@bontchev Ah, there it is...

@bontchev I get the sentiment 😀
But there's something here that's not quite right.
If you don't give in to a bully's *unreasonable* demands, are you then *responsible* for the bully carrying out their violent threats?
Sounds like good ol' victim-blaming to me.

Rather than buying useless junk today, how about sponsoring your favorite open source projects?

(Or me at https://github.com/sponsors/JosephLeedy.)

#OpenSource #PHP #AdobeCommerce #Magento

@jwildeboer Algorithms. Don't miss them.

The #Fediverse can focus on praising what is good while also criticising what is bad. That's what makes us special, in my opinion. Other "social" networks use algorithms to hide the praise because only negativity brings traffic and ad click money. We are different. We can promote the good without risking being shadow-banned. Use that power. At least once a day. Deal? It takes some time to leave that pavlovian reflex of negativity behind. But at least try and you will enjoy the results :)

1/3

Zig: Migrating from GitHub to Codeberg

https://lemmy.world/post/39389882

@nina_kali_nina I thought I recognized it from somewhere!!

@nubecolectiva In control, theoretically, at least.
In reality, even if you knew *how* to revoke permissions, unless you are supervising every action of the AI, you wouldn't know when you'd want to...

@eff @internetarchive @wikimediafoundation In these times it's no less than a miracle that they exist and thrive!

We're grateful for the @internetarchive and @wikimediafoundation for continuing to demonstrate that the open web is the best web.

@randahl Good rethorical question!
But I'm gonna give my 2c answer anyway:
Not as long as so many of us see them as useful idiots and put them in power for that reason.

Putin wants Ukraine to cease to exist.

The Ukrainians want Ukraine to exist.

But according to Marco Rubio we are very close to bridging these two positions.

When will we stop listening to the fools of this world?

About 1.5 years ago my friend was (falsely) accused of terrorism.

All of their electronic devices were seized, plus my stash of hard drives (stored at their place for reasons).

Of course police didn’t find any evidence. Culprit that impersonated my friend (and many others) got arrested recently (article in Polish).

Police returned the hardware few months ago and I found that all of my drives are now e-waste thanks to their carelessness, which made me (understandably) furious. I even considered suing them.

Said very good friend of mine entrusted me with their personal phone and pattern to unlock it. I charged and booted it for the first time since February 2024 and were curious how it was pwned. I knew police used cellebrite on it.

My crime is that of curiosity

As it turns out, police forgot to clean after themselves (there was an attempt) and left payloads, logs, and backdoor intact.

Took a peek at the first-stage payload but it’s too complex for me to reverse-engineer on my own. It’s relatively well obfuscated, but I can tell it’s using RNDIS (likely spawning a server?) and TLS-encrypted connection to talk to Cellebrite box.

If you’re a security researcher (or just curious nerd with more spoons than me) and you would like to take a look - here you go.

Payload was uploaded onto the device on 2024-02-21. If you want to re-create the environment it was executed on, you will need a:

• Samsung Z Flip3 5G (SM-F711B)
• Android build SP2A_220305.013.F711BXXS2CVHF

Rough execution flow:

1. USB device plugged in (Cellebrite Cheetah)
2. USB controller switches to host mode
3. Gadget switching USB VID/PID to load kernel modules (hid_steam, hid_apple, hid_prodikeys, hid_logitech_hidpp, hid_magicmouse, hid_aksys and tries to exploit quirks)
4. Module 'hid_aksys' leaks memory
5. Screen unlocked
6. ADB key '82:E5:EA:F3:DC:D1:7D:CA:65:3C:D4:58:65:CD:81:8E' added to trusted keys on the device
7. First-stage payload '/data/local/tmp/falcon' copied onto the device.
8. Second-stage payload (seemingly) executed as root:
	- /data/local/tmp/chrome-command-line
	- /data/local/tmp/android-webview-command-line
	- /data/local/tmp/webview-command-line
	- /data/local/tmp/content-shell-command-line
	- /data/local/tmp/frida-server-16.1.4-android-arm64
	- /data/local/tmp/init
9. Data extraction (photos, telegram, firefox, downloads)

Have fun!

@bontchev You're not wrong, but it's mostly irrelevant to the initial topic.
The conflict I see is between Putin, who started a war, and the Ukrainian people, who are the victims.
I think we should try to correct that wrong. Zelenskyy is rather irrelevant in this respect.

@bontchev Absolutely. No argument there.

@bontchev I have thought about it.
But before I get to that, notice how you sneakily inserted "pulled a trick" as if that's comparable to how Zelenskyy pulled a trick to get invaded so he could stay in power?!
Now, if the USA wasn't an ally and if democracy was eroded to a certain degree, I would not support that regime anymore either, if that's what you meant.
Whether my support would matter to Trump is another issue 😃

@bontchev All rules start out as opinions, and sometimes rules need to change to better handle a new situation. This is not a slippery slope or saying that rules don't matter. Rules can and must occasionally change. With proper consideration and accountability.

@bontchev @ErikJonker @geopolitics Yes, again, I know what you were referring to regarding Zelenskyy, but I was directing focus to what matters: The situation at the time of invasion, because given that, the invasion had no sound pretext. And that makes Putin the bad guy. What happened afterwards doesn't change that.
Besides, though Zelenskyy has technically outstayed his ordinary, peacetime mandate, most constitutions allow special provisions in times of war (state of emergency).

@bontchev @ErikJonker @geopolitics It would be up to an international court to determine it in the end. The ICC has already 'labelled' Putin a war criminal...
Zelenskyy was democratically elected before the full scale invasion of the east.
I feel you're unduly and perhaps overly eagerly trying to sow doubt where there's really very little.

@whasdah Thanks for the explanation. Which court is that?