FWIW with virus total, you don’t even need to upload the file, just provide the hash to see if is known to virus total. The name may be auto generated which wouldn’t help much in searching, but the hash is based on the file contents.

Removed by mod

deleted by creator

The standard is called TOTP and Google became synonymous with it because they pushed it in the late 2000s for Gmail and have a large user base. Other sites did have systems beforehand, like Paypay which had a dedicated fob, but that was not widely used. Gmail was likely most people’s first experience with MFA and Google pushed their own Authenticator app (and didn’t really advertise that others could be used). As other sites got on board, it was easier to tell people to use the app they use for google to get their code, since you could assume people had the app.

Basically that made a situation where people who had a different TOTP app knew their app would work with “Google Authenticator” but for those without an app or using Google Authenticator, they were likely unaware of the interoperability and standards behind the mechanisms.

They are requiring Plex Pass for all remote sessions, even ones which don’t go through plex servers, where your client connects to your remote plex server directly. IMO, this should not require Plex Pass if the remote stream is not going through Plex’s server.

Also since the April 2025 update where they required the payment, the “new experience” apps have been terrible, and people have been side loading the old apps because they retain core functionality. Maybe there was a technical reason to release new apps to enforce the Plex Pass requirements, but it has been a terrible experience being told to pay money and then getting a worse experience, compared to what was free a year ago.

Right, I’m aware of tax companies doing this. I’m not sure if PII deletion services are doing the same, but they do benefit by having weak data protection laws. What I meant is it wouldn’t surprise me if data deletion companies are also lobbying against what’s best for Americans, the same way tax prep companies do.

How do you think Alice and Bob met?

I would assume they do something, but I have not used any of these services myself. My feeling is they’re kinda like the tax filing software, they might be useful tools, but their whole business relies on things being unnecessarily burdensome for the average person. I wouldn’t be surprised if it came out that these companies lobby for lax regulations for data brokers, just enough for their product to be useful but not enough to put them out of business.

Overall, I feel if I freeze my credit, and occasionally google my name for data broker websites, going through the opt-out on the ones, I think that’s enough to put me above 90% of the US population, and then it’s just a numbers game of not getting scammed.

Whenever I’m sick I will always just put on The Venture Bros. while I recover. The show spanned so many years, makes me feel better watching the show evolve and remembering what point in my life I was in when various episodes aired.

Assuming this is in the United States of America, this is not necessarily true based on a recent supreme court case, Warner Chappell Music, Inc. v. Nealy, the U.S. Supreme:

https://www.supremecourt.gov/opinions/23pdf/22-1078_4gci.pdf

https://www.skadden.com/insights/publications/2024/05/supreme-court-clarifies-that-copyright-damages-are-not-limited-to-three-years

On May 9, 2024, in Warner Chappell Music, Inc. v. Nealy, the U.S. Supreme Court ruled 6-3 that a copyright owner is entitled to monetary relief for timely infringement claims — i.e., claims brought within the Copyright Act’s statute of limitations — no matter when the infringement occurred. This could potentially allow some plaintiffs to claim damages stretching back many years into the past.

The majority “assum[ed] without deciding that a claim is timely under [Section 507(b)] if brought within three years of when the plaintiff discovered an infringement, no matter when the infringement happened.”

123 Fake Street, got it!

Plus google doesn’t really care if the obscure LucasArt codec is actually fixed, they’re raising the bugs publicly to sell their AI. This is marketing, not security. The more bugs it finds the better, since sales doesn’t care about the quality of the bugs found.

Non-paywall link: https://archive.is/20251105220347/https://www.wired.com/story/welcome-to-mamdanis-surveillance-state/

Wow this is so good. Love the judge in this case:

Proven had demanded a preliminary injunction that would stop McNally from sharing his videos while the case progressed, but Proven had issues right from the opening gavel:

LAWYER 1: Austin Nowacki on behalf of Proven industries.

THE COURT: I’m sorry. What is your name?

LAWYER 1: Austin Nowacki.

THE COURT: I thought you said Austin No Idea.

LAWYER 2: That’s Austin Nowacki.

THE COURT: All right.

When Proven’s lead lawyer introduced a colleague who would lead that morning’s arguments, the judge snapped, “Okay. Then you have a seat and let her speak.”

Still not sure what you’re talking about. What was the sensitive information stored on servers that got sold?

What is the context for the sensitive information being sold?

because you don’t know what the last person using that IP did

See also: why you don’t wear a condom someone else came in

MAC address is in the data link layer of the networking stack, and would only be seen by other devices on the same network as you. This isn’t visible to websites you visit (unless you’re on the same subnet), and as TCP packets go through network hops, the MAC address is replaced with with the routers MAC address for each hop.

The reason for MAC address randomization (standard on iPhone and Android) is not for anonymity to the websites you visit, but is there to anonymize the wifi broadcasts in your general vicinity, like a 30 meter radius. The MAC address is randomized so that broadcasts to check wifi networks while you’re out and about can’t be used to track your physical location.

It just takes one time logging in without having VPN enabled for your account to be associated with a location. Their ad network probably filters out known VPN IPs, or IPs from countries where there are no ads to serve up, which might leave the only valid IP address associated with their account to be used.

I’d like to believe, but the source for the article is a random Medium article which claims there were leaked document, but the headline is clearly click bait. The medium post doesn’t go into any details about this, it just outlines some open source tools with “ai” to do basic tasks to run your infrastructure in AWS, not what any engineer working for AWS would actually be doing.