Synology Lost the Plot with Hard Drive Locking Move - ServeTheHome

Summary: Synology wants to force users to buy Synology-branded HDs in even their consumer NASes. If they do this, I’ll never buy another NAS from them, ever.

Imagine Toyota requiring you to use Toyota gasoline. No way, no how.

How to bypass Credit Karma's 2FA

Locked out of your Credit Karma account’s 2FA? No problem! Here’s how I can log into mine:

  1. Log in with my username and password.
  2. Try the 2FA challenge once and let it fail.
  3. Navigate to accounts.creditkarma.com

Ta-da! I’m in. I reported this a month ago but they haven’t acknowledged it as an issue yet. If I stumbled across this, you can bet the bad guys are already using it.

Street art in Berlin.

A painting hanging on a brick wall. It’s black and white of a young woman in a leather jacket, captioned “Look into your heart, There I’ll be”.

The afternoon’s adventure: Traveler’s Notebook aficionado nerdery.

Photo of a page in a notebook: “- Went to a nearby stationery store to get a Traveler’s Notebook stamp” And a red stamp saying “Luiban Berlin, Germany \[…\] Official Partner Shop Visit Pass”

CVE program faces swift end after DHS fails to renew contract, leaving security flaw tracking in limbo | CSO Online

This is fine.

This is what a dare looks like.

Photo of a glowing red button behind a clear plastic shield, labeled in German, and a sign saying “DO NOT press the button” in English. I do not read German so can’t be held responsible for the consequences of my investigation.

My wife and I went to the Memorial to the Murdered Jews of Europe.

My god.

My god.

It’s never been so hard to make myself stay and learn about something important.

Among the based of thousands of enormous concrete pillars. It’s hard to describe the oppressive spirit here.

2025-03-17: I report a critical vulnerability (trivial, complete 2FA bypass) to a well-known company’s security email alias. No reply.

2025-04-07: I report it again to their bug bounty program.

2025-04-09: They close it as a duplicate.

Their bug bounty program says, basically, “we never disclose reports. Don’t discuss them with anyone.”

23 days into this episode, I’m starting to weigh the responsible thing to do here.

cormiertyshawn895/PixelPerfect:

Pixel Perfect lets you increase the text size of iPhone and iPad apps on Mac. Say goodbye to small and blurry text, and enjoy pixel-perfect graphics, all rendered at 100% native resolution.

I just learned about this nifty little MIT-licensed tool that makes iPhone apps running on Macs render text at the correct size. It makes those apps so much more pleasant!

I am not thrilled with the price of new video games. Don’t take this to mean that.

But in 1982, the Atari 2600 game “E.T.” went for about $120 in 2025 USD. I promise you that any modern AAA game is much more fun.

I’d started a new job a month before April Fools. I got to the office very early and then had the idea to put a piece of tape over everyone’s optical mouse laser. I scurried around and got everyone except the office manager, including myself. Then I left.

When I returned to the office, people stifled giggles and watched me go to my desk. I sat down, wiggled my mouse, and said, “Hey, what’s wrong with my computer?” My coworkers started laughing and came over to show me how I’d been “tricked.”

The office manager arrived a little later. I watched with my new chums as she came in, sat down, and started working without any incident. Someone popped their head into her office to ask if her computer was working, and she laughed and said of course it was. I sowed the seeds of discord: “She must’ve done it!”

And that’s how the whole office blamed the office manager for my April Fools joke. I was quite pleased about that.

France Fines Apple €150 Million Over iOS Data Consent Rules - Bloomberg

Things like this are why it’s hard for me to take EU regulation seriously. (In before “but what about the US…” Yeah, I know.)

It’s purely good that Apple makes apps get your approval before allowing them to track your actions. France claims this is hard for the poor companies like Facebook that want to collect every move you make. Yes. It’s supposed to be. That’s the point. I want it to be.

As of today, I’ve owned this domain exactly half my life. Great googly moogly.

I ordered new prescription sunglasses today. The optometrist asked if I wanted regular or mirrored lenses.

I was almost personally offended.

There’s no plausible scenario in which I wouldn’t prefer mirrored sunglasses.

This is a copy-paste of a conversation I just had with my kid.

Kid: Can I get a ride home at like 10:15

Me: Yeah

Kid: Never mind im gonna be here late

Me: Oh, OK

Kid: Okay like can u do 10:17?

That’s still within the margin of error of when I was going to be there in the first place.

But her emails!

After White House national security adviser Michael Waltz’s idiotic misadventure of texting top secret war plans to reporters, I don’t ever, ever want to hear another word about Hilary Clinton’s email server. Not a whisper.

AG Bonta reminds 23andMe customers of right to delete data

AG Bonta reminds 23andMe customers of right to delete data:

California Attorney General Rob Bonta issued a consumer alert Friday urgently warning the public that 23andMe is in financial distress and instructing customers on how to delete their data.

That’s good enough for me. I used 23andMe when it launched and love the promise of gaining medical insights from my own genetic data. That’s a powerful vision I still support. But given the lack of federal privacy protections on this most sensitive and personal of all data, I’d rather delete it than let some creep buy it in a fire sale.

Unboxing the DM42n

I didn’t need a new calculator. I have an HP 50g on my desk I hardly use. I work on a full-sized computer capable of unimaginably fast and intricate math. And yet, from the moment I saw a SwissMicros DM42, I had to have one. Then they recently released the updated DM42n version, which clinched it. I ordered.

It arrived today.

When I opened the small, heavy parcel, an owl greeted me. I don’t know why. It’s a fine-looking owl, though.

Color photo of an owl, captioned SwissMicros RPN calculators

Beneath the owl, there’s a meticulous little cardboard box. Ah, we’re so close now!

The front of a black cardboard box with an embossed SwissMicros label

Nope! Inside that box is another wrapper, with directions on how to open it.

Inside the black box, a tan cardboard wrapper with 2 curved tabs locked into each other

An Easter egg: behind the inner wrapper, there’s a nice picture of the Matterhorn.

A black and white image of the Matterhorn in the back of a cardboard box

The inner wrapper is also persnickety in all the right ways. I followed the diagram to carefully pull apart the sine wave-shaped flaps without tearing them.

The tan wrapper with curved tabs, but removed from the outer box

Now we’re down to the textured leather-like case.

A black case that looks like pebbled leather

And inside that is the beautiful little tool I’ve been drooling over for many months. That stainless steel obelisk is surprisingly heavy for its size. This isn’t a plasticky TI.

The front of black steel RPN calculator that looks nearly like an HP-42S but with a larger screen and the SwissMicros logo

For completeness, the back. It feels “soft” in a way I wouldn’t expect a steel case to, it’s assembled with beefy screws, and it has large rubber feet.

The back of a black steel calculator with rubber feet, small product detail labels, and a SwissMicros logo across the bottom

It’s a beautiful device, luxuriously wrapped like a piece of jewelry, but with the heart and mind of one of HP’s best-ever RPN calculators, except improved. This is a happy day.

I am “hurt my back playing video games” years old.

Some friends and I got a pack of Orbic mobile hotspots so we can install the EFF’s Rayhunter software on them to detect “StingRay” IMSI-catchers. This is what one looks like.

Picture of an Orbic hotspot with Rayhunter's green "all OK" bar at the top of its LCD screen. Screenshot of Rayhunter's web UI.