• 0 Posts
  • 15 Comments
Joined 1 year ago
cake
Cake day: June 15th, 2023

help-circle




  • jeansburger@lemmy.worldtohmmm@lemmy.worldhmmm
    link
    fedilink
    arrow-up
    41
    arrow-down
    1
    ·
    5 months ago

    I mean I have a greyhound who can countersurf, you just put baby gates around the kitchen and food. Keeping stuff out of snoot height/range removes most issues.

    Part of it is training them that it isn’t an appropriate thing to do. It usually helps that if they behave (and we’re eating something the pup can safely have) they get a bit of food as a treat.

    Training is a must and especially with a dog that big you need to make sure they know what is expected and appropriate. Doing that sets them up for success and makes it much easier to care for them overall.


  • Unfortunately I wouldn’t buy these given that it’s from Packt Publishing. I’ve bought quite a few of their books over the years and more often than not they’re either full of glaring writing errors that would have been caught if the book was looked at by an editor at all, the code examples have errors that require deep knowledge of said book topic to correct making it hard to progress, or the book doesn’t seem to follow a linear learning path making understanding what the author is trying to convey much harder.

    Don’t get me wrong there are some good books from Packt, but they’re much rarer than say a book from O’Reilly or Manning. They seem to just churn out content and not have a rigorous editing process meaning that it’s mostly up to the author’s writing ability to create something useful.

    I used to grab their free ebook of the day when they used to have that and more often than not I would delete or never finish the books because they were just so low quality.




  • It’s been hacked, the light bulb is likely part of some botnet or under an attacker’s control directly. Which is why it’s sending that much data continuously. IoT/smart devices don’t send a lot of data in this sort of volume as most of the time they’re idle and maybe send a heartbeat or status update every once in a while to prove they’re alive.

    This is what is called an indicator of compromise or IoC, it’s some behavior or pattern that can be used to determine what is happening or who is the one doing the attacking.

    Likely OP would need to do some analysis to be able to get attribution unless it’s a very well known botnet actor in which case attribution is fairly straightforward.



  • You’d think, but then again they probably ripped some open source repo off Github that had more features than necessary. Then proceeded to not turn any of those off, hack in their own features that aren’t very optimized because the board has like 4 gigs of storage and who cares. Finally bake in some firmware blobs for other components that probably allow them to figure out what sports you play or what pets you have so they can sell that info so other companies can show you ads.

    Add all that together and you probably have a firmware image that’s like a gig.

    Due to the hacked in features, they probably need to release patches frequently or add new “features” nobody asked for. It probably also has a phone-home “feature” so it can automatically update itself because you obviously need the “Defunkifier” setting on your washer right now.

    It wouldn’t supprise me if it the amount of network traffic from something like a “smart” washer was a few gigs a day because it’s constantly looking for new updates or sending whatever other telemetry data it’s collected to the mothership.



  • Yes there is! Great you have a strong, randomly generated password. There’s no collateral damage (you’re having your password manager generate the passwords right?) So your other accounts are safe, you only have to rotate one password.

    Well what happens for instance if someone really wanted access to your account? Say it’s a bank, a social media account, or maybe it’s just a game account for an MMO that’s super high value, you have a long and strong password, but let’s say the service’s security wasn’t quite up to snuff or you got phished and gave your password by accident (these things happen, it’s not your fault).

    This is where 2FA comes in, if someone manages to break your password the attacker needs your phone, your security key, your fingerprint, etc… To prove to the service they’re you. By having 2FA on the account you’re increasing your defense in depth for your account. If you didn’t have it your account is as good as gone as soon as an attacker cracks or gets your password.

    It acts as a second lock that needs to be picked in order to take over your account.

    I personally add 2FA to all of my accounts I can, the highest security ones get added to my hardware token. The ones I don’t need as high security go into my password manager (which has 2FA enabled but only available via my hardware key).

    Additionally as often as possible I try to use a unique email address for each service (simplelogin, addy.io, or similar, + based email addresses are easily bypassed) they all forward to my email but now you have to guess my email for the service (my own private domains, so not shared with anyone else) and what mailbox it ends up in. As a bonus you can disable emails that are sending spam or see who got breached based on the email.

    Again defense in depth, a long secure password is great but that’s only relying on a single lock. By having 2FA you’re doubling your security so to speak by requiring that extra key in order to access your accounts.


  • To be fair most of the class action lawsuits these days are “dumb.” It’s important to still fight these or else nothing will change. It’s a check valve on businesses and the government to prevent them from being completely unaccountable and harming entire populations of people.

    They named the feature incorrectly, then they only updated the language and explained it properly after people got in trouble or hurt because they thought it meant something different. That to me sounds like malice or at least negligence to me.

    Yes the suit sounds dumb initially. However if you think about how the average person might have been misled this does sound like Google needs to be held accountable.