@davidgerard this is a good intro with historical background: https://blog.cryptographyengineering.com/2014/11/27/zero-knowledge-proofs-illustrated-primer/

You can also ping @matthewdgreen on bsky

*sigh* several weeks ago, I tried to view something on Harvard University's rare manuscript site ("Curiosity Collections"), but the images were all broken. Digging into the javascript console, I found that the images are not missing from the server if you extract their URLs, but the json is being put together wrong and the viewer can't parse it.

I sent an email to the site's contact person with all the info I had. They were apologetic and said their maintainers were "aware" of the issue, but the vague reason they gave me (a VPN issue) doesn't make a lot of sense in the context that the images are all loadable if you know their URL and the viewer is crashing in a json parsing function. So I suspect someone told the contact person a plausible-sounding reason without investigating. At the very least, they don't seem to be trying at all to fix it.

So the rare manuscripts website of a world-major university has been languishing broken for several weeks at minimum, but who knows how long it'd been like that before I, personally, noticed. I guess this is a "state of American education" post.

shouts out to the nist cve api for having a query parameter in a format that absolutely no http library will emit, basically forcing you to hand-serialise a url

amazing how many talks at c3, defcon et al boil down to "we looked at the protocol format and it's as though nobody ever thought to do this before"

@hanno I'm afraid there is a general decline of index quality at all major providers (G,Bing,Yandex,???), while alternative engines mostly rely on those. I also noticed that verbatim search is basically dead as not all content is indexed in its original form so even if you know exactly what you are looking for, the index entry is just not there to find it.

@hanno @kagihq ?

@csepp I think @HalvarFlake had a presentation where he talked about hacking like an addiction where accessing more systems (and knowledge) leads you to even more systems, each giving a dopamine rush :)

My MongoDB honeypot is now open source:

https://gitlab.com/bontchev/mongopot

Visualization (not included in the repo):

https://pandora.nlcv.bas.bg/grafana/d/EysKAV4Dz/mongopot

Can anyone recognize this IC? Looking for its p/n and a datasheet ideally. Handles all the analog audio paths in a portable cassette player.

EDIT: A knock-off of Mitsumi LAG668F.

#electronics #reverseengineering

In the U.S, the Pennsylvania Supreme Court ruled that police can access your Google searches without a warrant.

The court's reasoning: users have no expectation of privacy because "it is common knowledge that websites, internet-based applications, and internet service providers collect, and then sell, user data."

That's what "free" really means. The business model depends on turning your search history into a detailed profile that can be sold, shared, and accessed by third parties.

Today's gift from the algorithm: "Visibility undergarments"

🤔

Couldn't they really not wait until 5th Jan for the next shitstorm ffs?

Just flying on in and snatching a president is a new one

[RSS] Windows ARM64 Internals: Pardon The Interruption! Interrupts on Windows for ARM

https://connormcgarr.github.io/windows-arm64-interrupts/

PS5 keys

https://www.psdevwiki.com/ps5/Keys

RE: https://infosec.exchange/@0xamit/115772097368948161

This has been very fun to develop. I've added tons of cities and I'm looking to add more cities. I'm taking requests :)

LLMs will lead you to lose skills that you are not going to get back because your brain will change and have no patience anymore to do the hardwork that needs to be done. That will be one of the fundamental problems of this tech.