sylver_dragon

joined 2 years ago
MODERATOR OF
virginia
sorted by: new top controversial old
Plane making emergency landing on highway, colliding with car in c/crazyfuckingvideos@lemmy.world
[–] sylver_dragon@lemmy.world 2 points 15 hours ago* (last edited 15 hours ago)

They may not have seen a better option. I'm pretty sure this is the flight in question. Which, the linked video seems to be incorrect in stating that he problem occurred soon after take-off (total flight time is just over an hour). Guessing from the flight track, it looks like they turned east to go back towards the airstrip they took off out of. They were pretty well lined up with the runway, but didn't have the altitude to make it. Granted, they should have been looking for places to set down as they went, and it may just be that the freeway looked like the best option at the time. There is a lot of residential housing in the area they were in and the open areas seems to have a lot of tree cover. The freeway probably looked like an oasis of open ground in a sea of houses and trees.

EDIT: this is the source I used for the airplane's tail number to look it up on flightradar24.

"I expect every member of the Department to log in, learn it, and incorporate it into your workflows immediately. Al should be in your battle rhythm every single day" says Pete Hegseth in c/fuck_ai@lemmy.world
[–] sylver_dragon@lemmy.world 20 points 17 hours ago

Sorry about rolling that grenade under your bunk Mr. Secretary, GenAI told me to do it.

3 out of 10 password managers aren't secure enough(Google Chrome, mSecure, and PassSecurium). in c/technology@piefed.social
[–] sylver_dragon@lemmy.world 5 points 1 day ago* (last edited 1 day ago) (1 children)

Please don't save your passwords in a browser. This is one of the first things most InfoStealers go after, and they basically all fail to stop the theft. By all means, use a password manager. Really, they are great and make using unique, complex passwords everywhere much easier. Just, not the failures tied to browsers. KeePassXC is great, if you want to keep everything local. Though, you have to work out your own system for synchronizing between devices. BitWarden is good if you want something "in the cloud". You no longer have complete control, but you get easy access on all devices.

Maybe I've just got the wrong history book in c/historymemes@piefed.social
[–] sylver_dragon@lemmy.world 64 points 2 days ago (3 children)

Violence is always a bad answer.
Sometimes its the least bad answer of the options available.

Key handover in the dark: Syncthing fork community raises alarm in c/fdroid@lemmy.ml
[–] sylver_dragon@lemmy.world 3 points 2 days ago (1 children)

I really don’t see why there are so many people around saying “it’s probably fine”

Because there is currently no direct evidence of anything amiss. From the linked article:

Technically, the changes made so far have been reviewed by some people and no obvious malicious modifications have been found; F-Droid also builds the app reproducibly and verifies whether the published code matches the binaries

Granted, someone could be playing a long game here. Get control, wait for the controversy to die down while playing nice, then do then rug pull when no one is watching anymore. That's possible. It's also quite possible that the previous maintainer got tired of doing a hard and thankless job for no pay and wanted to shed the whole thing. They found someone to hand it off to, and the new maintainer is just shit at open communications. That happens and is also possible. Whether or not it makes you change your usage of the package is down to your risk appetite. But, jumping at every shadow gets old quick and at some point you have to accept some risk. So, unless and until there is more evidence to backup the claim of foul play; or, if you have a really low risk appetite, this is one of those things which falls under "keep an ear open, but it's probably fine".

Key handover in the dark: Syncthing fork community raises alarm in c/fdroid@lemmy.ml
[–] sylver_dragon@lemmy.world 16 points 2 days ago* (last edited 2 days ago) (7 children)

While it's probably fine, it's also worth remembering the FBI's Operation Trojan Shield happened. Similar state sponsored APTs would be very happy to get into such a privileged position.

Living language in c/memes@lemmy.world
[–] sylver_dragon@lemmy.world 1 points 3 days ago (2 children)

Those just invent new frameworks every six months which everyone should totally use this new framework, for reasons. Though, maybe that's just JavaScript.

Living language in c/memes@lemmy.world
[–] sylver_dragon@lemmy.world 7 points 3 days ago

English is what you get when a community can't defend its borders and keeps being taken over by new rulers with a different language, which then works its way partly into common usage. Also, random word borrowing, because fuck you it's ours now.

Demon light rule in c/196@lemmy.world
[–] sylver_dragon@lemmy.world 2 points 3 days ago

Go when the light is green.
Stop when the light is red.
But what do you do,
when the light burns bright
with the fires of Hell itself?

Half the Citrix tickets we get are basically this in c/iiiiiiitttttttttttt@programming.dev
[–] sylver_dragon@lemmy.world 5 points 3 days ago

But if they did have a mutable VDI, they still wouldn’t be allowed to install software.

The actual install isn't really important for an attacker, just the user making the attempt. The payload will exists beside the software installer and will be launched by the user running some sort of "install" batch file or executable. It won't install anything, it'll dump files in places like %TEMP% and add something to the user's RUN registry entry. It's also why I mentioned a "laptop". What the attacker is really after isn't the Citrix server (that would be nice to pop, but it's not necessary) it's the user's local system. That's going to provide a beachhead on the network for the attacker to work out from. It will also provide a treasure trove of credentials the attacker can sell or use elsewhere to attack the environment (infostealers don't need, or even ask for, local admin). Even just being able to sell access to one compromised laptop is a win for the attacker. Access brokers can sell that off to more advanced groups who will come back and try to move out from there.

But wait, we have MFA everywhere! Are you sure, are you really, really sure you don't have a dev team somewhere who decided to hang something out on a poorly documented corner of the network and they disabled MFA on the device for a test, and then forgot to shutdown the test equipment? Because ya, I've worked incidents where exactly that happened.

Half the Citrix tickets we get are basically this in c/iiiiiiitttttttttttt@programming.dev
[–] sylver_dragon@lemmy.world 4 points 3 days ago

If you set stuff up properly

A lot of heavy lifting going on in those words....

Also, the malware which gets bundled with "free" versions of products usually doesn't care if the install fails or succeeds, just that the user downloaded the package, unzipped it, and double-clicked on the ever-so-helpful "install.lnk". Most of the current ransomware and infostealer malware doesn't need local admin to do it's damage. Plenty of Remote Access Toolkits (RATs) will run quite happily in user space. Users can edit their local RUN registry key and/or create scheduled tasks. And there are doubtless Privilege Escalation vulnerabilities sprinkled around the system like fairy dust when it gets to be time to dump the SAM hive or lsass memory space.

Yes, locking down local admin gets you a lot, in terms of security. It's far from a trump card though. Lots and lots of damage can happen in user land.

Half the Citrix tickets we get are basically this in c/iiiiiiitttttttttttt@programming.dev
[–] sylver_dragon@lemmy.world 28 points 3 days ago (8 children)

Not to worry, they will just go to some sketchy website and download a "free" version of Office and then act all surprised pikachu when Security rolls up to take their laptop.

59
Being willing to try (lemmy.world)
 

On Monday, my desktop monitor decided to die. I sent my computer to restart for updates and it just suddenly gave up the ghost. The power button/light would come up, flicker and turn off, come up, flicker and turn off. The screen itself never came on. Something was very obviously wrong. After a bit of troubleshooting to be sure it was the monitor, I realized that it was no longer working and a suspicious "burning electronics" smell my wife had smelled near my computer recently was probably related.

So, I did what any clueless person does, I searched DuckDuckGo for anything related. And that led me to this video While this wasn't my exact monitor, it was the right manufacturer and with the suspicious "burning electronics" smell, the idea that one or more capacitors had popped seemed possible.

Now, I'm not an electrician. I can solder kinda ok (usually without burning myself). I have a basic understanding of electronics and know enough that I can look at a board and identify some of the components and what they might do. However, at this point the monitor was dead. It was destined for the landfill and I figured, "why the hell not?" The only thing I would lose is some time and maybe I would learn something along the way. And if I did succeed, I'd save myself a couple hundred dollars, prevent more e-waste and just generally do something that made me feel cool. So, I pulled out my toolkit and cracked my monitor open.

Inside I found a setup pretty similar to what the video showed. Specifically, there is a circuit board which is pretty likely the power supply. And sitting in a neat line were three capacitors which were bulging on top. Looking at the traces, all three capacitor bridged the same traces and I'm guessing they work in parallel somehow. I suspect that I had lost one or more when my wife smelled the burning electronics and the last one popped when I did the reboot. The monitor usually cycles into standby and comes back when I reboot and I guess that it led to just enough strain on the capacitor(s) this time to take them out. A few minutes work with a soldering iron, a solder sucker and solder wick and I had all three out and the holes cleaned out, ready for replacements (yes, they were all through-hole style).

Even better, all three capacitors were rated for the exact same voltage and capacitance (680uf 10V). Easy, I'll just pop down to the nearest Radio Shack, grab a few and.... Oh ya, it's not 1999. Getting any sort of small electronics part is actually a bit tough. Well fine, I ordered a 10 pack off Amazon. And then waited for them to arrive. They came today and I sat down to see if I could fix my monitor.

Soldering the new capacitors in place was only a few minutes work. I even have a 3d-printed resistor bending tool to get the spacing and bends in the legs pretty nice. Which was good as I just could not find capacitors of the right rating which were also the same diameter. The ones I got were about 2mm smaller. Parts replaced, I re-assembled my monitor, hooked it back up and... Well, it powered up correctly and the power button/light stayed blue, but there was nothing on the display.

Well shoot, this seemed close, but something was wrong. And then I remembered hearing a "pop" sound while moving some of the control boards around. Maybe I had disconnected a cable by accident or maybe I just didn't reconnect something right, or maybe I just fucked the whole thing up. So, I cracked the case back open (lesson learned: test before reassembling completely). I pulled the control boards back out and sure enough there was a ribbon cable which was half way unseated. I pushed that back in, put the control boards back in place (but left the case open), connected the monitor to my computer and fired it up. Never have I been so happy to see the GRUB menu.

I powered off the monitor, unplugged the cables and closed the case back up. And here I am now, writing a Lemmy post about it, using that monitor. Something destined to be e-waste, saved with less than $10 in components, a bit of easy solder work, and a willingness to just try.

4
Cost of living comes into focus as main issue for 2026 session with release of first prefiled bills (cardinalnews.org)
 

Democrats in the House of Delegates released a handful of their first prefiled bills Monday, ahead of the 2026 General Assembly session, with a focus on the cost of living.

The bill topics range from a minimum wage increase to upgrades for electric utilities to weatherization to paid sick leave. Constitutional amendments regarding abortion access, same-sex marriage, restoration of voting rights for formerly incarcerated people and a new congressional redistricting effort were also included in the slate of legislation.

10
Virginia Election Results - 2024-11-04 (enr.elections.virginia.gov)
submitted 1 month ago* (last edited 1 month ago) by sylver_dragon@lemmy.world to c/virginia@lemmy.world
3 comments fedilink
 

Virginia Elections are over and we have results:

  • Governor
    • Spanberger - 57.24%
    • Earle-Sears - 42.56%
  • Lieutenant Governor
    • Hashmi - 55.32%
    • Reid - 44.42%
  • Attorney General
    • Jones - 52.82%
    • Miyares - 46.78%

All 100 House Districts are also in the results. On a quick count, it looks like the House will be:
64 D - 36 R

8
Today (Nov 4) is in-person voting. Go Vote! (www.elections.virginia.gov)
submitted 1 month ago* (last edited 1 month ago) by sylver_dragon@lemmy.world to c/virginia@lemmy.world
0 comments fedilink
 

In person voting is Today - Tuesday November 4.

You can find your polling location:
here
Remember to bring an acceptable for of ID. If you are unsure what those are, you can look it up:
here.

This election is for State level offices, but will have major implications for the control of the government of the Commonwealth of Virginia. Elections this year:

You may also have local elections or ballot measures. Those can be looked up:
here.

NPR's live results app can be used to follow results of the Governor's Race as they come in:
here

25
Valheim board game arrived today! (lemmy.world)
 

I received my copy of the Valheim board game today. The game pieces look great and I can't wait to give it a play.

1
Judge: Spotsylvania woman can counsel addiction patients despite criminal past (archive.ph)
 

A federal judge ruled this week that Virginia law can't bar Spotsylvania County resident Melissa Brown from working with people who suffer from addiction.

Even though she was allowed to earn her state certification as a substance-abuse counselor, the 51-year-old was told seven years ago she couldn't work directly with patients because of her past.

She later learned about Virginia's barrier crime law, which prevents those found guilty of 176 various crimes from working directly with patients in state-regulated facilities.

“The government should never stop people from working because of irrelevant criminal convictions,” said Andrew War, senior attorney with the Institute for Justice, which worked with Brown to challenge the state law. “We’re thrilled the court recognized that."

22
Early voting is open in Virginia. Go Vote! (www.elections.virginia.gov)
submitted 2 months ago* (last edited 1 month ago) by sylver_dragon@lemmy.world to c/virginia@lemmy.world
1 comments fedilink
 

Early voting in Virginia began September 19 and runs through November 1.
In person voting is November 4.
The link provided can help you find your early voting location.

This election is for State level offices, but will have major implications for the control of the government of the Commonwealth of Virginia.
Elections this year:

25
Va. Supreme Court declines to hear Hanover 'secret police' case (archive.ph)
 

The Supreme Court of Virginia says there’s no reversible error in a lower court’s ruling that the Hanover County Sheriff’s Office must release the names of its police officers in response to a public records request.

In Hanover Circuit Court, a lawyer for Hines argued that any employee could one day become an undercover officer. Disclosing their names would jeopardize future undercover operations. Unlike payroll, the specifics of an undercover operation can be withheld under Virginia public records laws.

Hanover Circuit Court Judge Patricia Kelly agreed with Hines, finding that it was lawful to withhold 90% of the department’s deputies’ names.

Minium and Bodoh appealed the ruling, which was overturned at the Court of Appeals in February. A three-judge panel found that Hines’ argument “flies in the face of the stated and clear purpose” of Virginia public records law.

Judges wrote that hypothetical future operations don’t justify secrecy. The county did not prove that a hypothetical operation tomorrow would be jeopardized by the knowledge of an officer’s name today, the judges said.

In declining to take up the case, the Supreme Court of Virginia did not offer a detailed explanation but rather provided a boilerplate response stating that the appeal had no merit.

“The Court is of the opinion there is no reversible error in the judgment complained of,” read the denial letter in the case.

1
In special election, Democrats easily hold Northern Virginia congressional seat (wamu.org)
 

Fairfax Board of Supervisors member James Walkinshaw handily defeated his Republican opponent in a special election to represent Virginia’s 11th congressional district, winning about 75% of the vote. The Associated Press called the race just 30 minutes after the polls closed.

1
Virginia's 11th Congressional District special election, 2025 (Nov, 9) (ballotpedia.org)
 

Tomorrow (2025-09-09) is the special election for Virginia's 11th District for the U.S. House of Representatives. This seat was left vacant by the death of Representative Gerry Connolly.

1
Lanternflies are swarming Virginia, threatening its $8B wine industry (web.archive.org)
 

It’s been three years since the spotted lanternfly popped up at Bluemont and other vineyards across Loudoun County and Northern Virginia. The invasive insect had already devastated other areas of the country. Winemakers in the D.C. region are increasingly concerned about what the insects could do to their vineyards.

The spotted lanternfly’s landfall in the United States can be traced back to a shipment of stone from China that arrived in Berks County, Pennsylvania, in 2014, according to experts. The insect goes through a single life cycle — going from eggs to nymphs to adults — in a single year. Despite being non-native, the lanternfly can feast on more than 70 plant species in the Mid-Atlantic region in the nymph stage, propagating large numbers. As adults, lanternflies love to feed on grapevines

1
Purcellville vice mayor, town manager arrested following Virginia State Police investigation (www.wusa9.com)
 

According to the Loudoun County Sheriff's Office, Vice Mayor Carl "Ben" Nett and Town Manager Kwasi Fraser were indicted by a grand jury Wednesday.

A spokesperson for VSP issued the following statement to WUSA9.

“Following a Virginia State Police Bureau of Criminal Investigation Fairfax Field Office Investigation, a grand jury charged Carl B. Nett, Purcellville Vice-Mayor, with six felony counts: four involving violations regarding the Virginia Criminal Information Network and two related to bid rigging and conspiracy.

In addition, the grand jury also charged Kwasi Fraser, Purcellville Town Manager, on two felony counts related to bid rigging and conspiracy.”

view more: next ›