Do a look-through of that XML folder as well. Images could be base64 encoded in those XML files. I remember several instances where XML was used as a template “language” for old style GUIs. (When XML and HTML diverged, a lot of that kind of thing was happening.)

There are some kind of instructions in this video that go through a logo change process. I don’t know if this helps, but I tried: https://youtu.be/QrobPTgu7C0

Also, does it use some kind of database? The images seem like they would be small enough to jam into a blob and just store alongside regular inventory information. If there is a database, it’s probably third-party. If it’s third-party, I would see if it had its own installer packaged inside of the application installer itself. (A third party database would likely be outside of the main app folder.)

Just dumping random thoughts.

When I use it, I use it to create single functions that have known inputs and outputs.

If absolutely needed, I use it to refactor old shitty scripts that need to look better and be used by someone else.

I always do a line-by-line analysis of what the AI is suggesting.

Any time I have leveraged AI to build out a full script with all desired functions all at once, I end up deleting most of the generated code. Context and “reasoning” can actually ruin the result I am trying to achieve. (Some models just love to add command line switch handling for no reason. That can fundamental change how an app is structured and not always desired.)

Of course they read. Do you think those ticked tock subtitles are going to read themselves when they “do their own research”?

A $1.1 trillion spend for Russia might actually get them a partially working aircraft carrier.

The fan is good, but the orientation seems like it would struggle pushing air between the drives. Maybe a push-pull setup with a second fan?

My general attitude is similar to yours. Let OP figure out that the reporting and blocking is basically just creating more noise that has to gets filtered out and bot supply is basically infinite.

“It’s a learning experience.”

Good luck with that, I suppose. Botnets can have thousands, if not hundreds of thousands of infected hosts that will endlessly scan everything on the interwebs. Many of those infected hosts are behind NAT’s and your abuse form would be the equivalent of reporting an entire region for a single scan.

But hey! Change the world, amirite?

Instructions: 1. Please read instructions

This has been a thing for years now. While I am sure it might annoy some pirates, it’s likely aimed at easily executed malware.

I deal with spam filtering on a daily basis and about 90% of it originates from Gmail. Most of that is just fishing/fraud. It would really suck if my users could easily detonate malware attachments, so this Gmail policy is a good thing for me.

I would look into something like Doppler instead of Vault. (I don’t trust any company acquired by IBM. They have been aquiring and enshittifying companies before there was even a name for it.)

Look into how any different solutions need their keys presented. Dumping the creds in ENV is generally fine since the keys will need to be stored and used somehow. You might need a dedicated user account to manage keys in its home folder.

This is actually a host security problem, not generally a key storage problem per se. Regardless of how you have a vault setup, my approach here is to create a single host that acts as a gateway for the rest of the credentials. (This applies to if keys are stored in “the cloud” or in a local database somewhere.)

Since you are going to using a Pi, you should focus on that being a restricted host: Only run your chosen vault solution on it. Period. Secure and patch it to the best of your ability and use very specific host firewall rules for minimum connectivity. Ie: Have one user for ssh in and limit another user account to managing vault, preferably without needing any kind of elevated access. This is actually a perfect use case for SELinux since you can put in some decent restrictions on the host for a single app (and it’s supporting apps…)

If you are paranoid enough to run a HIDS, you can turn on all the events for any type of root account actions. In theory once the host is configured, you shouldn’t need root again until you start performing patches.

That’s what you just got shown: Shove the configgy bits into Git.

You will likely have to find the configs you want to save first.

“the gays” in Russia:

Dunno about “lost all meaning”. The shrapnel from all the butthurt is spraying quite a few instances right now. Lulz.

Just glad to see ml/memes is getting a taste of its own shit for once.

[censored] - rule 1

Sorry if it sounded like my rant was directed at you as it absolutely wasn’t. Your comment triggered me, because I absolutely fully agreed with yours as well. ;)

setenforce 0 is much cleaner, I have found.