i like to sample music and make worse music out of that.

  • 1 Post
  • 21 Comments
Joined 2 years ago
cake
Cake day: June 12th, 2023

help-circle



  • My main PC is a windows PC (mainly for video games and music production). I also have a Macbook for my work as a (currently) Lead Systems Automation Engineer for a large global company (14 years in the industry, 3.5 of those was me “taking a break” and going into Infosec specifically to first do endpoint/end-user security, then moving into container and cloud security) a personal Macbook, as well as a few Linux laptops I use to write code and do other tech-related things because I prefer MacOS and Linux for that kind of work. I’m well-exposed to most operating systems and have a working knowledge of how security works, both in a professional setting as well as a personal one.

    I mention BonziBuddy and search bars because they’re funny and to illustrate a simple point. The reality is that browser hijackers still very much exist (though they’re not as prevalent as they used to be because browsers themselves have become more resilient over the years - nowadays, they’re usually found in add-ons/extensions because its easier to fly under the radar that way).

    For all the shady shit I’ve done on all of the above platforms, I’ve never had an issue. Specifically in Windows, Defender - which is still the de facto/standard security tool that comes bundled with Windows under the Windows Security tool suite - has not once flagged malware for me. I’ve found it with Avast and BitDefender, but Windows Defender simply isn’t great for the things I do.

    I also run ClamAV on the Macbook for ad-hoc scanning of things I download prior to running them. Why? Because I’m not a negligent user and I do at least the bare minimum in regards to good security practices.

    In every one of the above cases/operating systems/platforms, there is always some kind of security tooling or framework involved (whether that’s ClamAV on Mac, BitDefender or ClamAV or MalwareBytes or whatever on Windows, SELinux or AppArmor or ClamAV on Linux) that can and should be leveraged if you really want to be “safe.”

    In the case of AMOS and Macs, users are purposely bypassing Gatekeeper and proceeding without knowing wtf they’re installing. As soon as Gatekeeper pops up like that, you should be on alert unless you know the software you’re installing isn’t signed, trust the source, and are willing to codesign it yourself.

    You, on the other hand, clearly seem to have some kind of gripe against Macs (based off of your comments in this now far-too-long comment thread) and that kind of weird quasi-religious brand loyalty (or hatred) is a thing I’ll never understand.

    The fact that you’re out on a public forum, spewing bad info/misinformation really says everything. Not that you care, but I’d have respected you more if you just admitted you were wrong and misread the bit about the Google ads. Instead, you decided to be confidently dumb and jump from hill to hill, prepared to die on each one of them.






  • I’m not sure where I said anything about the reason any of those platforms get viruses because you’re right, Windows was often more targeted because its footprint was massive by comparison (whole lotta end users out there, but also tons of domain controllers and enterprise systems running it) - I’m not arguing that.

    AMOS itself is distributed in all kinds of ways including phishing, being bundled into crap no-name software, shady ads, tainted torrents, whatever. You still have to be tricked into downloading whatever it is that infects your machine with it.

    As to this partially being Google’s fault, from the article itself:

    The ads are legitimate and paid for but disguise themselves as the website or software the user is searching for.

    In the given example, it sounds like the ad was for Trading View, a pretty popular stock market charting platform, but the ad itself took users to trabingviews.com and it looked like a clone or Trading View’s site or some kind of landing page that purported to be a download for a desktop client. In the Malwarebytes article I share below, the fake URL purporting to be Trading View’s website is actually tradingsview.com

    I’m not exactly sure where you’re getting the idea that this was a fake ad caused by malware pre-existing. These are “legit” Google ads that are bought and paid for and not quality checked by Google before they display them.

    Here’s the article directly from Malwarebytes, the folks who kindly did the write up the author of the above article is talking about:

    https://www.malwarebytes.com/blog/threat-intelligence/2023/09/atomic-macos-stealer-delivered-via-malvertising


  • Probably because windows and Linux users aren’t searching for free Mac apps. While I agree that it would probably be difficult to implement an attack like this for Linux (partly because it’s Linux and partly because it’s userbase is generally more technically apt), Windows has been susceptible to viruses since the dawn of time because users just install random shit on autopilot and click through installers without checking what extra bloat is included (which is often malware disguised as an extra third party program). I don’t think I agree that this specifically is Apples fault. No one blames Windows or Linux distros for user error and poor security practices.

    Google’s fault for not vetting the ads they let through? For sure. The users fault for not paying attention while installing the app and just clicking through the request to bypass Gatekeeper and then entering their system password when a pop up randomly asks for it for no discernible reason? Absolutely.

    What should Apple do to fix this? Lock the machine down to the point where users aren’t allowed to have admin privileges on their own machine?



  • Yeah, they all definitely seem quite polished. Sometimes I get the itch to play a MUD, find one or return to one I’ve played before, and get hooked for a few months. Other times, I’m done after a few days… they’ll always be an option for me though. IRE games are just fine for my purposes in that regard.


  • Same, back when I played a lot more. There was a period of time where I felt completely unfulfilled and unappreciated at work. I was a Linux admin at the time so I spent 90% of my time in a text environment. One day, I installed TinTin++ which has a non-GUI version and I’d just keep one ssh connection opened to a VPS I pay for and would just MUD throughout the day (mainly just running quests over and over). This was years before “quiet quitting” was cool lol


  • _bug0ut@lemmy.worldtoRetroGaming@lemmy.worldText-based games!(?)
    link
    fedilink
    English
    arrow-up
    12
    ·
    edit-2
    1 year ago

    If you’ve never tried a MUD, there are still a few out there that are alive and kickin’. Funny enough, I’ve been scratching that itch over the last few days and seeing whats out there. They’re something like a pre-cursor to MMOs - online, text-based games. If you get really deep into stuff like PVP, you’ll like wind up writing scripts that trigger actions based on what’s happening since its quicker than typing out commands when things get hot and heavy.

    If I had to guess, I’d say Aardwolf is probably the most populated and has the most users online at any given time. I have an old char on there that I occasionally log into and run some quests on:

    Aardwolf

    I just created a character in Alter Aeon and it’s alright so far, but I haven’t spent more than about an hour logged in:

    Alter Aeon

    I don’t know how people generally feel about Iron Realms Entertainment. Some or all of their MUDs end up with you kind of having to spend some money if you get super engaged, but I’m pretty sure most of their games are perfectly fine without paying for casual players. They have a handful of MUDs that cover different themes (classic fantasy, vampire stuff, etc). I actually tried out Starmourn recently which is a sci-fi themed one, but I think they’re no longer developing it actively - the servers remain up (for now, at least, I guess). Regardless, all of their games seem pretty polished and thoughtfully made.

    Iron Realms Entertainment main site

    Starmourn

    The cool thing about IRE is that their games are all playable in a browser and the browser-based apps include some QoL UI stuff like maps and stuff. The others generally require a (free) MUD client like Mudlet. Aardwolf has a highly customized version of Mudlet that has frames/windows within the client that show you your characters stats, maps, a chat window, and some other stuff.