a surprisingly disappointing article from ars, i expect better from them.

the author appears to be confusing “relay attacks” with “cloning” and doesn’t really explain the flow of the attach that well.

really this just sounds like a complicated MitM attack, using the victim’s phone as the “middle” component between the victim’s physical card and the attacker’s rooted phone.

the whole “cloning the UID attack” at the end of the article is irrelevant, NFC payment cards don’t work like that.

Microsoft creates secure boot: “we should be able to run whatever we want on our hardware!”

Microsoft lets users install crowdstrike on their computer: “Microsoft shouldn’t let us run this on our hardware!”

you’re so close, just why exactly do you think people are using it for these things it’s not meant for?

because every company, every CEO, every VP, is pushing every sector of their companies to adopt AI no matter what.

most actual people understand the limitations you list, but it’s the capitalists at the table that are making AI show up where it’s not wanted

the hostname of a website is explicitly not encrypted when using TLS. the Encrypted Client Hello extension fixes this but requires DNS over HTTPS and is still relatively new.

just a guess, but in order for an LLM to generate or draw anything it needs source material in the form of training data. For copyrighted characters this would mean OpenAI would be willingly feeding their LLM copyrighted images which would likely open them up to legal action.

open source software getting backdoored by nefarious committers is not an indictment on closed source software in any way. this was discovered by a microsoft employee due to its effect on cpu usage and its introduction of faults in valgrind, neither of which required the source to discover.

the only thing this proves is that you should never fully trust any external dependencies.

a decentralized community that correctly prioritizes security would absolutely be using signed commits and other web-of-trust security practices to prevent this sort of problem

you understand there’s more than one way to have an economy right? that there’s more than one way for labor to be rewarded for its output?

saying “our economic system needs to end” has nothing to do with what you wrote

SMS is literally the bottom of the barrel though

assuming you have a GNU toolchain you can use the find command like so:

find . -type f -executable -exec sh -c '
case $( file "$1" ) in (*Bourne-Again*) exit 0; esac
exit 1' sh {} \; -print0 | xargs -0 -I{} cp {} target/

This first finds all executable files in the current directory (change the “.” arg in find to search other dirs), uses the file command to test if it’s a bash file, and if it is, pipes the file name to xargs which calls cp on each file.

note: if “target” is inside the search directory you’ll get output from cp that it skipped copying identical files. this is because find will find them a free you copy them so be careful!

note 2: this doesn’t preserve the directory structure of the files, so if your scripts are nested and might have duplicate names, you’ll get errors.

why use docker here? you’re just adding layers of abstraction in an environment that can’t seem to really support them.

that said, switching to 32bit linux, if the VPS supports it, will save you memory.

no, and that’s be a pretty bad idea, you’re opening up all your internal hosts to the public internet.

a VPN is specifically designed to keep all your internal hosts off the public internet. When you authenticate with the VPN server the remote device you are using effectively “joins” the internal network, using the VPN to act like a tunnel between you and your network.

it has the benefits of better security as well as the fact that once you set it up, you can access any services you host, not just HTTP ones.