Hey Mastodon! 👋 Here is our #introduction post: We are the Data Visualization Lab at Khoury College of Computer Sciences at Northeastern University. You can find more about our work here: https://vis.khoury.northeastern.edu/
It's a huge open world experience, available in VR (but not required), in a retro-futuristic cyberpunk slum. Hundreds of crimes and stories to solve, lots of places to explore, AI companions to get, the flying car, tons more....
Apple is cutting Vision Pro production as it fails to meet sales targets.
Analysts expected it to sell 700-800k units in 2024, but it could now be as low as 400k. A lower cost model could now be pushed beyond 2025, if it ever arrives.
Meta lost $3.85 billion on the metaverse in the first quarter of 2024 alone. You know, that thing we all laughed about a couple years ago and next to no one actually uses.
It’s burned $45 billion on the metaverse since the end of 2020.
"People are once again walking into public places wearing a video-recording face computer on their heads. Only this time, the faceputer is sold by Meta, not Google."
Apple’s Vision Pro is a bad product with an even worse vision for the future of computation.
New sales numbers prove it’s a failure, but more than that it shows the idea of tech’s inevitability is a myth. We have the collective power to stop tech that doesn’t serve us.
"In 1838 Charles Wheatstone published a paper describing a curious illusion he’d discovered. If you drew two pictures of something – say, a cube, or a tree – from two slightly different perspectives, and then viewed each one through a different eye, your brain would assemble them into a three-dimensional view. Wheatstone created a table-size device to demonstrate the effect: the world’s first stereoscope."
Nice post on the history of #immersion & #VR (from 2017):
I have many interests, but music is probably the biggest one. I like to listen to uplifting #jpop, extreme #metal and everything in between. Favorites are #乃木坂46, #Watain, #OrbitCulture, #LornaShore.
I also like to post about #fashion related things, including the occasional #ootd. :bd05:
I'm into games as well, both #videogames and #Tabletopgames~ I don't care about genre, only about quality. :bd20:
To be able to afford all this good stuff, I develop websites and #vr applications for a living.
The 5th Shaw-IAU Workshop on Astronomy for Education kicks off on Wednesday (11/29) and I hear... there is a PARTICULARLY EXCITING talk on running a course on planetary science in #VR entitled "M is for Mars and Metaverse" 😉
As dedicated fans of #CatsOfTheBalcony will know, Casper is one of my TNR stray cats, who is a regular multi-dinners-a-day visitor and known for his antics such a jumping from balcony to aircon unit to washing poles and knocking over the webcam.
His talent for mischief was spotted by @DavidBFox, who thought Casper had what it took to be part of the #VR game he is developing based on Rube Goldberg machines!
Had a very interesting vuln disclosure experience today. I found a pre-auth RCE in F5-BIGIP admin panels (yes...the same one that's had RCE issues for years - there's more) with my coworker Thomas Hendrickson.
We went to report to F5 at the beginning of the month and had some back and forth with them over the disclosure timeline. We're not in a rush, we figured it would take a month or two to disclose, but they wanted to publish it in February 2024. That's a long time to wait for a pre-auth RCE bug, so we asked for it to be sooner, but with 48 hours notice so we could coordinate with our customers appropriately. They said they were fine with that.
Then last night at 8PM ET, we get an email that they're dropping the advisory + hotfix in 16 hours. We asked why and were told "we believe this vulnerability is now known outside of F5 and Praetorian thus forcing our hands at an immediate disclosure". The advisory was published a few hours ago - https://my.f5.com/manage/s/article/K000137353. No patch, but there's a hotfix you can run on some versions of F5s. A few versions have been marked as "will not fix", so this is a permanent way to pop them.
Simultaneously, a blog post that we referenced heavily for AJP Request Smuggling disappeared off the internet (the author locked every post they'd made since 2016). The posts were live 10 days or so ago.
Once the patch has had a little bit of time to be applied, we'll drop the rest of the technical information about the bug.
If anyone here is aware of this being exploited in the wild, I'd love to hear about it. Tagging a few folks who are a bit more in the know (apologies if this is spammy, but I'm curious).
On the IoC side it's a bit tricky because the bug relies on abusing a bug in Apache, so I have no idea what it actually looks like in the logs. The raw request will have "Transfer-Encoding: <a valid value>, chunked" as one of the headers. For example "Transfer-Encoding: gzip, chunked" or "Transfer-Encoding: chunked, chunked".
I know it's no #citrixbleed, but this is a pretty bad bug if you're one of the thousands of orgs that still has an F5 config panel on the internet.
“No amount of criticism or public indifference will stop tech companies from trying to get us opt into their isolating technology, into their enclosure, where they can not only capture more of our biometric gestures … but can fully mediate reality to us.”
Just for everyone interested in using #godotengine for #vr work. There are loads of goodies on my YouTube channel and I will be spending time soon bringing new Godot 4 content. So if you haven't already, please stop by if you can: https://www.youtube.com/BastiaanOlij
Tech companies have been trying to make VR and smart glasses happen for years, so when Apple rolled out their Vision Pro headset, I didn’t want people to fall for the deceptions of their PR machine.
I made the case for ridicule of the Vision Pro in June.
I saw a lot of hype / skepticism for the newly announced Blade Runner game, and just want to mention that there's already a pretty incredible Blade-Runner-inspired game, LOW-FI, releasing later this year. (www.youtube.com)
It's a huge open world experience, available in VR (but not required), in a retro-futuristic cyberpunk slum. Hundreds of crimes and stories to solve, lots of places to explore, AI companions to get, the flying car, tons more....