●● IRC: #techbytes @ Techrights IRC Network: Friday, October 01, 2021 ●● ● Oct 01 [00:36] *rianne_ (~rianne@qhduu73fcjmdn.irc) has joined #techbytes [00:37] *liberty_box (~liberty@qhduu73fcjmdn.irc) has joined #techbytes ● Oct 01 [08:26] schestowitz
  • [08:26] schestowitz
    Breaking Custom Cursor to p0wn the web
    [08:26] -TechBytesBot/#techbytes- ( status 404 @ https://palant.info/2021/09/28/breaking-custom-cursor-to-p0wn-the-web/">Breaking ) [08:27] schestowitz
    [08:27] schestowitz

    The attack surface of Custom Cursor is unnecessarily large: it grants custom-cursor.com website excessive privileges while also disabling default Content Security Policy protection. The result: anybody controlling custom-cursor.com (e.g. via one of the very common cross-site scripting vulnerabilities) could take over the extension completely. As of Custom Cursor 3.0.1 this particular vulnerability has been resolved, the attack [08:27] schestowitz surface remains excessive however. I recommend uninstalling the extension, it isnt worth the risk.

    • [08:40] *GNUmoon2 has quit (Ping timeout: 2m30s) ● Oct 01 [09:01] schestowitz x https://www.computerworld.com/article/3367936/gmail-vs-outlook-which-works-better-for-business.html [09:01] -TechBytesBot/#techbytes-www.computerworld.com | Gmail vs. Outlook: Which works better for business? | Computerworld [09:01] schestowitz # false dichotomy [09:26] *GNUmoon2 (~GNUmoon@5qfh8ygvjx3sy.irc) has joined #techbytes ● Oct 01 [10:38] *asusbox has quit (Ping timeout: 2m30s) [10:38] *rianne has quit (Ping timeout: 2m30s) ● Oct 01 [14:44] *Despatche (~desp@u3xy9z2ifjzci.irc) has joined #techbytes ● Oct 01 [15:22] *Disconnected (Connection reset by peer). [15:23] *Now talking on #techbytes [15:23] *Topic for #techbytes is: Welcome to the official channel of the TechBytes Audiocast [15:23] *Topic for #techbytes set by schestowitz!~roy@haii6za73zabc.irc at Tue Jun 1 20:21:34 2021 [15:23] *libertybox (~schestowitz_log@ctqz25uirqr88.irc) has joined #techbytes [15:24] *Techrights-sec (~quassel@ctqz25uirqr88.irc) has joined #techbytes [15:31] *rianne_ (~rianne@ctqz25uirqr88.irc) has joined #techbytes [15:31] *rianne (~rianne@ctqz25uirqr88.irc) has joined #techbytes [15:31] *asusbox (~rianne@ctqz25uirqr88.irc) has joined #techbytes [15:32] *liberty_box (~liberty@ctqz25uirqr88.irc) has joined #techbytes ● Oct 01 [16:31] *psydroid2 (~psydroid@cqggrmwgu7gji.irc) has joined #techbytes ● Oct 01 [18:14] *rianne_ has quit (Ping timeout: 2m30s) [18:14] *liberty_box has quit (Ping timeout: 2m30s) [18:25] *rianne_ (~rianne@ctqz25uirqr88.irc) has joined #techbytes [18:26] *liberty_box (~liberty@ctqz25uirqr88.irc) has joined #techbytes [18:35] Techrights-sec EWONTFIX [18:35] Techrights-sec It doesn't have to work, it just has to decommoditize GNU/Linux and lock [18:35] Techrights-sec people into IBM's subscription "products". [18:35] Techrights-sec yes, I read about that. It causes problems in many areas. [18:35] Techrights-sec Certs have been one giant pyramid scheme. TR could start selling certificates [18:35] Techrights-sec as a side activity for income. :/ Yes, literally a pyramid. It's just a [18:35] Techrights-sec key signed by another key x n. [18:35] Techrights-sec Yeah but he did some kind of good things for a while with the money. But that [18:35] Techrights-sec massive amount of money ends up making him very, very isolated whether he [18:35] Techrights-sec realizes or admits it himself. [18:35] Techrights-sec I say kind of good, because pre-M$ infiltration, Ubuntu was great. However, [18:35] Techrights-sec it came a the expense of poaching many of the best movers and shakers from [18:35] Techrights-sec Debian. Possible that is part of what set Debian up for the CoC suckers and [18:35] Techrights-sec systemd. [18:35] Techrights-sec Placing Bacon in as, what to say, corporate spinmeister instead of having [18:35] Techrights-sec a real community manager interacting with the community set Ubuntu up for [18:35] Techrights-sec long term trouble. Then allowing the microsofters inside the company [18:35] Techrights-sec ensured that it could never, ever be in a position to thrive. [18:35] Techrights-sec After that Mark was effectivcely shackled and just burning money with no [18:35] Techrights-sec way forward. ● Oct 01 [19:02] *rianne_ has quit (Ping timeout: 2m30s) [19:03] *liberty_box has quit (Ping timeout: 2m30s) [19:30] *rianne_ (~rianne@ctqz25uirqr88.irc) has joined #techbytes [19:31] *liberty_box (~liberty@ctqz25uirqr88.irc) has joined #techbytes ● Oct 01 [20:10] *liberty_box has quit (Ping timeout: 2m30s) [20:10] *rianne_ has quit (Ping timeout: 2m30s) [20:12] *rianne_ (~rianne@ctqz25uirqr88.irc) has joined #techbytes [20:13] *liberty_box (~liberty@ctqz25uirqr88.irc) has joined #techbytes [20:34] schestowitz https://nitter.eu/joefields_/status/1444018029130563589 [20:34] -TechBytesBot/#techbytes-nitter.eu | Joe fields (@joefields_): "@schestowitz are you open to brand collaborations? I'm inviting experts such as yourself to signup to Onalytica's new platform where you can create a free profile & showcase your expertise to some of the world's largest brands looking to collaborate https://buff.ly/3hwzrR1" | nitter [20:35] schestowitz https://twitter.com/markmadsen/status/1443892192729354242 [20:35] -TechBytesBot/#techbytes-@markmadsen: Another example of broken YouTube policy implementation https://t.co/LUOHXPffXC [20:35] -TechBytesBot/#techbytes-@schestowitz: NEWS #Techdirt #Copyright Copyright Continues To Be Abused To Censor Critics By Entities Both Big And Small https://t.co/fRyxiEh6Q8 [20:35] schestowitz https://twitter.com/andresvarela/status/1443912584390975515 [20:35] -TechBytesBot/#techbytes-@andresvarela: Most shared for #coal @PastCoal @schestowitz @ProfStrachan @scmpeconomy @robotopia @lauriegoering @FrustIndian THL https://t.co/vCyTswmsm3 [20:35] -TechBytesBot/#techbytes-@andresvarela: Most shared for #coal @PastCoal @schestowitz @ProfStrachan @scmpeconomy @robotopia @lauriegoering @FrustIndian THL https://t.co/vCyTswmsm3 [20:35] schestowitz https://twitter.com/BibleCherokee/status/1443733249918910467 [20:35] -TechBytesBot/#techbytes-@BibleCherokee: @schestowitz Why did they want her to delete her posts? [20:36] schestowitz https://twitter.com/AngeloftheSeize/status/1443684382175268873 [20:36] -TechBytesBot/#techbytes-@AngeloftheSeize: @schestowitz #pelosi deserves that And #MORE [20:36] schestowitz https://twitter.com/Renelvis1706/status/1443647674322915334 [20:36] -TechBytesBot/#techbytes-@Renelvis1706: @schestowitz https://t.co/ojYxeZ0BCj [20:36] -TechBytesBot/#techbytes-@Renelvis1706: #MASQ_ai #China #cryptotrading. #VPN #privacy #Security DO YOU TRUST YOU VPN!!! Check us in on Telegram or https://t.co/aDx8sdqG5X [20:36] schestowitz https://nitter.eu/jrbrtson/status/1443597045273698314 [20:36] -TechBytesBot/#techbytes-nitter.eu | James Robertson (@jrbrtson): "If you have an older iPhone with an update prior to iOS 10 -the current version is iOS 15, just released-, or an Android phone that has not been renewed by Google since version 7.1.1 -We are on Android 13- you could lose it. ... September 30, 2000, more than two decades ago." | nitter ● Oct 01 [21:37] schestowitz https://www.fosslife.org/4-issues-facing-job-hunters-now [21:38] schestowitz " [21:38] -TechBytesBot/#techbytes-www.fosslife.org | 4 Issues Facing Job Hunters Now [21:38] schestowitz Todays red-hot job market comes with its own challenges for job seekers, reports Stephanie Overby. [21:38] schestowitz In this article, Overby offers tips for dealing with some of these challenges, including navigating a remote vs. hybrid approach to work, identifying stress and burnout, analyzing potential job positions, and handling counteroffers. [21:38] schestowitz Read more at the Enterprisers Project. [21:38] schestowitz ' ● Oct 01 [22:06] *rianne_ has quit (Ping timeout: 2m30s) [22:06] *liberty_box has quit (Ping timeout: 2m30s) [22:26] *rianne_ (~rianne@ctqz25uirqr88.irc) has joined #techbytes [22:26] *asusbox2 (~rianne@ctqz25uirqr88.irc) has joined #techbytes [22:27] *rianne has quit (Ping timeout: 2m30s) [22:27] *asusbox has quit (Ping timeout: 2m30s) ● Oct 01 [23:05] schestowitz please find herein the monthly password for the restricted part of the xxxxxxxx website for xxx 2021: [23:05] schestowitz Sincerely yours,