Archive for February, 2021

CVE-2020-28243 SaltStack Minion Local Privilege Escalation Detailed Writeup

February 28th, 2021

submitted by /u/stealthcopter-sec
[link] [comments]

Posted in netsec | Comments (0)

Wrote a blog post on Windows persistence using DLL Search Order Hijacking. Hopefully you find it useful or interesting.

February 28th, 2021

submitted by /u/m_edmondson
[link] [comments]

Posted in netsec | Comments (0)

Action-packed meta-fantasy, space opera herald a bright future for Asian film

February 28th, 2021
Celebrate the Year of the Metal Ox with two new films: <em>A Writer's Odyssey</em> and <em>Space Sweepers</em>

Enlarge / Celebrate the Year of the Metal Ox with two new films: A Writer’s Odyssey and Space Sweepers (credit: Aurich Lawson/Netflix/CMC Films/)

February brings the annual celebration of the lunar new year—welcome to the Year of the (Metal) Ox—and with it two new action-packed films from China and South Korea, respectively.

Directed by Lu Yang, A Writer’s Odyssey—currently playing in select theaters—centers on a man searching for his lost daughter, hired to assassinate a novelist whose fantasy work-in-progress has begun to shape events in the real world. Over on Netflix, Space Sweepers is being touted as the first Korean bona fide blockbuster, focusing on the adventures of the plucky crew aboard a space junk salvage vessel who must save the Earth from total destruction. Together they make for an action packed, fantasy/sci-fi weekend double feature.

(Some spoilers below for both films, but no major reveals.)

Read 14 remaining paragraphs | Comments

Posted in A Writer's Odyssey, Entertainment, film review, Gaming & Culture | Comments (0)

All the little things that add up to make iPadOS productivity a pain

February 28th, 2021

Rumor has it a new iPad Pro is around the corner, which means Apple is about to make another big pitch for the iPad as a productivity and content-creation device.

But while we’ve found in our iPadOS reviews that Apple has done a marvelous job with the big-picture changes to the OS aimed at making it real-work-friendly, there are still a bunch of minor annoyances or “nope, you can’t do that” limitations that sabotage Apple’s intentions.

For that reason, it makes sense to preempt that upcoming marketing push with a few key caveats—especially since Apple likely won’t announce a major iPadOS software update alongside new hardware in March. Significant new OS changes probably won’t be discussed until the company’s developer conference in June, and said updates probably won’t reach the public until September or October.

Read 25 remaining paragraphs | Comments

Posted in apple, ipad, iPadOS, Tech | Comments (0)

Inside the stunning Black mythos of Drexciya and its Afrofuturist ’90s techno

February 28th, 2021

“ARE DREXCIYANS WATER-BREATHING, AQUATICALLY MUTATED DESCENDANTS OF THOSE UNFORTUNATE VICTIMS OF HUMAN GREED? … DID THEY MIGRATE FROM THE GULF OF MEXICO TO THE MISSISSIPPI RIVER BASIN AND ON TO THE GREAT LAKES OF MICHIGAN? DO THEY WALK AMONG US? ARE THEY MORE ADVANCED THAN US, AND WHY DO THEY MAKE THEIR STRANGE MUSIC? WHAT IS THEIR QUEST?”

With those all-caps words, musician and writer James Stinson wrote the constitution for the mythic, rhythmic nation of Drexciya—a world that he and partner Gerald Donald created in the liner notes of their experimental music project. Their combined work, in the form of five EPs of cutting-edge techno music, did not necessarily sound so politically or culturally charged. Because Stinson and Donald did not participate in interviews or widely tour in support of their albums, Drexciya’s listeners were left to look at the stories and questions that covered the liner notes and artwork printed on the releases’ vinyl and CD versions.

Should you merely pull up Drexciya on your favorite streaming service, you won’t hear those messages in the beats. So to understand this innovative group, it’s crucial to ask the above questions about the fictional Drexciyan quest. And in asking them, Stinson blurred a line between fiction and Black reality—and spoke to a quest of his own.

Read 21 remaining paragraphs | Comments

Posted in afrofuturism, drexciya, Gaming & Culture | Comments (0)

A Decades-Long Quest Reveals New Details of Antimatter

February 28th, 2021

Twenty years ago, physicists began investigating a mysterious asymmetry inside the proton. Their results show how antimatter helps stabilize every atom’s core.

Posted in science, Science / Physics and Math, The Proton Sea | Comments (0)

How to Set Up a 4G LTE Wi-Fi Network as an Alternative to Broadband

February 28th, 2021

Connecting to cell networks is an increasingly viable option—here’s how it works.

Posted in always connected, Gear, Gear / How To and Advice | Comments (0)

Warnings From the Queer History of Modern Internet Regulation

February 28th, 2021

Section 230 faces countless reform efforts. But a look back reminds us that categorical content bans often come at the expense of marginalized groups.

Posted in Ideas | Comments (0)

Period Underwear Changed My Life—and I’m Never Going Back

February 28th, 2021

Wearing underwear designed to absorb my menstrual flow—with no additional protection—has made my period more comfortable. It’s kinder to the planet too.

Posted in Gear, Gear / How To and Advice, The Cycle | Comments (0)

Clubhouse’s security and privacy lag behind its explosive growth

February 28th, 2021
Clubhouse has a long way to go to assure its users that its privacy and security policies are fully baked.

Enlarge / Clubhouse has a long way to go to assure its users that its privacy and security policies are fully baked. (credit: Carsten Koall | Getty Images)

In recent months, the audio-based social media app Clubhouse has emerged as Silicon Valley’s latest disruptive darling. The format feels familiar: part Twitter, part Facebook Live, part talking on the phone. But as Clubhouse continues to expand, its security and privacy failings have come under increased scrutiny—and left the company scrambling to correct problems and manage expectations.

Clubhouse, still in beta and available only on iOS, offers its users “rooms” that are essentially group audio chats. They can also be set as public addresses or panel discussions where some users are “speakers” and the rest are audience members. The platform reportedly has over 10 million users and is valued at $1 billion. Since last year it has been an invite-only haven for Silicon Valley elite and celebrities, including an Elon Musk appearance earlier this month. But the company has struggled both with concrete security issues and more ephemeral questions around how much privacy its users should expect.

“With smaller, newer social media platforms we should be on our guard about our data, especially when they go through huge growth it tests a lot of the controls,” says security researcher Robert Potter. “Things you might have gotten away with with only 100,000 people on the platform—you increase those numbers tenfold and the level of exposure goes up, the threat goes up, the number of people probing your platform goes up.”

Read 12 remaining paragraphs | Comments

Posted in Clubhouse, Gaming & Culture | Comments (0)