- They drove there in their own vehicle
- They were seen on CCTV cameras going there and back
- They turned off their phones around the time when the tree was cut down
- They filmed it being cut down
- They took a photo of a piece of the tree in the back of their car
- They discussed it over text messages and voice notes as the media coverage picked up
- They pled not guilty 🤣
Q. I don’t trust this new key! Are you really Kali Linux?
A. The new key is signed by some developers from the Kali team, and the signatures are available on the Ubuntu OpenPGP keyserver. You can check it out at https://keyserver.ubuntu.com/pks/lookup?search=827C8569F2518CC677FECA1AED65462EC8D5E4C5&fingerprint=on&op=index.
I hope those developers have verified in person that the key custodian is not under duress!
Format-shifting and time-shifting your legally acquired and licensed media is not illegal. If the DRM is preventing someone from doing that then it is within their rights to remove the DRM. Recall that not everyone lives in a country subject to the draconian DMCA law.
I frequently access Lemmy through quite old hardware, and I'd be a bit worried that these PoW scripts would make the site unusably slow for me.
Ok I just finished watching it and I don't know how anyone could watch this and think that he is presenting a "both sides" argument.
It's very clear what Louis wants the viewer to take away from this documentary, from whom he interviews, the questions he asks and how he asks those questions, and what he chooses to show. I could tell from start to finish what he's trying to say, and it stayed consistent throughout. It was especially apparent at the end, as you said.
If you think this was a milquetoast critique then perhaps you're not familiar with Louis Theroux's work and his style of documentary.
Who is "we"?
I have even less respect for the BBC after watching this.
You're going to need to explain why, since it's only available to watch in the UK.
Video unavailable
This video is no longer available due to a copyright claim by Mindhouse Productions
Does Unraid still use JBOD with a single parity disk or have they moved to a sane drive layout?
Please tell me you're not vibe coding this project.
I thought the fine was for not allowing apps to tell users about alternate payment systems. Nothing to do with sideloading apps. Unless there was a second judgement with a fine recently?
I will describe how it works and the ethics of such a tool.
Where in this post do you describe the ethics of such a tool?
non-technical users believe that their votes are private, which is far from the truth. This attitude could potentially lead to harassment of Lemmings (yes, that’s what we Lemmy users call ourselves) for upvoting a particular post. Lemvotes makes it clear that votes are not private, which could help bring a more accurate picture of the way votes work on Lemmy to its users.
This is what needs discussion. It is this tool which will lead to harassment due to the way someone votes. And the threat or spectre of harassment will lead to the Chilling Effect, ie. self-censorship (of voting) to avoid harassment.
The chilling effect this causes will make communities even more like echo-chambers, as dissent will be pre-emptively squashed.
Without a tool like this existing, people have to go out of their way to find out this information (setting up their own instance, or finding someone who already does this surreptitiously). By making such a tool available to the lemmy community at large, you make it extremely easy for anyone to do this, and so the chance of harassment occurring is much higher.
You might think you're being clever, or on some kind of crusade to educate the uneducated. But actually your actions are making this (community-built) platform worse. Compare your actions to releasing a 0-day exploit for a security vulnerability instead of responsibly disclosing. It doesn't help, it just causes chaos until the people who do the actual work can figure out a solution.
Think about how your tool existing now changes the dynamic of Lemmy as a whole. Is it better, or worse? How would you actually solve this problem in Lemmy, instead of exploiting it?
don't feed the trolls
Mission accomplished.
No screenshots?
Visiting The Mining Spaceship Red Dwarf - Props & Costumes From The BBC Series
Amazing collection of props and costumes!
Malicious VSCode extensions infect Windows with cryptominers
Edit 2025-04-09 16:42Z - article was updated with a tenth package (Prettier - Code)
A set of ten VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero.
ExtensionTotal researcher Yuval Ronen has uncovered ten VSCode extensions published on Microsoft's portal on April 4, 2025.
The package names are:
- Prettier - Code for VSCode (by prettier) - 486K installs
- Discord Rich Presence for VS Code (by
Mark H) - 189K installs- Rojo – Roblox Studio Sync (by
evaera) - 117K installs- Solidity Compiler (by
VSCode Developer) - 1.3K installs- Claude AI (by
Mark H)- Golang Compiler (by
Mark H)- ChatGPT Agent for VSCode (by
Mark H)- HTML Obfuscator (by
Mark H)- Python Obfuscator for VSCode (by
Mark H)- Rust Compiler for VSCode (by
Mark H)
Malicious VSCode extensions infect Windows with cryptominers
Edit 2025-04-09 16:42Z - article was updated with a tenth package (Prettier - Code)
A set of ten VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero.
ExtensionTotal researcher Yuval Ronen has uncovered ten VSCode extensions published on Microsoft's portal on April 4, 2025.
The package names are:
- Prettier - Code for VSCode (by prettier) - 486K installs
- Discord Rich Presence for VS Code (by
Mark H) - 189K installs- Rojo – Roblox Studio Sync (by
evaera) - 117K installs- Solidity Compiler (by
VSCode Developer) - 1.3K installs- Claude AI (by
Mark H)- Golang Compiler (by
Mark H)- ChatGPT Agent for VSCode (by
Mark H)- HTML Obfuscator (by
Mark H)- Python Obfuscator for VSCode (by
Mark H)- Rust Compiler for VSCode (by
Mark H)
This "Basic" Robot Solves REAL Problems (without AI)
This is a moving story about a cafe in Japan that allows house-bound people to join in with society and find a purpose, using remotely operated robotic avatars.
Linux distros that don't exist, but we wish did
I had never heard of Absolute Linux, but the rest of this article has some interesting musings on lightweight distros that I thought would make for good discussion here.
In the world of showing off, there is alongside ‘Does it play Doom?’ that other classic of ‘Does it play Bad Apple?’. Whereas either would be quaint in the context of the Vi…
If you want to go straight to the original write-up, it's here: https://eieio.games/blog/bad-apple-with-regex-in-vim/
I Built Apple’s 1980s iPad Concept! (49m17s)
Great craftsmanship from this maker and the end result is impressive.
If you want to skip the construction process and just see the end result, skip ahead to 41:20.
The lemmy.ml pictrs server is resizing all images to thumbnail size
Edit: this appears to be fixed now: https://lemmy.ml/post/22203615/14801411
All images in posts on lemmyml are currently being resized to 256px on the longest dimension (width/height), even if they are image posts, not intended to be just article thumbnails.
Is this an intentional change? It makes text in images illegible and means that I have to view the original post to see the original image on every image post.
If this is a deliberate space-saving measure, could it be tuned for a little better usability? For example, increasing the maximum size of image when the post is an image post (as opposed to a web link that generates a thumbnail) and setting a size threshold to trigger resize (ie. most small images could be left alone).
Some examples from my feed:
![](https://lazysoci.al/api/v3/image_proxy?url=https%3A%2F%2Flemmy.ml%2Fpictrs%2Fimage%
Revival Hijack supply-chain attack threatens 22,000 PyPI packages
Threat actors are utilizing an attack called "Revival Hijack," where they register new PyPi projects using the names of previously deleted packages to conduct supply chain attacks.
The technique "could be used to hijack 22K existing PyPI packages and subsequently lead to hundreds of thousands of malicious package downloads," the researchers say.
If you ever install python software or libraries using pip install then you need to be aware of this. Since PyPI is allowing re-use of project names when a project is deleted, any python project that isn't being actively maintained could potentially have fallen victim to this issue, if it happened to depend on a package that was later deleted by its author.
This means installing legacy python code is no longer safe. You will need to check every single dependency manually to verify that it is safe.
Hopefully, actively maintained projects will notice if this happens to them, but it still isn't guaranteed. This makes me feel very unea
Vladimir Kramnik admits to VIOLATING Fair Play Policy
Description: "Featured is a playthrough of a blitz chess game between Rodrigo Vasquez and Vladimir Kramnik from an Early Titled Tuesday event which was held on October 17th, 2023. Kramnik recently admitted, via a YouTube comment on this topic of fair play surrounding him, that he played several tournaments under someone else’s chesscom account. This act violates chesscom’s Fair Play Policy. Kramnik played under Denis Khismatullin’s account, “Krakozia”. I share reasons why this is a violation of fair play policy, how a player can be negatively impacted because of it, and provide Kramnik’s YouTube comments where he attempts to explain it all."
Malicious Google Search Ads can now fake the displayed URL to push malware downloads
cross-posted from: https://lemmy.ml/post/4912712
Most people know at this point that when searching for a popular software package to download, you should be very careful to avoid clicking on any of the search ads that appear, as this has become an extremely common vector for distributing malware to unsuspecting users.
If you thought that you could identify these malicious ads by checking the URL below the ad to see if it directs to the legitimate site, think again! Malware advertisers have found a way to use Google's Ad platform to fake the URL shown with the ad to make it appear like a legitimate ad for the product when in fact, clicking the ad will redirect to an attacker controlled site serving malware.
Don't click on search ads or, even better, use an ad-blocker so that you never see them in the first place!
Malicious Google Search Ads can now fake the displayed URL to push malware downloads
Most people know at this point that when searching for a popular software package to download, you should be very careful to avoid clicking on any of the search ads that appear, as this has become an extremely common vector for distributing malware to unsuspecting users.
If you thought that you could identify these malicious ads by checking the URL below the ad to see if it directs to the legitimate site, think again! Malware advertisers have found a way to use Google's Ad platform to fake the URL shown with the ad to make it appear like a legitimate ad for the product when in fact, clicking the ad will redirect to an attacker controlled site serving malware.
Don't click on search ads or, even better, use an ad-blocker so that you never see them in the first place!
Free Download Manager site redirected Linux users to malware for years
A reported Free Download Manager supply chain attack redirected Linux users to a malicious Debian package repository that installed information-stealing malware.
The malware used in this campaign establishes a reverse shell to a C2 server and installs a Bash stealer that collects user data and account credentials.
Kaspersky discovered the potential supply chain compromise case while investigating suspicious domains, finding that the campaign has been underway for over three years.
My previous post does not appear in the (local) community that I posted it to
[SOLVED]: The issue was caused by having "Show read posts" unticked in Settings. This will hide your own posts from you!
I recently made a post[1] to this community about a bug that I experienced and reported.
The post does not appear in the New feed for /c/lemmy_support nor does it appear in my user profile under Posts [2].
However the post does have 3 replies (from users on multiple different instances) which means that other users can see it across the fediverse, so it's not a federation issue. (Also, my account and the community are both hosted on the same instance - lemmy.ml).
I was not subscribed to /c/lemmy_support at the time I made that post, but I am subscribed now to see if that affects my visibility of this post.
Is this a bug, or am I misunderstanding how lemmy works?
Interestingly, if I view my profile while logged out, it does show the posts that I made, but when logged in it shows zero posts in my profile.
[1] https://lemmy.ml/post/1394597
[2] 
Requirements Is this a bug report? For questions or discussions use https://lemmy.ml/c/lemmy_support Did you check to see if this issue already exists? Is this only a single bug? Do not put multipl...
![[Bug]: Lemmy.ml - profile menu had another user's username · Issue #1375 · LemmyNet/lemmy-ui](https://lazysoci.al/pictrs/image/0e4bb91b-0f90-4ec7-8245-e7dc87ca5319.png?format=webp)
See the images attached to the linked bug report. Where it usually says my username in the top-right, another user's name appeared. This happened twice in the last two days.
I submitted the bug to the lemmy-ui project, but I'm not certain if this is a lemmy-ui problem, or a problem with the specific infrastructure setup of lemmy.ml, or even a backend issue.
Any advice on whether I should post this bug report to somewhere else for greater visibility would be welcome. This could be indicative of a fairly serious security issue (or it could be a completely cosmetic bug).