• 0 Posts
  • 56 Comments
Joined 2 years ago
Cake day: August 7th, 2023
  • @yojimbo@sopuli.xyztoHacker News@lemmy.bestiver.seChatGPT-4o used to create a replica of his passport in just 5 mins bypassing KYCEnglish
    116 days ago

    Doesn’t it say:

    Although the fabricated passport likely would not withstand scrutiny due to the absence of an embedded chip, it proved sufficient to bypass the most basic KYC procedures employed by some fintech services.

    From what i gather about these “Know Your Customer” systems, they take the photo of your ID, check if it is realistic enough and then check the picture on your ID (bad as it is) against your authentic photo made through the app. Verification against 3rd party API confirming existence of such ID while welcome / preferred seems to be optional (doesn’t work for all IDs - there may be technical/ legal barriers).

    So the vulnerability has probably always been there, still is (?!?), for a sweet moment in time it was just more easy to exploit?

  • @yojimbo@sopuli.xyztoWorld News@lemmy.mlCharlie Angus Creates Canadian Parliament Petition to Ban X
    62 months ago

    We, the undersigned, citizens and residents of Canada, call upon the Government of Canada to transition official government communications away from Twitter/X to more secure, community-regulated platforms that prioritise public safety, accurate information, and accessibility. We encourage the government to explore publicly accountable alternatives, including decentralised networks, to ensure reliable and responsible communication with Canadians.

    Not a ban really (not in US banning tiktok sense), better.

  • @yojimbo@sopuli.xyztoPrivacy@lemmy.dbzer0.com*Permanently Deleted*
    32 months ago

    2 points I’m not sure got mentioned here

    1. There is a new hero on the block - his name is mox and he is bloody awesome! It’s a single binary written in go, that takes care of (citing) …IMAP4, SMTP, SPF, DKIM, DMARC, MTA-STS, DANE and DNSSEC, reputation-based and content-based junk filtering, Internationalization (IDNA), automatic TLS with ACME and Let’s Encrypt, account autoconfiguration, webmail… pretty much everything. As somebody who maintains few mailservers for living - this is a wet dream come true. It implements eg MTA-STS that I haven’t seen even on many commercial offerings yet. You run it once - it returns a long file with DNS records for MX, SPF, DMARC, DKIM etc… You run it second time with some switch - it generates its systemd file. Then you just spin it up - and that’s it. I always wanted to write something like this but I am nowhere near clever enough. There may be some performance constrains, it’s probably not “production grade” yet - but I’ve been using it for over a year with stellar results.

    2. There has been a lot of gatekeeping (they call it security strengthening) going on lately. In my experience even year ago If you managed to fit into your DKIM / DMARC / SPF rules stated in your DNS records you could still deliver pretty much everywhere. Even with a dynamic IP. As of June 2024 google started enforce PTR records and M$ I believe followed (meaning if your ip doesn’t have a correct PTR record your mail isn’t deliverable to Google / Microsoft mailservers). Most residential ISPs will not enable you to edit your PTR and since more and more people / companies use bloody google /M$ cloud services I don’t think it’s worth running mailserver just from home because the deliverability would be a hit and miss. You need at least to proxy the outgoing mail through some cheap VPS with public ip that you can set a PTR on.

  • @yojimbo@sopuli.xyztoToronto@lemmy.caFare inspectors in plain clothes issuing tickets on transit system: TTC
    55 months ago

    In Prague CZ (supposedly the 2nd best public transport system in the world) the “PID” has been employing “pain clothes inspectors” aka “revizori” for I suspect most of it’s 100+ year history. There are currently 140 of them employed full time, they don’t have body cameras and they come in pairs. Some of them are women. Comparing the sizes - 1.4 billion trips /year for PID and 600 million trips for TTC - it wouldn’t be unreasonable to have few “inspectors” employed full time. Of course I don’t know how significant fare evasion is in Toronto. Also - Public Transport should be free anyway.

  • @yojimbo@sopuli.xyztoPolitical Memes@lemmy.worldAh, the good old days
    335 months ago

    Ballpark numbers (guesstimated by ChatGPT). In the 50s (after the ww2 explosion of the US industrial capacity) you came home after an 8 hour shift in a fridge making factory and had an income that could easily keep up 3 kids (including education), 2 cars, 1 stay at home wife and a house (like in The Simpsons). Since then the work productivity has risen 600% - 700%, yet the average income has risen less than 150% and the median icome less than 80%.