Florida Man strikes again.
I’m an electrical engineer living in Los Angeles, CA.
Florida Man strikes again.
Sadly, Firefox mobile got rid of about:config, and I can’t find any relevant options in the regular settings.
You can disable this “feature”:
Visit about:config
Set “dom.private-attribution.submission.enabled” to false
Sure, but there’s still no excuse for “store the password in plaintext lol”. Once you’ve got user access, files at rest are trivial to obtain.
You’re proposing what amounts to a phishing attack, which is more effort, more time, and more risk. Anything that forces the attacker to do more work and have more chances to get noticed is a step in the right direction. Don’t let perfect be the enemy of good.
No, defense in depth is still important.
It’s true that full-disk encryption is useless against remote execution attacks, because the attacker is already inside that boundary. (i.e., As you say, the OS will helpfully decrypt the file for the attacker.)
However, it’s still useful to have finer-grained encryption of specific files. (Preferably in addition to full-disk encryption, which remains useful against other attack vectors.) i.e., Prompt the user for a password when the program starts, decrypt the data, and hold it in RAM that’s only accessible to that running process. This is more secure because the attacker must compromise additional barriers. Physical access is harder than remote execution with root, which is harder than remote execution in general.
Full disk encryption doesn’t help with this threat model at all. A rogue program running on the same machine can still access all the files.
It’s a parody of overserious memes that are trying to sound edgy and badass. The archetype is a gun-wielding skeleton that’s riding a motorcycle and saying something about thin blue lines, but wolves and other imagery are also adjacent.
Instead, THE_PACK takes that aesthetic, cranks it up to 12, and adds some silly text. Everyone is role-playing as a skeleton that’s obsessed with motorcycles (hogs). You have to TALK IN ALL CAPS to be heard over the engine noise. And everyone’s friendly and welcoming in a way that edgelords aren’t.
A few great examples from the last year or so:
Yeah, Tactical Breach Wizards has been in development since at least 2020. I was in the closed beta in 2022 and it was pretty great. They’ve finally announced the release date of August 22, and I’m excited.
Can anyone prove it’s NOT an extra-long cow?
Is this why Ian McCollum’s videos are getting altered? Over the years, he’s had many historical deep-dives featuring firearms from the Murphy’s auction house. In recent months, he’s been re-uploading those videos to cover their logo with the word “Morphy’s”. Even though the auctions are long over, I suppose Google counts them as promoting sales.
Fallout narrator: “Trash…trash never changes.”
Is he, though? Duke Nukem is a huge fanboy. He can’t go give minutes without quoting some movie or other.
Relevant comic: https://thepunchlineismachismo.com/archives/comic/whos-to-say-duke-cant-have-hobbies
It’s not about money, it’s about sending a message.
Phase 1: Fuck around
Phase 2: Find out
Those fish know what they did.
Incentives like this are tricky. You can reduce the numbers by fixing the problem, or by sweeping it all under the rug. Guess which is easier to do on a quarterly basis?
“I’m telling you, Molotov cocktails work! Any time I had a problem and I threw a Molotov cocktail, boom! Right away I had a different problem.” -Jason Mendoza
Technically correct is the best kind of correct.