Twitter | Search | |
Bartekus
People that walk to the rhythms of their own heart and mind, will always arrives at their destination.
511
Tweets
253
Following
572
Followers
Tweets
Bartekus retweeted
Hacker Fantastic Mar 7
A second security relevant issue has been discovered in , when importing files a client-side arbitrary file read via XML Entity Injection exists when importing XML based files. Great find!
Reply Retweet Like
Bartekus Mar 7
Replying to @SiteNook
*it's* err
Reply Retweet Like
Bartekus Mar 7
Replying to @SiteNook
You can also use it to automate some of the tasks that you wish to perform as a way to programmatically offload the tedious work that has to be performed. Indeed it could even be used as a way of auto-document code signature when reverse engineering malware/viruses or trojans.
Reply Retweet Like
Bartekus Mar 7
Replying to @SiteNook
Ofcourse if not, you and I know this, but others might not, even if it seem obvious.
Reply Retweet Like
Bartekus Mar 6
Replying to @gatsbyjs
I missed another good backend to use with :
Reply Retweet Like
Bartekus Mar 6
Replying to @jasnell @qconlondon
I'm not a fan of the latter however, as in general I don't like magic boxes, or stuff that I can't test in almost pedantically granular way.
Reply Retweet Like
Bartekus Mar 6
Replying to @jasnell @qconlondon
I could see stream as possible alternative, and perhaps observers, is there anything else?
Reply Retweet Like
Bartekus Mar 5
You know what's absent from this list? which with suport of backends such as: makes for the best CMS, hand down, no competition & case closed!
Reply Retweet Like
Bartekus Mar 5
Replying to @hackerfantastic
Maybe and just maybe, it comes very useful if I'd like to RE something inside VM running foreign OS, no?
Reply Retweet Like
Bartekus Mar 5
Reply Retweet Like
Bartekus Mar 5
Replying to @ErrataRob
Also this might be intentional and quite necessary, if the aim is to support dockerization where 0.0.0.0 is often used to expose internal interfaces and bind them to external ones
Reply Retweet Like
Bartekus Mar 5
Replying to @ErrataRob
That's what I'm afraid of too, since the common assumption is that unless something is specifically talked about, it has to be a conspiracy etc. I think given PRISM, its probably redundant for them to backdoor Ghidra too, altho nothing is beyond them so yeah
Reply Retweet Like
Bartekus Mar 5
Replying to @Bartekus
Just to clarify, this is intended for debugging, for more info refer to:
Reply Retweet Like
Bartekus Mar 5
Replying to @ErrataRob
Indeed, I apologise for this hasty misinformation, but distrust and paranoia are a pedigree of hacker-folks 😉 That being said, an observation was made on github that, perhaps laying out this information in docs will prevent others from jumping into conclusions.
Reply Retweet Like
Bartekus Mar 5
It's awesome, but it ain't free as it comes with backdoor (probably many) so neuter it and for the time being maybe open it in environment thats completely offline, if you are highly paranoid and distrustful of NSA (and you should be) -> <-
Reply Retweet Like
Bartekus Mar 5
Reply Retweet Like
Bartekus Mar 5
Replying to @jasnell @qconlondon
Does this specifically apply to Node's EventEmitter or in general to the pattern itself?
Reply Retweet Like
Bartekus Mar 5
Could you please elaborate on this a little bit more? It's an interesting notion!
Reply Retweet Like
Bartekus Feb 22
Re-tweet this please, and follow as well. Thank you!
Reply Retweet Like
Bartekus Feb 21
Wowza! Thats an amazing lib, thank you for sharing this!
Reply Retweet Like