What happens when packages go bad?
- The web app itself doesn't use a lot of third party code, so most of these packages are part of the build system.
- Our new, unhacked service worker is in a good position to look at the current state of things and decide if the user is running the hacked version.
- The attacker may have given the service worker script a long cache time, but the spec mandates that the browser caps this at 24hrs.
- We wouldn't see this during staging because the origin would be something like https://deploy-preview-366--squoosh.netlify.com/, but the same code on the live server would change the content.
- We could deploy to a different-but-identical server, and use hosts files to point at that server when we access https//squoosh.app.
- This means a malicious package could look at the environment, plus the state of GitHub, and realise a given build isn't going to be published at squoosh.app.
Leopard kills meditating monk in India
- Rahul Walke Bodhi had gone to meditate in the reserve on the morning of December 11 when he was killed, Santosh Chaudhuri, an official from the Tadoba Andhari Tiger Reserve where the attack took place, said.
- According to AFP, there have been four other fatal attacks in the reserve in recent weeks.
- The big cats are threatened by loss of habitat, increasing conflict with humans and poaching for the illegal trade in body parts, according to WWF India.
- In 2016, three people were mauled when a leopard entered the grounds of a school in the city of Bangalore, leading officials on an all-day mission to subdue the animal.
- Surveillance video of the attack showed the big cat chasing terrified men around the private school's swimming pool, leaping on them and mauling them as they tried to escape.
You can now battle your friends and strangers in Pokémon Go. Here's how it all works
- Developer Niantic has finally given Pokémon Go players the ability to battle their fellow Pokémon trainers — a feature that's been in hot demand since the game first launched in the summer of 2016.
- Niantic says that this makes fights go faster and keep moving, which is better-suited for a smartphone game like Pokémon Go. Note that Salamence here can have both water and fire-type attacks in the tank now, making it that much more effective — and that much harder to defeat in combat.
- This also comes with some very good news for Pokémon Go obsessives: Fighting the AI-controlled team leaders will earn you progress towards the Ace Trainer in-game achievement.
- This is notable because the last time Niantic updated the game's battle system, the changes frustrated many people by making it impossible to complete Ace Trainer.
'What gives them the right to bomb us?' Exhausted Yemenis demand halt to war
- The footage, captured by the Houthi rebel-backed Ansarallah Media Center and obtained by CNN, provides a rare glimpse into the bloody battle for Hodeidah, a strategic port city that is at the epicenter of Yemen's civil war.
- In 2015, a coalition led by Saudi Arabia launched a military campaign to forcibly remove Houthi rebels from power and re-instate the country's internationally recognized government.
- A Saudi coalition spokesperson denied responsibility for the December 8 attack shown in the video from the Houthi-run Ansarallah Media Center.
- The US says it does not make targeting decisions for the coalition, which is fighting a Houthi rebel insurgency in Yemen.
- The Saudi government has denied that bin Salman was involved in Khashoggi's death, and US President Donald Trump has also been at odds with the CIA assessment.
How Saudi Arabia declared war on America's Muslim congresswomen
- Ever since the midterm election, conservative media in the United States have targeted with special zeal Ilhan Omar, an incoming Somali-American Democratic congresswoman and a devout Muslim who wears hijab.
- Academics, media outlets, and commentators close to Persian Gulf governments have repeatedly accused Omar, Rashida Tlaib (another newly elected Muslim congresswoman), and Abdul El-Sayed (who made a failed bid to become governor of Michigan) of being secret members of the Muslim Brotherhood who are hostile to the governments of Saudi Arabia and the UAE.
- Just hours after Omar won her election, for example, a staffer at the Saudi Embassy in the United States accused her of following the ideology of the Muslim Brotherhood, which he said has permeated the Democratic Party.
These seven 'Super Smash Bros. Ultimate' tips will help you dominate your friends like a pro
- While "Ultimate" is the biggest Smash game ever, the rules are the same: players fight to knock each other off the stage using their favorite video game characters.
- Personally, I like to set my right analog to "Tilts" for quick attacks, and use Attack+Special for smash attacks.
- Even if items are turned off, characters like Link and Peach can generate their own items — Link can throw bombs, and Peach can attack with thrown vegetables — and use them to trick and trap opponents.
- The standard recovery will help you get up the fastest, while a ledge attack will hit an opponent waiting near the edge.
- If your character doesn't have a spike, try using a projectile or normal attack while another player is jumping back to the stage to interrupt their return.
Chinese state hackers reportedly responsible for data breach affecting 500 million customers at Marriott, the US government's biggest hotel provider
- US investigators have reportedly traced the massive data breach on Marriott customer data to Chinese hackers, a move that will likely exacerbate ongoing US-China economic tensions.
- The hackers are suspected of working for the Ministry of State Security, the country's intelligence agency, The New York Times and the Washington Post reported Tuesday night.
- People involved in the company's private investigation into the breach also said the hackers may have been trying to collect information for China's spy agencies, rather than for financial gain, Reuters reported.
- Reports of Beijing's involvement in the Marriott breach comes amid mounting tensions between the US and China over trade tariffs and cyber policies.
- Washington has been planning to issue a series of measures that include indictments and possible sanctions against Chinese hackers, The Times and Post both reported.
Marriot cyberattack traced to Chinese intelligence-gathering effort: NYT
- A massive cyberattack on the Marriott hotel chain was part of a Chinese intelligence-gathering effort, The New York Times reported on Tuesday, citing two people briefed on the preliminary results of the investigation.
- The Justice Department is preparing to announce new indictments — possibly within days — against Chinese hackers working for the intelligence and military services, according to the NYT, which cited government officials speaking on condition of anonymity.
- The latest developments in the Marriott security breach come amid flaring tensions between China and the U.S. as the two countries try to work out a trade deal, with the arrest of Chinese telecom giant Huawei's Chief Financial Officer Meng Wanzhou in Canada raising concerns that the conflict could become more complicated.
- Read The New York Times' reported on the investigation into the Marriott data breach.