Augur, an attempt to build a decentralized prediction market on Ethereum launches on July 9th. For me, if it works, it will be one of the last pieces of the 90s Cypherpunk gameplan to go live — and that’s pretty scary, because this is the one that *even people in that community* conceded might be too much power to give to everyone in the world, willy-nilly.
Things got very real when Jim Bell wrote Assassination Politics and ended up in jail https://en.m.wikipedia.org/wiki/Jim_Bell
So I am looking for input—I've had a talk about push notifications accepted at /dev/world this year, an Australian Apple conf. It's a mildly contrarian take about how push implementation can limit innovation. Themes I'm across:
- Costs of running push services for volunteers
- Trickiness for federated servers vs clients apps (e.g. matrix, masto)
- General centralisation
- Metadata leakage to 3rd parties
If anyone has thoughts or examples please @ me - I'd like to be thorough.
Tbh as a whole the site hasn't aged well. I'm probably I'm a bit older too but having the, uh, less savoury quotes mixed in with good stuff makes for a bit of a rollercoaster these days.
I wonder how much righteous outrage money could be made in a book that follows classic bash.org quotes and all the uncredited popular reincarnations they spawned
"OWASP Zed Attack Proxy" is my favourite software name
oh god this is on my computer screen all day and I had no idea: "The Bluetooth wireless specification design was named after the king in 1997, and the Bluetooth logo consists of a Younger futhark bindrune for his initials, H (ᚼ) and B (ᛒ)." https://en.wikipedia.org/wiki/Harald_Bluetooth
Wowee, this Guardian editorial
> GitHub, by contrast, grew out of the free software movement, which had similar global ambitions to Microsoft. The confused ideology behind it, a mixture of Rousseau with Ayn Rand, held both that humans are naturally good and that selfishness works out for the best.
My lab time's over... OSCP exam coming up. Fingers crossed I only have to do this once!
OpenBSD adds RETGUARD per-function stack protection to reduce usable ROP gadgets https://marc.info/?l=openbsd-cvs&m=152824407931917&w=2
Would you like to help push Plasma Mobile forward but don't know how? You can now easily find your way with https://blog.bshah.in/2018/06/06/find-your-way-to-plasma-mobile/
Does anyone else have canary email addresses in services they manage to give an independent red flag in case of any data breach or unintended disclosure?
> [It] reminds me of Paul Hilfinger's story about the time the Carnegie-Mellon University computer-center staff was ordered by the CMU administration to change the name of the "finger" command (despite it being an ARPAnet standard). They changed "finger" to "where" and also took it upon themselves to change Paul's name to "Paul Hilwhere" (initially intending it to be temporary). Paul actually approved of the change…and it remained that way for sometime.
- Jim Horning
Update: OJ achieved EIP overwrite tonight. Reconvening Thursday evening 8pm to continue exploitation. Video will be uploaded to https://www.youtube.com/channel/UCz2aqRQWMhJ4wcJq3XneqRg/videos
On birdsite @OJ says "OK folks, for the first time in a while, I'm going to be streaming tonight! We'll be playing around with a Windows application that has a known bug in it, and we'll be trying to abuse it to get code execution. I am aiming to kick off at 8pm AEST." https://www.twitch.tv/ojreeves
(That's 2h35 from now) #infosec
A couple more pics from Adamsons. A nice clear day. Tasman Island around 100 km to the east was clearly visible. Will need to keep the walks a bit shorter over winter.