Posts
2504
Following
650
Followers
1469
"I'm interested in all kinds of astronomy."
repeated

Have you ever wanted to start editing , but got overwhelmed or felt like you didn't know where to start? Every time I encourage people to start editing, I hear that, so I'm trying to help.

https://www.youtube.com/watch?v=bRRHR1NEOqE

18
20
0
repeated

🐙🐇🐝Pointed Sarah🐞🐡🐧

Edited 2 years ago

programmers are always posting like "worked on tracking down an issue with a Flurble deployment for twelve hours. the problem wasn't in Flurble at all - it was in the Gumbies install. It turns out if you install Gumbies 3.0 over Gumbies 2.7 and don't do a cache flush on all the client spiders they'll get stuck in the crystal maze." then you look up Gumbies and the site is one of those scroll scroll scroll types with one sentence per page, like

"GUMBIES is a lean, expressive sharding sandcube for testing and deploying large scale Woodchips playgrounds.

GUMBIES automates and streamlines away watersliding phases, meaning your team can get right to the chipping.

See why Microsoft, OpenAI and Bloingo have embraced GUMBIES in their Woodchips workflows."

and you get to the bottom and you're like I want this I guess but I still don't know what it is

33
28
4
repeated
Edited 1 year ago

Tried using the new Google Chrome V8 settings to turn off the JavaScript JIT, as discussed by @campuscodi in https://news.risky.biz/risky-biz-news-google-addresses-jit-security-in-chrome-122/

However funnily enough that completely broke the Microsoft Teams web client on Mac OS X for me. It remained consistently stuck on "connecting" for over 5 minutes. Even allow-listing teams.microsoft.com wasn't enough, only worked when I allow-listed all of microsoft.com.

So be aware this is not as benign a change as it should be - not only a performance hit but things can actually stop working.

And this got me wondering... is Teams' JavaScript just so horribly inefficient that it takes forever to work without JIT? Or what kind of shenanigan is it doing to REQUIRE the browser JIT to work? 🤔

2
2
0
repeated

in the spirit of transparency, here’s our response to CISA’s RFI on Secure by Design: https://kellyshortridge.com/papers/CISA-2023-0027-Shortridge-Sensemaking.pdf

SbD should not incentivize lip service or theater. It should not be at odds with business goals.

So, @rpetrich and I wrote what SbD should be and not be.

We hope mastonerds especially appreciate our recommendations in Section 1.2.1 for how teams can start investing in SbD while supporting velocity, dev productivity, & reliability.

blog: https://kellyshortridge.com/blog/posts/rfi-secure-by-design-response/

2
7
0
repeated

The 500 Hats of LambdaCalculus

For , let's remember Jerry Lawson, an electronics engineer from Brooklyn, NY. He worked at Fairchild Semiconductor in the 70s, and helped design a second generation game console known as the Fairchild Video Entertainment System (VES), later named the Channel F. His design was based around Fairchild's F8 processor.

This console, although unable to compete with the later Atari Video Computer System, was innovative in many ways. It was one of the first consoles to use a dedicated CPU; it was one of the first consoles to include a pause feature, and it was also the first console to use an extremely important innovation that would shape video games forever: the use of removable ROM cartridges, each of which could feature completely new, unique games, paving the way for consoles to build libraries of titles covering all sorts of styles of games.

Modern gaming owes a debt to Lawson's engineering prowess and innovative designs.

1
5
0
repeated

Today, February 19, in 1998, hacker Trinity fends off two units of police officers and faces off with sinister sentient computer programs known as Agents (The Matrix, 1999)

0
6
0
repeated

Just analyzed a spyware sample that bypasses Android 13 Restricted Settings so as to drop another malware with full access to Accessibility API.
+ use of malformed ZIP to break apktool and other tools.

https://cryptax.medium.com/android-spynote-bypasses-restricted-settings-breaks-many-re-tools-8791b3e6bf38

0
3
0
repeated

So someone dumped a ton of internal Chinese gov’t docs, and I’m working on translations here. From what I can tell, the company An Xun International has been dropping spyware in its products? More to come.

https://github.com/mttaggart/I-S00N/blob/main/README-en.md

4
4
0
repeated

This week, Super Bowl 2024 shattered records, with the championship broadcast on CBS becoming the most-watched televised event in history.

Also riding high from the big game? 's .

A whopping 75.85 percent of traffic from X to its advertising clients' websites during the weekend of the Super Bowl was fake.

https://mashable.com/article/x-twitter-elon-musk-bots-fake-traffic

2
5
0
repeated

Talya (she/her) 🏳️‍⚧️✡️

Edited 1 year ago

The (edit:) CURRENT beta version of is version 7.0.0.
There's a good reason for the round number. This will be the first version where usernames and phone number privacy are available outside of the staging environment.
From this version on, you'll be able to talk to people on Signal without revealing your phone number, and also, you may use Signal without revealing to people who have your number saved that you do.
This is huge.
https://github.com/signalapp/Signal-Android/compare/v6.47.4...v7.0.0

7
26
1
repeated
repeated

This was honestly super hard to write. The subject has been bugging me all day. I'm worried that people are going to hate my guts for saying it, but everything feels right to me.

https://wedistribute.org/2024/02/tear-down-walls-not-bridges/

4
5
0
repeated
Edited 1 year ago

Dear @mozilla
Please, please, please put the RSS indicator back in Firefox.

People need to know about this technology which empowers users over greedy, controlling corporations.

Update: As many have pointed out, you *can* use @thunderbird as an RSS feed reader, and there are many add-ons to restore the RSS indicator (one of which I'm already using). But my point is that Firefox needs to lean into RSS as an answer to all the crap that is the modern web, and help educate users about it

15
27
2
repeated

no centralised social network could ever produce "the taliban deleted my account". that's a mastodon special.

17
23
4
repeated

The 0day dumpster fire that is the security hardware industry rn continues unabated this week.

From Rapid7:

"Critical Fortinet FortiOS CVE-2024-21762 Exploited
Feb 12, 2024

On February 8, 2024 Fortinet disclosed multiple critical vulnerabilities affecting FortiOS, the operating system that runs on Fortigate SSL VPNs. The critical vulnerabilities include CVE-2024-21762, an out-of-bounds write vulnerability in SSLVPNd that could allow remote unauthenticated attackers to execute arbitrary code or commands on Fortinet SSL VPNs via specially crafted HTTP requests.

According to Fortinet’s advisory for CVE-2024-21762, the vulnerability is “potentially being exploited in the wild.” The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2024-21762 to their Known Exploited Vulnerabilities (KEV) list as of February 9, 2024, confirming that exploitation has occurred."

https://www.rapid7.com/blog/post/2024/02/12/etr-critical-fortinet-fortios-cve-2024-21762-exploited/

https://www.cisa.gov/news-events/alerts/2024/02/09/cisa-adds-one-known-exploited-vulnerability-catalog

1
4
0
repeated
repeated

Meanwhile in Canada

8
16
0
repeated
repeated

Okay, so I did a quick dive into sudo in Windows and here are my initial findings. https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html

The main take away is, writing Rust won't save you from logical bugs :)

8
20
0
repeated

Ralf Lenz, BOFH Emeritus 🏴‍☠️

Edited 1 year ago

I gave an honest try, for a year or more, in terms of finding . It's a cesspool of and fake job postings.

Now I'm asking, with all urgency -- to anyone who has anything to offer, please consider a guy who has:

- 30 yrs of exp
- out of work 20 mo
- 3 kids, one approaching her 1st birthday
- a track record for secure systems
- a month before eviction
- low salary reqs

CV: https://jrlenz.com/files/cv-2023-12.pdf

US citizen | PH resident

0
0
0
Show older