Hacker Newsnew | past | comments | ask | show | jobs | submit | computer23's commentslogin

Has the word ChatGPT become generic? This has nothing to do with OpenAI's ChatGPT.


It's a reasonable shortcut for what this project provides: training code, inference code and a ChatGPT-style web interface for chatting with the model.


Waiting for Google to buy the rights to Ask Jeeves.


Healthline is not a trustworthy site- See Wikipedia discussion: https://en.m.wikipedia.org/wiki/Wikipedia:Reliable_sources/N...?


> OpenVox sounds like a text to speech engine.

Reminds me of the (bad) plot element from Star Trek: Picard where Picard's son became "Vox" and was able to control people on behalf of the Borg.


Jeff,

Price is precisely linear, not polynomial! $5/GiB (price= $40 + $5 * xGiB)

The graph isn't spaced correctly on the x axis, which causes confusion.


Is there a recommended (best practice) way to nmap scan your network for vulnerable machines, just to be safe?

From Red Hat's statement: > Red Hat rates these issues with a severity impact of Important. While all versions of RHEL are affected, it is important to note that affected packages are not vulnerable in their default configuration.

Basically, Red Hat machines aren't vulnerable unless "the cups-browsed service has manually been enabled or started."

https://www.redhat.com/en/blog/red-hat-response-openprinting...


>Is there a recommended (best practice) way to nmap scan your network for vulnerable machines, just to be safe?

Perhaps something like this?

   nmap -sU -p 631 -P0 [network]/[mask]
Edit: Added [network]/[mask] for completeness.


nmap can't really tell the difference between an open or a firewalled UDP port. For this specific vuln you can send it a packet like:

echo "0 3 http://myserver:PORT/printers/foo" | nc -u target 631

And if the target is running CUPS on that port it will reach out to `myserver:PORT` and POST some data. The downside is you need to have a server running that can accept inbound requests to see if it connects back.


A fair point, although nmap does list results as "closed", "open" or "open/filtered".

Which can be ambiguous if the port is open or firewalled.

However, if the nmap reports that port is "closed," it most likely is:

   Starting Nmap 7.92 ( https://nmap.org ) at 2024-09-26 20:02 EDT
   Nmap scan report for [host] (localip)
   Host is up (0.00084s latency).

   PORT    STATE  SERVICE
   631/udp closed ipp
I'd add that GP specifically requested an nmap command.

All that said, you're absolutely correct and if nmap returns something like this:

   Starting Nmap 7.92 ( https://nmap.org ) at 2024-09-26 20:04 EDT
   Nmap scan report for [host] (localip)
   Host is up (0.00058s latency).

   PORT    STATE         SERVICE
   631/udp open|filtered ipp
then further poking could be required, as you suggest.

I would point out that cups-browsed isn't really necessary unless you desire to have printers automatically added without any user interaction. Which is poor opsec in any situation.

If we're talking about a corporate environment, adding printers can be automated without cups-browsed, and at home or in the wild (cafes, public wifi, etc.) that's an unacceptable (at least from my perspective) risk and printers (if needed in such an unsecured environment) should be explicitly added by the user, with manual checks to ensure it's the correct device.

As such, rather than checking to see if cups-browsed is running unsecured, simply check to see if it's installed:

Debian and variants:

   'sudo apt list --installed | grep cups-browsed'
RedHat/Fedora and variants:

   'sudo rpm -a -q | grep cups-browsed'
And if it is, remove it.

Edit: fixed typo.


Surely you don't need sudo for listing with either apt or rpm.


You can use --data in nmap to send it easily to the range of hosts (but the server is still needed).


Corporate organisations make use of platforms like Nessus/Tenable to provide this continuous vuln scanning for compliance reasons.

Under the hood its basically running an nmap scan and spitting out a PDF report.


Elon Musk says: "My commitment:

- We will never seek victory in a just case against us, even if we will probably win.

- We will never surrender/settle an unjust case against us, even if we will probably lose. "

And yet Elon Musk filed harassing lawsuits against his critics Media Matters for America and the Center for Countering Digital Hate.

Musk's SLAPP suits are contrary to his purported love of free speech. They are manifestly unjust.


People need to stop using the word "sideloading". It's just loading. The normal behavior is to allow apps to be installed from any source.

I noticed Microsoft's developer documentation uses the word sideloading a lot: https://learn.microsoft.com/en-us/dotnet/maui/windows/deploy...


I've had some concerns about the namespacing issue.

Bluesky accounts should be permitted to have both a bsky.social username and one with a custom domain. If I am a company and want to use @myname.com as my username, I would not want someone @myname.bsky.social to fall into the hands of anyone else. So it sort of necessitates signing up for 2 accounts, if only to reserve your name so nobody takes it.


Mastodon solves this through verified accounts.


I had an issue the other day where I deleted a file through the web interface and saved a file with the same name using the Windows client. The file disappeared and was never uploaded. Would that be a manifestation of the problem, or is the problem a "files at rest are disappearing" issue?


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: