I suspect part of it is that the mitigation for DirtyFrag covers it, so everyone who blocked all the modules in question when that had only an incomplete patch probably hasn't unblocked them yet. I think this is the 4th patch for these modules, and only got a new name rather than just "there's still a way to get this code to do the wrong thing" because a different outside team found this one.

Yeah, and the person who released the information first was operating in an "if I noticed this, doing only as much as I'm doing, surely attackers would also notice" mode. Possibly some patches these days are sufficiently obvious as to their correctness and also effect that they should first become public as a set of stable releases. This was a kind of special case, as CopyFail was the combination of some code doing something strange with one user not being prepared for it, and fixed the user. If there are other users that also aren't prepared, fixing them isn't going to be subtle.

How shadows and reflections move when you're 10 milies from a mostly flat surface a thousand miles across is legitimately hard to analyze for a visual system that evolved on the ground, especially if you throw in small periodic surface orientation variations. Given how complicated it is to explain rare rainbow-related phenomena like sun dogs, it would be surprising if we'd identified and explained everything that can appear when flying above the ocean.

While you're at it, you also need to block installing esp4, esp6, and rxrpc, for, y'know, reasons.

According to the article, they (by way of their cloud provider) had DR backups, which they were able to get restored. But getting offline backups restored takes longer than the SLAs they give their customers and loses some data that hasn't been copied offline yet, which is why they also have backups that are complete and immediately available, using the API key that the attacker -- sorry, AI -- found in a file it wasn't supposed to have access to.

Verizon's 2 Gbps Fios home service doesn't support IPv6, due apparently to them picking hardware for this particular service that doesn't handle it. Their other service does handle it, including slower home Fios, but not that in particular.

I had VERY SPECIFIC requirements and I wanted the extended warranty. I would have paid 2x at a dealer. I know what I was doing.

I bought a used 2020 XC90 from CarMax last week. I did everything online from shipping it from Texas to Minnesota to financing the extended warranty. I walked in the door, gave them a cashier's check, and drove away within 10 minutes.

That's how it should be.

It uses VRTX, reportedly. Linux wasn't suitable as a real-time OS when the Hubble was designed, or really even when the Hubble got the 486 installed in 2009.

The LitleLLM packages were comprimosed on Tuesday. The packages compromised today were telnyx 4.87.1 and 4.87.2. It's the same root cause: credentials exposed to a compromised version of Trivy earlier were used to make an unauthorized release of a compromised version of a different package.

https://archive.is/uyPhk

---

Anthropic is prepared to loosen its current terms of use, but wants to ensure its tools aren't used to spy on Americans en masse, or to develop weapons that fire with no human involvement.

The Pentagon claims that's unduly restrictive, and that there are all sorts of gray areas that would make it unworkable to operate on such terms. Pentagon officials are insisting in negotiations with Anthropic and three other big AI labs â" OpenAI, Google and xAI â" that the military be able to use their tools for "all lawful purposes."

Until recently, you could get the text of national weather service guidance by telnet. It was about the right level of protocol to provide plain text to a terminal with enough information to paginate it and enough input to pick an airport code.

https://livingwage.mit.edu/met...

Typical annual salary, according to MIT's Living Wage Calculator for the NYC Metro, is $84,860.

Poverty wage is $7.52/hr (no kids) and minimum wage is $15.50 which, according to the calculator, should cover 1 adult with 3 kids.

The Brearley School, regarded as the best private school for girls in the nation and charging around $70K, is a non-profit.

What shareholders?

That works at some intersections. At others, buildings and echoes make it pretty much impossible to tell if the siren you hear is an emergency vehicle about to cross the intersection in front of you where you have a green light, or there's some emergency somewhere else, which is often true. They could still go through red lights, but not at full speed. With the new system, they find that the light is green for them at every intersection, and they don't have to slow down.