What do having sexl in a canoe and American beer have in common? It’s fucking close to water

Hey now. Those Clydesdales are doing their absolute best to piss out Bud.

This could just be a really stupid format, put out by a specific application for creating PDFs, because the original authors didn’t want to pay Adobe (never attribute to malice, that which can be sufficiently explained with stupidity).

Does pdfinfo give any indication of the application used to create the document? If it chokes on the Java bit up front, can you extract just the PDF from the file and look at that? You might also dig through the PDF a bit using Dider Stevens 's Tools, looking for JavaScript or other indicators of PDF fuckery.

Does the file contain any other Java bytecode? If so, can you pass that through a decompiler?

would love it if attempts to reach the cloud could be trapped and recorded to a log file in the course of neutering the PDF.

This is possible, but it takes a bit of setup. In my own lab, I have PolarProxy running in one Virtual Machine (VM), using QEMU/KVM. That acts as a gateway between an isolated network and a network with internet access. It runs transparent TLS break and inspect on port 443/tcp and tcpdump capturing port 80/tcp. It also serves DNS using Bind.

There is then the “victim” VM which is running bog standard Windows 10. The PolarProxy root cert has been added to the Trusted Roots certificate store. The Default Gateway and DNS servers are hard coded to the PolarProxy VM. Suspicious stuff is tested on this system and all network traffic is recorded on the PolarProxy system in standard pcap format for analysis.

The diver probably has some food on him, which the stingray is trying to get.
I visited Stingray City in Grand Cayman a lot of years back. Part of the tour package was that they gave you small squid to feed to the stingrays, and they would climb up you, out of the water for that snack. Also, there were a lot of stingrays in the area. We were instructed to shuffle our feet as we walked, to avoid stepping on one. The swimmer in the picture only needed to hang out for a bit before one or more stingrays would have come over, looking for any handouts.

That said, the experience of Stingray City was absolutely worth it. Between that, and snorkeling at the barrier reef, I have a lot of fond memories of my time at Grand Cayman.

Dang, if I knew a ball warmer was an effective birth control, we’d have given up condoms long before I got my vasectomy.

Personally, I don’t find Evangelical support of Trump all that surprising.
When you get down to brass tacks, this is an election between two candidates. Almost no one is going to look at those two candidates and find a perfect fit. It’s quite possible that people won’t even find a good fit. But, they have three choices, either one of the candidates or not voting at all. The latter of those choices is pointless, if one has policy preferences that they want to achieve. That only leaves picking the closest fit among the two candidates.

In may corners of Lemmy, and in this community specifically, there has been a very strong push towards the sort of “vote Blue, no matter who” message, which has been around for several cycles. And this message is not wrong. Harris’s position on the war in Gaza has a lot of detractors. But, the choice is not between Harris and someone with a better position. The race is between Harris and Trump, whose position on Gaza is likely worse for those detractors. If those detractors don’t want things to get worse, they pretty much have to accept the situation as is, vote Harris and push for changes. And I suspect a lot of folks will support Harris, some enthusiastically, in spite of that policy difference. Because they will find other policy positions that they strongly support are also supported or championed by Harris. Better a flawed candidate that one which is diametrically opposed to the policy positions which one holds most dear.

The thing which seems to be forgotten by folks who wonder “how can Evangelicals support Trump?”, is that this same problem cuts both ways. The people who hold GOP aligned policy preferences hold those beliefs just as strongly as Liberal/Progressive folks hold their own. That they would fall into a “vote Red, no matter who” mindset should not be surprising at all. And for Evangelicals, I’d argue that this mindset may be even stronger. These are folks who believe that, not only does this life hinge on their actions, they also truly believe that the here-after does as well. As much fun as we might make of people for believing in an invisible sky-wizard, they really, really believe all that stuff. And their entire self-identity will be built on the version of that belief system. And let me stress that it’s specifically “their version of that belief system”. The various versions of the Christian Bible have a lot of ambiguous and contradictory stuff in them. It’s easy enough to dig out justifications for nearly any positions one wants to take. And Trump’s messaging has been pretty well aligned with the mainstream Evangelical version of policy positions on all the major topics. Harris’s positions, on the other hand, are in direct oppositions to those positions.

Why does that matter so much? One of the deeply important policy positions to Evangelicals, for several decades now, has been overturning Roe v. Wade. And for all the shit one might say about Trump, he actually got that done. Nixon, Regan, Bush, and Bush all failed in that one, paramount goal. Trump, did it. Stop and imagine for a moment, a politician whose personal life you find distasteful, yet they managed to accomplish the one single policy goal you hold above all others, would you go vote against them? Especially when their opposition is loudly campaigning to undo that major policy win for you? Oh, and that opposition is also campaigning against just about every other social policy position you hold. Anyone saying “yes” to that question is bullshitting themselves.

Now, is Trump going to get anything else done for the Evangelicals? Who knows. But, Harris certainly isn’t and she’s actively hostile to their worldview. And Trump already got “goal number one” done. It seems like a reasonable bet that someone who already won the top line fight might win a few of the other ones as well. And all that “fascism, threat to democracy stuff”? Ya, that’s just liberals whining because they are losing. It’s Godwin’s Law in action. The lawsuits and criminal convictions, that’s just liberals weaponizing the DoJ to stop Trump, since they can’t stop him legitimately. And Trump’s past as a horrible person? A personal turnaround story of a “lost soul coming to Jesus” is damned near a foundational myth of Evangelicalism.

No, Evangelicals supporting Trump is neither surprising, nor unexpected. And you can bet they will latch right onto the next GOP candidate to come along. And it’s not all that hard to understand. If you have ever bought into any version of “vote Blue, no matter who”, then you are intimately familiar with the same logic. From their perspective, the US is in the grips of an existential crisis which is being perpetrated by Democrats. The very foundations of their self are “under attack” as society moves further and further away from their central truths. And, from my own perspective, I don’t see that there is really any way to convince those folks otherwise. Trump isn’t the Devil in the desert tempting Jesus. To them, he’s the flawed man who is going to save their version of the US the only way he can. He’s a vigilante, bending or breaking the rules, because the rules are stacked against “the righteous”. That’s the mindset you are up against.

Can we follow this up by murdering most of the generic Top Level Domains (gTLD)? I have yet to see anything except spam and malware coming out of the .top domain.

so Recall snapshots will only be decrypted and accessible when the user authenticates.

So basically, they may as well not be encrypted. If the decryption key is always available to users, it’s always available to a script running in the context of the user. Things like Lumma Stealer are going to incorporate pulling this stuff, the minute it becomes mainstream.

There is the legal concept of Mens Rea which has to do with the mental state of the person committing the act. And I think that applies in this case. Archeology has generally been about learning and providing knowledge of previous cultures. While the methods, mindset and actions of 18th and early 19th century treasure hunters left a lot to be desired, some of them did make some reasonable attempt at documenting their finds and preserving the context to provide that knowledge. Modern archeologists go to painstaking lengths to properly document finds and preserve as much knowledge as possible from finds. Grave robbers do none of this. Their motivations generally revolve around personal gain and they will destroy any context and knowledge in their attempt to make money.

Consider your own reading on the Valley of the Kings. Where did all of the information we have on the Pharaohs in those tombs come from? It’s from the work of the archeologists documenting everything found in those tombs. While there is certainly an argument for leaving things in the same state they were found in, that also means that the artifacts will continue to deteriorate and any further knowledge which might be gleaned from them will be lost. Sending artifacts to a museum isn’t all about putting them in cases for people to gawk at. It also means that actions are taken to preserve those artifacts and maintain them for observation and study in the future. Sometimes this does cause damage. Again, 18th and early 19th century preservation was often just as, if not more damaging than leaving those artifacts in-sutu. But again, the intention was to preserve, not enrich.

So, that’s how I would draw the line, based on the reason and methods used for the removal of grave goods. Is it done with the intention for the furtherance of knoweldge of previous cultures? Or, is it just done to enrich someone? And is the work being done using the current understanding and methods to best capture and preserve that knowledge for future generations?

While I would never support it, the main way to improve online discussion is by removing anonymity. Allow me to go back a couple decades and point to John Gabriel’s Greater Internet Fuckwad Theory. People with a reasonable expectation of anonymity turn into complete assholes. The common solution to this is by linking accounts to a real identity in some way, such that online actions have negative consequences to the person taking them. Google famously tried this by forcing people to use their real name on accounts. And it was a privacy nightmare. Ultimately though, it’s the only functional solution. If anti-social actions do not have negative social consequences, then there is no disincentive for people to not take those actions and people can just keep spinning up new accounts and taking those same anti-social actions. This can also be automated, resulting in the bot farms which troll and brigade online forums. On the privacy nightmare side of the coin, it means it’s much easier to target people for legitimate, though unpopular, opinions. There are some “in the middle” options, which can make the cost to creating accounts somewhat higher and slower; but, which don’t expose peoples’ real identities in quite the same way. But, every system has it’s pros and cons. And the linking of identities to accounts

Voting systems and the like will always be a kludge, which is easy to work around. Any attempt to predicate the voting on trusting users to “do the right thing” is doomed to fail. People suck, they will do what they want and ignore the rules when they feel they are justified in doing so. Or, some people will do it just to be dicks. At the same time, it also promotes herding and bubbles. If everyone in a community chooses to downvote puppies and upvote cats, eventually the puppy people will be drown out and forced to go off and found their own community which does the opposite. And those communities, both now stuck in a bias reinforcing echo chamber, will continue to drift further apart and possibly radicalize against each other. This isn’t even limited to online discussions. People often choose their meat-space friends based on similar beliefs, which leads to people living in bubbles which may not be representative to a wider world.

Despite the limitations of the kludge, I do think voting systems are the best we’re going to get. I’d agree with @grue that the Slashdot system had a lot of merit. Allowing the community to both vote on articles/comments and then later have those votes voted on by a random selection of users, seems like a reasonable way to try to enforce some of the “good faith” voting you’re looking for. Though, even that will likely get gamed and lead to herding. It’s also a lot more cumbersome and relies on the user community taking on a greater role in maintaining the community. But, as I have implied, I don’t think there is a “good” solution, only a lot of “less bad” ones.

Like many of the differences, I suspect that one came out of the attempts as English Spelling Reform, which took greater hold in the US. Ultimately, the process hasn’t succeeded, but it has excised some of inconsistencies from the English. Though, it has also led to some confusion, as in the tire/tyre case.

Real Druids are kinda an unknown. We have writings about their practices and beliefs from Roman writers and much later Christian writers. The former were known to be exaggerate and just make shit up when it came to “barbarians” and the enemies of Rome. And the later were often working with incomplete knowledge and also making shit up. This was muddled further by 18th Century work which liked to make ancient cultures even more fantastical. And then you get all the Neo-Pagan revival crap which cast their own beliefs onto ancient cultures, such as the druids, which completely muddied the waters. The fact is, we don’t actually know a whole lot about the real Druids.

I think this whole question and analysis begs the question that the number of bills passed is even a good metric. The point of Congress isn’t simply to churn out legislation for the sake of churning out legislation. And this metric sets aside other stuff Congress does completely, like confirming appointments, or overseeing the actions of Federal Departments. House Oversight Committee meetings aren’t flashy, nor do they often result in legislation. But, they are vital to keeping an eye on what the rest of the government is doing.

I won’t disagree that this Congress has been a shitshow. But, I just don’t buy that the “number of bills passed” is a particularly useful measure of Congress.

Ya, absolutely. My point was that, we shouldn’t assume that vendors are doing things right all the time. So, it’s important to have those layered defense, because vendors do stupid stuff like this.

This is a good example of why a zero trust network architecture is important. This attack would require the attacker to be able to SSH to the management interface of the device. Done right, that interface will be on a VLAN which has very limited access (e.g. specific IPs or a jumphost). While that isn’t an impossible hurdle for an attacker to overcome, it’s significantly harder than just popping any box on the network. People make mistakes all the time, and someone on your network is going to fall for a phishing attack or malicious redirect or any number of things. Having that extra layer, before they pop the firewall, gives defenders that much more time to notice, find and evict the attacker.

Also, Whiskey, Tango, Foxtrot Cisco?

This article brought to you by the manufacturers of the interceptor missiles.
If we were actually in a hot war or expecting one very soon, yes we would want to ramp production like the US did during WWII. Right now, the excessive costs of wartime production should not be considered. It’s always best to remember Eisenhower’s words:

Every gun that is made, every warship launched, every rocket fired signifies, in the final sense, a theft from those who hunger and are not fed, those who are cold and are not clothed. This world in arms is not spending money alone. It is spending the sweat of its laborers, the genius of its scientists, the hopes of its children. The cost of one modern heavy bomber is this: a modern brick school in more than 30 cities. It is two electric power plants, each serving a town of 60,000 population. It is two fine, fully equipped hospitals. It is some fifty miles of concrete pavement. We pay for a single fighter with a half-million bushels of wheat. We pay for a single destroyer with new homes that could have housed more than 8,000 people. . . . This is not a way of life at all, in any true sense. Under the cloud of threatening war, it is humanity hanging from a cross of iron.

Even worse that acquisition links back to the Embracer Group. Hopefully KC:D 2 makes it out the door before Embracer full fucks up Warhorse.

The new seasons have been lackluster. I think one of the main issues is that the show did a lot to wrap up the majority of the main character arcs prior to the cancellations. Fry and Leela are the central characters, often trading off the position as the audience stand-in. And there is basically zero room left for character growth. We know how the Fry/Leela love story arc ends, we’ve seen it. Kif and Amy have also hit the end of their main character arcs. They are married, have kids, and mostly are settled into domestic life. Bender is Bender. A core part of his character is his resistance to growth. So, even when they drop a backstory on him and try to give him growth, it just feels out of place. That only leaves background characters to work with. But, since it takes the focus off the main characters, it makes things feel like a money-grab spin-off.

All that’s left is the sort of 90’s sit-com style, “story of the week” where nothing really changes and we all learn whatever moral lesson the writers wanted to foist on us this week in 22-minutes, plus commercial breaks. We all want “more Futurama”; but, I think the problem may be that there isn’t “more Futurama”. The stories are done, we just keep hanging on because of nostalgia, and the producers keep making it because of money. There are going to be good bits here and there. But, what we are seeing is what we are going to keep getting.

You have to get out away from cities. We get them in our yard every summer and our kids run about catching them.

Seen this one in my work environment. Confusing as heck the first time. It looks like explorer.exe in the context of the local user starts PowerShell.exe with a command line involving an Invoke-WebRequest piping the download into an Invoke-Expression (usually the shorter iex alias). No .lnk or .js file involved. Just explorer, PowerShell, infected.

Absolutely. I’m a fan of a team which is not in my “local market”. As best I can tell, there isn’t actually a way for me to stream all of the games for that team. Even looking at the Sunday Ticket service, it seemed like it was a mess of “you can stream some games, except for cases A, B, C and when the Moon is in the House of Scorpio on the third Sunday after Venus transits Leo”. And there seemed to be weird device restrictions with similarly arcane timing.

I’d be happy to pay for “Steam all games of Team X for $Y on any device”. Even if the only choice was “Pay $Z to stream all the games on any device”. But, being dicked around to actually follow one team has meant that I only watch games when they randomly line up with streaming services I do have. Otherwise, I catch the highlights the next day on Youtube (the NFL’s official channel posts them).

I can absolutely understand folks using pirate streams. The official service is pretty terrible versus the pirates services, which are pretty functional.