Just purchased a server license (for life). Not only is this update jam packed full of nice features, but a lot of their updates are. I’ve been self-hosting it (on a VPS) for the past year and it’s about time I supported them

CCC just wrapped up two days ago. https://events.ccc.de/congress/2025/infos/startpage.html

This happens every year with CCC, Defcon, and Blackhat. There are always interesting talks and you get a slew of posts from interested people.

Thank you for the comment!

Most of the beautiful hardwork was done by the store - I just pointed, zoomed, focused, and shot. It doesn’t feel like I did much to the already existing grandeur.

…and there you go:

https://ccs25files.zoolab.org/main/ccsfb/1REOCPAR/3719027.3765061.pdf

https://misc0110.net/files/exfilstate_ccs25.pdf

From https://www.sigsac.org/ccs/CCS2025/accepted-papers/ (#378)

Literally published less than a day ago:

ExfilState: Automated Discovery of Timer-Free Cache Side Channels on ARM CPUs

At the same conference (CCS) that the paper referred to by the ars technica article was accepted.

You can implement a counting-thread that’s even more precise than the CPU’s timer (TSC on x86) platforms. This was shown in attacks on Intel SGX, where the rdtsc instruction to access the time-stamp counter is unavailable.

https://link.springer.com/chapter/10.1007/978-3-319-60876-1_1

https://arxiv.org/pdf/1702.08719

If you remove access to the timer, attackers will simply build one.

If the reports are somewhat technical (written with Latex for example), check out sioyek: https://sioyek.info/. It’s a PDF reader mainly for academic use.

Sioyek has made reading and reviewing papers SO much easier and it’s really, really convenient… once you get the hang of it. It takes a bit of time to get used to all the things, but it’s worth it. I also review students’ theses with it. Highlighting colors and adding comments is super easy (select text, h+g (green highlight), type comment).

If you have want to export your notes and comments, you will need this script though: https://github.com/ahrm/sioyek/blob/main/scripts/embedded_annotations.py

I can’t believe I didn’t know about it! Thanks :D

May I know what plugin you use in KDE? Sounds like it’s something I’d like to check out.

Quick searches show me Bismuth and kwin-tiling, and bismuth seems to be archived.

When did you last visit? i wonder if they changed it since i last visited in late 2023. I needed to pass through security checks to get into the general premises - gardens and such, and could stand under tower. No payment required.

Edited: this review on google maps (sorry) from two days ago says it’s free to pass through: https://goo.gl/maps/ARW1jYzt3mGUEKgE8

Isn’t it free to stand under it? Going up costs money, yes.

https://www.toureiffel.paris/en/faq/spot/can-you-walk-beneath-eiffel-tower-without-paying-ticket

I was there last year, and I only paid for an éclair and a coffee at one of the cafés / restaurants underneath the tower.

I need a recognisable domain name website that google or duckduckgo has picked as the product.

This doesn’t always work. For example, I used to (and still do) see a lot of fake websites when I l type revanced (https://revanced.app/) on duckduckgo, and I’ve nearly fallen for two of the fake ones before (I think two of .com / .org / .to…?)

Thankfully ublock origin warns users of this:

Otherwise, I’d have 100% downloaded some malware-loaded crap.

Not exactly what you asked, but do you know about ufw-blocklist?

I’ve been using this on my multiple VPSes for some time now and the number of fail2ban failed/banned has gone down like crazy. Previously, I had 20k failed attempts after a few months and 30-50 currently-banned IPs at all times; now it’s less than 1k failed after a year and maybe 3-ish banned at any time.

There was also that paid service where users share their spammy IP address attempts with a centralized network, which does some dynamic intelligence monitoring. I forgot the name and search these days isn’t great. Something to do with “Sense”? It was paid, but well recommended as far as I remember.

Edit: seems like the keyword is " threat intelligence platform"

PR Videos to save you a click:

https://www.youtube.com/watch?v=mWKhSrsj3V0

https://www.youtube.com/watch?v=-v283Og5DLw

Sure

Nice!

Could you please word it slightly different to provide clarity? Perhaps:

From now on, you can comment !lemmysilver under any post to award the poster one lemmy silver. You can do this once every 24 hours in posts that are in participating communities (see: this post for more information). Alternatively, you can send a PM to LemmySilverBot with !lemmysilver username.

Ah, I think I misunderstood - the lemmy silver is for one to award to a different user, and not for one to claim? I was under the impression that it was the latter.

Neat idea!

Thanks loads! It’s pretty sick and now is my lock screen wallpaper ;D

These are gorgeous! If it’s okay with you, may I use this as my wallpaper?

https://metapixl.com/p/Stoy/797940603119447726

If yes, is there a high res image? Thanks!

Oh boy, this was a 20 minute rabbit hole.

Tl;Dr: this is probably AI generated.

Using google image search, I found is that it was created by this account in Oct/2024:

https://www.instagram.com/gothtoon/p/DBh-p4WgThS/

Alternative front-end: https://imginn.com/p/DBh-p4WgThS/

There is the copyright symbol with this user in this image.

If you go through the comments and other posts by that user, it does look AI generated. Their threads account has a linktree, which has a link to a discord server, which I momentarily joined to see what the deal is about.

Looks like it’s a project started by a user named Emo Bot 9000, and they’ve created a bunch of characters, the most famous of which is the frog mage. This is a message on discord that supports this:

Another user asks whether the frog mage stuff is made using AI, and Emo Bot 9000 essentially replies yes:

Now, although the image in this lemmy post is, to the best of my searching, nowhere explicitly labeled AI, I think it mostly points to being generated by AI. The simplest way to confirm would be to ask them on their discord directly, which I don’t intend to do.

Although reverse search tells me there are earlier appearances of this image, they’re either false or the PFP of a commenter.

My personal website is made using Hugo, sitting behind Caddy, and hosted on Racknerd. I see elsewhere in the thread that you’re looking for something akin to a $5/month VPS, but racknerd is MUCH cheaper for much more vCPU + vRAM (older hardware, but that’s not a deal breaker for hosting a static website).

I used to do $6/Month on Digital Ocean for 1 vCPU + 1GB vRAM + 1TB bandwidth, but now I’m somewhere like $3/Month for 2 vCPU + 2.5GB vRAM + 5TB bandwidth [1]. In fact, I paid $6 extra to have the server in France. Otherwise it’s $30 a year.

Check out racknerd tracker [2]. I found out about it through lemmy many months ago [3]. The person who made the website gets some affiliate stuff.

[1] https://racknerdtracker.com/?product=211%2F25gb-kvm-vps

[2] https://racknerdtracker.com/

[3] https://lemmy.world/comment/11855808