blog.dasrecht.net

With a min of max the opt!

Angelesen #85


Here we are again? Well, at least for now. I went on hiatus on the blog for a bit. Trying to get a monthly Angelesen out by changing the scripts a bit and give me less pressure of needing/wanting to deliver the post.

After YouTube starts to enshit their product, I’ve started looking into Invidious and started an instance to test around a bit with it. A few WordPress plugin lines later I was able to make sure the embedding works and I also think about replacing the already present YouTube links with invidious instance links to get a bit more privacy-friendly.

And now enjoy 🙂

Barcoders Jamming (youtube.com)

Das ich so zeug mag sollte unterdessen hinreichend bekannt sein…

USB-C head-to-head teardown (lumafield.com)

Does Apple’s Thunderbolt 4 cable really warrant its $129 price tag? Or does a $5 cable get the job done just as well? We’ve used our Neptune industrial X-ray CT scanner to uncover the hidden engineering differences between them.

Nice X-rays of Apple’s Thunderbolt cable – something for the nerds

Brave appears to install VPN Services without user consent (ghacks.net)

Only on Windows – But the browser snafu with Chrome in recent years finally pushed me over to Firefox.

Hacker leaks millions more 23andMe user records on cybercrime forum (techcrunch.com)

Well, shit happens – data that’s stored online is sadly always a risk. Please change your password and … your DNA

Open Book: 2023 #HackadayPrize Video (youtube.com)

Added to my list when my Kindle would give up at some point. It’s really nicely documented and does not look too hard to build, depending on if they implement additional e-book formats apart from plaintext 🙂

Fake Parts Found on Boeing, Airbus Jets Plague Airlines (bloomberg.com)

The discovery by an alert crew in Lisbon blew the cover off a massive aviation fraud that has left engine makers and their customers in a frantic race to stem the fallout. As a result of the fabrications, thousands of parts with improper documentation have wound up at airlines, distributors and workshops around the globe. From there, they’ve ended up inside jet engines, effectively contaminating a growing portion of the world’s most widely flown airliner fleet.
[…]
Airlines that have discovered suspect parts have been advised by regulators to remove them. In the case of AOG, these have turned out not to be harmless components like armrests or coffee machines, but instead bearings and turbine blades crucial to a modern jet engine.

Whoa, what a shitshow and the proof that even the tightest safety standards can be circumvented somehow

Archival Link

Noch kein Nachfolger: VW stellt Produktion von Kleinwagen Up ein (kleinezeitung.at)

Markenchef Thomas Schäfer begründete die Einstellung des zwölf Jahre alten Modells mit neuen Regeln für die Cybersecurity in Neuwagen, die ab Mitte 2024 gelten. Deshalb lasse man den Up auslaufen. “Leider”, wie Schäfer hinzufügte. “Wir müssten da sonst noch einmal eine komplett neue Elektronik-Architektur integrieren. Das wäre schlichtweg zu teuer”, sagte er der Deutschen Presse-Agentur.

Tschuldigungwas? Klar werden Autos und Anlagen mal gebaut und dann nagt der Zahn der Zeit daran. Aber wenn du Zeug auf den Markt bringst, das du einfach irgendwann nicht mehr betreiben kannst … alter … zum Glück haben wir keine kritische Infrastrukturen da draussen.

via Fefe

Sünneli-Aufgang in der rechts­extremen Szene (republik.ch)

Am Sonntag enthüllte Eberhard dann eine weitere Verbindung der SVP in rechtsextreme Kreise: Maria Wegelin, Präsidentin und Nationalrats­kandidatin der SVP Winterthur, lässt ihre Wahlvideos von Manuel Corchia produzieren, einem Mitglied der rechtsextremen Jungen Tat. Ein anderes Mitglied, Tobias Lingg, betreut Wegelins Account auf X.

TL;DR – Gang ga abstimme. Und wenns geht nicht die SVP oder deren Listenverbindungen…

AltraMayor/f3: F3 – Fight Flash Fraud (github.com)

f3 is a simple tool that tests flash cards capacity and performance to see if they live up to claimed specifications. It fills the device with pseudorandom data and then checks if it returns the same on reading.

Easy to make, waterproof dry bags. No stitching; just cable ties, duct tape and super tough Tyvek. (youtube.com)

Using Cloudflare to bypass Cloudflare (certitude.consulting)

Cloudflare customer-configured protection mechanisms (e.g., Firewall, DDoS prevention) for websites can be bypassed due to gaps in cross-tenant security controls, potentially exposing customers to attacks Cloudflare is supposed to prevent. Attackers can utilize their own Cloudflare accounts to abuse the per-design trust-relationship between Cloudflare and the customers websites, rendering the protection mechanism ineffective. Cloudflare customers should review their origin-server protection strategy to ensure their configured protections are reliably enforced.

Nice Attack Vector that started a few discussions internally – And some additional testing of our architecture 🙂

Petro-masculinity: Gender and the Climate Crisis (irishevs.com)

The concept of petro-masculinity suggests that fossil fuels mean more than profit; fossil fuels also contribute to making identities, which poses risks for post-carbon energy politics

A very direct good read. If you need more there is also a very good writeup by Cara Daggett

Daggett, C. (2018). Petro-masculinity: Fossil Fuels and Authoritarian Desire. Millennium, 47(1), 25-44. https://doi.org/10.1177/0305829818775817

idoavrah/terraform-tui: Terraform textual UI (github.com)

TFTUI is a powerful textual GUI that empowers users to effortlessly view and interact with their Terraform state.


Leave a Reply

Your email address will not be published. Required fields are marked *