@nina_kali_nina Code review?

@qwertyoruiop To be fair in Idiocracy there was also a whole apparatus of idiots under the president who worked against the smart guy (not very efficiently though) including ministers, the judical system and the police.

Here’s the recording of my Bluehat talk Pointer Problems - Why we’re refactoring the windows kernel https://youtu.be/-3jxVIFGuQw?si=3Q30ziJBBVv4ZbAU

[RSS] The case of a program that crashed on its first instruction

https://devblogs.microsoft.com/oldnewthing/20241108-00/?p=110490

[RSS] Pishi: Coverage guided macOS KEXT fuzzing.

https://r00tkitsmm.github.io/fuzzing/2024/11/08/Pishi.html

@codecolorist I'd need kurwa wodka for that stuff...

@codecolorist Let me recommend some excellent learning material (as a Hungarian I consider myself qualified in this topic):

https://www.youtube.com/watch?v=OHHpYXQyQO4
https://www.youtube.com/watch?v=iL1HvAu8V1w

IBM's EGA graphics (Enhanced Graphics Adapter) celebrates it's 40th anniversary this year, so here's some classic EGA games:

One tiny goal: learn to pronounce kurwa fluently before next Warcon

For anyone looking to adjust their media diet, now’s a great time to consider escaping The Algorithms with RSS. Here are some of the blogs, newsletters, and independent news sites I follow: https://www.mollywhite.net/blogroll/

For feed readers,  I use Inoreader, but there are many other good options.

#RSS #IndependentMedia #blogging

@GossiTheDog @reverseics @cR0w Thank you for the clarification!

Support the people who make the stuff you like. There's a good chance that without that, the stuff you like won't get made.

@GossiTheDog @reverseics @cR0w But could *non-admin* users access the DB of *other* users? SQLite or not, this should not be possible (in general...). If it was possible back then (as it was suggested by you and articles based on your comments), then now would be the best time for all to see what the problem was to check if the same or similar problem is present in the implementation that is to be released.

@GossiTheDog @reverseics @cR0w Great you chime in! Any plans to release that x-user Recall exploit you talked about?

https://infosec.place/notice/AieinAN5CpyKNShdvE

The offensive industry loves making shit up: the new rumor making the rounds is that my girlfriend works at NSO. As a matter of fact, my girlfriend is currently unemployed and looking for work as an event manager in Europe, so let me know if you come across interesting openings. Her only experience in the security industry is coming with me to a few conferences over the past year to look for work and learn more about this niche.

@cR0w @reverseics My theory is that a) URL's are the new filesystems and b) abstracting away control ("..") from data ("etc") would have an unacceptable overhead compared to SQL (ORMs) or even HTML (DOM sanitizers), so the memes are here to stay :)

Here is another #NameThatWare

Can you deduct or guess which device this is?
As always, hide your answer behind a CW to not spoil others.

#directoryTraversalMemes seem to become a classic, but I wonder if anyone has a list of specific payloads that trigger the different vulnerabilities of recent memory?

/cc @reverseics @cR0w

I published my analysis of the Series 9000 Brainalyzer exploit by Rick Sanchez:

https://video.infosec.exchange/w/jtR1V9N5ghHES5oayeBrrd

Did I miss anything?

#NoCVE