The right to repair. It’s going to require the ability to make changes to the software on the vehicle. At a minimum the ability to replace the public encryption keys used to communicate with the servers. The bootloader and software is probably locked behind signing keys; so you need to be able to disable or add your own keys. I doubt anyone has access to the full protocols used to communicate with the servers. So, the full technical standard need to be released (which is never going to happen) or reversed engineered through unencrypted traffic analysis and reverse engineering the software.

A good right to repair law could require some of that be releasable while the company is still active or all if the company goes belly up. IIRC there was a smaller EV company that went bankrupt and there was a concern that once the servers were shutdown the vehicles would be bricked. Not sure what happened in the end. In any case, cars as IOT is the stupidest idea ever created.

Neat buuUUUuuut.

Does Revolt have federation?

As of right now, Revolt does not feature any federation and it is not in our feature roadmap.

[…]

What can I do with Revolt and how do I self-host?

[…]

You can self-host Revolt by:

• Using Docker Compose and our recommended guide.
• Building individual components yourself from the source code.

It’s basically a bunch of islands.

Apple has a long history of working against right to repair and third party repair shops. This includes making it difficult for third parties to source the parts needed and changing the designs to requiring part pairing in the name of security. It got to the point where repair shops were buying broken Apple products so they could hopefully source the parts needed.

Looking through what they provided now, it’s basic stuff any third party repair shop could do if they could source the parts. It’s useful. However good electronic technicians can go beyond that and do board level repairs. But that requires schematics and diagrams. A lot of times they would have to get those through other parties who in turn got them through less than official means or violated NDAs.

Guess what Apple isn’t providing? Board level information. This is just doing the minimum the law requires them to do.

Bonus: Louis Rossmann talks about Apple’s history of right to repair [10 minute video]

And just like Taco Bell when something goes bad you get to deal with all the diarrhea.

But seriously, shouldn’t this be in !programminghumor@lemmy.world and not technology?

My guess: turn failing big companies into failing little ones.

Looks like someone tried to archive an archived page. You can see https://web.archive.org/... is listed twice in the url. I just trimmed off the first one then it works: https://web.archive.org/web/20240229113710/https://github.com/polyfillpolyfill/polyfill-service/issues/2834

That depends. Are you looking at preserving the music without loss of information? Then you need to use a lossless format like flac. Formats like aac, mp3, opus can throw away information you’re less likely to hear to achieve better compression ratios. Flac can’t, so it needs more storage space to preserve the exact waveform.

You can use a lossy format if you want. On most consumer level equipment, you probably won’t notice a difference. However, if you start to notice artifacting in songs, you’ll need to go back to the originals to re-rip and encode.

There’s talk on the Linux kernel mailing list. The same person made recent contributions there.

Andrew (and anyone else), please do not take this code right now.

Until the backdooring of upstream xz[1] is fully understood, we should not accept any code from Jia Tan, Lasse Collin, or any other folks associated with tukaani.org. It appears the domain, or at least credentials associated with Jia Tan, have been used to create an obfuscated ssh server backdoor via the xz upstream releases since at least 5.6.0. Without extensive analysis, we should not take any associated code. It may be worth doing some retrospective analysis of past contributions as well…

They don’t care unless it embarrasses them. They did nothing about /r/jailbait until it got news attention, and similar things have happened over and over again.

Yet another example of why we need privacy laws with real teeth.

Do you mean Computer Fraud and Abuse Act (CFAA)?

There’s one good news. Reddit didn’t want to pay to move all the old DMs to the new chat infrastructure. So they deleted them.

At this point I wouldn’t trust Reddit to actually delete posts. Just hide them then sell them as training data if the upvotes are decent.

Tom’s Guide has shit reporting. This was the same site that repeated the bogus DDoS smart toothbrushes story. And they’re at it again with more sensationalism.

From something more reputable:

The use of the victims’ faces for bank fraud is an assumption by Group-IB, also corroborated by the Thai police, based on the fact that many financial institutes added biometric checks last year for transactions above a certain amount.

It is essential to clarify that while GoldPickaxe can steal images from iOS and Android phones showing the victim’s face and trick the users into disclosing their face on video through social engineering, the malware does not hijack Face ID data or exploit any vulnerability on the two mobile OSes.

More from bleeping computer:

A new iOS and Android trojan named ‘GoldPickaxe’ employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access.

Now, don’t get me wrong, you should take malware and social engineering attacks seriously. But get your information from sites that do real security journalism.

I can never get mine to stay still for that long. He’d being attacking the pen if I didn’t keep supplying the scritches.

A few months back Ruud stood up a copy: https://searxng.world/

I’ve been using it, and it tends to be as good as or better than google’s search. There’s only been a handful of instances where I’ve explicitly used google’s.

The Naz.API leak that was given to Troy Hunt is different from this leak. That’s also an aggregation, but smaller in size. What Troy has is probably more significant since about 1/3 of that is newly discovered. Right now, no one has published an analysis of the unique accounts in this larger aggregation.

It’s an aggregation of previous leaks. Malicious actors having all that information together is a big deal in and of itself, but it’s not the"mother of all breaches" some publications are trying to make it be.

Yeah, the first 2/3rds of the article covering Naomi Wu was worth a read, but that last 1/3rd… I get her argument, but she should have left that out to focus just on Naomi.

Internet of Targets