Codequiry: The Trusted Python Plagiarism Checker Tool

Codequiry is an advanced Python plagiarism checker trusted by educators, developers, and institutions. It scans Python code for copied or modified patterns using advanced similarity detection, including peer and online comparisons. Built for accuracy and ease of use, Codequiry ensures code originality and helps maintain academic and professional integrity across all Python programming projects. For more details, please visit our website.

So with the pandora's box of AI being released into the world, cybersecurity has become kind of insane for the average user in a way that's difficult to describe for those who aren't following along. Coding in unfamiliar languages is easier to do now, for better and worse. Purchasable hacking "kits" are a thing on the dark web that basically streamline the process of deploying ransomware. And generative AI is making it much easier for more and more people to obscure their intentions and identities, regardless of their tech proficiency.

The impacts of this have been Really Bad in the last year or two in particular. For example:

(I'm about to link to sources, and you better be hovering and checking those links before clicking on them as a habit)

Ransomware attacks have become increasingly lucrative for private and state-sponsored hacking groups, with at least one hack recently reported to have resulted in a $75 MILLION payout from the victim. This in combination with the aforementioned factors has made it a bigger and bigger risk for companies and organizations holding your most sensitive data.

In the US, the Salt Typhoon hack over the past year or so has compromised virtually all major phone networks--meaning text and phone calls are no longer secure means of communication. While this won't affect most people in day-to-day, it does make basically all the information you share over traditional phone comms very vulnerable. You should avoid sharing sensitive information over the phone when you can.

CISA updated their security recommendations late last year in response to this compromise. One of the recommendations is to use a separate comms app with end-to-end encryption. I personally prefer Signal, since it's open source and not owned by Meta, but the challenge can be getting people you know on the same service. So... have fun with that.

2FA is no longer as secure as it was--because SMS itself is no longer secure, yeah, but even app-based 2FA has been rendered useless in certain circumstances. One reason for this is because...

A modern version of the early-2000's trick of gaining access to people's accounts via hijacked cookies has come back around for Chromium browsers, and hackers are gaining access to people's Google accounts via OAuth session hijacking. Meaning they can get into your already-logged-in accounts without passwords or 2FA even being needed to begin with. This has been achieved both through hackers compromising chrome browser extensions, and via a reinvigorated push to send out compromising links via email.

Thanks to AI, discerning compromised email is harder now. Cybercriminals are getting better at replicating legitimate email forms and website login screens etc., and coming up with ways to time the emails around times when you might legitimately expect them. (Some go so far as to hack into a person's phone to watch for when a text confirmation might indicate a recent purchase has been made via texted shipping alerts, for example)

If you go to a website that asks you to double-click a link or button--that is a major red flag. A potential method of clickjacking sessions is done via a script that has to be run with the end user's approval. Basically, to get around people who know enough to not authenticate scripts they don't recognize, hackers are concealing the related pop ups behind a "double-click" prompt instruction that places the "consent" prompt's button under the user's mouse in disguised UI, so that on the second click, the user will unwittingly elevate the script without realizing they are doing it.

Attachments are also a fresh concern, as hackers have figured out how to intentionally corrupt key areas of a file in a way that bypasses built-in virus check--for the email service's virus checker as well as many major anti-virus installed on endpoint systems

Hackers are also increasingly infiltrating trusted channels, like creating fake IT accounts in companies' Office 365 environment, allowing them to Teams employees instead of simply email them. Meaning when IT sends you a new PM in tools like Zoom, Slack, or Teams, you need to double-check what email address they are using before assuming it's the real IT person in question.

Spearphishing's growing sophistication has accelerated the theft of large, sensitive databases like the United/Change Healthcare hacks, the NHS hack & the recent Powerschool hack. Cybercriminals are not only gaining access to emails and accounts, but also using generative AI tools to clone the voices (written and spoken) of key individuals close to them, in order to more thoroughly fool targets into giving away sensitive data that compromises access to bigger accounts and databases.

This is mostly being used to target big-ticket targets, like company CSO's and other executives or security/IT personnel. But it also showcases the way scammers are likely to start trying to manipulate the average person more thoroughly as well. The amount of sensitive information--like the health databases being stolen and sold on the darkweb--means people's most personal details are up for sale and exploitation. So we're not too far off from grandparents being fooled by weaponized AI trained off a grandchild's scraped tiktok videos or other public-facing social media, for example. And who is vulnerable to believing these scams will expand, as scammers can potentially answer sensitive questions figured out from stolen databases, to be even more convincing.

And finally, Big Tech's interest in replacing their employees with AI to net higher profits has resulted in cybersecurity teams who are overworked, even more understaffed they already were before, and increasingly lacking the long-term industry experience useful to leading effective teams and finding good solutions. We're effectively in an arms race that is burning IT pros out faster and harder than before, resulting in the circumvention of crucial QA steps, and mistakes like the faulty release that created the Crowdstrike outage earlier last year.

Most of this won't impact the average person all at once or to the same degree big name targets with potential for big ransoms. But they are little things that have combined into major risks for people in ways that aren't entirely in our control. Password security has become virtually obsolete at this point. And 2FA's effectiveness is tenuous at best, assuming you can maintain vigilance.

The new and currently best advice to keeping your individual accounts secure is to switch to using Passkeys and FIDO keys like Yubikeys. However, the effectiveness of passkeys are held back somewhat as users are slow to adopt them, and therefore websites and services are required to continue to support passwords on people's accounts anyway--keeping password vulnerabilities there as a back door.

TLDR; it's pretty ugly out there right now, and I think it's going to get worse before it gets better. Because even with more sophisticated EDR and anti-virus tools, social engineering itself is getting more complex, which renders certain defensive technologies as somewhat obsolete.

Try to use a passkey when you can, as well as a password locker to create strong passwords you don't have to memorize and non-SMS 2FA as much as possible. FIDO keys are ideal if you can get one you won't lose.

Change your passwords for your most sensitive accounts often.

Don't give websites more personal info about yourself than is absolutely necessary.

Don't double-click links or buttons on websites/captchas.

Be careful what you click and download on piracy sources.

Try to treat your emails and PMs with a healthy dose of skepticism--double-check who is sending them etc for stealthily disguised typos or clever names. It's not going to be as obvious as it used to be that someone is phishing you.

It doesn't hurt to come up with an offline pass phrase to verify people you know IRL. Really.

And basically brace for more big hacks to happen that you cannot control to begin with. The employees at your insurance companies, your hospital, your telecomms company etc. are all likely targets for a breach.

To the person sending Russian propaganda to my inbox:

I don't have the time or energy to debunk every single claim you made. And I think it would be harmful to help you spread disinformation without being able to research and verify all of it.

Regarding the whataboutisms though, you are absolutely right that the American government has done horrible things. You are also right that our schools will sugarcoat our history and gloss over aspects of it that reflect poorly on the country.

I will be the first to criticize our nation for its failings. For the wars in the Middle East. For past experimentations conducted on our citizens. For the racism and homophobia and transphobia that permeates our society and history. For the genocide committed against Native Americans. For so, so much!

I will stand here and proudly use my voice to condemn our government for its sins.

I would ask if you will do the same to Russia. No... I will ask if you can do the same.

In your ask, you say this...

You know what **I** hate about "leftists"? They follow American's propaganda and think everything Russia and China claims are lies.

But the fact is that there is a very simple reason for this...

Everything out of China and Russia is filtered through their governments. Going against their narrative is illegal. And the narrative is whatever is going to benefit them at the moment.

If the truth is beneficial, they will tell the truth. If a lie is beneficial, they'll tell a lie. And then they will declare the lie true, and make it illegal to fact check the lie.

Does the US government lie? Absolutely!

But we also have an independent media that, historically, has been able to call them out on their lies. This means there is at least some incentive for honesty. And we have the Freedom of Information Act that has allowed the media access to a lot of information that other governments would rather keep secret.

Mind you, the government isn't always honest. There will be cover-ups and we need to be vigilant against those. But generally speaking, the existence of a free media ensures that lying is usually counterproductive.

On the other hand, nothing Russia says can ever be trusted because without a media to hold their feet to the fire, they have no incentive to be honest about anything. It's not that everything they claim is a lie so much as everything they say will only be said to benefit them, and there is no incentive to be honest EVER when you ban the fact checkers and suppress everything else.

Do not forget that you have a state that not only calls lies truths, but arrests those who dare speak real truths.

Say what you will about America, but I can call out our government for the time being.

I can cite reliable sources that go against the government's narrative.

And I don't have to live in fear that challenging the government's narrative will get me locked up in prison like Dmitry Ivanov.

Even the outlet that I linked to above, Mediazona, has been blocked in Russia now.

Let me ask you this: If a truth inconvenienced the Russian government, do you trust that they would tell it to you anyway? If a lie was beneficial, would you trust that they wouldn't lie and suppress those who told the truth?

I am not a Russian citizen. So my knowledge of life in Russia is limited, as is my knowledge of life in Ukraine. So I will end this with the words of Dmitry Ivanov, a brave Russian citizen who is still serving an unjust sentence in a Russian prison for daring to speak truths that the Russian government would rather keep quiet.

Ivanov. I object to Article 207.3 of the Criminal Code itself because, while ostensibly prohibiting the dissemination of knowingly false information, the way this article has been applied in practice effectively bans the sharing of any information that does not come from official sources. Official sources, meanwhile, unfortunately do not communicate any information to us. Which I mentioned, because now the only sources of information I can use are official ones. It’s our television. I see the response that this approach to information evokes in our society. Total distrust of official sources, anxious anticipation and the spread of even the most unrealistic rumours among those who watch these news reports and try to read something between the lines. If reducing the spread of fake news were truly the legislator’s goal, it could be achieved simply by telling people the truth. However, this is a challenging path, as it would require admitting one’s own mistakes, explaining the causes of failures, and facing tough questions and criticism. Had Vladimir Putin chosen this approach a quarter of a century ago, there would be far fewer difficult questions to answer now...

how to install dashboard unfucker (for desktop)

hi i use desktop and i use the dashboard unfucker extension by dragongirlsnout and you should too because it's awesome. i don't know much about computers so it was intimidating to set up but ended up being really easy.

but first:

what is dashboard unfucker?

dashboard unfucker is an extention that makes being on tumblr bearable again.

(ID: 2 screenshots of tumblr with urls/posts etc censored. the first is with the new layout, with labels on the left, the ad-free button, "check out these blogs," "explore all of tumblr," the radar, and no easy way to access your own blog. the second is with the extension enabled, the left hand side of the screen is empty, posts are wider, navigation icons are back at the top right, and the only thing on the right-hand side of the dash is the dashbaord unfucker and limit checker and tag replacer from xkit. end ID)

i got it for layout changes like these- the first is cramped and ugly and i feel like i'm on twitter. the second is warm and comfy and i can make my posts wider (i dont like all the empty space). (limit checker, tag replacer, and post color were done on xkit and palettes respectively, not unfucker, btw)

with the dashboard unfucker you can:

hide the following/blog subs/for you etc tabs

get rid of the changes/staff picks/etc carousel

hide recommended blogs and tags

add profile pics back to posts

hide the radar

hide the explore page

hide tumblr shop

hide user badges

highlight bots in ur activity feed

show who follows u in the activity feed

make posts wider/slimmer and move the dash posts position to the left/right

revert messages design (and make the messages box bigger)

revert activity feed to the old design

display vote counts on polls

show poll results without clicking (no more skewing polls or "see results"!!)

disable tumblr domains

add polls to reblogs

disable "post without tags?"

show ns.fw posts

and other things that i probably missed copying this from the settings!!

so how do you do it? it seems scary but it's easy actually. take my hand

(note: i did this on firefox and tested it on chrome, i'm not familiar with other browsers, also use firefox if at all possible fuck chrome)

how to install dashboard unfucker

step 1: install either tampermonkey, tampermonkey beta, greasemonkey, or violentmonkey (if you don't already have it)

note: im using tampermonkey as an example because it's what i use

step 2a: go to firefox extensions/chrome web store/your browser's equivalent

step 2b: look up "tampermonkey" and click "add to firefox/chrome/whatever" and confirm

step 2c: you're done! yayyy

step 2: click this link. look under "installation" where it says "Click on unfucker.user.js to install or update". and click that

(ID: a screenshot of the tampermonkey install page, showing dashboard unfucker v5.7.8 installation information, the source code, and the install/cancel button. end ID)

(it should open in a new tab and look like this)

step 3: click install! (when i did this it didn't look like much happened and i got scared. dont get scared take my hand)

step 4: go to www.tumblr.com and to the right of the dash it'll have the dashboard unfucker label to the right!

(ID: the default dash again, but with the dashboard unfucker title at the top right of the right-hand side of the dash. end ID)

step 5: click the little gear icon and all the options will pop up! u can fuck around with em to ur heart's content. i recommend exporting after ur done and saving it somewhere in case u have to uninstall/reinstall to troubleshoot or smth

you're done! now u can see the results of polls without clicking them and other such things

(ID: a poll i have not voted on. it has 17 votes and 23h 56m remaining. the title is "poll :)" and the answers are "answer 1" "answer 2" and "see results". there are no percentage labels, but the amount each answer has is indicated by light blue bars in each result, as they would be if i had voted. end ID) note: i'm not sure how/if this aspect of the extension is indicated for screenreaders

THIS POST IS TRANSGENDER BTW!

You can now get an Ad-Free, Tumblr-Live-Free version of the Tumblr Android app

I've been writing some Patches for the Tumblr app in the ReVanced framework, and they just got released in the ReVanced patches Pack, so you can install them too! No computer is needed, and everything is open source, meaning anyone can look at the code and verify that it's not malicious.

Patches

Disable Dashboard Ads (Currently not perfect - doesn't block blazed and doesn't block Tumblr's own "Sponsored" posts that aren't real ads, like the ones that are just a cat sitting in front of a Tumblr logo)

Disable Tumblr Live (Fully and forever!)

Disable "Enable notifications when this person posts" popup

Disable "You can send gifts to people" bubble

Disable the update checker (Tumblr annoys you to update if you're on an old version, who knew?)

Maybe more to come. Please suggest new ones!

Installation

I'm not good at writing beginner-friendly guides, so this one might be hard to understand if you're not a somewhat experienced user - there's already a bunch of guides for ReVanced, and they have a support discord where you can ask for help. I encourage anyone to write a better guide for this.

First we need to download and install the ReVanced Manager. You can get it here: https://revanced.app/ Just download and install the APK.

Just like with any android app download that doesn't use the Google play store (or similar stores), you'll get some warnings that the file could be dangerous (since it's an app installer package), and you'll likely have to give your browser or File explorer permissions to install apps.

Next, we'll need a Tumblr APK to patch it. We usually can't use your already installed Tumblr since it's a Split-APK, and ReVanced doesn't really support those. Get one from APKMirror (preferred) or alternatively from APKPure (often doesn't have all app versions). Make sure you're selecting the download to a normal APK, not a Split-APK/XAPK. Also probably don't download a version that has alpha or beta in the name.

If you downloaded the Tumblr apk, don't install it. Open the ReVanced Manager we installed earlier, click Patcher->Select an Application->Storage (bottom right)->Pick the Tumblr APK you just downloaded.

Now you can de-select patches if you want, but the default is fine, it includes all patches made for Tumblr. Then click Patch in the bottom right and wait for it to finish. Before you install the patched Tumblr, you'll have to uninstall the old Tumblr since they have the same package name but our patched one isn't signed by the Google Play Store. So uninstall the Tumblr app now (and probably save/reblog this post if you're on your phone right now so you don't lose it), then switch back to the Manager and click Install to install the patched app.

Yay, now you have patched Tumblr. Everything should work as normal otherwise. If you're reading this in the (far) future and Tumblr ever updated the app and broke the patches and no one updated them to work with newer versions, you can use an old Tumblr APK and it should keep working forever. Right now, I am using v31.5.0.110 and everything is working fine.

Tell me (asks/dms/rbs) if anything is broken or you have more ideas for patches I could add. I have like 10 followers so no one is gonna see this without reblogs. Oki bye!

Meta’s fact-checking partners claim they were “blindsided” by the company’s decision to abandon third-party fact-checking on Facebook, Instagram, and Threads in favor of a Community Notes model, and some say they are now scrambling to figure out if they can survive the hole this leaves in their funding.

“We heard the news just like everyone else,” says Alan Duke, cofounder and editor in chief of fact-checking site Lead Stories, which started working with Meta in 2019. “No advance notice.”

The news that Meta was no longer planning on using their services was announced in a blog post by chief global affairs officer Joel Kaplan on Tuesday morning and an accompanying video from Meta CEO Mark Zuckerberg. Instead, the company plans to rely on X-style Community Notes, which allow users to flag content that they think is inaccurate or requires further explanation.

Meta partners with dozens of fact-checking organizations and newsrooms across the globe, 10 of which are based in the US, where Meta’s new rules will first be applied.

“We were blindsided by this,” Jesse Stiller, the managing editor of Meta fact-checking partner Check Your Fact, tells WIRED. His organization started working with Meta in 2019, and it has 10 people working in the newsroom. “This was totally unexpected and out of left field for us. We weren't aware this decision was being considered until Mark dropped the video overnight.”

The news organizations who had partnered with Meta to tackle the spread of disinformation on the platform from 2016 are scrambling to figure out how this change will impact them.

“We have no idea what the future looks like for the website going forward,” Stiller says.

Duke says Lead Stories has a diverse revenue stream and most of its operations are outside of the US, but he claims the decision would still have an impact on them. “The most painful part of this is losing some very good, experienced journalists, who will no longer be paid to research false claims found on Meta platforms,” Duke says.

For others the financial implications are even more dire. One editor at a US-based fact-checking organization that works with Meta, who was not authorized to speak on the record, told WIRED that Meta’s decision “is going to eventually drain us out.”

Meta did not respond to a request to comment on its partners’ allegations or the financial impact its decision would have on some organizations.

"Meta didn’t owe fact-checkers anything, but it knows that by pulling this partnership it’s removing a very significant source of funding for the ecosystem globally,” says Alexios Mantzarlis, who helped establish the first partnerships between fact-checkers and Facebook between 2015 and 2019 as director of the International Fact Checking Network.

Meta’s partners were also angered by Zuckerberg’s allegation that fact-checkers had become too biased.

According to Duke, it is disappointing to hear Mark Zuckerberg accuse the organizations in Meta's US third-party fact-checking program of being “too politically biased.” “Let me fact-check that. Lead Stories follows the highest standards of journalism and ethics required by the International Fact-Checking Network code of principles. We fact-check without regard to where on the political spectrum a false claim originates.”

This was a viewpoint reiterated by Kristin Roberts, the chief content officer at Gannett Media, whose publication USA Today was another Meta fact-checking partner.

"Fact-based journalism is what USA Today does best,” Roberts said in an emailed statement. “Truth and facts serve everyone—not the right or the left—and that's what we will continue to deliver.”

Many of Meta’s fact-checking partners have claimed that Zuckerberg blaming fact-checkers for over-the-top censorship on the company’s platform was inaccurate, as they simply added information and context to posts, leaving the final decision to take down content to Meta itself.

“To blame fact-checkers is a disappointing cop-out, and it perpetuates a misunderstanding of its own program,” says Neil Brown, the president of the Poynter Institute, which owns PolitiFact and the International Fact-Checking Network. “Facts are not censorship. Fact-checkers never censored anything. And Meta always held the cards. It's time to quit invoking inflammatory and false language in describing the role of journalists and fact-checking.”

Other fact-checkers point out that the Community Notes model, which has in the past worked poorly at X, still requires the input of experts in order to work.

“While a crowdsourced model for content verification may work in theory, it cannot magically succeed without relying on expertise, particularly on complex scientific and technical topics,” Emmanuel Vincent, the executive director of Science Feedback, a Meta fact-checking partner, tells WIRED. “Participants in such a program will still need to rely on credible evidence sourced from fact-checking organizations, trustworthy journalism, or scientists with relevant expertise to ensure accurate assessments.”

Zuckerberg, who mentions president-elect Donald Trump on a number of occasions in his video, has been trying to build closer links to the incoming administration in recent weeks.

The Meta CEO, who donated $1 million to Trump’s inauguration fund, was a recent visitor to Trump’s Mar-a-Lago resort, bringing with him a pair of the company’s Ray-Ban AI glasses as a gift.

Zuckerberg’s decision last week to promote Kaplan, a former deputy chief of staff to President George W. Bush, was widely seen as an effort to appease the incoming administration—as was Meta’s decision this week to appoint UFC CEO and close Trump ally Dana White, to its board.

Now some of Meta’s fact-checking partners see the decision to abandon third-party fact-checkers and implement an X-style Community Notes model as another effort to appease Trump.

“It’s unfortunate that this decision comes in the wake of extreme political pressure from a new administration and its supporters,” Angie Drobnic Holan, director of the International Fact-Checking Network, said in an emailed statement. “Fact-checkers have not been biased in their work—that attack line comes from those who feel they should be able to exaggerate and lie without rebuttal or contradiction.”

December update

Happy holidays everyone!

I'm going to change up this monthly update a little, since cost is very much not an issue anymore. I'll still give a quick overview, but it's mostly going to be just a status update of how the re-work is progressing.

You have likely already seen the Tumblr becoming more active again this month, with flash sales being posted as well as dominance results. Work is slowly progressing on getting stuff back up and running.

Below the cut is a bunch of information, but give it a quick read!

The total cost in December was €8.22 post VAT. Essentially, the singular €10 patreon I have covers this entire cost and then some. The cost will likely go up again, a little bit, once the database and storage gets used more as I add stuff. But the major money sink of the website itself is gone now, so there's that!

On that note, I had said that I would stop accepting patreon payments 1st of january, but now that the toolset has made a re-start I'll let the decision fall down to the person that is currently part of it if they wish to continue supporting me.

The new way of hosting the tools using Azure Functions is proving to be very valuable, even though nothing I had made was inherently compatible. So I've been slowly working on completely rewriting the entire toolset, which has come with many challenges and many learning opportunities to say the least.

Tumblr

On the Tumblr side of announcements everything is up and running, it's basically back to how it was. It's also the place where I've had the most interaction with users so it was a semi-priority to get this back up first.

Site/Skin Tester

This entire toolset started its life as a simple skin previewer for my girlfriend so she could sell her skins easier without spending hours providing manual previews to interested folks. Strangely enough, this has now become a much lower priority. The nature of the idea behind a previewer however is something I can definitely build into the ecosystem of Azure Functions.

What I will likely end up doing first though is add a barebones 'site' that will allow things such as the code snippets to be used (the little scripts that allowed things such as coverage checker, color wheel, etc).

Discord

The Discord side however is my next target, some of you might have already noticed either because I have been sharing stuff or you just keep an eye on the source code behind FRTools on GitHub.

My goal with Discord is to make everything work the way it was, to some extend. There are things I cannot do with my new planned setup. The 'Bot' is no longer a 'Bot' that is ever present, instead I am leveraging Discord's /slash command system. This allows me to build a bot that functions as a bot but is not online 24/7. It just gets spun up to handle a command and goes afk again.

Just now I've finally finished the first command to be fully functional, it allows looking up the information of a dragon either by URL (pictured below) or simply by ID.

So there you have it!

Introducing Codetoolshub.com: Your One-Stop IT Tools Website

Hello everyone! I'm excited to introduce you to Codetoolshub.com, a comprehensive platform offering a variety of IT tools designed to enhance your productivity and efficiency. Our goal is to provide developers, IT professionals, and tech enthusiasts with easy-to-use online tools that can simplify their tasks. Here are some of the tools we offer:

Base64 File Converter

Basic Auth Generator

ASCII Text Drawer

PDF Signature Checker

Password Strength Analyser

JSON to CSV Converter

Docker Run to Docker Compose Converter

RSA Key Pair Generator

Crontab Generator

QR Code Generator

UUID Generator

XML Formatter

And many more...

We are constantly updating and adding new tools to meet your needs. Visit Codetoolshub.com to explore and start using these powerful and free tools today!

Thank you for your support, and we look forward to helping you with all your IT needs.

I had an odd dream the other night, in which there was a fanfic website that was dedicated to taking the concept of the gift economy way too far.

So, at first glance, the site looked fairly normal. It took the open-source code from AO3 and based itself off of that, though the default site skin was dark pink comic sans on a light yellow background. The difference was that there was an in-site way of commissioning authors. Not for money - the site was as against monetizing fanfic as the average (reasonable) fanfiction website is.

Instead it had something called either CommentBux or FicBux (I'll use the latter from now on bc that's shorter). You'd earn one FicBux if you left a kudo on the author's work, and another FicBux for every 10 words you left in a comment. There was a plagiarism checker so you couldn't just quote the fic when commenting, emojis didn't count, and I'm not sure if words rolled over from one comment to the next. FicBux were separated by each author, because they were used for commissions.

10 FicBux = 100 words that you could commission from the authors. Authors couldn't turn commission requests off, but they could

Change "prices" from the default.

Report harassing commissioners.

Reject commissions.

Accept requests and refund them later (but not after publishing!), but there was a 3-day wait time between doing so.

Set it so that readers couldn't request fandoms, characters, ratings (not rated wasn't an option on the website), relationships, archive warnings, or additional tags beyond what you had already written.

Readers, on the other hand, could report authors for not writing what was requested (within reason, which is to say the staff/volunteer got to decide what they wanted). They could also cancel the commission any time before the author finished, but they then couldn't request from that author for another 7 days.

Authors wouldn't be able to publish a commissioned fic until they reached the word count, but they could offer a partial refund. However, the commissioner would have to accept this before the author could publish. If an author went more than 33% over the paid word count, a warning would pop up, and if they went more than 66% of the paid word count they couldn't publish the fic.

Due to the way the site was putting the economy into the gift economy, they got rid of prompt memes and gift exchanges as well as regular old gifts for non-"paying customers". Sure, you could write in your author's note that this was a fic written for your friend Alice's birthday without actually gifting it to her because she didn't pay you, but it was frowned upon.

Avoid Code Duplication with Codequiry Website Plagiarism Checker

Safeguard your website code's originality with Codequiry’s website plagiarism checker. This advanced tool helps developers, educators, and students detect duplicated code across 50+ programming languages. Codequiry dives deeper than surface-level matches, uncovering structural similarities even in modified code. Whether you're working on projects or grading submissions, Codequiry ensures clean, authentic results. Prevent code plagiarism before it spreads—trust Codequiry for smarter detection.

Top AI Chatbots: Meet ChatGPT and Other Standouts!

The integration of artificial intelligence into our daily lives is evident in various aspects, from using facial recognition to unlock our smartphones to commanding virtual assistants like Alexa to play music. Now, AI has expanded its capabilities to encompass our writing tasks as well.

AI chatbots can now alleviate the burden of writing daunting papers, coding, composing emails, creating art, and even assisting with MBA exams with a simple command.

While ChatGPT has gained significant attention in this field and even launched a free mobile app for iPhones, its immense popularity has resulted in frequent capacity issues, rendering it unreliable for day-to-day usage.

Fortunately, there are several other highly capable AI chatbots available that ensure accessibility whenever you need assistance.

To help you make an informed decision regarding your next writing assistant, I have compiled a comprehensive list of the top AI chatbots and AI writers currently available in the market.

This list provides detailed information about each option, equipping you with the necessary knowledge to select the most suitable writing assistant. One notable contender is the new Bing, which boasts exceptional sourcing abilities, internet access, and an advanced LLM model.

The new Bing: The new Bing AI chatbot, powered by OpenAI's advanced LLM model, offers exceptional capabilities. It functions as a search engine, providing real-time information on current events. With its free accessibility, Bing stands out as a convenient alternative for users.

ChatGPT: ChatGPT, developed by OpenAI, is a widely recognized AI chatbot known for its impressive writing skills and conversational abilities. It excels in generating text, solving math problems, and assisting with coding. While occasionally reaching capacity due to high demand, a paid subscription option, ChatGPT Plus, ensures unrestricted access.

Perplexity AI: Perplexity AI, equipped with GPT-3 and GPT-4, offers free access to its services. With a seamless integration to the internet and real-time events, it serves as a valuable source of information. Perplexity AI's user-friendly interface enhances the overall experience, making it an attractive option.

Jasper: Jasper is an advanced language processing tool that utilizes OpenAI's GPT-3.5. It excels in generating human-like responses and offers a range of writing templates, copyediting features, and a plagiarism checker. Although it comes at a higher cost, it provides enhanced productivity and quality for businesses.

YouChat: YouChat, powered by GPT-3, offers free access and leverages Google sources for its responses. It provides a comprehensive list of sources, making it valuable for those seeking credible information. Its availability and source citing capabilities set it apart from other chatbots.

Chatsonic by Writesonic: Chatsonic, supported by Google, offers up-to-date information and excels in text editing. It provides a free trial and offers AI image generation. However, it comes with a subscription cost depending on word count requirements.

Google Bard: Google Bard is an experimental chatbot powered by Google's LaMDA. While it may not excel in coding or search engine functionality, it proves proficient in text editing and generating professional documents. Google Bard is completely free to use.

Socratic by Google: Socratic, designed for students, provides instant responses to educational questions with engaging visuals. It offers a worksheet scanning feature for curated answers. Although it has limitations, such as not writing full essays, it serves as a useful tool for students.

Conclusion

Choosing the right AI chatbot depends on individual requirements and preferences. The new Bing stands out for its outstanding performance and accessibility. Other options like ChatGPT, Perplexity AI, Jasper, YouChat, Chatsonic, Google Bard, and Socratic cater to specific needs and offer various features.

Exploring these AI chatbots provides users with a range of options to enhance their writing experience.

I feel like there are two separate phenomena here.

The first is people expecting computers to be infallible. You wouldn't accuse a calculator of making a math error, right? This is what leads to people confidently citing nonexistent sources that ChatGPT made up with the same confidence they would cite a case they found using Google Scholar; it simply didn't occur to them that the machine could be wrong in that way. Given that grammar and spelling are almost simple enough formal systems that we can automate them, and grammar/spelling checkers are usually right (especially if you're a kid who makes a lot of basic mistakes), it's not surprising people might make this mistake.

The second is expecting computers to be more convenient than people, to be faster or cheaper or whatever. This is IMO much more defensible when it comes to LLMs, which genuinely can be more convenient than doing a task yourself or finding a person of equivalent skill to the LLM, but it can also definitely be a trap. Similarly, as a programmer, the instinct to try and automate tasks can be a good one but can also lead to wasting more time debugging your code than it would have taken to do the task by hand.

I occasionally use LLMs for stuff that you could arguably describe as brainstorming. LLMs are pretty good at giving you generic lists of things, helping you find words in a very specific category, stuff like that. Sometimes these are questions I could pose to a human, but I don't want to waste their time or I can't be bothered to walk to the next room. Sometimes they aren't. Maybe I have already asked a human if they can think of this word that's on the tip of my tongue and they couldn't, nor could Google, but ChatGPT can. (Or sometimes it can't, but it's worth a try.) Or maybe nobody I know speaks the languages involved, or whatever.

Okay. It's time for an AI rant.

My nephew is 13 years old. Whenever he writes a paper for school, I check it over and fix all of his mistakes for him. He said to me, "Maybe I'll proofread your paper for you in exchange," meaning one of the scholarly articles I write for work. I said, "Cool," and gave him the file. And he said, "Well, this is full of errors! See, you always say you have a lot to correct on my stuff, and look at all the stuff you got wrong!" And I said, surprised, "What? Where?" Because I'm sure there are typos in the draft I sent him, but not, like, that many.

And then he pointed to the screen and said, "Look at all the blue and red lines you have."

And I said, "Yeah, but those are wrong. Like, those are blue and red lines I'm ignoring because the computer is wrong." And then I paused and added, "You know you can't proofread a paper by just looking at the red and blue lines, right?" And he gave me the blankest look, because that clearly is EXACTLY what he thinks. And it became even clearer suddenly why, whenever I correct something on his paper, his immediate reaction is, "It didn't have a blue or red line."

There's a very good reason for that: THAT'S BECAUSE THE COMPUTER ISN'T SMART ENOUGH TO KNOW THAT IT WAS WRONG.

I am so tired of being sold the idea that computers are better than humans and so we should just outsource everything to them, which is clearly the lesson my nephew is absorbing in U.S. middle school. COMPUTERS ARE NOT BETTER THAN HUMANS. Like, maybe they are better at humans at crawling through rubble to find people trapped inside. They are also better at preserving things in a searchable format. Things like that. Very limited circumstances.

I don't want to sound alarmist but everything I hear about people using generative AI freaks me out. It's not just that I'm freaked out by people being like, "I use it to write novels!" (Although I don't see how they do, I have tried to have it write fiction for me and the output was truly terrible.) But I recognize my bias around creative writing and so no one needs to credit my views on artificial writing. But! Other things are alarming, too! "I use it to brainstorm x, y, or z." But...why? Why not just...use your own brain...to...brain...storm? The computer doesn't even have a brain to brainstorm with! And you might be like, "But it comes up with things that my brain would never think of!" So would other people! You could also brainstorm with other people! Or even through Google to see what other people have thought before you (not AI). Please don't belittle the wonder of thinking.

I just feel like the marketing around generative AI boils down to "Wouldn't it be easier not to use your own brain to think about things?" Everyone. No. It would not be. Please just trust me on this. I'm not just an old person who is out of touch with technology or something. I promise. USE YOUR BRAINS. IT WILL BE OKAY.

Fix Security Misconfigurations in Symfony Easily

Symfony is a powerful PHP framework used by developers worldwide. But like all platforms, it's vulnerable to security misconfigurations if not set up correctly. These misconfigurations can expose your app to serious threats like unauthorized access, data leakage, and more.

In this guide, we’ll walk you through how security misconfigurations happen in Symfony, how attackers exploit them, and how you can fix them—along with real coding examples.

And the best part? You can use our free website vulnerability scanner online to instantly detect misconfigurations and other vulnerabilities in your web apps.

🔎 What is Security Misconfiguration?

Security misconfiguration happens when:

Unnecessary services are enabled.

Default credentials are used.

Error messages leak sensitive data.

Debug mode is active in production.

In Symfony apps, this often includes exposed .env files, open profiler tools, or misconfigured firewalls.

⚠️ Common Symfony Misconfiguration Examples (and Fixes)

Let’s look at some real-world Symfony misconfiguration examples—and how to fix them fast.

✅ 1. Disabling Symfony Debug Mode in Production

Issue: When debug mode is enabled in production, detailed error messages expose internal files and paths.

Misconfigured Code (in .env):

APP_ENV=dev APP_DEBUG=1

Fixed Configuration:

APP_ENV=prod APP_DEBUG=0

Pro Tip: Never commit .env files with debug settings to version control.

✅ 2. Securing the Profiler Tool

Issue: The Symfony Profiler gives deep app insights but should never be exposed in production.

Risk: Attackers can view routing, services, and database queries.

How to Disable Profiler in Production:

# config/packages/prod/web_profiler.yaml web_profiler: toolbar: false intercept_redirects: false framework: profiler: enabled: false

✅ 3. Harden HTTP Headers

Misconfiguration: Default Symfony headers don’t include secure settings.

Solution (Using a Response Event Listener):

// src/EventListener/SecurityHeaderListener.php namespace App\EventListener; use Symfony\Component\HttpKernel\Event\ResponseEvent; class SecurityHeaderListener { public function onKernelResponse(ResponseEvent $event) { $response = $event->getResponse(); $response->headers->set('X-Frame-Options', 'DENY'); $response->headers->set('X-Content-Type-Options', 'nosniff'); $response->headers->set('Referrer-Policy', 'no- referrer'); } }

Register Listener in Services.yaml:

services: App\EventListener\SecurityHeaderListener: tags: - { name: kernel.event_listener, event: kernel.response }

🛡️ Prevent Directory Listings

Exposing directory indexes can leak source files or configuration data.

Apache Fix:

Options -Indexes

Nginx Fix:

location / { autoindex off; }

🖼️ Screenshot: Our Free Website Security Checker Tool

Screenshot of the free tools webpage where you can access security assessment tools.

Use our website vulnerability scanner to instantly check if your Symfony app is misconfigured or vulnerable. It’s fast, simple, and doesn’t require installation.

📄 Screenshot: Sample Vulnerability Assessment Report

An Example of a vulnerability assessment report generated with our free tool, providing insights into possible vulnerabilities.

You’ll receive a detailed report like this to check Website Vulnerability, highlighting every vulnerability—including misconfigurations, XSS, SQLi, and more—so you can fix them before attackers find them.

🔁 Extra Tips to Avoid Symfony Misconfigurations

Disable unused bundles.

Validate permissions in security.yaml.

Sanitize file uploads.

Never expose sensitive routes like /phpinfo() or /admin/.

🧪 Test Your Symfony App Now – It’s Free

Don’t wait for attackers to find your security flaws. Use our free vulnerability scanner to detect weaknesses in your Symfony-based apps in minutes.

Looking for more cybersecurity insights? Visit our main blog at Pentest Testing Corp. where we regularly share vulnerability breakdowns, tools, and remediation tips.

📌 Final Thoughts

Symfony is secure by design—but only if configured correctly. Always sanitize your environment, remove default settings, and test thoroughly. Misconfiguration is one of the top OWASP vulnerabilities and can be avoided with basic hygiene.

Ultimate Plagiarism Checker: Ensure 100% Originality with ZeroGPT

In today’s digital world, originality is paramount. Whether you’re a student, researcher, content creator, or business professional, ensuring that your work is free from plagiarism is crucial. A reliable plagiarism checker is essential to maintaining credibility and authenticity in any written content. If you're looking for the best plagiarism detection tool, ZeroGPT’s Plagiarism Checker is your ultimate solution.

Why Use a Plagiarism Checker?

Plagiarism can lead to severe consequences, including academic penalties, legal issues, and reputational damage. By using a plagiarism checker from PDF, you can quickly scan and verify the uniqueness of your content, ensuring that it is free from copied or duplicated material.

ZeroGPT’s plagiarism detector is designed to identify any form of text duplication across multiple sources. It offers high-accuracy scanning capabilities, making it an ideal tool for students, teachers, writers, and professionals.

ZeroGPT: The Best Plagiarism Checker X Alternative

Many plagiarism detection tools claim to offer precise results, but not all are created equal. If you’ve used Plagiarism Checker X before and are looking for a more advanced and user-friendly alternative, ZeroGPT provides an enhanced scanning experience with higher accuracy and more in-depth reporting.

Key Features of ZeroGPT’s Plagiarism Checker:

Supports Multiple File Formats – Scan content from Word documents, text files, and even plagiarism detector PDF effortlessly.

AI-Powered Detection – Detects both exact and paraphrased plagiarism, offering a detailed similarity percentage.

Fast and Reliable – Get instant plagiarism reports in seconds.

Extensive Database – Compares your text against billions of web pages, academic papers, and publications.

User-Friendly Interface – Easy to use for students, writers, educators, and professionals.

How Does ZeroGPT’s Plagiarism Detector Code Work?

ZeroGPT uses an advanced plagiarism detector code that employs artificial intelligence and natural language processing to analyze text. This technology enables the tool to:

Identify exact word matches and closely paraphrased content.

Compare text against a vast online database.

Provide real-time and detailed plagiarism reports.

By leveraging AI-driven technology, ZeroGPT ensures accuracy and efficiency, making it one of the best plagiarism checkers available today.

Who Needs a Plagiarism Checker?

Students & Educators – To maintain academic integrity and avoid unintentional plagiarism in assignments, research papers, and dissertations.

Writers & Bloggers – To ensure originality in online articles, blogs, and eBooks.

Businesses & Marketers – To create authentic content for websites, social media, and branding materials.

Researchers – To ensure published papers are unique and meet academic standards.

Try ZeroGPT’s Plagiarism Checker Today

If you’re searching for a plagiarism checker from PDF, a plagiarism detector PDF, or a reliable plagiarism detector code, ZeroGPT has everything you need. With advanced AI capabilities, quick detection, and extensive database coverage, ZeroGPT ensures your content remains 100% original.

Don’t risk plagiarism—verify your work today! Visit ZeroGPT’s Plagiarism Checker and safeguard your content with the best plagiarism detection technology available.

Our fact-checker here got some of the facts egregiously wrong.

Let's start with the primary source: the FEC. This is the public campaign finance record being used to claim that the shooter donated to ActBlue:

It does say Pittsburgh; we do need to consider that. However, we do also need to note that it includes the zip code. Let's see what zip code 15102 refers to:

Bethel Park, PA, an outer suburb of Pittsburgh. That is also, let's be extremely clear about this, where Thomas Matthew Crooks lived. Not Bethel, PA. That's a very salient detail, because Bethel Park is only an hour's drive or so from Butler, and Bethel is several hours away.

Now Bethel Park is not Pittsburgh, and the FEC record does say Pittsburgh. But Bethel Park is still part of the Pittsburgh metro area, and it's common for Americans living in suburbs to give the core city as their city of residence when asked.

Now I'm not saying it was for sure the shooter who donated $15 to ActBlue in 2021, I want to be clear about that. As Ms. Brunner determined, there are other men named Thomas Crooks living in the Pittsburgh area, and it's possible one or more of them live in Bethel Park, and made that ActBlue donation. It is true that the shooter was 17 at the time of the donation, and may have needed help to make a donation (although I did have a visa debit card attached to my bank account when I was 17; that was how I paid for gas. You can make political donations via debit).

But a person can change a lot between 17 and 20, we still don't actually know his politics, and if he did donate, we don't know his motivations for doing so, nor do we know his motivations for registering as a Republican. Some leftists do that to vote in closed Republican primaries (such as those held in Pennsylvania).

It's important to get the details right, like Bethel Park vs Bethel, or that the FEC record includes zip code. Ms. Brunner was likely either being sloppy in her detective work or trying to discredit any possible narratives that the shooter was a leftist (a possibility we do need to consider). In this case the details don't help lend any more clarity than what has already been widely-reported.

It is too early to jump to conclusions about his motivations. All we know for sure is he was 20 and white.

Good news for American minorities: shooter was white

VR Project (Benchmark Asset) [Assignment set by Apache]

In accordance with Mr Ethan's advice, a benchmark asset was developed to ensure that all artists team members clearly understand the intended art style and can accurately apply it to their respective art creation tasks. I have take it upon myself to create said benchmark asset.

Figure 1: Jonathan Gonzalez's Five Nights at Freddy's: Security Breach Environment Props. (Gonzalez, 2022)

Figure 2: Ole Josefsen's Little Nightmares II - Assets. (Josefsen, 2021)

Figure 3: John Wong's Steampunk Espresso Machine. (Wong, 2020)

I started by researching existing stylised games such as Five Nights at Freedy's: Security Breach (Suggested by Xinlai), Little Nightmares II and any stylised prop artwork on Artstation. The Steampunk Espresso Machine by John Wong in figure 3 is one of the biggest inspiration for this asset as it looks like a simple design yet detailed enough to understand that its an expresso machine.

Figure 4: Front view of the World War 2 German Transmitter 100 Watt Sender (Kriegsfunker, n.d.).

After identifying the visual style I aim to achieve, which is realistic with a stylised touch but without excessive modelling detail, I selected a suitable prop to recreate. The chosen asset is the World War Two German Transmitter 100 Watt Sender. This prop was selected due to its logical presence within the environment. The setting is a Polish castle that has been converted into a scientific testing facility, where consistent communication with external sources would be essential for obtaining scientific materials, coordinating logistics, and maintaining military operations to secure items. Furthermore, the transmitter reinforces the narrative by highlighting the wartime atmosphere and the castle's role as a centre for covert experimentation, coordination and intelligence gathering.

Figure 5: d80133 WWII German Communication 3 WH Radio Operator Gerd (DID, n.d.)

Real life references of the transmitter would usually be very detailed, complicated or severely damaged/aged which is not the ideal reference to develop this asset. To which I recall there are companies that make super realistic historical toys for collectors or historians that resembles the real thing. I took the d80133 WWII German Communication 3 WH Radio Operator Gerd product from a company called DID Corporation who creates high quality and accurate historical action figures and props.

Figure 6: Base model and its features modelled. (Left) Figure 7: Base model and its features dublicated and combined. (Right)

Figure 8: Base model UV Unwrapped.

The smaller details of the transmitter were ignored or simplified to fit the art style. Each unique parts were UV unwrapped before duplicating repeated parts to form the final design in figure 6. All of the parts were then merged into one. A UV checker texture was applied to ensure that the Texel Density is consistent and appropriate across the model.

After discussing with the team, we decided to use a 1024 by 1024 resolution for the textures. This decision was based on several factors, including optimisation for virtual reality performance, achieving the intended stylised realistic look, and working within our time constraints.

Figure 9: Textured Transmitter in Substance Painter.

The viewport display settings in the Substance Painter file were adjusted to closely resemble the visual output of Unreal Engine. Using the baked Ambient Occlusion map as a guide, subtle rust and dirt details were added to the transmitter to convey its age and prolonged use. Since the science testing facility is not a military base or frontline headquarters, it would not have been given priority for new equipment and therefore relied on older radio devices. The meter displays on the transmitter were hand-painted directly onto the texture to enhance the stylised visual approach.

Its transmitter cover and morse code key were also developed in the same way.

After this was completed, it was shown and presented to the other teammates for them to understand the art style.