Poslechněte si podcast zdarmaYouradio Talk
Here's the latest #curl hackerone issue I mentioned the other day: hackerone.com/reports/2871792 another one of those "we found a function call so therefore your program must be vulnerable".
Disclosed for educational purposes. Don't do this.
## Summary: The vulnerability in the program arises from a classic buffer overflow, triggered by the unsafe use of the strcpy() function without bounds checking. The program copies data from a...HackerOne
Welcome to Monday.
Daughter abed, off school with a migraine. The new preventatives are not yet living up to their names.
I did crack open the cream yesterday, which is one of the key moments in my personal march toward the holidays. So first coffee of the day this morn was a deliciously hot, strong jolt of 'Get your butt to work soon' with a spiral of creamy goodness. A busy day at work, and then a stupidly early start for a 5:21AM train tomorrow, so not sure how i'll be feeling about that when I get there.
I am sat warm and comfortable with coffee 2 while I fill in the school absence form and ponder my morning's schedule and tickets.
Ve avemo aumentato a pensione de €1,8 AR MESE (!!!) pe sta ar passo co l'inflazzione
Un segnio de gli ottimi risurtati de sto governo 🚀
Nun spendeteli tuttassieme 😉
open.online/2024/12/02/pension…
Il decreto dei ministeri dell'Economia e del Lavoro in Gazzetta ufficiale: incremento dello 0,8% per l'inflazione del 2024Open
Back in 2021, we launched a series of stories documenting the key ways that the ultrawealthy — #billionaires like #ElonMusk, Jeff Bezos, and Peter Thiel — avoid #taxes. Here are 10 of their strategies.
#Finance #Law #Tech #Journalism
The top tax-avoidance techniques used by billionaires like Elon Musk, Jeff Bezos, Peter Thiel and Steve Ballmer.ProPublica
Hi, @jcsteh. I'd like to report an issue. I would do it in Bugzilla, but it appears that I can't comment on closed bugs. bugzilla.mozilla.org/show_bug.… was marked as a duplicate of bugzilla.mozilla.org/show_bug.… which was marked as fixed 8 days ago. However, the issue from Bug 1927237 doesn't seem to be fixed in recent Nightlies.
Thanks for your time and all your hard work!!
RESOLVED (mreschenberg) in Core - Disability Access APIs. Last updated 2024-11-24.bugzilla.mozilla.org
Here it is:
bugzilla.mozilla.org/show_bug.…
Thanks for the quick response, and sorry for the wait.
UNCONFIRMED (nobody) in Firefox - Disability Access. Last updated 2024-12-01.bugzilla.mozilla.org
TIL about #DecemberAdventure - what a lovely counterpoint to #AdventOfCode I tried the latter a couple of times, but found it stressful after a few days. This looks much more relaxing.
The Advent of Code is cool, but a lot, and not everyone’s jam. The December Adventure is low key. The goal is to write a little bit of code everyeli.li
New page on my website: My workouts.
Documenting my low-equipment at-home workout regiment. How I work out, why I work out, my workout split, my list of exercises, and advice I’m soliciting.
I figured that if I spend 5-6 hours a week doing something I care deeply about, I should probably mention it on my site.
I’m soliciting advice; see the “Current questions” section at the end!
Documenting my low-equipment at-home workout regiment. How I work out, why I work out, my workout split, my list of exercises, and advice I'm soliciting.Seirdy’s Home
“Our political leaders will know our priorities only if we tell them, again and again, and if those priorities begin…Ted Lamade (Collab Fund)
modulux reshared this.
TIL the Brave browser is a literal crypto scam. They claim to compensate website owners and content creators with their BAT token, but if you don't or can't claim the rewards within 90 days they pocket the tokens themselves. Apparently it's extremely difficult to signup and claim your BAT tokens...
news.ycombinator.com/item?id=1…
I spent the last two days playing BG3 and learning Godot and I now have a working player for text adventures written in Ink. 🎉
Ink is a scripting (as in code) language for writing scripts (as in story) for narrative-driven games. It's built as middleware for game engines, but it can *mostly* be used on its own for text based interactive fiction: inklestudios.com/ink/
I say "mostly" because while there's a web-based engine for running ink games, the feature-set is understandably limited.
As used to author Heaven's Vault, 80 Days and Sorcery!: produce interactive scripts by writing in pure-text with ink markup.www.inklestudios.com
Another great episode of the #2Bobs #pocast - Questions, Not Answers.
Blair Enns and David C. Baker cover some interesting territory. Being able to ask good questions, listen to what is said (and not said), then incorporate that into more questions is powerful. Being curious about people and their problems is such a critical part of being able to help others. This is true as a consultant or as a friend.
2bobs.com/podcast/questions-no…
Blair interviews David on his recent article about the idea that expertise does involve supplying answers, eventually, but mainly expertise is about asking the right questions, first, and then offering a few answers after the truth surfaces.David Baker (2Bobs)
Dan Savage joins me on Volts to discuss how NIMBY-captured city leadership is failing Democrats — and why making cities better is the key to building the party’s future.David Roberts (Volts)
"Despite the fact that Threads users can’t follow or see mentions from people on other instances, Threads has already opted to block a slew of instances where gay & leather people congregate.... If Threads were a taxi service, it wouldn’t take you South of Market."
Carlos Tavares, le patron de Stellantis (Peugeot, Fiat et plein d’autres marques) vient d’être viré. J’aurais fait une petite danse de la joie, mais il a été viré pour les mauvaises raisons, comme expliqué dans l’article.
Stellantis annonce la démission « avec effet immédiat » de son patron Carlos Tavares
lemonde.fr/economie/article/20…
Le groupe automobile avait annoncé, en octobre, avoir lancé « le processus d’identification de son successeur ».Le Monde avec AFP, Reuters et Bloomberg (Le Monde)
#AndroidAppRain at apt.izzysoft.de/fdroid today with 15 updated and 2 added apps:
* Photos: a no non-sense, smooth, and performant gallery app
* KeePassDX Libre: on special request, the "Libre" variant of this well-known and great FOSS Password Safe was added here in addition to the "Free" one.
Enjoy your #free #Android #apps with the #IzzyOnDroid repo 
This is a repository of apps to be used with your F-Droid client. Applications in this repository are official binaries built by the original application developers, taken from their resp. repositories (mostly Github, GitLab, Codeberg).IzzyOnDroid App Repo
In this article, I will explain how to identify hard drive bottlenecks on Linux using various tools and commands and what to look for when troubleshooting disk-related issues.LinuxToday
I wanted to take my M4 Mac mini on the road and see what it was actually like. Here is how easy it can be to go mobile with M4 Mac miniFernando Silva (9to5Mac)
Martin Nečas byl vyhlášen nejlepším hokejistou v NHL za měsíc listopad.ČTK (Aktuálně.cz)
There's a good range of Linux software which helps to reduce the running cost of your computer. We feature the finest tools.Steve Emms (LinuxLinks)
Liberal constitutional theory rests on a fundamental division between duty-bearing public institutions and the rights-wielding private persons.London School of Economics and Political Science
The world’s 280 million electric bikes and mopeds are cutting demand for oil far more than electric cars
theconversation.com/the-worlds…
They also use massively fewer materials to achieve the same ends, " ...In the United States, a staggering 60% of all car trips cover less than 10km."
Electric vehicles get all the press – but it’s the smaller unsung two wheelers cutting oil demand the most.The Conversation
✨ 62% OFF! Black Friday & Cyber Monday Deal ✨
⏳ Last Chance to Save BIG! ⏳
Get a full year of Legend for just €36 (down from €96/year)
📅 Get your end-to-end mailbox here: tuta.com/black-friday
#BlackFriday #CyberMonday #LastChance
Tuta guarantees your data stays private for free & without ads. Quantum-resistant encryption makes Tuta the best secure technology solution to protect your privacy.Tuta
Ancora sulla fine del modello tedesco
@anarchia
Dopo il gruppo Wolkswagen tocca a Thyssen, storico nome della siderurgia tedesca tristemente nota qui a Torino per una strage di operai (morirono bruciati in 7), annunciare un drastico piano di tagli, si parla di 11000 esuberi e un drastico...
Vedi l'articolo
The Google app for iOS now adds THEIR links to YOUR posts from YOUR website unless you opt-out.
Their links lead people away from your site and back to Google. Because that’s definitely what you want, right? That’s why you have a blog or portal or web site or whatever. You want people to leave your site and go back to Google.
Oh, it’s not?
If you don’t like it, you can “Opt out.” Opting out is a pain in the ass. Here’s where you go to do it. You have to enter every variation of each of your domains or it won’t work. It will take up to 30 days, during which time Google will continue to pollute your work and your writing and your website with their modifications and their added links to take people away from your site and back to themselves.
For example, here’s the list of what I need to opt-out just for this one blog:
solarbird.nethttp://solarbird.nethttps://solarbird.netwww.solarbird.nethttp://www.solarbird.nethttps://www.solarbird.netweb.solarbird.nethttp://web.solarbird.nethttps://web.solarbird.net
Yes, you explicitly have to file no prefix, http:, and https: variants separately. They say so.
Making it difficult like this is 100% intentional and entirely designed to make it as annoying as possible, and also, to make sure you slip up if at all possible and forget one or more combinations.
(Tho’ I am just going to depreciate web. as a prefix right now, to bring down the load a little. Still gonna list ’em, though, because spite is why.)
Right now it’s only in the Google app for iOS and it’s probably a test to see whether they can get away with it without complaint, and how much revenue it generates. Let’s make that a combination of no and as close to zero as possible. Because otherwise they’ll roll it out everywhere, and probably derank you if you don’t go along.
Fucking hell, Google. Fuck you. Just… fuck you.
To opt out of this annotation feature for pages , fill out the following fields. The Page Annotation feature triggered on your site will be disabled within 30 days after you submitting this form. You only need to submit it once.Google Docs
reshared this
I agree wholeheartedly with Google's Page Annotations being an absolutely awful antifeature, and recommend that others opt-out and/or protest the feature. I want to make a clarification that doesn't invalidate your main points:
Clicking annotations doesn't navigate away from your site to a Google search; it triggers an overlay with infoboxes about the term you selected. It's similar to the iOS "Look Up" option for selected text. It's wrong to do because this obfuscates what is and isn't a link the author placed on the page. Inserting what appears to be links into the page crosses the line from user-agent interventions, such as adblocking or turning off certain unsafe features (acceptable) to editing an author's words in a way that isn't required for people to read them (unacceptable).
Editing page contents is fine if it's necessary for people to read them, e.g. translations or the WAI-Adapt standards. Both ideally inform the user that the page has been modified. Page Annotations go well beyond that.
Originally posted on seirdy.one: See Original (POSSE).
Accessibility resources free online from the international standards organization: W3C Web Accessibility Initiative (WAI).W3C Web Accessibility Initiative (WAI) (Web Accessibility Initiative (WAI))
Why am I posting it here? It is just a warning to you guys that Tik Tok canEUROPE SAYS (EUROPESAYS.COM)
From their national anthem:
Deșteaptă-te, române, din somnul cel de moarte / În care te-adânciră barbarii de tirani
Translation:
Awaken thee, Romanian, wake up from thy deathly trance / Into which thou wert sucked by tyrannic barbarians.
Related: Everything You Should Know About The Launchers on Android What’s New in Android 14 Impressions of Google TalkBack 15.Salih Kunduz (Accessible Android)
Did you know that ISO27001 requires you to do threat modeling? A 8.27 Requires you to "regularly update threat models to reflect changes in the system and external threat landscape." see: www.isms.online/iso-27001/ch... Why not try out threat modeling at copi.owasp.org#appsec #cybersec #owasp
Lex Plt
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to Lex Plt • • •Jan Ciger
in reply to daniel:// stenberg:// • • •It most likely was, including all subsequent interactions. That's very likely ChatGPT output.
There are multiple such automated tools in development that "integrate AI" to generate reports, pull request on Github and similar.
99% useless garbage, unfortunately.
Brodie Robertson
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to Brodie Robertson • • •Brodie Robertson
in reply to daniel:// stenberg:// • • •Nikita Puzyryov
in reply to daniel:// stenberg:// • • •Troed Sångberg
in reply to daniel:// stenberg:// • • •I wonder how much money you can actually make from spamming bug bounty programs with AI reports.
I'm certain it's more than nothing.
daniel:// stenberg://
in reply to Troed Sångberg • • •codecolorist
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to codecolorist • • •codecolorist
in reply to daniel:// stenberg:// • • •Henri
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to Henri • • •jincy quones
in reply to daniel:// stenberg:// • • •