We have significant lithium mines in Australia, we produce the most lithium in the world presently. Zero child or slave labour.

I’ve used it several months and can recommend it. No issues so far and seems to get regular updates for bugfixes and minor new features.

Yeah DuckDNS gave me many false positive outages where its resolution failed, for multiple half-days every year I used it (5yrs+).

I moved to the afraid.org and its been solid, if anyone’s looking for another free service - only cost is you have to log in once every six months to validate your account is not dormant. They have a paid tier which gives more features (that most home users will never need), and that allows the guy running it to fund a very reliable service.

I’m surprised the amount of people saying they have had no issues with DucksDNS. I’ve used it for about five years and had issues on and off with it being unresponsive many times.

Gave up and moved to afraid.org about a year back and that’s been a very solid service ever since.

“Runicphobia” is a non-existant phobia.

You have a persecution complex.

P.S. I just have 🍻

“Pretty sure it’s a type of bigotry I just invented to suit me”.

People are downvoting because they can’t read it and this is an English language forum. They’d do the same to commenters posting everything in latin - it’s not helpful to post like this in this community, which is why repeat offenders become downvote magnets (or just blocked).

People would also downvote if comments were being posted in latin or mandarin on an English language comminity: its unreadable to most of the participants and thereby negatively contributory to the discussion.

remembers Gofer programming language from CS unit and shudders

Every Catfriend build since v2 has been reproducable. Most apps on F-Droid are and they are encouraging it for all devs, to build trust.

https://verification.f-droid.org/packages/com.github.catfriend1.syncthingfork/

Update from Simon aka imsodin, Syncthing Maintainer

tl;dr for android users: No need to switch apps at this time, the current install continues to work and is safe. If you can disable app auto-updates, please do that for now to be on the safe side.

Good news: Had a good chat with @nel0x. He is a collaborator on researchxxl’s repo and just marked those releases as “pre-release”, which prevents the obtainium auto-upgrades. So we are back to no immediate risk for users and we can take it slowly, trying to establish communication and more context. It’s still possible and imo likely that nothing nefarious is going on, just a very suboptimal handover that needs clearing up. There’s no need to go dig for repos on github, the technicalities of continuing to publish an app are not an issue - the open/relevant points are about a possible direct continuation of the existing app (or not), the time/effort that needs to be volunteered to publish an app and the trust in whoever does that. Hopefully we can work something out. If you are interested in helping maintain the app, let us know, other than that imo nothing to do here except if you are a user, to do the above in the tl;dr and every now and then check-in on the status (now and then being more like every week than every hour 😉 ).

https://forum.syncthing.net/t/does-anyone-know-why-syncthing-fork-is-no-longer-available-on-github/25661/58

Sounds like a really good reason not to use Obtainium, if any repo you have tracked for updates can just redirect you to a completely different repo If they have the keys - and throw no complaints when updating to an entirely different apk.

With F-Droid they at least have to have the same signing keys, and the code must be a replicable build by F-Droid’s internal apk signature copying process - meaning the code for the supplied APK always matches the code on the repository for the build.

Two reasons: laziness (glue trap goes in the bin without having to clean it, and effectiveness (not much escapes them).

Both are bad reasons, given the additional environmental costs and inhumane method.

I don’t like Obama but the Nobel Prize Committee has the opportunity to do the funniest thing here.

Give Michelle Obama the peace prize.

Edit: lol ok a Venezuelan working to remove an illegally-elected president is a great second choice and should chafe Mango Mussolini badly.

The Onion used to have much more subtle buffoons and villains to satirise. It’s definitely much harder for them now, I was eating the onion on this one also. Spider senses tingled when I read this line though - far too clean of a segue for Trump, and the disjoint is an after-thought, which made it read false.

“I don’t think it would kill the committee to give me the prize, not that these boats couldn’t easily kill them, easily.”

I played a few DoTA games with friends while this was occurring and twice during gameplay approximately 10 seconds of play experienced some server-side lag for everyone in the game - there were moments of confusion that rapidly passed. Steam ops team did well.

Truly a tremendous impact and a fantastic use of the attackers time and resources.

Haven’t seen anyone say this so I will: if your home isn’t Fort Knox or a billionaire bunker, then presume it will be broken into. If they don’t steal your shit, they might just smash it for funsies. If you’re running home lab, you probably don’t have the money to turn your home into Fort Knox, but even if you did you’d probably be better off removing the need:

1. back important data up to another site automatically: Friends house, family, cloud, etc. Preferably far away.
2. encrypt everything that’s got private data on it, both onsite and remotely.

Then you don’t have to worry about theft or damage or fire. Congrats, you’re doing better than probably 50% of businesses-grade setups.

The difference is that passworded zip files are used to distribute malware regularly. For a few reasons such as they’re very simple to use (malware creators are often lazy) and they can be generally be unpacked with preinstalled libraries or programs on the OS. A random encrypted file will require a DLL or runtime that can unpack the blob, and antivirus engines find that kind of stuff packaged together very sus.

Thanks for the effort digging. This does not actually point out any game doing it in particular though, and it’s actually a perfect example of a working antivirus picking up a suspect file (a password protected archive) in a game’s install tree.

This is from Aug 2024 and could even be from one of the games that distributed malware. Its absolutely something that Steam should be blocking/flagging for manual review, and a huge red flag that any developer would use this as a tool for distributing their game content.

Good it is not when the recommendation from security experts and reporters is to avoid any Steam games with low numbers of installs / reviews and betas from small companies. That’s where we’re at now.

https://www.bleepingcomputer.com/news/security/verified-steam-game-steals-streamers-cancer-treatment-donations/

Nobody reviews game code, as game code is not supplied, only binaries with their relevant resources. There are many security providers that would be able to provide better service that whatever Valve is doing - but who knows, because they keep tight-lipped about it every time there’s an issue, and just patiently await their defenders to hand-wave any concerns.

It literally contained a known version StealC malware in its payload, and had basic python scripting with the Telegram bot code and access tokens left visible to researchers (very bad OSINT). This was not sophisticated scripting, nor novel malware, just some script kid that sourced the whole setup on Telegram. The malware would easily have been captured by a competent security company’s automated scanner.

https://www.bleepingcomputer.com/news/security/verified-steam-game-steals-streamers-cancer-treatment-donations/