wha t if oregon trail was called wagon age: oregons

“I LOVE that game!” (watched a letsplay and commentary about it)

-First -Previous -Next

[Do not use/repost]

more outfit swap, this time with Adalina wearing an outfit from @mintybleh 's oc Isaac

[Do not use/repost]

Some of my favorites of the night …. I love black women

Third of 8 sketch animation commissions. The Kirin character belongs to Khan. I tried to took commissions with characters that are radically different from each other. Love animating ferals and humanoids both.

lets go no contact with mama

I'm noticing a trend of my recent DnD PC art and it's just involving a LOT of red. 

Anyway, uh, my lad Vadan wound up crashing out hard last session and wound up gutting @mysticbaconslice 's temp character. 🫡

-First -Previous -Next

[Do not use/repost]

Drew Calalmë in Nolwenn's outfit for an outfit swap prompt! She looks cute in it

[Do not use/repost]

don't mind them, this is just how they flirt

Cybercriminals are abusing Google’s infrastructure, creating emails that appear to come from Google in order to persuade people into handing over their Google account credentials. This attack, first flagged by Nick Johnson, the lead developer of the Ethereum Name Service (ENS), a blockchain equivalent of the popular internet naming convention known as the Domain Name System (DNS). Nick received a very official looking security alert about a subpoena allegedly issued to Google by law enforcement to information contained in Nick’s Google account. A URL in the email pointed Nick to a sites.google.com page that looked like an exact copy of the official Google support portal.

As a computer savvy person, Nick spotted that the official site should have been hosted on accounts.google.com and not sites.google.com. The difference is that anyone with a Google account can create a website on sites.google.com. And that is exactly what the cybercriminals did. Attackers increasingly use Google Sites to host phishing pages because the domain appears trustworthy to most users and can bypass many security filters. One of those filters is DKIM (DomainKeys Identified Mail), an email authentication protocol that allows the sending server to attach a digital signature to an email. If the target clicked either “Upload additional documents” or “View case”, they were redirected to an exact copy of the Google sign-in page designed to steal their login credentials. Your Google credentials are coveted prey, because they give access to core Google services like Gmail, Google Drive, Google Photos, Google Calendar, Google Contacts, Google Maps, Google Play, and YouTube, but also any third-party apps and services you have chosen to log in with your Google account. The signs to recognize this scam are the pages hosted at sites.google.com which should have been support.google.com and accounts.google.com and the sender address in the email header. Although it was signed by accounts.google.com, it was emailed by another address. If a person had all these accounts compromised in one go, this could easily lead to identity theft.

How to avoid scams like this

Don’t follow links in unsolicited emails or on unexpected websites.

Carefully look at the email headers when you receive an unexpected mail.

Verify the legitimacy of such emails through another, independent method.

Don’t use your Google account (or Facebook for that matter) to log in at other sites and services. Instead create an account on the service itself.

Technical details Analyzing the URL used in the attack on Nick, (https://sites.google.com[/]u/17918456/d/1W4M_jFajsC8YKeRJn6tt_b1Ja9Puh6_v/edit) where /u/17918456/ is a user or account identifier and /d/1W4M_jFajsC8YKeRJn6tt_b1Ja9Puh6_v/ identifies the exact page, the /edit part stands out like a sore thumb. DKIM-signed messages keep the signature during replays as long as the body remains unchanged. So if a malicious actor gets access to a previously legitimate DKIM-signed email, they can resend that exact message at any time, and it will still pass authentication. So, what the cybercriminals did was: Set up a Gmail account starting with me@ so the visible email would look as if it was addressed to “me.” Register an OAuth app and set the app name to match the phishing link Grant the OAuth app access to their Google account which triggers a legitimate security warning from [email protected] This alert has a valid DKIM signature, with the content of the phishing email embedded in the body as the app name. Forward the message untouched which keeps the DKIM signature valid. Creating the application containing the entire text of the phishing message for its name, and preparing the landing page and fake login site may seem a lot of work. But once the criminals have completed the initial work, the procedure is easy enough to repeat once a page gets reported, which is not easy on sites.google.com. Nick submitted a bug report to Google about this. Google originally closed the report as ‘Working as Intended,’ but later Google got back to him and said it had reconsidered the matter and it will fix the OAuth bug.

Sewing tips

Wax: Thread wax or thread conditioner. I use beewax or thread magic. It makes cheap thread glide like the expensive ones. I am an old punk so ive done lots of hand sewing for patches and the standby is to use waxed dental floss to sew on patches since it doesn't snag or break so easy. This is the same principal but now any thread will work. Wax makes working with thicker thread so easy. For hand sewing, just drag your thread over the wax (I've used candle wax for patch sewing). Some places say to iron your thread after, but I've never done that. For sewing machines, they make wax that attaches to the top of your machine so the thread glides over it as you sew.

Washi Tape: if you put washi tape down your traced pattern lines (on the fabric), just inside where you need to cut, it will keep the material from fraying. It also makes it easier to cut out silky or thin fabrics. Frayed fabric leaves all those little hanging-off threads at your hems and it’s a mess. If you use a good washi tape, there is no residue. You can even sew over it and not remove it until the end. It is fantastic for hems. Washi tape is going to give you a definite location for your hems and gives you a straight edge to follow. I've also used painters tape.

Seam Ripper: Flip the seam ripper over, put the ball tip in the seam and then push the tool through the stitches, quickly cutting them. *Caution – don’t use this part of the technique on delicate fabrics. It’s too easy to tear holes in them doing this. It is fine on most cottons and denims. The point is for picking out individual stitches, tight stitches, or difficult ones.

Gutermann thread: The spool opens to hold a needle. There is a myth that it comes with a needle included. None of mine has ever come with one.

Ribbon Fraying: quickly run a flame across the end of the ribbon to eliminate the fraying.

Lock your stitches: reverse sew at the beginning and end of each seam to lock your stitches in place to prevent them from unraveling once the threads are snipped.

Pins: Use a magnet to collect them. I use a magnetic bowl from harbor freight. It's cheaper than the sewing specific ones and you can rubber coat them or cover them in fabric if you want to protect your pin tips.

Thread Cutter: Many machines come with a thread cutter on the machine. But if your machine doesn't you can buy a stick on one. They are convenient but not a necessity.

Magnetic Seam Guides: tool that attaches to any stitch plate of a sewing machine, near the presser foot. The magnet helps the fabric that is pulled forward by your sewing machine to stay firmly in place, giving you a solid, reliable guide for setting seam allowances and sewing straight lines.

Seam Guide Ruler: a small ruler used to mark an accurate seam allowance.  Place the Seam Guide under the presser foot and lower the needle through the appropriate hole in the guide.  Video reference here.

Sewing Needles: I have a whole post here but the basics are

Universal – no color code

Ball point – medium blue

Jersey – orange or light brown

Stretch – Yellow

Jeans – dark blue

Microtex – purple

Leather – brown

Universal twin – red shaft

Stretch twin – blue shaft

Quilting – green

Glues: Huge time saver.

Fray check: A permanent, clear liquid seam sealant that prevents fabric from fraying and secures thread ends; Use to finish raw edges of ribbon, trim and fabric. It soaks into fabric.

Fabri-tac: won't soak into fabrics, which can cause discoloration or damage to the fabric. Instead, it creates a strong, permanent bond on the surface of the fabric. This makes it a great option for attaching embellishments like rhinestones, sequins, ribbons, or beads to fabric.

Original Gutermann HT2: designed specifically for use with fabrics and is ideal for attaching patches to clothing, bags, and other fabric items. It's a great choice for attaching patches to fabrics that will be washed or worn frequently. The glue is also resistant to heat and cold, making it suitable for use in a variety of different environments. It is a bit expensive but it is worth it imo.

Aleene's: I love Aleene's they always perform well for the affordable price. They have a wide variety of glues and adhesives. They even make fabric glue sticks.

Dritz Original Liquid Stitch: Dries clear but applies white. It takes 24 hours for it to full cure but once it does its flexible.

SpraynBond Quilt Basting Adhesive Spray: It forms a temporary bond between the batting and the fabric when quilting so that you don’t need to baste the quilt before you stitch. Unlike traditional adhesives, which can leave a residue on the fabric, spray glue dries clear and leaves no residue. I have also used this for backpatches. it washes out.

Happy Halloween Sewists!

Bank of Sapphire Cold?

a wormllection, from a myriad angles

Odyssey

based on this poll