming week.

226
submitted 6 months ago* (last edited 6 months ago) by [email protected] to c/[email protected]

Title. Mainly asking for the library side, but PC cafe is also interesting to ask about.

Mainly since Windows 11 is 64-bit only, and it seems Windows 12 is going to subscription based on top of that, neither of which public libraries can afford tossing out computers and paying more in subscription fees than they make with overdue books.

My local library is only open for 2 days a week, due to a lack of funds for hiring more staff in the area. They use older Dell all in ones, and that just makes me think if they don't have the money for being open 5 days a week, they don't have the money to buy 4 new computers for the space.

Not even getting into the bigger libraries part of that system or the ones nearby. Some have 8 computers in groups, with 4 stations of groups.

So I was just wondering, if anyone has started or is aware of a Library/Public Computer focused linux-based OS? Perhaps one that allows immutable systems, and the library card system backed most use to enable end user access. Perhaps that's a config file tucked away somewhere.

And I guess the PC cafe OS is interesting, simply due to the fact that Linux gaming has been making huge strides, and PC cafes are still popular in Japan, Korea, and China.

EDIT: I am not in control or assistance to the library, just looking if there's a potential solution to libraries like mine. If I could give links to a library computer manager, or if I could give upstream bug reports to people making such software.

[-] [email protected] 170 points 6 months ago

https://www.macrotrends.net/stocks/charts/GOOG/alphabet/gross-profit

Alphabet gross profit for the quarter ending June 30, 2023 was $42.688B, a 7.85% increase year-over-year.

Alphabet gross profit for the twelve months ending June 30, 2023 was $160.503B, a 1.7% increase year-over-year.

Alphabet annual gross profit for 2022 was $156.633B, a 6.77% increase from 2021.

Alphabet annual gross profit for 2021 was $146.698B, a 50.01% increase from 2020.

Alphabet annual gross profit for 2020 was $97.795B, a 8.71% increase from 2019.

Huh, they seemingly have money to not fuck our eyes without lube for ads, but I guess they somehow just don't have enough money, 156 billion dollars is really nothing after all. Probably more money in between my couch cushions. Such a small indie company that has to struggle to remain afloat, like an Etsy store.

view more: next ›

queue

joined 8 months ago
MODERATOR OF
196