KarnaSubarna

joined 2 years ago
sorted by: new top controversial old
Access to the LanguageTool browser extension will become paid in 2 weeks, unless you are using a local model or selfhost it in c/selfhosted@lemmy.world
[–] KarnaSubarna@lemmy.ml 4 points 5 days ago

You can self host the LT service as a docker container.

https://github.com/languagetool-org/languagetool

How would you expose Jellyfin securely without a vpn? in c/selfhosted@lemmy.world
How would you expose Jellyfin securely without a vpn? in c/selfhosted@lemmy.world
[–] KarnaSubarna@lemmy.ml 1 points 1 week ago

My bad, sometimes I forget that Tailscale is nothing but wireguard VPN.

Cuba is a national security threat to the US, Rubio says in c/world@lemmy.world
[–] KarnaSubarna@lemmy.ml 3 points 1 week ago

Osama Bin Laden and most of 9/11 perpetrators were Saudis, aren’t they?

How would you expose Jellyfin securely without a vpn? in c/selfhosted@lemmy.world
[–] KarnaSubarna@lemmy.ml -4 points 1 week ago (2 children)

Tailscale

Jellyfin to quadruple their prices following Plex's price increases in c/selfhosted@lemmy.world
[–] KarnaSubarna@lemmy.ml 2 points 1 week ago

If running as rootless docker then it’s free. But, if running as rootful docker then pay up.

/s

Microsoft Edge loads all your saved passwords into memory in cleartext — even when you’re not using them; Microsoft will not fix, says the behavior is "by design" in c/cybersecurity@sh.itjust.works
[–] KarnaSubarna@lemmy.ml 0 points 1 month ago

Firefox has master password concept since ages. Though the default behaviour is to store it in plain text.

36
Flatpak 1.16.4 Brings Important Security Fixes For Sandbox Escape & Deleting Host Files (www.phoronix.com)
 

First up with Flatpak 1.16.4 is a fix for CVE-2026-34078, which is a security issue allowing a complete sandbox escape leading to host file access and code execution in the host context. Ouch. The issue is due to Flatpak portal accepting paths in the sandbox-expose options that can be app-controlled symlinks pointing at arbitrary paths. Due to this apps can access all host files and can be used as a primitive for gaining code execution in the host context. Disabling Flatpak Portal is another way to workaround this issue but can cause app problems.

CVE-2026-34079 is also fixed and is for preventing arbitrary file deletion on the host file-system. CVE-2026-34079 stems from caching for ld.so removing outdated cache files without checking that the app controlled path to the outdated cache is in the cache directory.

Trump warns a 'whole civilization will die tonight' if a deal with Iran isn't reached in c/world@lemmy.world
[–] KarnaSubarna@lemmy.ml 4 points 1 month ago (1 children)

your governement is verbatim (!) talking about killing whole civilzations.

Not sure if it will make a difference to you if I say that I'm not from USA.

Also, the pedo became president on the back of promise to end getting involved in forever foreign war.

The current sequence of events ran contrary to such promise, and many of die-hard MAGA fans are jumping the ship[1].

[1] https://www.theguardian.com/us-news/live/2026/apr/07/government-shutdown-congress-house-of-representatives-donald-trump-republicans-democrats-ice-us-politics-latest-updates-news

Trump warns a 'whole civilization will die tonight' if a deal with Iran isn't reached in c/world@lemmy.world
[–] KarnaSubarna@lemmy.ml 9 points 1 month ago (1 children)

He will wake up tomorrow, and forget all about the veiled nuke threats he made a day before.

Tonight both US and Israel will likely hit harder (compared to what we already witnessed before), leaving a long trail of death (of civilians) and destruction of civilian properties and infras.

Tomorrow the pedo president will claim he sent Iran to stone age, and (again) proclaim victory in this war.

Trump warns a 'whole civilization will die tonight' if a deal with Iran isn't reached in c/world@lemmy.world
[–] KarnaSubarna@lemmy.ml 3 points 1 month ago (3 children)

Trump cannot be undone by Americans, because they all either actively or passively support and enable him

The number of people joined the latest "No King" protest march across States draws a very different picture though.

Trump warns a 'whole civilization will die tonight' if a deal with Iran isn't reached in c/world@lemmy.world
[–] KarnaSubarna@lemmy.ml 37 points 1 month ago (16 children)
  • Trump will again chicken out.
  • He thought (or made to believe) Regime change in Iran will a walk in the park.
  • Given the situation he is currently in, he just wants to save his face by any mean.
  • Dropping Nuke is biggest threat he can think of.
  • He don’t have the guts to follow it through.
  • He will just extend the deadline, or declare himself a winner and left Middle East to its fate.
‘It started with a tip-off’: how a Guardian investigation exposed child sex trafficking on Facebook and Instagram in c/world@lemmy.world
[–] KarnaSubarna@lemmy.ml 6 points 1 month ago

In most likelihood, yes.

300
‘It started with a tip-off’: how a Guardian investigation exposed child sex trafficking on Facebook and Instagram (www.theguardian.com)
21
AppArmor vulnerability fixes available | Ubuntu (ubuntu.com)
 

How to check if you are impacted

To get the version of the sudo package installed, run the following command:

dpkg -l 'sudo*' | grep ^ii

The following table lists the fixed versions of the sudo package in all supported Ubuntu releases:
Release Package Fixed version
Questing Quokka (25.10) sudo 1.9.17p2-1ubuntu1.1
sudo-ldap 1.9.17p2-1ubuntu1.1
sudo-rs Not affected
Noble Numbat (24.04 LTS) sudo 1.9.15p5-3ubuntu5.24.04.2
sudo-ldap 1.9.15p5-3ubuntu5.24.04.2
Jammy Jellyfish (22.04 LTS) sudo 1.9.9-1ubuntu2.6
sudo-ldap 1.9.9-1ubuntu2.6
Focal Fossa (20.04 LTS) sudo Not affected
sudo-ldap Not affected
Bionic Beaver (18.04 LTS) sudo Not affected
sudo-ldap Not affected
Xenial Xerus (16.05 LTS) sudo Not affected
sudo-ldap Not affected
Trusty Tahr (14.04 LTS) sudo Not affected
sudo-ldap Not affected

Affected sudo versions

How to address

We recommend you upgrade all packages:

sudo apt update && sudo apt upgrade

If this is not possible, the sudo userspace mitigations can be installed directly and does not require a reboot to apply:

sudo apt update
sudo apt install sudo

The unattended-upgrades feature is enabled by default for Ubuntu Xenial Xerus (16.04 LTS) onwards. This service:  

  • Applies new security updates every 24 hours automatically.
  • If you have this enabled, the patches above will be automatically applied within 24 hours of being available.
1
New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises (arstechnica.com)
 

130
Ubuntu 26.04 splits firmware package to reduce update sizes (www.omgubuntu.co.uk)
 

Distro developers began discussing ways to reduce the size of firmware updates last year. Now, in Ubuntu 26.04, it’s introducing meta-packaging to spread Linux firmware across 17 smaller packages in the resolute archives. This resolves a bug filed in 2022.

The sub-packages are:

  • linux-firmware-mellanox-spectrum
  • linux-firmware-intel-wireless
  • linux-firmware-intel-graphics
  • linux-firmware-amd-graphics
  • linux-firmware-nvidia-graphics
  • linux-firmware-intel-misc
  • linux-firmware-broadcom-wireless
  • linux-firmware-netronome
  • linux-firmware-misc
  • linux-firmware-qlogic
  • linux-firmware-marvell-wireless
  • linux-firmware-mediatek
  • linux-firmware-marvell-prestera
  • linux-firmware-realtek
  • linux-firmware-qualcomm-wireless
  • linux-firmware-qualcomm-graphics
  • linux-firmware-qualcomm-misc
1
State actor targets 155 countries in 'Shadow Campaigns' espionage op (www.bleepingcomputer.com)
submitted 3 months ago* (last edited 3 months ago) by KarnaSubarna@lemmy.ml to c/cybersecurity@sh.itjust.works
0 comments fedilink
 

787
France Just Created Its Own Open Source Alternative to Microsoft Teams and Zoom (itsfoss.com)
submitted 4 months ago* (last edited 4 months ago) by KarnaSubarna@lemmy.ml to c/linux@lemmy.ml
106 comments fedilink
 

La Suite Meet: https://github.com/suitenumerique/meet

1
Pirate archivist group scrapes Spotify's 300TB library, posts free torrents for downloading 86,000,000 tracks — investigation underway as music and metadata hit torrent sites (www.tomshardware.com)
80
Texas sues TV makers for taking screenshots of what people watch (www.bleepingcomputer.com)
 

According to complaints filed this Monday in Texas state courts, the TV makers can allegedly use ACR technology to capture screenshots of television displays every 500 milliseconds, monitor the users' viewing activity in real time, and send this information back to the companies' servers without the users' knowledge or consent.

243
System76 Launches Pop!_OS 24.04 LTS With COSMIC Desktop (www.phoronix.com)
submitted 5 months ago* (last edited 5 months ago) by KarnaSubarna@lemmy.ml to c/linux@lemmy.ml
29 comments fedilink
 

https://system76.com/pop/download/

Release Notes

  • Pop!_OS 24.04 LTS includes the new COSMIC Desktop Environment, designed and developed by System76.

  • Some GNOME apps are replaced by COSMIC apps

    • GNOME Files (Nautilus) > COSMIC Files
    • GNOME Terminal > COSMIC Terminal
    • GNOME Text Editor > COSMIC Text Editor
    • GNOME Media Player (Totem) > COSMIC Media Player

  • Pop!_Shop is replaced by COSMIC Store

  • Key components

    • COSMIC Epoch 1
    • Linux kernel 6.17.9
    • Mesa 25.1.5-1
    • NVIDIA Driver 580

  • Some games may start partially off-screen. Press F11 or Super+F11 to fullscreen the game

  • Display toggle hotkeys and an on-screen display is not supported yet

  • COSMIC has a built-in screenshot tool. If you require annotations, we recommend Flameshot, which can be installed from Flathub via COSMIC Store. Version 13.1 or higher is required for COSMIC

  • COSMIC is not currently optimized for touch devices. An on-screen-keyboard is in development.

  • The COSMIC Desktop will be continuously updated with new features and improvements after release

  • Kernels and hardware support are continuously updated in Pop!_OS

  • You can follow COSMIC DE feature and improvement progress on the project board

209
iDescriptor Brings iPhone Management to Linux (linuxiac.com)
submitted 6 months ago* (last edited 6 months ago) by KarnaSubarna@lemmy.ml to c/linux@lemmy.ml
30 comments fedilink
 

https://github.com/iDescriptor/iDescriptor

Currently it supports AppImage, but Flatpak version will possibly be available in future: https://github.com/iDescriptor/iDescriptor/issues/1

1
WhatsApp API flaw let researchers scrape 3.5 billion accounts (www.bleepingcomputer.com)
 

The researchers from the University of Vienna and SBA Research used WhatsApp's contact-discovery feature, which lets you submit a phone number to the platform's GetDeviceList API endpoint to determine whether a phone number is associated with an account and what devices were used.

Without strict rate limiting, APIs like this can be abused to perform large-scale enumeration across a platform.

The researchers found this to be the case with WhatsApp, as they were able to send a high volume of queries directly to WhatsApp's servers, checking more than 100 million numbers per hour.

They ran the entire operation from a single university server using just five authenticated sessions, initially expecting to get caught by WhatsApp. However, the platform never blocked the accounts, never throttled their traffic, never restricted their IP address, and never reached out despite all the abusive activity coming from one device.

The researchers then generated a global set of 63 billion potential mobile numbers and tested all of them against the API. Their queries returned 3.5 billion active WhatsApp accounts.

view more: next ›