|
Rich Felker
@
RichFelker
|
|
Yeah, I do @musllibc, FOSS & infosec stuff. But now is not the time for a mostly-/only-tech Twitter feed.
|
|
|
57.089
Tweetovi
|
442
Pratim
|
3.023
Osobe koje vas prate
|
| Tweetovi |
| Rich Felker proslijedio/la je tweet | ||
|
Under the Breach
@underthebreach
|
12 h |
|
Write-up: Genesis market 2020 overview, a bazaar for buying data out of compromised computers.
Covered Genesis business model and happened to uncover a highly sensitive computer belonging to @ForcepointSec (!)
medium.com/@underthebreac…
|
||
|
|
||
|
Rich Felker
@RichFelker
|
3 h |
|
Doing this the right way wouldn't even require request in advance. The download would just stream live and there would be no temp files anywhere.
|
||
|
|
||
|
Rich Felker
@RichFelker
|
4 h |
|
They literally batch download stuff to temp dirs on cloud instances with no privilege/access control model whatsoever, then zip it up and give you a link.
|
||
|
|
||
| Rich Felker proslijedio/la je tweet | ||
|
Jon Oberheide
@jonoberheide
|
5 h |
|
Whoa, what? @googlephotos? pic.twitter.com/2cZsABz1xb
|
||
|
|
||
| Rich Felker proslijedio/la je tweet | ||
|
Florian Gilcher ∠(・.-)―〉 →◎
@Argorak
|
9 h |
|
Right. Which is a) the point why I insist on selling Rust as not only memory safety (the type system also helps in modelling domain behaviour) and b) tell people to stay reluctant with calls for rewrites. Good codebases exist and there's so much knowledge/testing in them.
|
||
|
|
||
|
Rich Felker
@RichFelker
|
11 h |
|
Thanks for the link. This matches what I remember - all of the major issues being in nasty enterprise auth & third-party component stuff like GSSAPI, PAM, etc. Last major memory errors look like >15 years ago.
|
||
|
|
||
|
Rich Felker
@RichFelker
|
11 h |
|
I don't recall any really well because few if any affected me. But what I do vaguely recall was logic not unsafe language constructs. Would be interesting to see a proper survey.
|
||
|
|
||
| Rich Felker proslijedio/la je tweet | ||
|
e v m @ shmoocon
@evm_sec
|
15 h |
|
This is really cool...just the stdlib but it’s a LOT of versions. I wish we could do this with Keil stdlibs w/o violating ToS twitter.com/0xb0bb/status/…
|
||
|
|
||
| Rich Felker proslijedio/la je tweet | ||
|
Natalia Cecire
@ncecire
|
13 h |
|
It's happening, y'all. twitter.com/ucu/status/122…
|
||
|
|
||
|
Rich Felker
@RichFelker
|
14 h |
|
And .com is an executable file that's almost surely malware.
|
||
|
|
||
| Rich Felker proslijedio/la je tweet | ||
|
Avi Asher-Schapiro
@AASchapiro
|
3. velj |
|
Harvard has cancelled an event on journalists’ safety after a number of prominent voices on human rights & tech pointed out that the featured speaker, @juliettekayyem, herself works for Israeli surveillance firm NSO Group, a company which has been linked to spying on reporters twitter.com/ShorensteinCtr…
|
||
|
|
||
|
Rich Felker
@RichFelker
|
14 h |
|
Does screen have a function like writebuffer but directed to a command via pipe?
|
||
|
|
||
|
Rich Felker
@RichFelker
|
14 h |
|
Uhg, something in @alpinelinux has got font hinting broken again (Dejavu 1 and 4 glyph extend vertically way above other digits) & it's maddening. Just nuked hinting globally, tired of dealing with this... 😣
|
||
|
|
||
| Rich Felker proslijedio/la je tweet | ||
|
Kathleen E. Kennedy
@TheMedievalDrK
|
16 h |
|
Penn State's paying unknown big bucks for a data firm to run a survey on diversity and inclusion. Access only via an email.
It was routed to my spam folder, and I saw it, briefly, as my spam folder erased itself.
Can't tell if that's performance art or a metaphor or both.
|
||
|
|
||
|
Rich Felker
@RichFelker
|
17 h |
|
This seems compelling to vendors not users, though. (Like systemd...)
|
||
|
|
||
|
Rich Felker
@RichFelker
|
17 h |
|
Absolutely. I've never seen a compelling reason to prefer it over syslinux, and don't see how it would have ever taken off if lilo weren't the incumbent when it did.
|
||
|
|
||
| Rich Felker proslijedio/la je tweet | ||
|
Kir Kolyshkin
@kolyshkin
|
21 h |
|
Found it out today that:
- memtest86+ (the fork) is no longer developed and can't be booted by UEFI;
- memtest86 (the original one) is being developed, got lots of features and can be booted by UEFI, but is not open source (there is a free as in beer version though).
|
||
|
|
||
|
Rich Felker
@RichFelker
|
17 h |
|
Congrats!
|
||
|
|
||
| Rich Felker proslijedio/la je tweet | ||
|
april glaser
@aprilaser
|
18 h |
|
Hi! It’s my first day at Harvard, which is really not a place I ever imagined myself being, much less receiving a fellowship to work here. Big gratitude to everyone who encouraged me to shoot my shot 🏀👩🏼💻
|
||
|
|
||
| Rich Felker proslijedio/la je tweet | ||
|
Stephen Checkoway
@stevecheckoway
|
17 h |
|
It's the time of the semester where I figure out how Blackboard works again. The most important step—make the course available to students—is buried in
Control Panel > Customization > Properties > Set Availability.
Obvs.
|
||
|
|
||