Stop using random anti-adblock fixes you find on the internet, these are almost always out of date and interfere with the actual anti-adblock features in uBlock Origin. YouTube is changing their anti-adblock code multiple times per day.

Simply do the following:
1. Use uBlock Origin and no other adblocker. This includes disabling adblocking in "Enhancer for YouTube", and any built in browser blocker
2. Purge caches and update filters
3. Reload the tab

More info: https://github.com/uBlockOrigin/uAssets/issues/19976

Gosh, what a coincidence how a mercenary hacker decided to hack climate advocates just for fun and the fruits of that were used by Exxon Mobil to deter state AG investigations and influence judicial proceedings. Surely nothing here for the DOJ to investigate.

https://www.reuters.com/world/us/mercenary-hackers-stole-data-that-exxon-later-cited-climate-lawsuits-us-2023-10-12/

awesome paper by @dykstra & compatriots that audits three compliance standards (including PCI) to see if there are security gaps even if you’re 100% compliant.

The answer is yes, there are gaps even with perfect compliance — and they back it up with thorough evidence and analysis that is well worth reading: https://josiahdykstra.com/wp-content/uploads/2020/02/NDSS2020_Compliance_Cautions.pdf

#compliance #cybersecurity

From yesterday's exhibits in US v. Sam Bankman-Fried:

The prosecution shows that the "insurance fund" that FTX bragged about was fake, and just calculated by multiplying daily trading volume by a random number around 7500

#FTX #SBF #crypto #cryptocurrency

VDSL over bannana apparently tester got 53680/12658 kbps connection speed on a short run from in-house exchange/DSLAM, through banana, to VDSL2 modem. way better than what i got at home...

i do not understand why a news site would not have an #RSS feed of their latest headlines.

you don't have to give your content away if you don't want to. but you cannot bitch & moan about #facebook or #twitter cannibalizing your readership in their fascist gated communities when you've turned your back on web standards and the open web.

*Edit:*

I want to express my thanks and appreciation for all the boosts and comments! I had no idea this would get spread so widely, and I'm humbled by the support.

I'll reply to this post with the plan that I have for the next session.

Original post below...

I'm volunteering at my daughter's elementary school by teaching a "coding club" for 5th graders during their lunch and afternoon recess.

It mostly went great, except I left nearly in tears...

One of the kiddos that joined is blind, and I discovered that the coding programs for kids don't appear to be accessible *at all*.

First we tried Swift Playgrounds, but that didn't seem to work with VoiceOver. Then, he said that he's liked ScratchJr. in the past, and he got frustrated with that because he couldn't get his cat to move.

I'm kinda at a loss for how to help him. He left crying because he thinks that he can't get it, but I'm sure he can. Does anyone have any advice?

Thanks!!

#coding #swiftplayground #blind #accessibility #apple #ipad

Here's a canonical URL for the little info there is about the pending #curl security announcements: https://github.com/curl/curl/discussions/12026

Shocking story about mRNA pioneer/Nobel winner Katalin Karikó, whose early advisor at Temple tried to have her deported & derailed her career because she dared to look for a better-paying job.

Later, UPenn demoted her, then forced her out, because her research wasn't bringing in enough funding. #NobelPrize #science [HT Paul Novosad]

This, from @pluralistic, is absolutely on point.

This is why I’m here, and why I am helping to build #CoSocialCa

#Fediverse #Mastodon #Meta #Twitter

'Unfortunately, according to Binarly REsearch team findings, the state of BMC [Baseboard Management Controller!!!!!] security on Supermicro servers shows the level of product security practices from early 2000-x and does not meet modern security standards. The attacks we are disclosing show the very low complexity of compromising BMC host OS and gaining enough privileges to deliver a persistent firmware implant to the UEFI BIOS'. [Patches are out: https://www.securityweek.com/new-supermicro-bmc-vulnerabilities-could-expose-many-servers-to-remote-attacks/]

Binary report: https://binarly.io/posts/Binarly_REsearch_Uncovers_Major_Vulnerabilities_in_Supermicro_BMCs/index.html

Hi folks! I have setup a crowdfunding account for #Diaphora in the #LiberaPay platform. If you feel like making a donation to this Open Source project you can use the following link:

https://liberapay.com/Diaphora/

Today I found out that google docs infects html exports with spyware, no scripts, but links in your document are replaced with invisible google tracking redirects. I was using their software because a friend wanted me to work with him on a google doc, he is a pretty big fan of their software, but we were both somehow absolutely shocked that they would go that far.

This might have slipped under the radar these past few days, but a 9.8 RCE in Exim (on many, many mail servers) that does not require authentication is bad bad bad.

https://www.zerodayinitiative.com/advisories/ZDI-23-1469/

The fedi isn't like email. The fedi is like if you accidentally triple booked a bdsm convention, a FSF convention, and a communist workers AGM all in the same german arena

Reddit removes the ability to opt out of ad personalization based on Reddit activity but says users will still have opt-out controls in "select countries" (Ivan Mehta/TechCrunch)

https://techcrunch.com/2023/09/28/reddit-is-removing-ability-to-opt-out-of-ad-personalization-based-on-your-activity-on-the-platform/
http://www.techmeme.com/230928/p15#a230928p15

Do read this new investigatory piece on the web of money, AI companies, and shadowy “foundations” bankrolling the EU anti-encryption proposals. TL;DR this is the terrifying thing you get when you combine law enforcement, money and AI. https://balkaninsight.com/2023/09/25/who-benefits-inside-the-eus-fight-over-scanning-for-child-sex-content/

In the spirit of "this talk could've been a tweet", I just pushed a button:

#BinDiff is now open source.

- This is a snapshot release, no major new functionality
- Release binaries will follow later today or tomorrow
- This is my 20% and I won't we able to act on PRs until end of Q4 (OOO traveling)

Thanks everyone for making this possible!

Shout out to @HalvarFlake, ObfuscaTHOR, Nils, Tora,
@shanehuntley, @erocarrera, 0xfffffffe

Happy diffing!

https://github.com/google/bindiff/releases/tag/v8

unity’s own explanation for deleting the ToS off their own website is… it wasn’t generating enough engagement

https://twitter.com/unity/status/1705317639478751611