Medieval humor! 9 Astonishing Gargoyle Statues: https://streetartutopia.com/medieval-humor-9-astonishing-gargoyle-statues-a-blend-of-art-and-functionality-in-gothic-architecture/
-
Photo: At Abbey of Sainte Foy, Conques, France (c. 1107).

From a friend's discord

#infosec #starWars

Kinda crazy that artificial intelligence needs the entire output of a nuclear reactor but actual intelligence can run on Twix bars and cocaine, for example.

I can finally talk about what we've been working on for the past two years(!)

Using #sigstore, GitHub now supports artifact signing, which allows you to create unforgeable provenance guarantees for any software you build inside Actions.

It's been a heck of a ride, & you can read more about (and learn how to use it) here:

https://github.blog/2024-05-02-introducing-artifact-attestations-now-in-public-beta/

protip: drawing a hilariously bad artwork in MS Paint with a mouse is a much stronger quality signal that you care about the blog post than attaching an obvious AI generation

Someone on Tumblr has made a concept for a Tarot Card deck made out of ISO hazard symbols and it goes hard:

https://www.tumblr.com/medusasstory/749203130036699136/this-is-a-nice-sign-to-look-at-1010-for

Edit: apparently this image was a WIP version, a final, printable version is available here: https://organical-mechanical.itch.io/iso-tarot

Good luck everyone!

#DEFCON #CTF
https://defcon.social/@nautilusinstitute/112344576931750426

😡 @EDPS is giving up on its @Mastodon and @peertube experiment because it couldn’t find an EU agency to continue operating it.

I hope @EU_Commission can find a new home for it before May 18th as the executive body.

https://www.edps.europa.eu/press-publications/press-news/press-releases/2024/edps-decentralised-social-media-pilot-end-successful-story_en

As a user,
I want your application to randomly steal focus
So that,
I enter my password managers main password into a chat box

MS-DOS is now open source, so in a time honored tradition. Lets look for curse words!

https://github.com/microsoft/MS-DOS

remember how Naomi fucking told us this a YEAR AGO and no one wanted to believe it until the government knocked on her door and she can't post anymore?

https://www.technologyreview.com/2024/04/24/1091740/chinese-keyboard-app-security-encryption/

In light of recent events, probably best to make this ASA vuln public in public interest: https://github.com/GossiTheDog/Exploits/blob/main/Cisco-CVE-2020-3259.sh

If you get <argument> back with toke inside, not vuln. If you get a memory dump back, you vuln. The dump is pretty bad as it contains a bunch of stuff.

The path exists even with webvpn disabled, it's the host checker.

Credits to person who found it, don't know if they want to be named. Edit: it’s @Naproxen

Akira and others have been living off this for a while.

Cisco warns that a group of state-sponsored hackers has exploited two zero days in its ASA security appliances to spy on government networks over the last several months. Sources close to the investigation tell us they suspect China. https://www.wired.com/story/arcanedoor-cyberspies-hacked-cisco-firewalls-to-access-government-networks/

Devs sometimes talk about being "close to the metal" but there is no other software engineering team in the world right now that are simultaneously as close to and as far away from the metal as the people keeping Voyager working.

Around 1985, ISI (Information Storage Inc.) introduced their 525 WC Optical Storage System. This was one of a number of magneto-optical disc storage formats introduced in the mid-1980s, and allowed users to record data to an optical disc in the days before CD-R and CD-RW.

Single-sided and double-sided discs were available, with a capacity of 115 or 230 MB respectively. The discs were pre-formatted, and were WORM (write-one, read many) capable.

Find out more at https://obsoletemedia.org/isi-525-wc/

are you for fucking real, GitHub?

I’ve been writing a lot of stories about state-sponsored cyberespionage by China. The case we’re revealing today is a prime example of this, telling the story of a five-year campaign against one of the key players in 🇩🇪 the Volkswagen group

The hackers started back in 2010, with initial mapping of the infrastructure and then, until 2015, tried to siphon data out of VW networks – repeatedly and successfully so. Even though VW removed the hackers, they kept coming back.

Very often companies do not know what the hackers were after because the hackers have deleted their traces until the time anoybody notices their presence. In this case, it was different: Volkswagen CERT was able to restore RAR-archives, giving rare insight into the tasking.

SPIEGEL:
https://www.spiegel.de/netzwelt/web/volkwagen-vw-konzern-wurde-jahrelang-ausspioniert-von-china-a-f9971315-c342-42b5-b97b-8650b91d60d4 (€)

ZDF:
https://www.zdf.de/nachrichten/wirtschaft/volkswagen-china-hacking-industriespionage-emobilitaet-100.html

"I deleted keys generated by our TV for 5 straight minutes. 5 Minutes of like 200BPM clicking. I restarted. Everything worked again. I laughed so hard I cried. I felt like I'd solved a murder."

Tech people, THIS IS A GREAT FANTASIC READ!!!

The title is, "DO NOT BUY HISENSE TV'S"

https://cohost.org/ghoulnoise/post/5286766-do-not-buy-hisense-t
#Tech #Android #TV #Debug