I suppose I would avoid connecting to untrusted networks, or avoid opening print dialogs while on them, or uninstall CUPS until a fix is available.

That refers to the fact that printer advertisements can contain lies: When you see a familiar printer name appear on a network, it could always be an impostor secretly pointing to the address of a malicious device.

So my first advice stands: Avoid interaction with untrusted or potentially compromised print servers.

To be clear, when I say “interaction”, I don’t just mean printing to them. I mean any interaction at all. Even just browsing a network for printers could potentially mean your system contacts the devices at the advertised addresses, and receives data from them. This Qualys report doesn’t make clear whether this kind of interaction is safe, so I have to assume for now that it is not.

Exploitation involves sending a malicious UDP packet to port 631 on the target, directing it to an attacker-controlled IPP server.

Okay, so at least until this is patched, it would be a good idea to shut down any CUPS-related process that’s listening on port 631, and avoid interaction with untrusted or potentially compromised print servers.

Either of these commands will list such processes:

$ sudo lsof -i :631

$ sudo fuser -v 631/tcp 631/udp

I don’t want to diminish the urgency of this vulnerability, but it is worth noting that “affecting all GNU/Linux systems” does not mean that every affected system is actually running the vulnerable code. Some installations don’t run print services and don’t ever communicate with printers.

Also, I suspect that the author’s use of “GNU” in that warning is misleading, potentially giving a false sense of security. (Sadly, a certain unfortunate meme has led many people to think that all Linux systems are GNU systems, and the author appears to be among them.) I don’t see any reason to think musl builds of CUPS are immune, for example, so I don’t assume my Alpine systems are safe just because they are not GNU/Linux.

threat actors backed by Beijing broke into a “handful” of U.S. internet service providers

Which ISPs?

Also, it would Be(e) better to link the original article (archived here), rather than this secondary reporting based on it.

The PC version of Dragon Age: Origins allowed programming the characters with combat rules, so I could decide ahead of time how I wanted them to behave in a fight. It was so much better than the usual options of either tedious micromanagement or watching a dumb AI do dumb things with my characters.

Did that feature return in any of the sequels?

There are a couple of emulation communities outside of Beehaw:

!emulation@lemmy.world

!emulation@lemmy.ml

How would this control people selling their used hardware? I don’t see anything about Sony trying to disable resold consoles.

you’ll get “a product that works like new with genuine PlayStation replacement parts (as needed) that has been thoroughly cleaned, inspected and tested”. You will receive all the cables and paperwork you need for a PS5, and it comes with a 12-month manufacturer’s warranty

That’s worth a premium to some people.

Oops.

Since you’re using sudo, I suggest setting different passwords on production, remote, and personal systems. That way, you’ll get a password error before a tired/distracted command executes in the wrong terminal.

Suggestion: Rather than using this text forum as a youtube click farm, include in your post an overview of your key points and a summary, as text. This would inform readers why they might (or might not) want to spend their time sitting through your video.

the fact that many electric cars rely on cloud services

Terrible idea, predictable results.

Is there a text version? Or if someone watched the video, are these drives sold by Amazon or by third party sellers?

Even League of Legends?

Maybe shadPS4 will (eventually) manage it?

https://shadps4.net/

https://github.com/shadps4-emu/shadps4-game-compatibility/issues/2

I don’t know the whole story behind Cybenetics, but I think it started just a few years ago as one guy who was active in the hardware enthusiast community and dissatisfied with the info generally available about power supplies. He has been doing outstanding work, not only in measuring performance and efficiency in multiple dimensions, but also in measuring the noise produced by these things at various workloads, and publishing the results for free. The reports were instrumental in my last hardware purchase, and I’m very happy with the model I chose.

It’s great to see his work recognized by a big vendor, and to see a big vendor moving to a superior certification system. Thanks for posting this.

Great, it’s reliable and enforces design patterns!

Upvoted because this is Programmer Humor. Thanks for the laugh, stranger!

I’ve never needed one.

Haha… Yes, I’ve found yaml to be problematic in this area, too. Probably because it lacks the context cues and modularity of a programming language.

It’s often I have to double and triple check to verify I copied the code with correct indentation.

I vaguely remember facing that issue once or twice in the past, but certainly not often. It was because the pasted code was too long for its starting point to be easily found in my editor, even if I scrolled up a bit.

If this happens to you often, I wonder: perhaps the code you maintain should be broken into smaller functions?

If I was in that situation again, I think I would simply place a bookmark before pasting and then jump back to the bookmark to indent/dedent the pasted block appropriately.

Edit: Come to think of it, I would have to check and correct it regardless of the language and braces, since confusingly indented code is unwelcome in my commits.

Well, Python kind of does the reverse of a semicolon: If you want to continue a statement over multiple lines, then you have to \ escape it.

That’s not true. Being within parentheses, brackets, quotes, etc. is enough for the parser to know you’re continuing. In practice, I find that context is already present in most cases.

For the other cases, occasionally surrounding an expression in parentheses is easy enough. Long conditionals probably deserve parentheses anyway, for clarity.

Growing up with C made me assume semicolons and braces were needed to avoid subtle bugs, but experience with more recent languages showed me that it’s possible to reliably parse the same semantic cues that humans use: indentation, parentheses, and other such context. (Perhaps this was less viable when C was invented, due to more constrained hardware.)

I was skeptical at first, but in practice, I have never encountered a bug caused by this approach in Python, Nim, or any other language implementing it consistently, over the course of a decade or two using them. Meanwhile, I have seen more than a few bugs caused by brace and semicolon mistakes.

So nowadays (outside of niche & domain-specific languages) I see braces and semicolons as little more than annoying noise and fuel for religious arguments.