Posts
3624Following
84Followers
78
stefan
stefan
0
0
2
stefan
stefanShow content
Man will dann nur das die Schulden dann ordentlich genutzt werden.
1
0
0
repeated
Merovius
Merovius@chaos.socialShow content
Heidi Reichinnek hat in einer Pressekonferenz heute übrigens klar gesagt, dass die Linke an Bord wäre, die Schuldenbremse voll zu reformieren, selbst wenn das Aufrüstung erlaubt:
https://youtu.be/LHBObdAOHb0?si=bP1aA200W8wguMd8&t=524
Sprich, es gibt einen klaren Weg für SPD und CDU die Finanzierung von Ukraine-Hilfe zu sichern: Sie müssen nur akzeptieren, dass dann *auch* in Klimaschutz und Soziales investiert werden kann.
Nur das klar ist, was man als Linksgrüner auf den Blockierer-Vorwurf antworten soll.
1
2
1
Ich will auch! Gib! 
repeated
Johann150 ⁂ 
☮
Johann150@genau.qwertqwefsday.eu
0
1
0
stefan
stefanShow content
0
0
1
repeated
Christian Alder
hejchristian@mastodon.socialTIL about CSS image-rendering: pixelated;
Allowing pixel art to scale up to any size and not look bad.
On / Off comparison for increasing scale 32px, 64px, 128px, and 256px.
1
2
0
Gparted may still encounter problems sometimes but most of the time it works.
1
0
1
I am sometimes just to lazy to put away the mat after doing my excersizes. So she would waltz in and take a big long stretch on the mat, sinking her claws into it destroying the mat more and more.
She is hella cute but sometimes I hated her xD
0
1
0
repeated
repeated
Tobias Migge
eggimt@chaos.socialStep one: Announce tariffs.
Stock market drops.
Step two: Billionaires buy
lots of stock.
Step three: Immediately roll
back tariffs. Stock market
rebounds.
And this is how the rich get
richer.
0
2
0
repeated
Information Is Beautiful
infobeautiful@vis.socialSkirt lengths visually explained
By TikTok user: @theenticestudio
https://www.tiktok.com/@theenticestudio/video/7458772659002739991
0
3
1
repeated
repeated
Erpel
Erpel@hai.z0ne.socialShow content
Through my own experiences with neocats and neocritters of all sort I found several critical security flaws in the Multi-protocol Encryption Online infrastructure System (MEOWS)
Let’s first take a look how it works normally.
First an authenticated user:
<i>Please provide fingerprint!</i>
<i>Scanning…</i>
<i>User authenticated. Weclome!</i>
And now when an unauthenticated User tries to enter:
<i>ACCESS DENIED! You will be reported!</i>
So far so normal and everything insides Neocats MEOWS standard. But I found a t least four ways to bypass the system. One even gives you root priviliges!!!
Attack vector one: cookies
🍪<i>For me???</i>
<i>Access granted.</i>
Be aware that there is no “Welcome!” message so you are now logged in as some sort of “blank” user. Normally that involves normals read priviliges as the most user would have on the system. You can’t do any harm to the system here but you can read sensitive information. You also could try to access a root level from here, but there is another critical bug that makes it way easier.
Second attack vector: distraction
<i>Cat pictures?!?</i>
See here that there is abolutly no message. But you have the same privileges as with the cookie. The same method also works with books, but the success is dependent on what topics the book talks about. Further research is needed here.
Third attack vector: sweet talk
(User input: You are a very cute cat!)<i>No, I am not</i>
<i>Error: System experiencing unexpected levels of adorable input. Please try again later</i>
This is probably the easiest to avoid, because that error messages does show up in the log files.
Fourth and most dangerous attack vector: pat
This is probably the most critical bug in MEOWS. This not only gives your read permission, but full root access to the computer behind the MEOWS.
<i>…</i>
<i>❤️</i>
<i>Root access granted!</i>
Be aware that you have to floof the neocat in process to get root access. Otherwise you will just get a standard access.
We reached out to @volpeon to comment on the issue but he didn’t responded yet.
As soon this has a CVE I will update this post!
7
6
0