https://mwl.io/archives/23498 Michael W Lucas 发现 Vultr 的服务条款更新时做了一项重大变更,并决定拒绝接受。
You hereby grant to Vultr a non-exclusive, perpetual, irrevocable, royalty-free, fully paid-up, worldwide license (including the right to sublicense through multiple tiers) to use, reproduce, process, adapt, publicly perform, publicly display, modify, prepare derivative works, publish, transmit and distribute each of your User Content, or any portion thereof, in any form, medium or distribution method now known or hereafter existing, known or developed, and otherwise use and commercialize the User Content in any way that Vultr deems appropriate, without any further consent, notice and/or compensation to you or to any third parties, for purposes of providing the Services to you.
论仔细读小字的重要性。
You hereby grant to Vultr a non-exclusive, perpetual, irrevocable, royalty-free, fully paid-up, worldwide license (including the right to sublicense through multiple tiers) to use, reproduce, process, adapt, publicly perform, publicly display, modify, prepare derivative works, publish, transmit and distribute each of your User Content, or any portion thereof, in any form, medium or distribution method now known or hereafter existing, known or developed, and otherwise use and commercialize the User Content in any way that Vultr deems appropriate, without any further consent, notice and/or compensation to you or to any third parties, for purposes of providing the Services to you.
论仔细读小字的重要性。
delphij's shared chaos
https://mwl.io/archives/23498 Michael W Lucas 发现 Vultr 的服务条款更新时做了一项重大变更,并决定拒绝接受。 You hereby grant to Vultr a non-exclusive, perpetual, irrevocable, royalty-free, fully paid-up, worldwide license (including the right to sublicense through multiple tiers) to…
LowEndTalk
Vultr is now claiming full perpetual commercial rights over all hosted content - Page 2
There seems to be a bit of a disconnect between the legal language and our trust and safety’s team intention.
xz的上游被塞了后门。
这个人花了两年多的时间潜伏,慢慢地把攻击代码以测试用例数据作为掩盖塞进了代码库,然后在release时加料,从测试用例数据中抽出一个二进制文件。攻击payload会塞进liblzma,由于Linux上的二进制文件加载顺序,该库提供的某个不应提供的符号会进入sshd从而形成后门。
影响使用systemd的主流Linux发行版。
CVE-2024-3094。
https://www.openwall.com/lists/oss-security/2024/03/29/4
这个人花了两年多的时间潜伏,慢慢地把攻击代码以测试用例数据作为掩盖塞进了代码库,然后在release时加料,从测试用例数据中抽出一个二进制文件。攻击payload会塞进liblzma,由于Linux上的二进制文件加载顺序,该库提供的某个不应提供的符号会进入sshd从而形成后门。
影响使用systemd的主流Linux发行版。
CVE-2024-3094。
https://www.openwall.com/lists/oss-security/2024/03/29/4
🙏1
PSA:4月10日是加州地产税Installment 2的截止日期。提醒本频道读者注意及时去所在county税务官网站查询自己的房产税缴纳情况并及时缴纳地产税。
https://www.cst.cam.ac.uk/news/ross-anderson Security Engineering: A Guide to Building Dependable Distributed Systems的作者逝世
www.cst.cam.ac.uk
Ross Anderson, 1956 - 2024 | Department of Computer Science and Technology
Professor Ross Anderson FRS FRSE FREng, our friend and longtime colleague, died unexpectedly at home on Thursday 28th March, aged 67.
看到眼科诊所用于测量瞳距和记录订单的iPad的Settings上面红色的❶, #家住圣何塞的李先生 使劲忍住了给眼科诊所iPad升级系统的冲动(握拳
🔥2
delphij's shared chaos
https://www.ietf.org/id/draft-schoen-intarea-unicast-127-00.html 前段时间忙没顾上跟进IETF的相关讨论,今天总算找了点时间来看。 有人提议把127/8改成127.0/16。感觉已经在互联网上飘荡的那几十亿台 #InternetOfShit 已经迫不及待地要发来贺电了啊
https://datatracker.ietf.org/doc/draft-schoen-intarea-unicast-127/ 草案第五稿了,好好上IPv6不好吗
IETF Datatracker
Unicast Use of the Formerly Special-Cased 127/8
This document redefines the IPv4 local loopback network as consisting only of the 65,536 addresses 127.0.0.0 to 127.0.255.255 (127.0.0.0/16). It asks implementers to make addresses in the prior loopback range 127.1.0.0 to 127.255.255.255 fully usable for…
PSA -- TurboTax导入某些银行(例如Ally Bank)的Form 1099-INT时有bug,有多个账号时只会导入前两份。
来来来说个不开心的事大家也开心开心
正准备睡觉,忽听得UPS警报响起,然后邮箱提示家里的存储服务器发来贺电:您的电池,坏啦。
https://twitter.com/delphij/status/1779404721104781718
正准备睡觉,忽听得UPS警报响起,然后邮箱提示家里的存储服务器发来贺电:您的电池,坏啦。
https://twitter.com/delphij/status/1779404721104781718
X (formerly Twitter)
𝓧𝓲𝓷 𝓛𝓲 (@delphij) on X
正准备睡觉,忽听得UPS警报响起,然后邮箱提示家里的存储服务器发来贺电:您的电池,坏啦。
🤣4👍1😇1
https://youtu.be/B3CHsbNkr3c 解决了我多年的迷惑:小时候老人为什么要把面粉拿筛网再过一遍…
YouTube
Is washing rice really still necessary?
Thanks to Misen for sponsoring this video! Upgrade your kitchen with Misen’s amazing knives and cookware. Get 20% off your first order: https://Misen.com/ragusea
My earlier video on arsenic in rice: https://youtu.be/EIM_zjCmQ5Y
Dr. Ya-Jane Wang, professor…
My earlier video on arsenic in rice: https://youtu.be/EIM_zjCmQ5Y
Dr. Ya-Jane Wang, professor…
delphij's shared chaos
https://www.worldjournal.com/wj/story/121472/7764680
继续关注本案。
今天(当地时间2024年4月19日,周五)13:30将再次举行刑事部分(C2400832)的听证会。注意进行听证的法庭是位于 HOJ 的 Department 34。
https://www.scscourt.org/general_info/ra_teams/video_hearings_teams.shtml
法医报告目前也已经结案。被害人的死因描述为「Blunt head trauma with near total detachment of right ear」。
除此之外,注意到有一个遗产诉讼(24PR196595)也在同步进行,该案件于2月13日发起,发起人名为「Xin Zhang」,代表陈立人的律师是祝良(Leon E. Jew)。首次听证会于4月15日举行,下次听证会是5月23日上午9:01。
今天(当地时间2024年4月19日,周五)13:30将再次举行刑事部分(C2400832)的听证会。注意进行听证的法庭是位于 HOJ 的 Department 34。
https://www.scscourt.org/general_info/ra_teams/video_hearings_teams.shtml
法医报告目前也已经结案。被害人的死因描述为「Blunt head trauma with near total detachment of right ear」。
除此之外,注意到有一个遗产诉讼(24PR196595)也在同步进行,该案件于2月13日发起,发起人名为「Xin Zhang」,代表陈立人的律师是祝良(Leon E. Jew)。首次听证会于4月15日举行,下次听证会是5月23日上午9:01。