KatsBits Community

Recent Posts

Blog / Re: S.686 RESTRICT Act
« Last post by kat on Yesterday at 04:36:43 PM »
The pertinent part is as follows;

(a) In General.-The Secretary, in consultation with the relevant executive department and agency heads, is authorized to and shall take action to identify, deter, disrupt, prevent, prohibit, investigate, or otherwise mitigate, including by negotiating, entering into, or imposing, and enforcing any mitigation measure to address any risk arising from any covered transaction by any person, or with respect to any property, subject to the jurisdiction of the United States that the Secretary determines-
(1) poses an undue or unacceptable risk of-

(A) sabotage or subversion of the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of information and communications technology products and services in the United States;

(B) catastrophic effects on the security or resilience of the critical infrastructure or digital economy of the United States;

(C) interfering in, or altering the result or reported result of a Federal election, as determined in coordination with the Attorney General, the Director of National Intelligence, the Secretary of Treasury, and the Federal Election Commission; or

(D) coercive or criminal activities by a foreign adversary that are designed to undermine democratic processes and institutions or steer policy and regulatory decisions in favor of the strategic objectives of a foreign adversary to the detriment of the national security of the United States, as determined in coordination with the Attorney General, the Director of National Intelligence, the Secretary of Treasury, and the Federal Election Commission; or

(2) otherwise poses an undue or unacceptable risk to the national security of the United States or the safety of United States persons.
(b) Procedure.-
(1) IN GENERAL.-Not later than 180 days after the date of enactment of this Act, the Secretary, in consultation with the relevant executive department and agency heads, shall review any transaction described in subsection (a) to-

(A) determine, not later than 180 days after the date on which the Secretary initiates such review, if such transaction poses an undue or unacceptable risk under subsection (a)(2) and qualifies as a covered transaction; and

(B) with respect to a transaction found to pose an undue or unacceptable risk and qualify as a covered transaction, determine whether-

(i) the covered transaction should be prohibited; or

(ii) any other action should be taken to mitigate the effects of the covered transaction.

What this essentially says is the Government has the right to determine is they don't like something. BUT, how do they know that 'something' is valid as something that should be treated per the legislation without due process, i.e. due process is the process by which 'something' would be determined to warrant 'corrective' action. Once judged to warrant such action, such action would then be taken.

The legislation outlined above, completely BYPASSES due process and instead grants Government a unilateral 'right' to 'lawfully' assume 'something' to warrant action without actually knowing this to be the case. In other words, it throws due-process out the window, and the rights afforded to citizens therein.

The hyperbole that this is 'patriot act level spying' is, in fact, demonstrable true.

Worse yet, this effectively destroys whistleblowing (in the broadest sense), making it lawful to prosecute under the guise of "National Security".
News / MacOS, Blender 4 & IMVU Toolkit - Pose
« Last post by kat on Yesterday at 10:42:20 AM »
Blog / Re: SCAM WARNING - eBusiness Number Registry (European Business Registry)
« Last post by kat on December 01, 2023, 01:58:58 PM »
It really is amazing how often this 'business' changes it's contact and/or email address... almost as though they're trying to hide something

Register WCR
News / 3D Printing, Blender & MacOS - Dice
« Last post by kat on December 01, 2023, 09:01:43 AM »

"3D Printing with Blender on MacOS - Dice" https://www.katsbits.com/codex/3d-printing-blender-macos-dice/ taking a look at making a dice for 3D printing using Blender on MacOS. Examples available.
News / MacOS & IMVU Toolkit for Blender 4.0+
« Last post by kat on November 28, 2023, 02:14:19 PM »

 "MacOS & IMVU Toolkit for Blender 4.0+" https://www.katsbits.com/codex/macos-imvu-toolkit-blender-4/ installing IMVU Toolkit to Blender 4.x+ on MacOS (P.S. working on getting more MacOS based tutorials out for Blender & IMVU).
Blog / Re: SCAM WARNING - Bitcoin Sextortion & Blackmail Scams
« Last post by kat on November 28, 2023, 02:04:02 PM »

I have got two not really pleasant news for you.
I have been monitoring your internet activities for some time by now.

The only person to blame in this situation is you, since you are a big fan of **** and also have got an uncontrollable desire to indulge yourself with another ****.
Simply speaking, all your **** websites search requests have become a key to access your device.
The thing is that I work in a company that provides services related to security and performance of email providers, including [scraped email address] as well.

During the pandemic outbreak a lot of providers have faced difficulties in maintaining a huge number of staff in their offices and so they have decided to use outsourcing instead.
While working remotely from home, I have got unlimited abilities to access the user databases.

I can easily decrypt passwords of users, access their chat history and online traffic with help of cookie-files.
I have decided to analyse users traffic related to **** and adult content.
I was truly shocked to discover that nearly 75% of users regularly access **** websites or participates in **** chats.

I have filtered out the worst **** from the list. Yeah, you are one of them. Not everyone chooses to watch such ****...
Basically, I have infected your device with one of the best Trojan viruses in the market. It was relatively easy, since I have access to your email address ( [scraped email address]).
It was sufficient to prepare one of your routine emails asking you to click the harmful link...

My spyware functions as a driver. Hence, I can fully control your device and have access to your microphone, camera, cursor and set of symbols.
Generally speaking, your device is some sort of my remote PC.
Since this spyware is driver-based, then I can constantly update its signatures, so that no antivirus can detect it.
While digging through your hard drive, I have saved your entire contact list, social media access, chat history and media files.

One week ago, I have montaged a videoclip, which shows you **** on one side of the screen and on the other side a **** video
that you were watching at that moment of time - recently this type of exotic stuff is really popular on the internet!
Don't worry, I will need just a few mouse clicks in order to share this video with your entire contact list and upload it to some **** website, like Bigle.
I believe that you would not like this to happen, since a long holiday season is just about to start soon -
just imagine the number of silly jokes and loud laughter that would get provoked by your video all over the neighbourhood bars and pubs...

I am offering a simple and reasonable solution:
All you need to do is transfer an amount equivalent to $1750 (USA Dollars) to my bitcoin wallet and we both forget about this silly story forever.
All your data and this video will be deleted by me once and for all. You have my honest word!
You've got to agree, this amount is really insignificant. Just imagine how much time and resources I have spent to get this done..
If you don't know how to operate the cryptocurrency - you can always search for assistance online. It is that simple.

Here is my bitcoin wallet (BTC): [bitcoin address]

You have exactly 2 days (48 hours) from the moment of opening this email.
I can easily track when you have opened this email (my software will notify me about it). Once you complete the transaction - I will be able to see and confirm that.
Please, do not try replying me via this email - there is no point in that (I have generated the header of this email as well as return address).

Remember that there is no point to complain anywhere, since I cannot be found (Bitcoin system is anonymous and I am also using I2P network in order to access your device).
I have considered all the small details.
In case, if 48 hours after you have opened this email,
I still don't receive the required amount of money, then your videoclip will be automatically sent to all your contact list and uploaded to public websites.

Good luck and please don't hate me too much!

This is life! You are merely out of luck this time.
Who knows, maybe next time you will get lucky at something else...
Blog / Re: SCAM WARNING - Bitcoin Sextortion & Blackmail Scams
« Last post by kat on November 26, 2023, 01:29:48 PM »
Hello, my perverted friend,

We've actually known each other for a while, at least I know you.
You can call me Big Brother or the All-Seeing Eye.
I'm a hacker who a few months ago gained access to your device, including your browser history and webcam.
I recorded some videos of you **** to highly controversial "adult" videos.
I doubt you'd want your family, coworkers, and your entire [scraped email] - (your password for this mail on moment of hack : [scraped password]) contact list to see footage of you ****, especially considering how **** your favorite "genre".
I will also publish these videos on **** sites, they will go viral and it will be physically impossible to remove them from the Internet.

How did I do this?
Because of your disregard for internet security, I easily managed to install a Trojan on your hard disk.
Thanks to this, I was able to access all the data on your device and control it remotely.
By infecting one device, I was able to gain access to all the other devices.

My spyware is embedded in the drivers and updates its signature every few hours, so no antivirus or firewall can ever detect it.
Now I want to offer a deal: a small amount of money in exchange for your former worry free life.

Transfer $1250 USD to my bitcoin wallet: [bitcoin address]

As soon as I receive confirmation of the payment, I will delete all the videos that compromise you, remove the virus from all your devices and you will never hear from me again.
It's a very small price for not destroying your reputation in the eyes of others, who think that you are a decent man, according to your messengers.
You can think of me as some sort of life coach who wants you to start appreciating what you have.

You have 48 hours. I will receive a notification as soon as you open this email, and from this moment, the countdown will begin.
If you've never dealt with cryptocurrency before, it's very easy. Simply type "cryptocurrency exchange" into a search engine, and then all set.

Here's what you shouldn't do:
- Don't reply to my email. It was sent from a temporary email account.
- Don't call the police.
 Remember, I have access to all your devices, and as soon as I notice such activity, it will automatically lead to the publishing of all the videos.
- Don't try to reinstall your system or reset your device. First of all, I already have the videos,  and secondly, as I said, I have remote access to all your devices, and once I notice such an attempt, you know what happens.
Remember, crypto addresses are anonymous, so you won't be able to track down my wallet.

So long story short, let's resolve this situation with a benefit for me and you.
I always keep my word unless someone tries to trick me.

Lastly, a little advice for the future. Start taking your online security more seriously.
Change your passwords regularly and set up multi-factor authentication on all your accounts.

Best wishes.
Blog / "Trust me, I'm a professional artist!"
« Last post by kat on November 25, 2023, 02:29:07 PM »
If, during an unsolicited conversation with someone, they mention "I'm a professional artist", it can be said with absolute certainty, they're not.

The Internet is great.

The ubiquity of freely available or low cost tools for creating, is great.

Meeting, chatting, helping other artists/creators is great.

Being direct message spammed by self-proclaimed "professional artists", not so much.

These folks have a habit of drifting from community to community posting little of any substance, all in an effort to draw attention to their products and services. They don't contribute to the community, but they're more than happy to be part of it if only to sell their wares.

When asked for clarity on what they're doing they will often retort that they're a "professional artist". When pressed further they might link to a 'portfolio',
 typically just be a collection of images posted to Instagram or PasteBin collection, or a 'page' on ArtStation or other 'art' site, with gmail listed as a contact address.

This isn't a portfolio (no matter what might be said about it).

If you're earning money from your creative efforts, and consider that a 'profession', get your act together, spend a few bucks and sort out a dedicated website. Use a freebie service if you must. But at the very least treat what you're doing as a profession and not just a label you're (mis)applying to your undeclared, barely legal, side-hustle.

When you contact someone with the intent to chase commissions, don't engage in disingenuous small talk, claim you "want to be friends", just get to the point, post your derivative artwork, and then move on if there's no interest.
Blog / Re: SCAM ALERT: Bug/Vulnerability Bounty Blackmail (Beg Bounty)
« Last post by kat on November 22, 2023, 11:16:53 AM »
Another bug bounty scam/scammer.

Hey Team,

I'm a penetration tester and bug bounty hunter. I have discovered multiple vulnerabilities on your site. I've reported one of my findings so that you can review it, as well as fix this issue.

Please review the report below.

Vulnerability: Broken Authentication & Session Management
We have observed that when we change "password" from one browser in place of session expiration from another browser it just updates the password from another browser and the old session gets updated without being logged out. The flows goes like this:
Broken Authentication and Session Management > Failure to Invalidate Session > On Password Change
1- Login from two browsers at a time [From Chrome browser and from Mozilla Firefox].
2- Change password in settings from chrome browser.
3- Now Check Mozilla Firefox.
4- Your Session got "updated" in place of expiration.

Same goes with when using two different computer systems.
1- Login from two computers at a time
2- Change password in settings from computer A.
3- Now Check computer B.
4- Your Session got "updated" in place of expiration.

Recommendations: If Session is Updating from one Browser/Computer so other should expire first to renew session after login.

If you require any additional information, please let me know. I'll be waiting to hear from your side regarding the report and bounty. I'll share my other findings as well, once I've heard back from you.

[fake name]
News / Install Blender 4.0+ on MacOS (MacBook Pro/Air etc.)
« Last post by kat on November 21, 2023, 01:43:06 PM »

"Install Blender 4.0+ on MacOS (MacBook Pro/Air etc.)" https://www.katsbits.com/codex/install-blender-4-macos/ a look at installing Blender 4.x+ on MacOS (MacBook/Air/Pro etc.). Includes tips on installing and keeping more than one version.