danirod 🇪🇸“If you installed PyTorch-nightly on Linux via pip between December 25, 2022 and December 30, 2022, please uninstall it and torchtriton immediately, and use the latest nightly binaries (newer than Dec 30th 2022).” https://pytorch.org/blog/compromised-nightly-dependency/ #pytorch #python #pip #cybersecurity
richmanab
- 11 Followers
- 37 Following
- 47 Posts
Father, husband, InfoSec architect (CISSP), cyclist, more or less former SCCA road racer, restaurant-biz survivor; Wake Forest Charlotte Hornets, Charlotte FC, and Carolina Panthers fan. He/him/his
Well this is some frustratingly stupid stuff.
considering the "theoretically the affected companies could ship a still-secure OTA update that includes new system apps with new keys, and they could make new corresponding Play Store updates that are compatible with those new keys. That sounds like a lot of work, though."
As a consumer, I don't want "a lot of work" used as any excuse to not do the doable and right thing.
Not sure if this helps anyone else but just ran into a fun quirk. Have a Rasbery Pi that has been acting flakey through the KVM it's attached to, particularly on the V side of the box. I ended up using an Ubuntu VM to rdesktop into it and decided after weeks of tiny screen to rdesktop -f (full screen).
I suddenly realized the key bindings for rdesktop's -f and VMware's are the same so any attempt to get out of full screen in the rdesktop'd pi was fruitless.
Modifying the VMware preferences for the guest that I am rdesktop'ing from resolves this and allowed me to "Ctrl" + "Alt" + "Enter" to de-fullscreen.
If it saves anyone else a minute (or a few seconds assuming I am slower than most), just throwing it out there.
I am officially GDSA certified as of today. That was honestly quite stressful, different way than CISSP stress but the open book thing is not a good match for a chronic second guesser like me. I need a beer, and some sleep.
Granite ManVery sad to hear about Elon Musk.
Nothing happened to him, I’m just very sad to hear about him.
Have accidentally discovered how to get my eldest downstairs in seconds - have the broadband go out. Putting that knowledge in the emergency break-glass kit.
Appreciate this bit "Samsung's Galaxy S22 series devices and the company's Snapdragon-powered handsets aren't affected by these vulnerabilities."
From: Google says Google and other Android manufacturers haven't patched security flaws
https://www.engadget.com/google-arm-android-phones-security-flaw-mali-gpu-samsung-oppo-xiaomi-183029261.html
Interesting trend, the spam I've been seeing in my junk mail has gone from "consulting opportunity, $75" a few weeks ago to $400-$500 this week. They get into 5 figures, they might get me to lose my better mind and Re$p1()ND. #Spamflation?
Jerry 🦙💝🦙I just ordered Alice and Bob, which will be the test hosts. Once built, they will become alice.infosec.exchange and bob.infosec.exchange, and will only federate with each other for the purposes of security testing a similar instance configuration to that use by infosec.exchange.
This is a pleasant surprise this morning. Wasn't sure when v17 was young to drop. Yay me #vmware #virtualization #workstation