• 0 Posts
  • 260 Comments
Joined 2 years ago
Cake day: June 18th, 2023
  • NaibofTabr@infosec.pubtoNews@lemmy.worldTSA announces $45 fee for travelers with no REAL IDEnglish
    4·
    14 days ago

    I suspect this is what the payment requirement is really about. Like, yes they’re getting money, but they’re also getting a credit card transaction at the gate at the date and time of travel.

    It’s always possible that someone else purchased your travel ticket for you (for instance I sometimes travel for work which my employer’s travel agency books for me). But if you have to pay at the moment when your ID would be checked, presumably that has to be your personal card that you have on you in the moment.

  • NaibofTabr@infosec.pubtoAsk Lemmy@lemmy.worldIs there is any web comic artists which publish their comics as SVG or as transparent PNG?English
    11·
    15 days ago

    Oh, it’s not, the difference is that the SVG is an unexpected delivery vector.

    The script on a website might change over time, might be blocked by an extension like uBlock origin that prevents sections of web code from loading in the first place. You can block a website’s JS with an extension that specifically does that, like jshelter. A malicious SVG is static, the malicious code is malicious forever and is embedded in the file. A browser extension can’t selectively block pieces of the file from loading.

    Script blocking extensions prevent web page code from loading, but they don’t prevent the application from executing JS. If you open an SVG, the file is downloaded locally (it’s not web code) and the JS in the file will execute locally, with the same permissions and file system access as the user opening the file.