"If you're thinking without writing, you only think you're thinking" - Leslie Lamport. As a programmer, he'd know this personally, as many programming ideas work fine in your head. Until you try to type it in. https://en.wikipedia.org/wiki/Leslie_Lamport

decomplexifying #curl

https://daniel.haxx.se/blog/2024/10/27/decomplexifying-curl/

I seem to remember the EICAR test string https://en.wikipedia.org/wiki/EICAR_test_file has been used in DoS attacks. Like, supply the string to a log/database such that it will be corrupted by antivirus. However, I cannot find any direct sources. Who can help?

Should JavaScript be split into two languages? Google proposal divides opinion
Link: https://devclass.com/2024/10/22/should-javascript-be-split-into-two-languages-new-google-driven-proposal-divides-opinion/
Comments: https://news.ycombinator.com/item?id=41955353

New release! 📣

Parents can now shield their children from clickbait and shock value with powerful new video controls that show authentic thumbnails and clean titles.

Full release notes: https://kagi.com/changelog#5108

#Kagi #AdFree #Search #Family

Gmail account appears to be fine, but the Amazon account has definitely been hijacked. Looks like the attacker texted a link that the neighbor clicked on this morning, and that completed some sort of account ownership transfer. Neighbor assures me they just clicked the link and didn't enter anything. They just landed on an Amazon page that said their account had been successfully transferred to someone else (they have a screenshot of the hijacker's email address).

They've been on the phone with Amazon trying to get it resolved, but if the description is correct it sure seems like there's a vulnerability on Amazon's end here.

At exactly the same time the SMS was sent the neighbor's Gmail account got hit with a firehose of thousands of spam messages persisting for several hours, which is why they thought the Gmail account was hacked (and also why they clicked the Amazon phishing link from the SMS).

Does this sort of thing sound familiar to anyone?

Video for my #P99CONF talk on DTrace at 21 is now up, though you will miss me in the chat explaining which of the slides are throwing shade at eBPF https://www.youtube.com/watch?v=KjQnB9yB9kQ

are there any ex- #Sun engineers on fedi who'd be willing to help us with a thing? We're creating a #Solaris 10 #SPARC modernisation kit thing with a bunch of modern tools, and honestly having someone give it a look over who worked with Solaris 10 and stuff really colsely would be super helpful

CVE-2024-26926 Binder n-day analysis.
It is labeled EoP in Android Security Bulletin (Is it really exploitable?)

https://github.com/MaherAzzouzi/LinuxKernel-nday/blob/main/CVE-2024-26926/CVE_2024_26926_Analysis.pdf