The bug, according to Kokorin, only works when sending the email to Outlook accounts.
Sounds like it’s something client side or specific to Microsoft’s o365/outlook.com servers. Could be the exploit bypasses header verdicts for SPF/dkim/dmarc
It says in the article that this won’t apply to org member accounts yet, but I wonder how it’ll work eventually. Member accounts created via account factory don’t even have a password, so you have to go through email account recovery to set one and then set up MFA. If this only applies to root users with passwords, that’s fine, otherwise I hope account factory will get a way to set up PW/MFA on a generated root user.
Schlage’s Zwave/Zigbee stuff works really well with Home Assistant. Ours have been hooked up since day 1 and don’t have any issues that I know of
The subtitle of the article says it’s not available in the US -
PC Manager app is only available in some regions, but could come to the US eventually
https://github.com/microsoft/MS-DOS/blob/main/v4.0/src/DOS/CTRLC.ASM
; The user has returned to us.
So ominous.
; Well... time to abort the user.
Goodbye
It does need other iPhones nearby that have internet connection. We got a handful to test for family during our trips last November even though we both use Android. They didn’t report in when we were away from other people, but kept location decently when in crowded places like the airport. Android has ways to detect when they are following you, but don’t participate in reporting metrics to the source (maybe that’ll change with upcoming Find My Device features in Android 15)
I bought Minecraft a month before Beta came out and man what a deal that was. Only something like $10. I got thousands of hours out of that over the following 5ish years. I don’t play it as often any more, but I still think it was worth it
If there’s an option on the AP to not permit link local routing within a vlan/ssid, that will force all traffic up to the firewall. Then you can block intrazone traffic at the firewall level for that vlan.
I’ve seen this in Meraki hardware where it’s referred to as “client isolation”. Ubiquiti might be able to do this too.
Allagans secretly powering Home Assistant
In shorter terms to what the other comment said, your website won’t work in networks that use DNS served by your DC. The website is fine on the Internet, but less so at home or at an office/on a VPN if you’re an enterprise.
“I can’t go to example.com on the VPN!” was a semi common ticket at my last company 🙃
Right, and the data in Texas contains your address and name attached to it. It’s all public, you can’t avoid it. I don’t know about other states but I assume it’s the same
If you’re paying property taxes, you’re going to be in a database. At least here in Texas, all addresses (home, business, empty land) are in the county’s appraisal and tax database that’s publicly searchable.
Firefox Mobile can open PDFs fine - https://lemmy.blahaj.zone/pictrs/image/1c51814a-c761-4325-baa1-346e8ae2e7fb.png
Not sure what temp and humidity levels a terrarium is expected to have, but Shelly makes a good device for monitoring both - https://www.shelly.com/en/products/shop/shelly-h-and-t-white.
Or one with a screen (still smart) - https://www.shelly.com/en-us/products/shop/shelly-h-and-t-gen3-1/
We use the latter in our bedroom which triggers the power outlet to a humidifier if it gets too dry when we’re sick.
Android Auto is a specific system that mirrors app contents from your phone. It’s basically an extended monitor for your phone with specific formatting to be car usage friendly. It doesn’t do anything about a car’s embedded systems
Short answer, likely yes. It’s not definitive, you could still slip by after sending enough mail, but you are also very likely to get whacked because that VPS IP doesn’t have an email sending reputation.
Longer answer, email gateways like Google, Microsoft, and Proofpoint don’t really care who owns what IP. Well, they might, but they’re more concerned about the sending habits of an IP. While you might send good mail from that IP, there’s no reputation for it, so you could be whacked for having a neutral reputation (the ol’ credit score dilemma but for email).
In order to have a good reputation, you have to send a large volume of messages very gradually over several weeks to “warm” your IP as a reputable sender. I went over this slightly more in detail in another reply, but this article is pretty concise on how an enterprise accomplishes this with a dedicated IP at a provider like SendGrid: https://docs.sendgrid.com/ui/sending-email/warming-up-an-ip-address
It’s about sample size. Mail gateways won’t designate an IP as a reputable sending IP until it assesses a large volume of mail sent over a long period of time. You can’t send the quantity it wants all at once or even in a short window because then you’ll be designated as a spammer. So you start small with a few a day and gradually ramp up sending over multiple weeks or months to eventually send several thousands of messages in that period.
Spammers and malicious actors too often spin up new IPs for sending mail, so gateway patterns already implicitly mandate that email should come from IPs it’s already judged reputable.
You as an individual can’t reasonably warm your own IP. This is why services like Amazon SES or Sendgrid exist because they have huge IP pools that are ready to go. Plus, those services are very concerned with reputation and have bounce/complaint metrics defined to warn customers that abuse or poorly configure their sending habits.
This next example is what I’m most familiar with, but I’m sure there are other services like this. If you’re a big enterprise and want your own dedicated sending IP because you’re concerned about using a shared pool, you could use something like Amazon Pinpoint which allocate IPs for your org to use in SES, but they have to be warmed before you switch your production workloads over to it full-time. It automates some of the gradual-ness of warming so you use a mix of SES plus your Pinpoint IPs to keep mail flowing for your product.
It looks like Sendgrid also does dedicated IP warming guard rails too. This article is pretty decent for understanding how it works - https://docs.sendgrid.com/ui/sending-email/warming-up-an-ip-address The per-day warming limits give you an idea of what scale this kind of process is used for.
Definitely listen to this. IP Warming is a very real problem and you have to send thousands of messages at a very gradual rate for most email gateways to 1) mark you as a proper email sender, and 2) classify you as a reputable one that isn’t sending spam. Using a public/private cloud IP isn’t enough, it should be a service already used for mail sending.
If you self host sending email and ignore using a service for outbound, make sure it isn’t at home. ISPs often block SMTP traffic to keep people from spamming others from their home. A lot of IP blocklists also auto block home IPs so you may not ever get your messages delivered.
Make sure to set up SPF/DKIM/DMARC. At the very least SPF, DKIM if the platform supports it, and ideally all three or SPF+DMARC. It’s not that hard to configure if you do it as you go instead of years down the line after you have a dozen services sending mail as your domain.
If it’s any consolation, this is the first issue of its kind in the multiple years we’ve been using CS. Still unacceptable, but historically the program has been stable and effective for us. Hopefully this reminds higher ups the importance of proper testing before releases