Workaround steps for end-users to enable Legacy Game Compatibility Mode with affected games that have not received a software fix:

1. Power-up system and enter system BIOS setup.
2. Enable switch Legacy Game Compatibility Mode to ON (one-time only) in BIOS.
3. Save BIOS setup changes and exit.
4. Boot to OS.
4. Toggle Keyboard Scroll Lock key ON.
5. Launch affected game title.
6. Toggle Keyboard Scroll Lock key OFF after ending game title.

Source: Intel

What the fuck, Intel!? Seriously? Scroll Lock?? ROFLMAO!!!

Researchers at DevOps platform JFrog demonstrated how an integer overflow flaw (CVE-2021-40346) can be abused to perform HTTP request smuggling attacks that bypass any access control lists (ACLs) defined in HAProxy.

Contingent on front- and back-end server configurations, attacks could also potentially see adversaries hijack user sessions, access or modify sensitive data, or exploit reflected XSS (cross-site scripting) vulnerabilities without user interaction, according to JFrog.

Source: The Daily Swig

Computer chips have advanced to the point that they’re no longer reliable: they’ve become “mercurial,” as Google puts it, and may not perform their calculations in a predictable manner.

Not that they were ever completely reliable. CPU errors have been around as long as CPUs themselves. They arise not only from design oversights but also from environmental conditions and from physical system failures that produce faults.

But these errors have tended to be rare enough that only the most sensitive calculations get subject to extensive verification if systems appear to be operating as expected. Mostly, computer chips are treated as trustworthy.

Lately, however, two of the world’s larger CPU stressors, Google and Facebook, have been detecting CPU misbehavior more frequently, enough that they’re now urging technology companies to work together to better understand how to spot these errors and remediate them.

Source: The Register

Money quote:

“One of our mercurial cores corrupted encryption,” he explained. “It did it in such a way that only it could decrypt what it had wrongly encrypted.”

They also have a short talk (~10 minutes) where they explain what happend.

At first glance, Matthew Macy seemed like a perfectly reasonable choice to port WireGuard into the FreeBSD kernel. WireGuard is an encrypted point-to-point tunneling protocol, part of what most people think of as a “VPN.” FreeBSD is a Unix-like operating system that powers everything from Cisco and Juniper routers to Netflix’s network stack, and Macy had plenty of experience on its dev team, including work on multiple network drivers.

So when Jim Thompson, the CEO of Netgate, which makes FreeBSD-powered routers, decided it was time for FreeBSD to enjoy the same level of in-kernel WireGuard support that Linux does, he reached out to offer Macy a contract. Macy would port WireGuard into the FreeBSD kernel, where Netgate could then use it in the company’s popular pfSense router distribution. The contract was offered without deadlines or milestones; Macy was simply to get the job done on his own schedule.

Source: Arstechnica

More than 700 thousand human deaths from mosquito bites are observed annually in the world. It is more than 2 times the number of annual murders in the world. In this regard, the invention of new more effective methods of protection against mosquitoes is necessary. In this article for the first time, comprehensive studies of mosquito neutralization using machine vision and a 1 W power laser are considered. Developed laser installation with Raspberry Pi that changing the direction of the laser with a galvanometer. We developed a program for mosquito tracking in real. The possibility of using deep neural networks, Haar cascades, machine learning for mosquito recognition was considered. We considered in detail the classification problems of mosquitoes in images. A recommendation is given for the implementation of this device based on a microcontroller for subsequent use as part of an unmanned aerial vehicle. Any harmful insects in the fields can be used as objects for control.

Source: Rakhmatulin, I. Raspberry PI for Kill Mosquitoes by Laser. Preprints 2021, 2021010412 (doi: 10.20944/preprints202101.0412.v1).

GTA Online. Infamous for its slow loading times. Having picked up the game again to finish some of the newer heists I was shocked (/s) to discover that it still loads just as slow as the day it was released 7 years ago.

It was time. Time to get to the bottom of this.

First I wanted to check if someone had already solved this problem. Most of the results I found pointed towards anecdata about how the game is so sophisticated that it needs to load so long, stories on how the p2p network architecture is rubbish (not saying that it isn’t), some elaborate ways of loading into story mode and a solo session after that and a couple of mods that allowed skipping the startup R* logo video. Some more reading told me we could save a whopping 10-30 seconds with these combined!

Source: t0st

Rockstar, you had one simple job and you fucked up! This fix had cost about one hour of work, but you decided to release an unfinished game when the hardware available at that time wasn’t even capable of playing the game with maximum details. And now you wonder why people are mad at you. *facepalm*

Some days ago GitHub received a DMCA complain from the RIAA to remove youtube-dl due to copyright violations. The youtube-dl website is still online and I mirrored the files to my website just in case.

Now, due to a bug in GitHub – known for a long time – it’s possible to add files to other users’ repositories without modifying the checkout. You can’t change the current hash, but when adding files a new hash is created and you can link to that exact hash in order to get the files. Very neat!

So, long story short, that’s exactly what someone did.

For a recent project, I had to do research into methods rootkits are detected and the most effective measures to catch them when I asked the question, what are some existing solutions to rootkits and how do they function? My search eventually landed me on the TrendMicro RootkitBuster which describes itself as “A free tool that scans hidden files, registry entries, processes, drivers, and the master boot record (MBR) to identify and remove rootkits”.

The features it boasted certainly caught my attention. They were claiming to detect several techniques rootkits use to burrow themselves into a machine, but how does it work under the hood and can we abuse it? I decided to find out by reverse engineering core components of the application itself, leading me down a rabbit hole of code that scarred me permanently, to say the least.

Source: Bill Demirkapi

There was a time when people said, there are no or at least less exploits and stuff for Apple devices. Well, these time are over. Zerodium does no longer accept exploits for Apple devices and software due to too many being reported.

We will NOT be acquiring any new Apple iOS LPE, Safari RCE, or sandbox escapes for the next 2 to 3 months due to a high number of submissions related to these vectors. Prices for iOS one-click chains (e.g. via Safari) without persistence will likely drop in the near future.

Source: Zerodium

The server installer, perhaps other installers, will log LUKS passwords used on the system via:

– installer/subiquity-curtin-install.conf

 – {volume: disk-sda, key: …

– curtin/install.log

get_path_to_storage_volume for volume dm_crypt-0({‘volume’: ‘disk-sda’, ‘key’: …
        get_path_to_storage_volume for volume dm_crypt-0({‘volume’: ‘disk-sda’, ‘key’: …

Source: Ubuntu bug-tracker

A fix has been released, so you know the drill.

  • About

    Destabilizing cishetero amatonormativity. Providing disruption as a service. Once you know the way, you see it in all things. Unless you puke, faint or die, keep going. Also we never asked for this. I̸͝t̸̑ ̵̽i̷͗s̶͐ ̵͝a̶͒l̷ ͍r̷ ̗͕e̵͑a̶͌d̸̄y̷̚ ̶̀ ͓͑t̷̚ô̶o̸ ̥ ̶́ ̡l̷͝a̶̽t̵͒ė̶.̸ ̋͑

  • Got something interesting?

    You think you got something which should be on this site? Then contact us. You want something removed from this site, because you think it should not be here? Then go fuck yourself. This is a free website. Free as in freedom. It tolerates every opinion from everyone. However, it does not tolerate things which are illegal according to the Swiss legislation.

  • Disclaimer

    We cannot be held responsible for any kind of direct, indirect or consequential damages caused by the stuff and or opinions we provide here. Use this on your own risk. Don’t blame us if something goes wrong or totally messes up your machine, your life or whatever. If this is unacceptable for you then go away and never come back again. Thank you!