There’s a manual release that can be used to open the hood from the outside even if the vehicle has no power.

It’s a safety feature for first responders, as also under the hood is a loop of wire that can be cut to permanently disable the high voltage curcuts prior cutting open the car with saws.

There is a manual door release that works without power, but only from the inside. She had just loaded the child in their car seat, shut the door then went to the driver door to get in and couldn’t open it.

The doors are on the 12V side of the system, you can use jumper cables to connect an external battery from another vehicle (including ICE vehicles) to power the door under normal circumstances. But with a kid trapped in the car in AZ, I wouldn’t wait for that either.

It a pretty rare combinations of circumstances, but there’s something to be said for manual keys still used on other vehicles with keyless entry.

I work in this space. My focus area is consequential GHG accounting specifically, which is the process of quantifying the impact a decision will have on GHG levels.

There is an internationally recognized methodology for GHG emissions account and for most other things you’d make environmental claims about.

Hard part is most of those methodologies were designed for voluntary compliance. They tend to allow lots of estimates and average when better data isn’t available, because for someone trying to do the right thing, estimating data is better than nothing.

But that leaves a giant gaps in legislation like this because someone with incentive to do so can make generously optimistic assumptions that ridiculously overstate their environmental stewardship while still technically following the methodology.

While I think it’s doubtful we’ll see any major improvements in reporting for a while. The bill is still a massive step in the right direction.

And there’s hope for the methodologies getting better too. The leading methodology for calculating GHG emissions is currently being revised with a new version expected to be published next year. Current proposals being considered include dropping several notoriously inaccurate approaches, that could be used to make false or exaggerated claims.

Most large corporations’ tech leaders don’t actually have any idea how tech works. They are being told that if they don’t have an AI plan their company will be obsoleted by their competitors that do; often by AI “experts” that also don’t have the slightest understanding of how LLMs actually work. And without that understanding companies are rushing to use AI to solve problems that AI can’t solve.

AI is not smart, it’s not magic, it can’t “think”, it can’t “reason” (despite what Open AI marketing claims) it’s just math that measures how well something fits the pattern of the examples it was trained on. Generative AIs like ChatGPT work by simply considering every possible word that could come next and ranking them by which one best matches the pattern.

If the input doesn’t resemble a pattern it was trained on, the best ranked response might be complete nonsense. ChatGPT was trained on enough examples that for anything you ask it there was probably something similar in its training dataset so it seems smarter than it is, but at the end of the day, it’s still just pattern matching.

If a company’s AI strategy is based on the assumption that AI can do what its marketing claims. We’re going to keep seeing these kinds of humorous failures.

AI (for now at least) can’t replace a human in any role that requires any degree of cognitive thinking skills… Of course we might be surprised at how few jobs actually require cognitive thinking skills. Given the current AI hypewagon, apparently CTO is one of those jobs that doesn’t require cognitive thinking skills.

Or… you could just… you know… stop using it.

What the Internet Archive is doing seems to be to be a pretty textbook case of fair use to me.

The claim that the publishing and recording industries are somehow harmed by a site that can only make copies of content that was made freely available and isn’t being resold is ludicrous stupid.

Lemmy’s a lot better than Reddit for not being an echo chamber because the communities are less interest specific, and most of us are here because we’re the type to seek out a better discussion rather than stick with status quo.

But as it gets bigger and the communities become more niché it will become a bigger issue.

You wouldn’t be able to MITM a plaintext connection inside a corporate network with this attack by itself. You could only MITM something that the attacker can access without your VPN.

Any corporate network that has an unsecure, publicly accessible endpoint that prompts for credentials is begging to be hacked with or without this attack.

Now you could spoof an login screen with this attack if you had detailed info on the corporate network you’re targeting. But it would need to be a login page that doesn’t use HTTPS (any corporations, dumb enough to do that this day and age are begging to be hacked), or you’d need the user to ignore the browser warning about it not being secure, which that is possible.

I can’t see routing traffic to some kind of local presence and then routing back to the target machine to route out through the tunnel adapter without a successful compromise of at least one other vulnerability.

That’s not to say there’s nothing you could do… I could see some kind of social engineering attack maybe… leaked traffic redirects to a local web server that presents a fake authentication screen that phishes credentials , or something like that. I could only see that working in a very targeted situation… would have to be something more than just a some rouge public wi-fi. They’d have to have some prior knowledge of the private network the target was connecting to.

As I mentioned in my other comment, this wouldn’t let an attacker eavesdrop on traffic on a VPN to a private corporate network by itself. It has to be traffic that is routable without the VPN.

Not all VPN traffic. Only traffic that would be routable without a VPN.

This works by tricking the computer into routing traffic to the attacker’s gateway instead of the VPN’s gateway. It doesn’t give the attacker access to the VPN gateway.

So traffic intended for a private network that is only accessible via VPN (like if you were connecting to a corporate network for example) wouldn’t be compromised. You simply wouldn’t be able to connect through the attacker’s gateway to the private network, and there wouldn’t be traffic to intercept.

This attack doesn’t break TLS encryption either. Anything you access over https (which is the vast majority of the internet these days) would still be just as encrypted as if you weren’t using a VPN.

For most people, in most scenarios, this amount to a small invasion of privacy. Our hypothetical malicious coffee shop could tell the ip addresses of websites you’re visiting, but probably not what you’re doing on those websites, unless it was an insecure website to begin with. Which is the case with or with VPN.

For some people or some situations that is a MASSIVE concern. People who use VPNs to hide what they’re doing from state level actors come to mind.

But for the average person who’s just using a VPN because they’re privacy conscious, or because they’re location spoofing. This is not going to represent a significant risk.

So for this attack to work, the attacker needs to be able to run a malicious DHCP server on the target machine’s network.

Meaning they need to have already compromised your local network either physically in person or by compromising a device on that network. If you’ve gotten that far you can already do a lot of damage without this attack.

For the average person this is yet another non-issue. But if you regularly use a VPN over untrusted networks like a hotel or coffee shop wifi then, in theory, an attacker could get your traffic to route outside the VPN tunnel.

This is the part that bothers me.

l’d defend Tesla when FSD gets into accidents, even fatal ones, IF they showed that FSD caused fewer accidents than the average human driver.

They claim that’s true, but if it is why not release data that proves it?

Who cares? Because I assure you, Microsoft doesn’t.

20-25% of those webservers are running on Microsoft Azure hardware. Microsoft is the #2 cloud provider and has been slowly but closing their gap behind AWS in recent years. All of that is in large part due to them embracing Linux and open source support on their platform.

Software isn’t the battleground, and hasn’t been for a decade. The people behind Apache and Nginx aren’t making bank on their web server dominance. Microsoft and AWS still rake in money hand over fist regardless of what software runs on their servers.

The author of this article’s apparent attitude that this is some kind of indicator of Microsoft’s market failure is one of the most ridiculous conclusions I’ve heard in a while.

If BlackRock thinks that population growth in Canada is important, it seems to me they’re actually in a far better position to make that happen than the average Canadian.

BlackRock owns a fuck ton of property in Canada, they are in a strong position to make rents and housing, much more affordable. Which will drive the economy up significantly.

Families will be more willing to “grow the population’ if they’re not allocating 50+ percent of their income towards housing.

Affordable housing also makes us a better destination people immigrating to Canada.

But that would require BlackRock to be less greedy… so

I know nothing about but was curious why they haven increased their residency positions.

One of the first hits on was this article, it seems like the issue (at least for family doctors) isn’t a lack of available residency positions since 268 positions went unfilled.

Sounds like it has more to do with the job basically sucks compared to other specialties, a few reasons mentioned in the article:

• Provinces are effectively forcing family doctors to crank patients through at a high rate since they’re pay is based on the number of pts the see in a day

• Family practice involves less collaboration with other physicians, less opportunity for professional growth.

• Political climate, notably in Alberta, is outright hostile towards doctors.

Doesn’t really explain what’s hindering doctors trained abroad from becoming doctors here.

Seems to me that a program designed to help foreign trained doctors become licensed here would be a good investment.

Job seekers next ChatGPT prompt:

Here’s a job posting and my resume, can you tell me what to change to make me sound like a perfect fit for the role?

ChatGPT:

• Change name from “Latifa Tshabalala“ to “Kevin Smith” …

Michal Cotler-Wunsh, Israel’s special envoy for combating antisemitism, castigated Ms. Joly in a response on social media, warning that Canada was creating a “false moral equivalence” that would “fuel rising antisemitism” in the country.

Canada: We’re offering support to women on either side that were sexually assaulted.

Michal: Don’t do that it’ll make people hate our side.

🤔

Pretty much everybody is happy to see coal power shutdown. Even most people working in the coal industry are fine with it as there’s still a depressingly large market for coal.

We’re replacing it with natural gas and the oil and gas industry employs way more Albertans than coal. People in that industry are generally happy about it.

If we had replaced it with solar, wind, hydro, nuclear, anything that would make a significant impact on our still massive GHG emissions. Then about half of Albertans would be happy and about a third would be claiming “F*ck Trudeau yadda yadda”

Trucks and SUVs are getting heavier to skirt emissions controls.

In 2010 the Obama administration passed laws tightening emissions control requirements for new vehicles. But the laws were written to allow emissions as a factor of vehicle size, larger vehicles were allowed to have more emissions.

Unfortunately, the plan backfired. Instead of reducing emissions, vehicle manufacturers just started making vehicles bigger.

It isn’t primarily the fragile egos that are driving sales of these vehicular monstrosities. It’s corporate profits and greed. Manufacturers aren’t making smaller models because they don’t make as much money on them, not because there isn’t a market for them.