pulsewidth
@pulsewidth@lemmy.world
- Comment on Why are people using the "þ" character? 13 hours ago:
Yeah, I blocked em because it was too annoying trying to parse their posts - and the comments weren’t very contributory anyway
- Comment on What are some good uses the new ballroom can have after the Trump regime is over? 14 hours ago:
Remember that scene in Inglorious Basterds where they lock the cinema full of Nazi officers and set it on fire?
Cool scene, just thought I’d bring it up.
- Comment on Mom they're fighting again 4 days ago:
I’m so sorry that you have chosen to argue with people who have little knowledge but have decided they do.
Coconut milk and coconut water are distinct products. Coconut water is just the liquid from the center of a (usually green) coconut, its unprocessed. Coconut milk is more an analogue to to soy milk than fruit juice, it is heavily processed by blending the pulp of the fruit with coconut water and added ingredients.
- Comment on 'This is definitely my last TwitchCon': High-profile streamer Emiru was assaulted at the event, even as streamers have been sounding the alarm about stalkers and harassment 4 days ago:
“Assault drama is great for algorithmic engagement” - Twitch prolly
- Comment on 'This is definitely my last TwitchCon': High-profile streamer Emiru was assaulted at the event, even as streamers have been sounding the alarm about stalkers and harassment 4 days ago:
I mean it’s mostly teen to 20s gamers, who are not known for their empathy or socialisation skills. So yeah…
- Comment on King Charles hopes nature film will 'inspire' viewers 2 weeks ago:
‘Hopefully someone with power will watch my documentary and make positive policy changes for the environment’, lamented the literal king.
- Comment on Wear your seatbelt 2 weeks ago:
They’d been taught the reason for seatbelts, then they had to learn a lesson about being disrespectful and ungrateful.
- Comment on Steam, Riot Games hit by disruptions: massive DDoS attack suspected 2 weeks ago:
I played a few DoTA games with friends while this was occurring and twice during gameplay approximately 10 seconds of play experienced some server-side lag for everyone in the game - there were moments of confusion that rapidly passed. Steam ops team did well.
Truly a tremendous impact and a fantastic use of the attackers time and resources.
- Comment on Motion sensors in high-performance mice can be used as a microphone to spy on users, thanks to AI — Mic-E-Mouse technique harnesses mouse sensors, converts acoustic vibrations into speech 2 weeks ago:
Sadly no. The only way is to come up with countermeasures.
- play music through speakers while using mouse
- leave rumble gamepad playing demo of game on desk
- put vibrator set to ‘random pulse mode’ on the desk
- Comment on At least 16 injured as shots fired in Sydney's inner west [no reported deaths] 2 weeks ago:
Angry old white man
shouts at cloudsshoots at crowds. - Comment on Y = -x² 3 weeks ago:
Someone with colourblindness and also regular blindness.
- Comment on Does more expensive phones have better reception? 3 weeks ago:
Not a great example of the improved reception of metal frame phones, because it was the iPhone 4 that lost reception quality significantly when it was held on the metal sides and your finger/hand happened to be near the lower left corner. This was a perfectly natural way to hold the phone and most impacted left-handers.
Apple famously responded by saying “you just need to not hold it like that”, rather than admitting an engineering mistake.
- Comment on Is Star Trek Discovery that bad? 3 weeks ago:
Cool. Power to you - we clearly have differing tastes. OP was on the fence and asked for an opinion so I gave mine, not sure who else I’d be speaking for. Now you’ve given yours, so they’ve even wider opinions 👍
- Comment on Is Star Trek Discovery that bad? 3 weeks ago:
Go ahead. Watch it. 🤷🏻
- Comment on Is Star Trek Discovery that bad? 3 weeks ago:
If you’re a fan of older Star Treks it’s bad, real bad. I watched until the end of season 2 with my partner and had to bail. Everyone above has given good reasons why, I’ll add one I haven’t seen: the lead actress (Soneqa Martin-Green?) overacts Michael Burnham. She overdramatizes almost every scene, to the detriment of the believabolity of the in-universe world, I tried to overlook it but found it grating. I told my partner that half-way into season two, and she responded that she doesn’t really see it. Then about five seconds later Burnham is raising her voice to a senior officer and on the verge of tears over nothing… a minor misunderstanding. Partner laughs and goes, “ok yeah I see it”.
I’d rewatch Enterprise 100 times over ever watching Discovery again, and Enterprise is probably my least favourite pre-2010 Trek, if that helps you.
- Comment on Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform 4 weeks ago:
The difference is that passworded zip files are used to distribute malware regularly. For a few reasons such as they’re very simple to use (malware creators are often lazy) and they can be generally be unpacked with preinstalled libraries or programs on the OS. A random encrypted file will require a DLL or runtime that can unpack the blob, and antivirus engines find that kind of stuff packaged together very sus.
- Comment on Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform 4 weeks ago:
Thanks for the effort digging. This does not actually point out any game doing it in particular though, and it’s actually a perfect example of a working antivirus picking up a suspect file (a password protected archive) in a game’s install tree.
This is from Aug 2024 and could even be from one of the games that distributed malware. Its absolutely something that Steam should be blocking/flagging for manual review, and a huge red flag that any developer would use this as a tool for distributing their game content.
- Comment on Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform 4 weeks ago:
Good it is not when the recommendation from security experts and reporters is to avoid any Steam games with low numbers of installs / reviews and betas from small companies. That’s where we’re at now.
bleepingcomputer.com/…/verified-steam-game-steals…
Nobody reviews game code, as game code is not supplied, only binaries with their relevant resources. There are many security providers that would be able to provide better service that whatever Valve is doing - but who knows, because they keep tight-lipped about it every time there’s an issue, and just patiently await their defenders to hand-wave any concerns.
- Comment on Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform 4 weeks ago:
It literally contained a known version StealC malware in its payload, and had basic python scripting with the Telegram bot code and access tokens left visible to researchers (very bad OSINT). This was not sophisticated scripting, nor novel malware, just some script kid that sourced the whole setup on Telegram. The malware would easily have been captured by a competent security company’s automated scanner.
- Comment on Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform 4 weeks ago:
Citation please for any indie dev using passworded zip files to lock game content. That would be a pretty dumb approach given all retail security suites / antiviruses will flag a password-protected archive as suspect by default (because they’re so commonly used in the past to distribute malware).
- Comment on Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform 4 weeks ago:
All they’re expected to do is pay for upstream providers to scan their submissions (eg third party security providers), no need to hire new staff. This is the fourth instance publicized this year! They should communicate regarding issues like OPs - but like usual, it’s crickets.
- Comment on Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform 4 weeks ago:
They’ve already missed four instances of malware this year that have been publicly reported. How many have other storefronts missed?
I don’t see why asking them out to improve is an unbalanced response or unfair, given the enormous budget they have and the market dominance.
- Comment on Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform 4 weeks ago:
Who said you need to pay more for games? Steam already takes thirty percent of sales (for the vast majority of sales), they are a $10b+ game distribution company… They’re worth more than several leading security/antivirus companies combined.
I just don’t understand the mindset people get around Steam. They are a business that makes a fortune distributing games, run by a billionaire - they are not a little indie company struggling under the weight of their success.
- Comment on Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform 4 weeks ago:
Well since Steam provide absolutely zero details about their scanning process (or even if it exists), seems like conversely people are making a lot of really complementary assumptions about Steam, no?
This is certainly not the first malware distributed by Steam - this is in fact the fourth publicly-known instance just this year.
Seems like they need to step up their game if you ask me. - Comment on Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform 4 weeks ago:
It had a password protected zip file in an update that hid the payload. That is pretty damn basic and would not have gotten past any retail antivirus program’s heuristic detection.
Chances are that Valve is treated as a ‘trusted publisher’ by Microsoft Defender and thus it bypassed the scan. The malware even payload explicitly checks that no retail antivirus was installed, and that Microsoft Defender was active, prior to attempting to extract and run its payload.
(See comments about for explicit details regarding the malware)
- Comment on Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform 4 weeks ago:
Dumb take. There are many ways to scan software without needing access to the source code.
Do you think retail antivirus providers approach every developer of every program version to request a copy of their source code for review before they can verify it’d safe?
- Comment on Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform 4 weeks ago:
A password-protected zip file should have been flagged by Steam as suspect before they approved the update, its a very old and very common method for detection bypass.
- Comment on Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform 4 weeks ago:
And there are so many ways to detect the bypasses. It’s an arms race, and the most profitable games store of all time should really have a cutting edge system to deal with it is all I said.
Windows should have better security too, but the two thoughts can be held in the mind at the same time.
- Comment on Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform 4 weeks ago:
Its “not feasible to do a full scan of every update of every game”?
My friend the scans are automated. Is Steam strapped for cash this month?
Honestly the apologia here for Steam is pretty rank.
- Comment on Block Blasters: Theft of $32k in crypto from a stage 4 cancer patient due to valve’s incompetence in allowing malware on their platform 4 weeks ago:
Its also trivial for apps detecting any trivial attempts at scanning if they’re running in a VM to be detected, and masked.
Those are also valid concerns, but in an environment where admin rights are granted to games installers the vendor of the games (Steam) needs to adopt a highly curated and protective stance. To this date they provide zero details of their protection - their entire FAQ on malware on their store boils down to ‘if you find malware, please flag it on the store page for us to investigate’.
If anyone is gonna claim the steam store is highly curated… I’d point out to them that a very large amount of their store is shovelware asset flips with very few purchases and installs. There are over 150,000 games on Steam, and tens of thousands of them would fall into that category.