kgravenreuth - Slashdot User

Comment Why all the slashdot hate for cryptos still? (Score 1) 185

by kgravenreuth on Thursday May 20, 2021 @10:08AM (#61403662) Attached to: Bitcoin, Dogecoin See Big Drops After China Reiterates Ban On Crypto Services

I honestly can't see it, you could have been a sceptic in 2017 and 2018, but since the space has evolved so much and using it as a medium of exchange online is booming. Get in while there is a dip and stop hating. It's still early!

Comment The end of cryptocurrency (Score 1) 241

by kgravenreuth on Sunday April 18, 2021 @04:46AM (#61285736) Attached to: China and Huawei's Dystopian 'New IP' Plan for 6G

... anonymity, freedom, etc

Submission + - China's Dystopian "New IP" Plan Shows Need for Renewed US Commitment to Internet (justsecurity.org)

Submitted by schwit1 on Friday April 16, 2021 @10:04AM

schwit1 writes: “Huawei’s plans for 6G and beyond make U.S. concerns over 5G look paltry: Huawei is proposing a fundamental internet redesign, which it calls “New IP,” designed to build ‘intrinsic security’ into the web. Intrinsic security means that individuals must register to use the internet, and authorities can shut off an individual user’s internet access at any time. In short, Huawei is looking to integrate China’s ‘social credit,’ surveillance, and censorship regimes into the internet’s architecture.”

Submission + - Malicious Actors are targeting Go packages on Github (michenriksen.com)

Submitted by ArghBlarg on Saturday March 06, 2021 @01:32PM

ArghBlarg writes: Michael Henrikson describes his investigations into Go package manager 'supply chain' attacks and found at least one very suspicious package, typosquatting on one of the most popular logging libraries. The imposter package phones home to an IP he alleges belongs to the Chinese company Tencent:

It looks like the author utfave wants to know the hostname, operating system, and architecture of all the machines using their version of urfave/cli. The function extracts the system information and then calls out to the IP address 122.51.124.140 belonging to the Chinese company Shenzhen Tencent Computer Systems via HTTP with the system information added as URL parameters. While this code won’t give them any access to systems, it’s highly suspicious that they collect this information and the actor can quickly change this code to call back with a reverse shell if they identify a system to be valuable or interesting.

A good case for always going over your package imports, in any language, and ensuring you're either a) auditing them regularly, or b) keeping frozen vendored copies which you can trust.

Comment Re:Same elon Strat. (Score 1) 93

by kgravenreuth on Saturday March 06, 2021 @02:44AM (#61129538) Attached to: Tesla Share Price Plunge Knocks $267 Billion Off Market Value

sometimes you need to be bold and daring to push the boundaries. Time will tell if this was wise, don't judge prematurely ;)

Slashdot Top Deals