|
"An angry email ghost? From MY crotch?" 𝖨𝗍'𝗌 𝗆𝗈𝗋𝖾 𝗅𝗂𝗄𝖾𝗅𝗒 𝗍𝗁𝖺𝗇 𝗒𝗈𝗎 𝗍𝗁𝗂𝗇𝗄.
|
#
?
Jan 8, 2022 00:12
|
|
|
|
| # ? Apr 24, 2024 18:23 |
|
|
teledildoOoOonics
|
|
#
?
Jan 8, 2022 00:12
|
|
|
Acer Pilot posted:The network traffic is going into my butt
|
|
#
?
Jan 8, 2022 02:55
|
|
|
something something packet sniffer
|
|
#
?
Jan 8, 2022 03:29
|
|
|
filthy regex posted:something something packet sniffer deep packet inspection
|
|
#
?
Jan 8, 2022 04:38
|
|
|
ring network
|
|
#
?
Jan 8, 2022 04:51
|
|
|
Jonny 290 posted:ring network musta bounced off the moon or somethin
|
|
#
?
Jan 8, 2022 05:06
|
|
|
transmission control prostate
|
|
#
?
Jan 8, 2022 16:07
|
|
|
flakeloaf posted:your crotch is broadcasting an angry email ghost
|
|
#
?
Jan 8, 2022 17:26
|
|
|
Hed posted:I got some Yubikeys to gently caress around with. Does anyone actually use these widespread at their work? Or smartcards at all? If your firm is a windows shop on hybrid or azure ad join, they are the quickest and simplest way to go passwordless. Microsoft authenticator will work only on web sessions and not windows logins. The main component of a yubikey for current tech is the fido2/webauthn part, the rest is only to make it work with legacy tech.
|
|
#
?
Jan 8, 2022 17:38
|
|
|
Captain Foo posted:transmission control prostate
|
|
#
?
Jan 8, 2022 18:16
|
|
|
Splicer posted:Check for logs lmao
|
|
#
?
Jan 8, 2022 22:54
|
|
|
Captain Foo posted:transmission control prostate tee cee pee?
|
|
#
?
Jan 9, 2022 05:01
|
|
|
https://krebsonsecurity.com/2022/01/500m-avira-antivirus-users-introduced-to-cryptomining/
|
|
#
?
Jan 9, 2022 10:45
|
|
|
lol. more impressive is that norton now owns avast and avira. they should grab avg to round out the a-group of free av vendors
|
|
#
?
Jan 9, 2022 19:05
|
|
|
Microsoft is the only relevant A-list AV vendor tbh
|
|
#
?
Jan 9, 2022 20:15
|
|
|
Well, we know Norton will never buy Kaspersky... 
|
|
#
?
Jan 9, 2022 22:13
|
|
|
spankmeister posted:Microsoft is the only relevant A-list AV vendor tbh when i wrote "a-group" i was referring to names that start with the letter "a", not a comment on the quality of the product (they're all poo poo)
|
|
#
?
Jan 9, 2022 22:54
|
|
|
spankmeister posted:Microsoft is the only relevant A-list AV vendor tbh it’s as useless as everything else and slows down builds
|
|
#
?
Jan 10, 2022 01:47
|
|
|
has been at least two weeks since an npm post https://www.bleepingcomputer.com/news/security/dev-corrupts-npm-libs-colors-and-faker-breaking-thousands-of-apps/ quote:The developer behind popular open-source NPM libraries 'colors' (aka colors.js on GitHub) and 'faker' (aka 'faker.js' on GitHub) intentionally introduced mischievous commits in them that are impacting thousands of applications relying on these libraries.
|
|
#
?
Jan 10, 2022 02:10
|
|
|
Amazing and entirely predictable.
|
|
#
?
Jan 10, 2022 02:21
|
|
|
mischievous commits? he deleted the source code because he didn't want to support it anymore its not like it no longer exists anywhere else
|
|
#
?
Jan 10, 2022 02:22
|
|
|
Originally he implemented an infinite loop in the main javascript file.
|
|
#
?
Jan 10, 2022 02:28
|
|
|
maybe people will learn to not just blindly update dependencies, i say about what might be the worst package manager
|
|
#
?
Jan 10, 2022 02:31
|
|
|
duz posted:maybe people will learn to not just blindly update dependencies, i say about what might be the worst package manager but like name any other package manager where this couldn't have happened
|
|
#
?
Jan 10, 2022 02:33
|
|
|
Blinkz0rz posted:but like name any other package manager where this couldn't have happened uh, any that you host and sign yourself?
|
|
#
?
Jan 10, 2022 02:35
|
|
|
Blinkz0rz posted:but like name any other package manager where this couldn't have happened any language where it’s not common to import an external dependencies called e.g. “isequal” or “reverse_string”
|
|
#
?
Jan 10, 2022 02:47
|
|
|
I hope he gets his six figgie contract 
|
|
#
?
Jan 10, 2022 02:56
|
|
|
cinci zoo sniper posted:any language where it’s not common to import an external dependencies called e.g. “isequal” or “reverse_string” that's just more exposure. beyond self-hosted as hobbesmaster mentioned, any package manager where the uploaded packages aren't audited would suffer from this exact same issue. it's literally a feature of package managers that a new version can be distributed by the package owner. doesn't help idiots who don't pin or vendor their dependencies but that's an issue across every public package manager
|
|
#
?
Jan 10, 2022 03:41
|
|
|
Clark Nova posted:I hope he gets his six figgie contract lol maybe not https://twitter.com/zkat__/status/1480207003867877379
|
|
#
?
Jan 10, 2022 03:41
|
|
|
My main feeling is that if you want to be paid for your coding you probably shouldn't license it under the licenses that allow someone else to profit off it without paying you
|
|
#
?
Jan 10, 2022 03:48
|
|
|
A Man With A Plan posted:My main feeling is that if you want to be paid for your coding you probably shouldn't license it under the licenses that allow someone else to profit off it without paying you for real lol *licenses software under a permissive license* what do you mean corporations are abiding by the terms of the license my software is under? this is so unfair
|
|
#
?
Jan 10, 2022 03:51
|
|
|
|
|
#
?
Jan 10, 2022 03:53
|
|
|
he's actively comparing himself lol. also this seems really dirty on github's part https://twitter.com/marak/status/1479200803948830724
|
|
#
?
Jan 10, 2022 04:13
|
|
|
he got really pissed off a while ago because there was a company (maybe 2?) who were selling what was basically his library behind a trivial API and wouldn’t give him a contract for support (but would file bugs and requests, I believe). a company I was previously associated with looked into “acquiring” him and his library, but, uh, it didn’t work out I’m not too sad, because my sense is that a) he would have been a real handful and b) he would have reported to me so no thanks
|
|
#
?
Jan 10, 2022 04:13
|
|
|
that’s bullshit by GitHub, I agree
|
|
#
?
Jan 10, 2022 04:13
|
|
|
lol the rabbit hole goes deeper https://twitter.com/cubeghost/status/1480233259527286794?s=21
|
|
#
?
Jan 10, 2022 04:14
|
|
|
Kazinsal posted:lol the rabbit hole goes deeper haha wow
|
|
#
?
Jan 10, 2022 04:15
|
|
|
yeah like 3 posts down on his twitter he's using the gamergate hashtag. oh boy.
|
|
#
?
Jan 10, 2022 04:16
|
|
Failed Sega Accessory Ahoy!
|
|
| # ? Apr 24, 2024 18:23 |
|
|
even ignoring that he's apparently an idiot, if the dude intentionally replaced his package with defective code / arguable malware, i can understand why npm would have to take action github would be totally within their rights to kick him off their platform, but shutting down his access while keeping his accounts up seems legally shaky unless they're saying they though he'd been hacked or somethng. they have the right to continue to share his code, but he probably has a recognizable right to control things done under his name that would supersede github's terms of use
|
|
#
?
Jan 10, 2022 04:26
|
|
