Without getting too critical of your code (congrats BTW), never use strcpy instead use strlcpy.
strcpy will happily allow you to create buffer overflows (a common challenge with C) which will cause your application to crash.
You’ll find more details here.
Good luck!
The handful of us have moved onto Crystal Lang. It’s a statically type checked and compiled dialect of Ruby. Crystal is fun to write code, but the compiler is slower (compared to go-lang/rust)… because… well it’s a ruby dialect (with DSL’s)… and the 3rd party libraries are limited.
Thank you for finding that.
I got lucky, I bought a quest around July/August and needed to do the mandatory/initial OS install.
I ended up with v78 (August 3, 2025) release.
I didn’t realize there was a WiP announced in July 2025.
… makes the latest headset with a rather recent update (but NOT the very last ones, so be cautious!) rootable.
Any ideas which version(s) are susceptible? I couldn’t find it mentioned.
Actually, those steps are the ones necessary to recover from a hard brick (re: the device is unusable because you did something you shouldn’t have as root).
The actual process to root the device is simply running a few adb commands (so a prereq is having Developer Mode enabled).
Once you have ran the exploit, your root escalation is temporary until the device is rebooted or you take additional steps to persists your root privileges (thus, potentially leading you towards a hard brick).
source: The docs
I’m sure the Trojan’s are driving.
You mean, “Roll out!” /s
How do you think this technology would be abused?
If the device included full audio and video surveillance - I’d totally agree. However, the device does not include video (and it would be a real hard sell to include that).
If all parties are aware that monitoring will occur (maybe include a sign in the door), I’d argue that minors are aware of what this means.
Perhaps, it would mean that students “finish up” faster, rather than loitering and vaping (or bullying, etc)… and if that’s the case, I guess the device has fulfilled it’s purpose.
The article did mention how a hacked device could be used to “play sounds” or trigger false calls for “help”, or gunshots. But I’d argue this would be the modern day equivalent of falsely pulling the fire alarm.
An interesting article and tbh, I’d actually support the device (… and I’m usually very privacy focused).
According to the article the purpose of the microphone is to listen for certain keywords (ie: “help”, “call 911”, gunshots, etc) and to detect when people are vaping, etc.
I mean, I would never install one in my home, due to privacy and security concerns. But if you’re in a public place, like a school such features make sense.
If you’re being bullied or need help, having a facility member “hanging out” in the schools public bathroom would be weird, creepy, and more of an invasion of privacy than a mic in a smoke detector.
That said, students and facility should be aware of what this device is doing and why. However, this article does a very good job of summarizing that.
Yes, the devices security is rubbish, but was patched. It’s not the first IoT device to do that and it won’t be the last (unfortunately).
Thanks for sharing the article OP.
Thanks for recommending Navidrome. It looks really interesting.
I was using Spotify, but switched to Spotube. After Spotube was crippled, I was kind of aimless. I really liked having my music available on my cellphone and desktop. It looks like Navidrome will fill the gap perfectly.
You’d mentioned ripping CDs. Would you have some software, you’d recommend (Windows or Linux)? Preferably in FLAC.
I haven’t looked at ripping software in a few years, but it was kind of tedious to set up and very manual to get the proper metadata, genres, and cover art. I’ve got a hundred CDs and that’ll take awhile…
It could be the quality of your headphones.
I’m not an audiophile, but back-in-the-day I bought some analog “sennheiser studio monitors” as opposed to “just headphones”.
I actually returned the first one and exchanged them, because when I listened to a live recorded CD, I kept hearing loud “pops” that I didn’t hear with my “regular headphones”. I assumed they were defective.
The exchanged sennheiser had the same “pop” in this CD. It turns out, most “regular headphones” didn’t have the same depth in sound frequency as studio monitors and the “pops” were accidental artifacts that were mixed into the CD.
For other CD’s, I’d hear telephones ringing and sirens in the background.
Eventually, I got use to it. Then after a few years, I replaced my CD collection with mp3’s… and I could tell a different in songs/albums I was really familiar with. The base wasn’t as deep, the high sounds weren’t as high, I didn’t hear telephones ringing in the background.
I had the same sennheiser, it was just that the nature of mp3’s “flattened” the music.
Now, with Bluetooth and the disappearance of 3.5 mm jacks, there are too many layers of digital conversion happening. I’ve given up… and now just have some cheap ear buds I listen to.
If you’re whitewater kayaking, it’s not uncommon to have a knife accessible from your PFD.
It can be used to cut any ropes you might be tangled in or (worse case) cut the PFD.
In general, having a knife with you is useful in most emergency situations (and a throw rope, pin kit, plus knowledge of how to use them).
edit: Oops, this was supposed to be a response for the parent thread.
… and I want my headphone jack, back.
Thanks for sharing the OSMand recommendation and configuration.
I’ve got a hike coming up, so I just installed it - wow, it’s fantastic. It captures the elevation change and distance. I thought I’d need to limp along with Google maps, but OSMand is sooo much better (and open source).
edit: a word
My uncle had a pitbull named “kitty kitty”.
Atleast that’s what he dog thought, as when my uncle would feed the cats and dog, he’d always call the cats by saying "here, kitty, kitty… ".
There was another thread (which I cannot find atm), which said that the author cannot make an Android port, because due to the nature of android (or Google?) the android app would not get the same level of privacy as in the iOS version.
edit: I found the link.
… my third, but still special.
Yeah, I’m curious and concerned “how” Amazon did this.
I mean the first thing I’d do would be login (cause it’s necessary), enable adb, disconnect the internet, block firmware updates, and restrict dns then reconnect to the internet.
Is that what these people are doing? Or do they just grab the latest firmware, sideload their app(s) and hope everything will “just work” today/tomorrow/ and beyond?!?
(… as I look at my subscribed communities…) What Trump memes?
OP, what bluGill said is exactly your problem (assuming your DMARC and friends are setup correctly).
The concept is referred to as “email (or domain) reputation”. The implementation details are closely guarded secrets, unique for each email receiver.
One of the metrics for establishing a positive email reputation the “How much email does your mail server sends?” : the more the better**
If you’re a large company, it’s fine… but if it’s just a personal domain with < 20 per week, you’re not going to establish a reputation and (depending on the receiver) you’re email might just get dropped.
The other (frequent) metric is: “Of the emails that are sent, how many are read, and how many are flagged as spam?” In order, for these crowd sourced spam filters to work, they need you to send large amounts of email. Receivers like Gmail/Google are pretty forgiving. However, Outlook/Microsoft are very aggressive, meaning if enough outlook users flag your email as Spam, then future emails sent to outlook from your domain will probably automatically be marked as spam. Obviously, these are all black boxes, so I can only offer my personal observations (take it worth a grain of salt).
As bluGill mentioned, there is a solution, but it involves moving your custom domain to a larger (re: paid) email provider. If you were to move to Google (for example), it doesn’t matter if your custom domain sends 5 emails per week. Those 5 emails are being sent from Google mail servers (using your custom domain) , which means they’re gaining the “reputation” of google and you can be certain that your emails will arrive, even if it’s (non-obvious) spam. Because, the email receiver assumes that Google will shut you down, if you’re a spammer.
It’s a sad state that one of the original “pillars of the internet” (email) has degraded to feed only the big tech companies… but unfortunately this has been the case for many years.