drahardja, to random
@drahardja@sfba.social avatar

Ah yes, this is a great way to turn “Can I see your driver’s license?” into “Can you hand me your unlocked phone so I can rifle through it?” at a traffic stop.

Yes, it’s more convenient than having a separate card, and it may serve as a great backup in case your physical card is lost or damaged. But please don’t use this as your only driver’s license, especially if you are an often-targeted demographic.

“Californians can now carry driver’s licenses on their phone as part of pilot program”

https://www.latimes.com/california/story/2023-09-03/californians-can-now-carry-drivers-licenses-on-their-phone-as-part-of-pilot-program

com,
@com@mastodon.social avatar

@drahardja @DataDrivenMD Unfortunately, on iOS the digital ID is stored inside the CA DMV app, not in the Apple Wallet. 4 states already have digital ID using Apple Wallet: https://learn.wallet.apple/id#states-list

This means you must completely unlock an iPhone to reveal the ID. If they used Apple Wallet, it would require authentication to open Apple Wallet to reveal the ID, then authentication AGAIN to unlock to phone beyond the wallet.

scalzi, to random
@scalzi@mastodon.social avatar

Folks, a whole lot of people I like have gotten the most recent strain of COVID, so please be careful out there, catch up on your immunizations, and consider wearing a mask if you're going to be some place with a lot of folks in a close and closed space.

HistoPol,
@HistoPol@mastodon.social avatar

@bittersweetdb @scalzi

Thanks, just read from s.o. here that things seem to be getting bad again in and that has ordered staff in to again.

alfredo_liberal, to random

Ageism please be respectful to her she's done amazing work and everything is going okay judges are being confirmed. Would you rather have 50-50 for the rest of the year into 2024 which would make it hard to get them confirmed or would you rather have 51 which makes confirming judges much easier.
https://mastodon.social/@flexghost/110322711250523048

StefanieSand,

@alfredo_liberal Newsom can appoint Feinstein’s replacement the second she resigns. In the meantime, her absence is not only hurting us on the Judiciary Committee. Had she been able to vote, this ⬇️ would have been a tie and VP Harris would cast the tiebreaker. So we might not be able to get a replacement on Judiciary confirmed, but we can still have a Democratic senator voting in the Senate.

Feinstein should resign. https://rollcall.com/2023/04/26/senate-passes-measure-to-roll-back-truck-emissions-rule/

johnnyprofane1, to random

Smoke report from Greene County, Indiana.

This guy... with allergies etc... just breathing in the dawn air.

Choking.

btaroli,
@btaroli@federate.social avatar

@johnnyprofane1 Sorry you’re having to deal with the . We’ve had that happen here with and it’s really not fun, and can be very harmful to folks’ health. Need any masks?

kurtseifried, to random

If you want to see how completely insane the landscape is you have to read this thread: https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/heXVr8o83Ys/m/xyf0PDIaAQAJ it gets juicy around https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/heXVr8o83Ys/m/7Eh0SvzmAgAJ with accusations of multiple parties/illegal behavior:

Dear members.

I have conducted a background check on HiCA administrator Xiaohui Lam and would like to share the following with you. These findings are for reference only, so please evaluate them for yourself.

First, in 2013, Xiaohui Lam hijacked AFF promotions by exploiting vulnerabilities in Aliyun forums, defrauded hostloc members by installing backdoors in Discuz forum plugins, and stole others' social accounts through leaked data from CSDN [^1].

Second, in 2015, Xiaohui Lam exploited a vulnerability in the GlobalSign system to sell a large number of 5-year wildcard certificates, but all certificates were revoked after they were discovered [^2].

I would like to emphasize that these are past actions of HiCA administrators and I do not think he will repeat the same mistakes again. However, these events show that he is not a developer who knows very little about security. In the past, he has been someone who knew how to mine vulnerabilities, exploit them and commit fraud and threats against customers.

Based on the above findings, I believe we need to take the following steps:

  1. Considering that he suggested users to execute his script RCE[^3] with root privileges on his official website, we should send a reminder email to all users who have applied for a certificate, asking them to evaluate whether there is unauthorized code on their machines.

  2. the results of the query found that Mr. Lam has two CAs: HiCA and Quantum CA. the website for registration information about Quantum CA is acme.hi.cn. then we need to confirm whether they are using the same infrastructure and whether Quantum CA also uses RCE to issue certificates [^4].

Mr. Lam has shut down HiCA's infrastructure after he was found to be using RCE, but we still need to do a more detailed assessment.

As a member of the community, I believe transparency and trust are vital to us. I hope Mr. Lam will provide the community with a more complete statement and evidence so that the community can evaluate this incident.

screenshot of https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/heXVr8o83Ys/m/67hOcYb-AgAJ

skykiss, to california
@skykiss@sfba.social avatar

Water levels in California continue to remain high with only Trinity lagging behind but still well-ahead of 2022.

constantorbit, to random
@constantorbit@hachyderm.io avatar

my friend is meeting her stepmother in so she texted me to ask for recommendations, since I used to live there

OH MY GOD I am so homesick for Santa Cruz right now. 💔

ai6yr, to Aviation
@ai6yr@m.ai6yr.org avatar
ai6yr, to hamburg
@ai6yr@m.ai6yr.org avatar
Stoneycase, to CA
@Stoneycase@heads.social avatar

“How the West was Lost” starring- Decades of Mismanagement, Corporate Raiders, The Forest Fire Industrial Complex, and sponsored by Global Warming.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • mdbf
  • InstantRegret
  • ethstaker
  • magazineikmin
  • GTA5RPClips
  • rosin
  • modclub
  • Youngstown
  • ngwrru68w68
  • slotface
  • osvaldo12
  • kavyap
  • DreamBathrooms
  • Leos
  • thenastyranch
  • everett
  • cubers
  • cisconetworking
  • normalnudes
  • Durango
  • anitta
  • khanakhh
  • tacticalgear
  • tester
  • provamag3
  • megavids
  • lostlight
  • All magazines