Vulns/PoCs != reliable weaponised exploit chains.
So can we stop comparing bug bounties to exploit brokers.

Astarte boosted

Systemd has a bug where user names starting with a digit cause the user daemon to run with root privileges. According to the creator of systemd, this is not a bug and everything is fine. The reason everything is fine is because names like this, which are explicitly permitted by the base standards, are forbidden and tools shouldn't allow creating these names, so it's a bug in the tools for permitting names permitted by the standard.

Fsck systemd.

“These people have now become very tech-savvy,” he said. “They use VPN to block their computer’s IP address”

"[right-wing] extremists are now covering their tracks by using untraceable [...] VPN services that conceal their computer’s location – leaving the police unable to find them."
LOL, them untraceable VPNs, haha.
No wonder we can't have a rational debate around encryption.

To be clear, my heart goes out to the victims but surely there are enough hotel rooms in the area to provide a temporary solution until a more permanent one is found. This is just pure left-wing populism and people are cheering him on...

Corbyn: Government should requisition homes
'Mr Corbyn's spokesman was asked about the legality of this and said: "We would find a way to do this if necessary" '

Lol, FML, RIP rule of law I guess. This joker is even worse than May, quite an achievement.

So, now even the National Cyber Security Centre is attributing WannaCry to DPRK (Lazarus Group).

Just remember NCSC is basically a bunch of incompetent morons without any experience of APT operations.
(That doesn't mean their attribution is wrong, I haven't seen their data, just worth keeping in mind)

About the fidget spinner fad: "Something that was considered entirely pathological and in dire need of correction when done by disabled people is now perfectly acceptable because it is being done by non-disabled people" and "Because insisting that disabled people act more like non-disabled people is not about improving functionality, it's about who has the power to set social standards."

Spot on:

Astarte boosted
protip if your company is really "anarchist" it's manufacturing small arms using 3d printers
Astarte boosted

Very creepy @WhatsApp, someone was apparently typing in an URL and WhatsApp was fetching it off my server char-by-char

Anyone has any info on this?
"The French mechanical telegraph system was subverted in 1834 in a bond-trading scam that went undetected for two years."

Couldn't find any source.

Astarte boosted
I wonder how much human knowledge is lost by the choice of encoding it as a video. How many times have you seen a link, thought "that sounds interesting", and immediately closed it after discovering it was a video? That's a several times daily thing. And even if you watch it, in the same length of time it takes to watch the video, you could have read an identical article, and another half dozen of equal complexity.

And finally, just how harmful it is that intelligence analysis is devalued nowadays, especially by policymakers.

No common, cross agency intelligence analysis knowledge. In fact, every agency has its own analysis techniques.

No common tooling, often analysis is designed around tools instead of tools being designed for analysis techniques.

Most analysts provide tactical support to US forces. Tactical/operational needs generated by ongoing wars put massive strain on IC.

Problems with the US Intelligence Community: No long term, "deep understanding" analysis, focusing on current operational/tactical needs.

I mock the LessWrong crowd, but honestly they are not so bad and I consider myself an aspiring rationalist, I just don't like to use the term because I really don't want to be associated with Yudkowsky. (plus it sounds pretentious af)

It's quite jarring how Yudkowsky speaks out against cultishness and then just turns around and creates his own cult basically. *sigh*
Not to mention he is unjustifiably arrogant and can't handle any criticism.

Show more

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!