I agree with the sentiment but not the price. You can find commercial ones of this size for almost half the price. Ex. https://a.co/d/63aVKxp

Personally I don’t need it to be fully bezelless, so if that’s not a deal breaker, there are less expensive options available.

I thought exactly the same thing after falling down that hole and landing exactly where the game starts you off after traversing all the way to the top.

YSK that if they have kids, that doesn’t give them more votes. The kids can’t vote until they’re 18.

You don’t need to memorize it really, just have to generalize the position of the minute hand past the last round number. Is it about 40% between the 2 and the 3, then that’s a 12.

Are you saying the comment is fake, or the sentiment? This was actually posted to reddit: https://archive.is/U9ntj

it’s excessive

Exactly this, the .zip file extension is widely known, and now that it’s also a TLD, it can be confusing for some people. There’s no technical vulnerability, but the existence of .zip TLD just gives more ammo for phishing. For example, someone could register a domain name recent-bank-statements[.]zip (without brackets) and then have a subdomain for chase.com and send someone a link to https://chase.com.recent-bank-statements/[.]zip to “Download your bank statements”. If you’re not looking closely, you might not realize there is a . instead of a / and think that this link would go to chase.com When the site initiates a download of a zip file, you might trust the contents thinking it came from Chase and not a malicious link.

Not too sure, but a previous one says spaces are allowed in comments. I would assume the {} is similar?

I edited my post to include a case which explains the plain view exception with regard for digital files. From the sound of it, if the warrant were for like a Bitcoin wallet or some data file, then movies and images are likely out of scope, but if the search warrant were for video files, then pirated material would be in plain view of the search.

Based on this, I think it’s safe to assume that if there is a search warrant for video evidence related to a crime, and you have pirated material in a folder called /media/Jellyfin/Marvel Movies, that content would be admissible. I don’t think you could argue that the analyst should have understood that the only files in that directory were Marvel Movies, because if that were the case, then everyone would hide video evidence of their crimes in a Marvel Movies directory.

IANAL and not really sure if this would hold up for digital assets, but if there is a search warrant, anything in plain view is up for grabs: https://en.m.wikipedia.org/wiki/Horton_v._California. I would assume anything on the hard drive can be evidence in court if it is in plain view of the assets of the search warrant.

But also, for simply possession of pirated content, I don’t think the state would charge you, but you could be open to civil litigation if the copyright holders find out somehow.

EDIT: Looked into it some more, and seems there’s precedent that files of similar type on a hard drive are considered to be in plain view if they match the type of files which would be searched via a search warrant of the hard drive

In the case of United States v. Wong, police were searching the defendant’s computer for evidence related to a murder when they discovered images of child pornography on the computer. Although the warrant was specific to evidence of the murder, the Ninth Circuit held that the plain view exception allowed them to seize the child pornography, as searching graphics files was valid under the warrant and the files were immediately identifiable as contraband.

https://caselaw.findlaw.com/court/us-9th-circuit/1158361.html

This community really turned to shit allowing posts like these to remain active. Anything contradictory to OP is removed yet nothing they post is removed for “civility” or “misinformation”. OP has been banned in many communities for trolling, yet in this community they’re given free reign.

@TokenBoomer@lemmy.world, you removed all the other posts in this thread for “Civility” except this one, fyi

Not really sure what you mean by reusing UUIDs but theres nothing bad about using UUIDs in URLs for content you don’t want scrapped by bots. Sites like Google Photos are already are using UUIDs in the URL for the photos, and do not require any authentication to see the image as long as you have the URL. You can try this for yourself and copy the URL of an image and open it in a Private Browsing Window. Every so often someone realizes the actual image URL is public and think they’ve found a serious issue, but the reason why it isn’t is because of the massive key space UUID provides and that it would be infeasible to check every possible URL, even if it’s publicly available.

Even assuming 0 latency on their backend, if you wanted to check each UUIDv4 value again their database during your lifetime, you would need to check 1.686 x 10^27 UUIDv4 per second for 100 years straight. Supercomputers are measured in exaflops, which is 10^18 operations per second, so even distributing the work across many machines, you would need about 1 billion of super computers to be able to have a chance of checking every UUIDv4 value within 100 years.

Removed by mod

Thank you for bringing sanity to this thread. At this point, I have to assume that this person is trolling? That or they’ve been vibecoding too long?

a computer powerful enough can guess all possibilities in a matter of minutes, and query them all against the db to discover all files stored within.

Again, it would be computationally infeasible on any reasonable timescale of human existence. It’s no secret what every possible UUID would be, it’s the fact there are 5316911983139663491615228241121378303 of them and trying each one would be futile. They’re actually all on https://everyuuid.com/ to see for yourself.

Just for shits, I encrypted a file with a password being a UUIDv4. Here’s the encrypted file as base64:

YLIR6fL46HfRmueb1tZWiQUFQHYnZOKO9oujOzhvWYpfTtB5RnHtAvMgUgeIsffLC1wz7D17Vp0VT5YIJMb5pA==

Here’s everything you would need to do to decrypt this file with a password:

$ echo "YLIR6fL46HfRmueb1tZWiQUFQHYnZOKO9oujOzhvWYpfTtB5RnHtAvMgUgeIsffLC1wz7D17Vp0VT5YIJMb5pA==" | base64 -d > file.enc

$ openssl enc -aes-128-cbc -d -nosalt -in file.enc
enter AES-128-CBC decryption password:
u/01189998819991197253@infosec.pub can't brute force this

The password to decrypt the file is a UUIDv4. See if you can try every UUID and figure out which one I used as the password.

I’m not familiar with NSA’s Translator, so any info would be appreciated.

I saw your other comment about DES, and it should be noted that DES was with a key length of 56 bits, and that was enforced precisely because the NSA could brute force it. It wasn’t even a secret they could brute force 56 bit encryption, and written into law. Back then, if you wanted to use more than 56 bit encryption in the United States, you had to provide a key escrow system to allow the government to decrypt the content if they needed to. Around the 2000s with the rise of e-commerce, they dropped the export restriction because it was doing more harm than good. No one wanted to use so few bits in the encryption keys, but it was illegal at the time to write software which did.

A UUID’s 122 bits of randomness are exponentially more than the 56 bits DES offered. My original point being, all crypto is inherently brute forceable on an infinite timescale, but key length and implementation decisions are chosen to so that it would be computationally infeasible to brute force.

By this logic, all crypto is bruteforcable, on a long enough timeline.

A 122 bit random number is 5316911983139663491615228241121378303 possible values. Even if it were possible to check 1 trillion records per second, it would take 168598173000000000 years to check all the UUIDs and get the info on all the users. Even if every human on earth signed up for the app (~8 billion people), and you wanted to just find any one valid UUID, the odds of a generating a UUID and that being valid in their DB is basically 0. You can do the math your self following the Birthday Paradox to determine how many times you would need to guess UUIDs before the probability that any one UUID is valid against a population of the whole world is greater than 50%.

I have seen this picture, but it has not been released by the WSJ, CNN, NYT, etc. The WSJ article describes the letter and this matches the description, but this is a recreation based on the description. What OP is asking for is why can’t they find a scan of the actual letter and the reason is because it hasn’t been published.