Kagi's Snaps allows you to easily limit search results to a specific website by using the @ symbol followed by a short code for the site and then your search query🪄

More on how to use and contribute to Snaps: https://help.kagi.com/kagi/features/snaps.html

#Kagi #Search #AdFree

[RSS] Using the 555 for Everything

https://hackaday.com/2024/10/14/using-the-555-for-everything/

Huh.... Turns out electricity is a little bit spicier in Ireland. Lesson learned. Setup for #Pwn2Own Ireland continues...

[RSS] RGFuzz: Rule-Guided Fuzzer for WebAssembly Runtimes

https://kaist-hacking.github.io/publication/park-rgfuzz/

There's something specifically and deeply evil about making kids watch ads for extra stuff in games.

As a planned follow-up to the splitting of sshd-session out of the sshd(8) binary, sshd-session has be further split into a new sshd-auth binary to handle user authentication.

djm@ modified src/usr.bin/ssh/*: Split per-connection sshd-session binary

This splits the user authentication code from the sshd-session binary into a separate sshd-auth binary. This will be executed by sshd-session to complete the user authentication phase of the protocol only.

Splitting this code into a separate binary ensures that the crucial pre-authentication attack surface has an entirely disjoint address space from the code used for the rest of the connection. It also yields a small runtime memory saving as the authentication code will be unloaded after the authentication phase completes.

Joint work with markus@ feedback deraadt@

Tested in snaps since last week

Also only on #OpenBSD, this new sshd-authd binary gets relinked on boot, as with sshd-session and sshd.

deraadt@ modified src/etc/rc: sshd-auth also has a relink kit

#OpenSSH

The @internetarchive’s Wayback Machine resumed in a provisional, read-only manner.

Sorry, no Save Page Now yet.

Safe to resume but might need further maintenance, in which case it will be suspended again.

Please be gentle https://web.archive.org

More as it happens.

[RSS] Casio says ransomware attack exposed info of employees, customers and business partners

https://therecord.media/casio-ransomware-attack-exposed-emplyee-customer-data

First the IA, now Casio - nothing is sacred for these punks!

What is the longest sentence you can form from names of programming languages?

(Bonus points for not using the Esolang wiki)

Painted by a homeless man: https://streetartutopia.com/2024/10/13/painted-by-a-homeless-man/

@drahardja @SteveBellovin What is this *not* good for?

Doing my weekly update of TeXLive, I spotted this as a new feature. Just what I want—SQL injection in document source…

@muneef This PNG could've been a HTML table...

Writing things down isn't just good science; it's the ultimate kink. 😝

the zendesk hack, for anyone interested

https://gist.github.com/hackermondev/68ec8ed145fcee49d2f5e2b9d2cf2e52

@asicc I have no clue how this should/could be resolved unfortunately.

People getting more familiar with the infrastructure around them would probably help, but technology goes in a direction that hides these details, hence its popularity.

@asicc My point is exactly that the contents of an URL doesn't seem to matter _at all_ because many people have no idea what trustworthy domains are (or how they would like like as part of an URL).

In other words you don't have to register n<very weird e-like character>tflix[.]com for your scam because people will just trust PayForYourTV[.]so.

@tara @bitzero TIL about elinks, it looks awesome!

The current chaos in WordPress caused by Matt seems like a good time to remind folks that the Mastodon “community” websites and trademarks are 100% owned by one man, despite pleas from current and former project members to make Mastodon a foundation with a board.

gm fedi