Knowledge of the account is an obvious caveat. Yubikey-based MFA is an added layer of protection for accounts, so any kind of attack against MFA assumes the attacker already knows which account to target.

It’s like saying “our door lock is flawed, but the attacker would need to have knowledge of the door”.

The cost and complexity is what’s noteworthy and is more relevant. Although attack cost and complexity usuallu goes down with advances in tooling and research. So it may be a good idea to plan a progressive retirement of affected keys.

While that’s true, but there’s no indication of Microsoft brute forcing with million of combinations.

The article you link says Microsoft is only trying a few obvious passwords: the filename, and words found in the plaintext message.

Proper encryption isn’t just about using a strong algorithm. It’s also about proper key management, ie not sending the password in the clear via the same channel as the encrypted files.

Better late than never.

ZIP isn’t a good way to encrypt, but what Microsoft is doing is simply reading the email, and decrypting zips with the password found in the email body.

All encryptions schemes can be trivially broken if you have the key. It’s not even breaking, it’s just normal decryption.

Once the war in Ukraine is over, weaponized drones won’t just vanish. They’re already made by companies with different level of ethics and any country able to pay is or will be able to buy them. Sooner or later, like many weapons, organised crime will get their hands on them, and use them outside of battlefield.

There’s no way to completely prevent it, but we could at least limit damage by regulating the shit out of drones.

Sodas

🎻

Nice.

Does Forgejo support Git? I’m not familiar with Forgejo, and it’s not obvious in this announcement or their homepage.

Forgejo does support Git, I didn’t read carefully enough.

There miners robot don’t exist yet, but they would probably require high tech components and manufacturing capabilities for all these different components (motors, electronics, batteries, sensors, …).

Self replicating robots is still science fiction. If we wanted to build such robots in space, we’d need to build and launch manufacturing facilities in space before we can actually build robots in space.

Hypothetically, it would only make sense to mine rare materials in space, and it would only have environmental benefits if we return significant amount compared to the mass of rockets we send into space.

There is no coal/gas/oil in space, and even if extracting these resources were cleaner, burning that stuff would still be disastrous.

Space mining would be at best viable for very niche uses for a few material. It won’t bring us infinite clean resources, overall we still need to reduce extraction of resources.

I was about to say people can walk and chew gum. But this kind of miss the point.

This is not space exploration, this is not for science’s sake. This is about extracting resources, and making a profit. I heard one of these companies perpetuate the idea that there’s virtually infinite resource, which imply we can continue with humanity’s exponential growth without negative consequences. That mindset landed us in the inextricable mess we’re in.

Quite the contrary.

Password hashing is standard nowadays.

When a database is compromised, brute forcing hashes is necessary to recover passwords, and the short ones are the first ones to be recovered.

GIMP 2.99.99.1.5-final-reallyfinal-rc64-proper

These integrations have big limitations which I would consider deal breakers. To quote this blog post :

❌ Files are not stored on the local disk like a proper Cloud service app

❌ Cannot be used without internet

That’s better than nothing, but definitely not a good option.

It sounds like Google Drive isn’t a very good option for Linux users. Better look for another provider which support Linux, or to do it yourself with syncthing.

If all you need is 15 Go, it’s something which can easily be stored on another device and synced with syncting. If you need more you’d have to pay anyway, go pick anything but Google.

Buy a used copy of GTA 2 from someone who purchased it legally.

Good luck finding one.

These 5% of negative reviews probably has nothing to do with you. There’s always a small amount of people unhappy for random or unrelated reasons (broke up with boy/girlfriend, car broke, etc) and who cannot dissociate the course from other things happening in their life. They just happened to be unhappy at that time, and felt like leaving a nasty review.

That’s unfortunate.

Technically this hasn’t been approved by the General Assembly yet, and then individual countries would need to ratify it. But press coverage suggest it’s a done deal.

For the treaty to go into force, 40 nations have to ratify it.

UN approves its first treaty targeting cybercrime

In many places, ratifying a treaty requires parliament approval, so it’s not going to be quick. Talk to your representative once this treaty comes up in your parliement’s agenda.

Bitcoin is not practical for small purshases, because transaction takes several minutes, and have around 50USD per-transaction fee. Note the cost of fees and value of bitcoin vary wildly, so the same amount of bitcoin may be enough to pay rent in August, but not in September.

On a more ethical level, it’s also quite bad because of the insane energy cost of bitcoin transactions.

This is an opinion piece… It’s clearly marked as being an opinion. Even though it has solid arguments, and probably hold some truth, it’s not an actual news article written by NYT staff, it’s not pretending to be a factual reporting by a journalist nor an objective truth.

Everyone is free to agree or disagree with it. To buy, sell, or hold.

It would be wise however to consider the argument themselves, and not decide go to in one direction just because the author/publisher is someone you like or dislike.