Someone can craft a URL to send via email to a target or put into an img tag or clickable link on a website. There are plenty of ways to exploit this that don't involve communicating with servers that are directly facing the Internet. Targets can be running on localhost. The 1,800 servers mentioned are just the Internet facing servers running Windows - probably mostly people who punched holes in their network to run a server from home. But there are plenty of devs who still run Apache + PHP in the background on their local Windows machines and most large corporations run Windows, so there's a lovely exploitable vector there. And how often do devs update the software on their computer they use to develop software? They almost never do because something always breaks when updating and they don't need that. It only takes one targeted dev to wreck a whole network of machines. For example, there was that wacky SSH backdoor discovered a few months ago that would have backdoored the whole planet due to careful targeting of one specific developer.

The character set limitation is the only saving grace here. You have to be running with a Chinese or Japanese locale to be vulnerable.

That's not true. Before 3rd party sellers were allowed onto the platform, Amazon search was actually pretty decent in my experience. It was shortly after they allowed 3rd party sellers to post whatever they wanted that their search engine became useless. But that was back when Amazon was primarily a book seller.

Walmart has the right idea: Move their fully validated supply chain stuff to the top of the search results. 3rd parties take a back seat on Walmart's site. Things would notably improve if Amazon's supply chain validated stuff floated to the top (not talking about Amazon Basics). And entire categories known to be problematic gray/black market areas (e.g. batteries, computer parts) could be flagged as only allowed to be supply chain validated or just simply booted off the site altogether if they don't want to deal with it.

Newegg has largely gone down the same road as Amazon. Their search results are flooded with 3rd party sellers with questionable equipment.

I suspect with two U.S. administrations coming down hard on Chinese imports that Amazon, Walmart, Newegg, etc. will be required to fully validate their supply chains. 3rd parties will be booted off the platforms en masse and the quality of those sites will increase. Walmart will be the least hardest hit financially because their online store is largely reflective of what is in their physical stores and warehouses.

Same boat. Same problem. Yes, SPF, DKIM, DMARC are all setup correctly. Sending small numbers of email per year (maybe 300 messages total).

The big problem children are Microsoft and AT&T. They, by default, bounce block everything until the IP is whitelisted. They don't bother with DNSRBLs and just assume all explicitly uncleared traffic is spam and also drag their feet on whitelisting systems. And even after whitelisting, all messages get dropped in spam. Can receive emails from them no problem AND most of those emails are spam but sending anything to their servers are a nightmare. Gmail, Yahoo, etc. are also spam havens but are free and clear through Microsoft and AT&T email servers.

The best solution would be to look at the recipient's address book and recently sent emails (after at least validating SPF and DKIM). If the person recently sent an email, any reply from that person should automatically be cleared through and inboxed. If the person added the email address to their address book, let through and inboxed. If the address isn't in the person's address book, let the first few messages through and dump to spam. If they move the message out of spam, those companies should ask if the user would like future emails from that sender to arrive in the inbox. This problem is solvable but major email providers aren't interested in solving it and they are also actively harboring actual spammers. Little tiny website/email service operators are largely ignored until they go out of their way to fix the problem for themselves which takes a ton of time and effort. IMO, all email should deliver to the recipient even if it gets flagged as Junk, including SPF/DKIM failures, which should cause the message to be tossed in the Trash folder so that at least it still delivers. Blocking any inbound messaging destroys the foundations of the Internet. Hard rate limiting sources by IP would also significantly reduce spam intake. SMS gateways, by default, have a 1 message/sec limit. That seems reasonable to me, which would largely stop mass marketing garbage messaging in its tracks as well.

...directly send data to the optic nerve without requiring any external devices (phones, glasses, headsets) or implants. Anything short of that will probably never work beyond being a toy/concept.

Every decade or so, the tech industry goes gaga over VR/AR stuff. The industry then produces awkward equipment that a few people purchase and get hyped up about. Then the concept fizzles out and dies. I think we're on the tail end of that curve now that everyone's realized it still won't work using the various external devices that have been created. Having to hold a device like a phone or tablet just to see something is lame. Implanting technology into the body comes with massive caveats including the major risks of permanent disfigurement, infections, and death. So until a fully contactless, fully external solution comes into existence that probably violates the laws of known physics in the process to feed the optic nerve directly and thereby bypass the eye altogether, VR/AR will keep getting dumped into the dustbin.

War Thunder has always looked to me like yet another toilet mobile game. There are plenty of toilet mobile games to play on the toilet. PC and console games offer vastly superior experiences. I guess asking about War Thunder would at least tell Raytheon that the person already lacks discerning taste in games and therefore might also lack discerning taste in other areas, including when to refrain from sharing classified intel with potential enemies.

A better question might just be to come out and ask if the person uses their mobile phone in the bathroom.

I want a washer, dryer, refrigerator, oven, A/C, furnace, and all the other major appliances to "just work" for 40+ years. Buy once and never buy again. There's a whole subreddit called BIFL (Buy It For Life).

Modern appliances, smart or otherwise, are far less reliable than that. Maybe get 5 years out of them before something major breaks.

Genymobile's scrcpy is the best, free, stable, and, most importantly, the only non-malware laden and ad-free Android screen mirroring software that can be picked up by OBS.

Just don't try to visualize it Virginia.

Could this tech eventually be used to track rodents in a residence? Knowing where rodents are hiding and their current movements would become a LOT easier if a device sifting through variances in radio signals can be pointed in a general direction and then it pinpoints the location of every critter to within an inch. A future version of the device could be a cat-like robot that just stalks rodents.

There are a lot of people in New York City who would benefit from such a device.

Lawsuit over the name "GTX" in 3, 2, 1...

I learned a new word today. Thanks /.!

Unfortunately, there are only *maybe* a half-dozen little-known distros that actually run well on older hardware. SliTaz, Tiny Core, and Puppy come to mind. Most distros follow a much more monolithic "do it all" model, which makes them feel fairly bloaty on older hardware - especially hardware that doesn't meet the minimum RAM requirements.

https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Ftrac.edgewall.org%2F

Must be a plugin.

Wait. If by "copy isn't 100% reliable," do you mean when you "press Ctrl + C, what you are pretty certain that you had selected didn't get copied to the clipboard so you go back, copy again, and it works the second time?"

If so, I have the same problem. It's intermittent but drives me up a wall when it happens. I end up pasting whatever I previously had on my clipboard. I've dumped so much garbage, including sensitive material on a couple of occasions, into Google search due to this bug.

SSH is inconvenient for a reason. Well, okay, it's inconvenient for several reasons.

The more convenient that the method to access a system is, the less secure that it is. Inconvenience, however, doesn't equate to security, but it does introduce a lot of inertia, which humans seem to despise.