overview for 0x0

According to a DOJ press release, the FBI was able to delete the Chinese-used PlugX malware from “approximately 4,258 U.S.-based computers and networks.”

Details:

To retrieve information from and send commands to the hacked machines, the malware connects to a command-and-control server that is operated by the hacking group. According to the FBI, at least 45,000 IP addresses in the US had back-and-forths with the command-and-control server since September 2023.

It was that very server that allowed the FBI to finally kill this pesky bit of malicious software. First, they tapped the know-how of French intelligence agencies, which had recently discovered a technique for getting PlugX to self-destruct. Then, the FBI gained access to the hackers’ command-and-control server and used it to request all the IP addresses of machines that were actively infected by PlugX. Then it sent a command via the server that causes PlugX to delete itself from its victims’ computers.

The title is a bit blick-batey as it implies the FBI did it directly to said computers.

AI datacenters putting zero emissions promises out of reach in c/[email protected]

[–] 0x0 6 points 4 days ago (2 children)

No mention of a few corpos going for nuclear as a power source for said datacenters?

7

list installed packages and their repositories (self.archlinux)

submitted 4 days ago by 0x0 to c/[email protected]

5 comments fedilink

As the title says.
pacman -Q lists only name and version;
pacman -Qi does have a "Packager" field, but i think it's not the same thing;
pacman -Qs seems to be what i want (if local means "all installed packages atm") but it's all prefixed by local/ instead of repo name like mingw32/ which is what i want.

I'm using MSYS2 in windows.

killed all access to remote share after CIFS atempt in c/[email protected]

[–] 0x0 2 points 4 days ago

I have no access and, it seems, neither does local IT. Yay.

killed all access to remote share after CIFS atempt in c/[email protected]

[–] 0x0 3 points 4 days ago (2 children)

At the moment i'm getting mount error(13): Permission denied at the new vm (where i was attempting to mount).
dmesg has

[ 9254.003440] CIFS: Attempting to mount \\10.10.10.10\dir\\dir2
[ 9254.181314] CIFS: Status code returned 0xc000006d STATUS_LOGON_FAILURE
[ 9254.181333] CIFS: VFS: \\10.10.10.10 Send error in SessSetup = -13
[ 9254.181367] CIFS: VFS: cifs_mount failed w/return code = -13

Attempting to ls the share in the other vm where it was previously working yields Host is down.
(Everyone else can access the share just fine.)

11

killed all access to remote share after CIFS atempt (self.linux)

submitted 4 days ago by 0x0 to c/[email protected]

4 comments fedilink

cross-posted from: https://programming.dev/post/24130558

My Win10 work laptop has a network share of a remote windows server. I access it everyday. If i change passwords, i have to remap the share.

I have a linux vm that does the builds for my project. It too has a mounted directory mapped to that remote windows share, using my credentials.

I tried mapping the share in another linux vm but got errors so ended up quitting as it wasn't that important.

However, now i can't access said share in any device, by name or IP address. WTF happened?

The mount command i use in linux is mount -t cifs -o rw,relatime,vers=default,cache=strict,username=my.username,domain=,uid=118,noforceuid,gid=130,noforcegid,addr=10.10.10.10,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=1048576,wsize=1048576,echo_interval=60,actimeo=1 //10.10.10.10/dir1/dir2 /media/remoteshare, the UID/GID are of the user that runs the builds.

I'd get having errors on mounting the remote share, but i'd expect that to be limited to the local computer i was trying to mount on, not that it would propagate to any device that has this share mapped!

7

killed all access to remote share after CIFS atempt (self.windows)

submitted 4 days ago by 0x0 to c/[email protected]

0 comments fedilink

My Win10 work laptop has a network share of a remote windows server. I access it everyday. If i change passwords, i have to remap the share.

I have a linux vm that does the builds for my project. It too has a mounted directory mapped to that remote windows share, using my credentials.

I tried mapping the share in another linux vm but got errors so ended up quitting as it wasn't that important.

However, now i can't access said share in any device, by name or IP address. WTF happened?

The mount command i use in linux is mount -t cifs -o rw,relatime,vers=default,cache=strict,username=my.username,domain=,uid=118,noforceuid,gid=130,noforcegid,addr=10.10.10.10,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=1048576,wsize=1048576,echo_interval=60,actimeo=1 //10.10.10.10/dir1/dir2 /media/remoteshare, the UID/GID are of the user that runs the builds.

I'd get having errors on mounting the remote share, but i'd expect that to be limited to the local computer i was trying to mount on, not that it would propagate to any device that has this share mapped!

Closed source for privacy in c/[email protected]

[–] 0x0 8 points 5 days ago (1 children)

instead of taking responsibility

This is why, they prefer to shift the blame in case it hits the fan. That's all, that's it.
They don't care about code quality, maintainability or whatever.

633

Facebook Is Censoring 404 Media Stories About Facebook's Censorship (www.404media.co)

submitted 1 week ago by 0x0 to c/[email protected]

26 comments fedilink

...surprising no one...

185

Copyright Industry Wants To Apply Automated Blocking To The Internet’s Core Routers (www.techdirt.com)

submitted 3 weeks ago by 0x0 to c/[email protected]

13 comments fedilink

The second step, which we still need to evaluate because some companies want it, and others are more hesitant, is to allow Anatel to have access to the core routers to place a direct order on the router

6

Minecraft In…COBOL? (hackaday.com)

submitted 3 weeks ago by 0x0 to c/cobol

0 comments fedilink

190

Hackers Can Jailbreak Digital License Plates to Make Others Pay Their Tolls and Tickets (www.wired.com)

submitted 1 month ago by 0x0 to c/[email protected]

26 comments fedilink

Yet another case of just because you can...

3

Is there any table with minimum *sdk requirements? (self.android_dev)

submitted 1 month ago by 0x0 to c/android_dev

6 comments fedilink

cross-posted from: https://programming.dev/post/22983650

I know that Android 14 requires targetSdkVersion >= 23 (or higher on the Play Store), but are there other minimums for this and minSdkVersion?

4

Is there any table with minimum *sdk requirements? (self.android)

submitted 1 month ago by 0x0 to c/android

1 comments fedilink

I know that Android 14 requires targetSdkVersion >= 23 (or higher on the Play Store), but are there other minimums for this and minSdkVersion?

12

The 7 Prominent Theories Explaining the Mystery Drones - Decrypt (decrypt.co)

submitted 1 month ago* (last edited 1 month ago) by 0x0 to c/[email protected]

10 comments fedilink

The Missing Nukes/Dirty Bomb Sweep Theory
The PSY-OP/Government Conspiracy Theory
The ET Theory
The Mass Hysteria Theory
The Copycats/Hoaxers Theory
The Iranian Mothership/Foreign Spy Theory
The Angels Theory

171

A twenty-five years old curl bug (daniel.haxx.se)

submitted 1 month ago by 0x0 to c/[email protected]

7 comments fedilink

I like the clarification:

Let me also touch this subject while talking security problems. This bug, the oldest so far in curl history, was a plain logic error and would not have been avoided had we used another language than C.

Otherwise, about 40% of all security problems in curl can be blamed on us using C instead of a memory-safe language. 50% of the high/critical severity ones.

Almost all of those C mistakes were done before there even existed a viable alternative language – if that even exists now.