• 17 Posts
  • 371 Comments
Joined 1 year ago
Cake day: June 7th, 2024
  • fubarx@lemmy.worldtoMemes@sopuli.xyzI ain't risking shit
    0·
    9 days ago

    I was in an Apple Store for a Genius Bar appointment when these two guys with hoodies and COVID masks walked in and started pulling phones off the displays and stuffing them into backpacks.

    It took less than a minute and then they ran off. The security guard just stood to the side and recorded a video. Once they were gone, everyone just went back to what they were doing, like nothing had happened.

    Afterward, I asked the Genius Bar guy if that happened often. He said the two guys hadn’t gotten much because they hadn’t refilled the display from a guy coming in and stealing all the phones literally the day before!

    The phones were tracked and the cops eventually caught the two dudes as well as the other solo guy.

  • fubarx@lemmy.worldtoPrivacy@lemmy.mlIt started to stop kids vaping [pot] in school bathrooms. Then they stuck it in poor people's homes. | DEF CON Snitch Puck Talk, October 2025
    18·
    13 days ago

    The minute the Pi4 compute module showed up, the jig was up.

    For the secure boot scheme to be really secure, you have to generate a unique key for each device. Most vendors don’t bother because it means each firmware update has to be signed and encrypted for each unique device. This also means you have to have the infrastructure for device attestation. You can’t just stick an update file on a public S3 bucket or FTP site like the good old days.

    Some end up reusing the same product key, so if it’s compromised, all devices in that family can be hacked. But even that’s too much for some vendors.

    Instead, they just wing it, and go back to the bad old habits (no encryption, or symmetric keys embedded in firmware) that get them featured in DefCon presentations.

  • fubarx@lemmy.worldtoDeGoogle Yourself@lemmy.mlBluetooth trackers usable without Google
    2·
    14 days ago

    The problem with these trackers is that the Bluetooth scanner needs to run in the background on the phone, which means you have to give the app a lot of privileges and the constant scanning can drain the phone battery more quickly.

    Google designed a nice Tile/AirTag beaconing alternative called Eddystone that ran as a system service and was pretty well-optimized. Unfortunately, they shut the whole thing down, so it’s every app on their own.

    There are programmable ones out there. I’ve had good luck with a developer-oriented brand called Blue Charm Beacons. There’s a small version with a button, but don’t think it’s rechargable. Or search for “Tile” on AliExpress.

  • fubarx@lemmy.worldtoAsk Lemmy@lemmy.worldWhat did you get fired for?
    1·
    16 days ago

    Most often because management wouldn’t hold up their end of the deal. They wanted to stick to a hard timeline, but wouldn’t approve a milestone or sit on a decision for days and weeks. That would cascade down and stress everyone out later. Deadlines work both ways.

    Another one was not making people who had special knowledge available. Or those people would drag their feet because they were busy elsewhere.

    Best solution was to have someone in upper management as a ‘sponsor.’ If things didn’t happen on time you told them about the schedule impact without throwing anyone under the bus. Funny how things would start happening.