Mikina

First time I'm seeing this, and I have to say I admire their dedication to the joke.

Zombo.com is a single-serving site created in 1999...

...

The site was initially a Flash animation, but as of 5 January 2021, it switched to HTML5 due to the discontinuation of Adobe Flash Player.

This is the time to bring out a mask and start vandalizing.

Might be difficult in the UK though, with so much camera's around. I've always wondered how feasible would it be, assuming you get lucky and don't get caught during the act, to make sure that you can't be found by cameras alone.

A good mask, desposable clothes, hat to hide your hair, and make sure to change somewhere with multiple entrances into a larger area without cameras? In this hypothtical scenario, I guess the most difficult thing would be to have a place where to change without it being connectable to you, i.e not a tunnel where they can check people entering and leaving and look for who's only leaving.

It would have to be a pretty large area that's populated and traversed by a lot of people, has as much entrances and exits as possible but also has places where you can discreetly change. I'm guessing something like a park, or a forest. Maybe a train, assuming it doesn't have cameras on board. If it's long distance/lot of stops, enumerating people who get in and out would be extremely tedious, plus it does have a place to discretely change. Bonus points for having a burner phone with you the whole time, that you then leave on the train/throw out at a random stop.

A in-depth enough investigation could probably track you down, but the more entrances and exits/people traveling through, the higher chance an investigation into a minor vandalism would give up. But making it work for some more serious act, where a very in-depth investigation will take place, will probbly be almost impossible. But that's not what I'm interrested in anyway.

I'm sure there are anarchist zines about this kind of thing, it looks like it might be usefull pretty soon.

I hope this will bacfire heavily and shuts down their tourist industry.

I've had a few people around me who were to US, or planned to go. All of them has lost all desire to do so. I can't imagine why would anyone who doesn't have to (i.e for work, and even then I'd really reconsider it) volunteraly go to US at this point, for a vacation of all things.

What the fuck. There were only few reasons why I wanted to maybe someday visit the US (Burning Man and Defcon), but fuck that. I'm glad I don't have to travel there for work, and if I had to, I'd rather find a new job.

I hope employers in the EU will be reasonable and not send their people to this hell-hole, and that a lot of events will consider moving to Europe, especially things like Defcon. I can't imagine how would any abroad attendee of Defcon be willing to go through this.

Each visitor would also be required to submit what CBP calls “High Value Data Elements”. According to the notice:

The high value data fields include:

a. Telephone numbers used in the last five years;

b. Email addresses used in the last ten years;

c. IP addresses and metadata from electronically submitted photos;

d. Family member names (parents, spouse, siblings, children);

e. Family number telephone numbers used in the last five years;

f. Family member dates of birth;

g. Family member places of birth;

h. Family member residencies;

i. Biometrics—face, fingerprint, DNA, and iris;

j. Business telephone numbers used in the last five years;

k. Business email addresses used in the last ten years.

If you aren't already using it, https://vencord.dev/ is a good Discord client mod that lets you get rid of some of the annoying features.

Might be against ToS, but so far I don't think people had any issues with it.

Another option (that I use when I don't need voice) is having your own Matrix server with Discord bridge. With double puppeting it can bridge both servers and DMs, and post in your name (without needing a bot on the server).

As far as I know you can do double puppeting with Matrix discord bridges, or whatever it is called.

As in "the bridge posts using your account, and not a bot". I have it set up on my own Matrix server, and I have servers and DMs bridged without issues.

Also, setting up a server with the ansible project is super easy, it's one of those rare cases where the ansible is robust, easy to use and actually doesn't break.

Couldn't you just tape the music studio triangle sound/echo dampeners (or whatever it's called) around the exterior, and add a floor that has those subwoofer dampening triangle legs (to limit contact with the floor for vibration transference)?

I just got around playing it, haven't yet talked to either, but the game is pretty funny. I'm not even into dating sims or VNs, but it's written well, full of puns and I'd recommebd it for everyone to try.

If I'm not mistaken, people who said they don't have any are beeing held for questioning and interrogations, or maybe even denied access. I vaguely remember reading an article about this a while back, so it may not help you as much as you think.

They can (how long can they hold you based on suspicion alone?) and will cause you a lot of trouble if they don't like what you give them.

I have no experience with React, so I couldn't tell. Thanks for the info, I'll keep it in mind.

I think I've seen it mentioned that in case RSC isn't used, it might be vulnerable but it's not really confirmed, but you're right that it probably doesn't warrant shutting down the server.

I don't really need it that much, though, so I'll just wait for the update, take a scour through logs and use it as a learning opportunity for forensics, and skip the reinstall.

Well, Element seems to still be running at the unupdated version even after update, so I'm just shutting the server down.

I'm bummed that it took me 5 days to learn about it, does anyone have some tips how to get early warnings for techs you're using? I'm guessing there's a way with npm.

Also, anyone has some tips how to properly compromise-check your server? I'm guessing there are logs to check for compromise, and audit your startup scripts for persistence? Any tools that could help with that?

Fuck, Element for Matrix is apparently build on React, and I was updating like 4 days ago after few months.

Well, time to update again, I hope it's fine. Never really learned how to properly compromise-check your server.