Posts
4228
Following
735
Followers
1628
"I'm interested in all kinds of astronomy."
repeated

I’ve been working with computers for five decades. Some people view me as an “expert” in certain subjects.

And I can tell you that when I am learning a new technology I still feel like the dumbest newb on the planet. I make tons of mistakes. I go down stupid rabbit holes of my own making. I have tons of self doubt.

So give yourself some grace. Everybody goes through this phase. Take a deep breath. Believe that you can do this.

5
13
0
repeated

Apple SEAR is hiring an offensive security researcher focused on wireless security!

We're looking for talented researchers to help find and exploit vulnerabilities across wireless technologies.

Apply here: https://jobs.apple.com/en-us/details/200671326-2911/offensive-security-researcher-wireless-security?team=SFTWR

If you love digging into wireless stacks and

0
2
0
@mfierst @electret @lrhodes "All those moments will be lost in time, like tears in rain."
0
0
0
@lrhodes Thanks that makes sense...sort of...
0
0
0
repeated

if you're not gonna be at EMF you can get some here:

https://unsafewarnings.etsy.com

2
3
0
@electret @lrhodes Ahh you mean the smaller players like Obsidian ! I bet they can absolutely see your shit, but they may be legally constrained in what they can do with it (maybe... have you read the TOS?). Granting access to an LLM most likely changes your Terms and Conditions (not because it's a technical necessity, but because of the business model of the LLM provider).

Btw this is a useful site:

https://tldrtos.com/
0
0
0
@electret @lrhodes Honest question: What on Earth made you feel that way? I see absolutely zero indicators of privacy in any mainstream LLM app (similarly to Google/Meta).
1
0
0
@electret @lrhodes It's always been someone else's computer...
2
0
1
@lrhodes So anything written on GDocs or sent to a GMail address is also fair game then?
2
0
2
repeated

CVE-2025-45422: Proximus b-box UPnP Persistence & Access Control Bypass https://github.com/Cedrico03/CVE-2025-45422---Bbox

0
1
0
repeated
Edited yesterday

EDIT SIGNUP TO TEST https://desk.parare.al/apps/forms/s/eHC5EaqZTTGe4DSBcS893XYE

So
after 14 months(?) of work
and a lot of frustration
barely knowing what i was doing
i think i made someting special (!)

presenting:

a Wine fork
for Ableton Live 12

on Linux

stable
pixel perfect
vst support
1st class gnome citizen
device hotwire support
low latency audio

tell ur friends 🥹🥹

2
6
0
repeated

How ChatControl passed in the EU parliament.

1
32
0
[RSS] The other kind of control flow guard check: The combined validate and call

https://devblogs.microsoft.com/oldnewthing/20260708-00/?p=112510
0
0
0
[RSS] Reverse-engineering a Neopets shop with 48,000 inventory snapshots

https://danielmay.co.uk/posts/redistributing-billions-neopets/
0
0
1
repeated
Edited yesterday
This is in fact

Foxit Foxit Reader Javascript checkbox CBF_Widget code execution vulnerability (CVE-2026-57256)

(Hope this is just a temporary problem with the bot and I don't have to touch the HTML parser :P)

RE: https://infosec.place/objects/48afd31c-35ab-4cfa-b28d-4a27e66c1259
0
0
1
repeated

Cursed circuits #6: reverse avalanche oscillator - https://lcamtuf.coredump.cx/blog/avalanche/

1
1
0
repeated

Project Zero Bot

New Project Zero issue:

Adobe DNG SDK: Heap memory disclosure via LZW-compressed semantic masks rendered through MaskedRGBTables

https://project-zero.issues.chromium.org/issues/514643907

CVE-2026-47963
0
1
0
repeated

Project Zero Bot

New Project Zero issue:

Adobe DNG SDK: Heap memory disclosure via uninitialized MCU buffer in Hasselblad 3FR lossless JPEG decode path

https://project-zero.issues.chromium.org/issues/514249399

CVE-2026-47934
0
1
0
Show older