> I made this game to teach my daughter how buffer overflows work
DANGER: NERD LEVEL 80
https://punkx.org/overflow/
DANGER: NERD LEVEL 80
https://punkx.org/overflow/
punkx.org
PROJEKT: OVERFLOW
🤩1💅1
⚠️ GitLab arbitrary account takeover, CVSS 10
TLDR: Upgrade your gitlab instance ASAP, likely it's an open door right now.
https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/
TLDR: Upgrade your gitlab instance ASAP, likely it's an open door right now.
https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/
GitLab
GitLab Critical Security Release: 16.7.2, 16.6.4, 16.5.6
Learn more about GitLab Critical Security Release: 16.7.2, 16.6.4, 16.5.6 for GitLab Community Edition (CE) and Enterprise Edition (EE).
😱2🤝1
if you thought Z̵̋̄ ̱̬͗̐̃͗͋͋͐͂͛̍̀͛̒͘ą̵͔̗͍̝̲͈̘͉͓̰͍̯͑͐ͅĺ̵̢̨̦̫͈͓̖̼̟͎̤̦̖̔͗̓̏̌̾̑̈́͆̎͘͝g̸ ̨̠̠͓͚͙̣̟̪̺̗̺̻̖͆̾͋̽͐̑́͌̚͠ơ̶̋͝ ̞͖ is bad...
https://stackoverflow.com/a/6163129
https://stackoverflow.com/a/6163129
Stack Overflow
Why does modern Perl avoid UTF-8 by default?
I wonder why most modern solutions built using Perl don't enable UTF-8 by default.
I understand there are many legacy problems for core Perl noscripts, where it may break things. But, from my point of
I understand there are many legacy problems for core Perl noscripts, where it may break things. But, from my point of
insecure boot, huh
https://arstechnica.com/security/2024/02/critical-vulnerability-affecting-most-linux-distros-allows-for-bootkits/
https://arstechnica.com/security/2024/02/critical-vulnerability-affecting-most-linux-distros-allows-for-bootkits/
Ars Technica
Critical vulnerability affecting most Linux distros allows for bootkits
Buffer overflow in bootloader shim allows attackers to run code each time devices boot up.
😁2😱2
TIL this is possible in the general case. Neat!
> SQL-99 allows for nested subqueries at nearly all places within a query.
From a user’s point of view, nested queries can greatly simplify the formulation of complex queries.
However, nested queries that are correlated with the outer queries frequently lead to dependent joins with nested loops evaluations and thus poor performance.
We present a generic approach for unnesting arbitrary SQL queries. As a result, the de-correlated queries allow for much simpler and much more efficient query evaluation.
https://btw-2015.informatik.uni-hamburg.de/res/proceedings/Hauptband/Wiss/Neumann-Unnesting_Arbitrary_Querie.pdf
> SQL-99 allows for nested subqueries at nearly all places within a query.
From a user’s point of view, nested queries can greatly simplify the formulation of complex queries.
However, nested queries that are correlated with the outer queries frequently lead to dependent joins with nested loops evaluations and thus poor performance.
We present a generic approach for unnesting arbitrary SQL queries. As a result, the de-correlated queries allow for much simpler and much more efficient query evaluation.
https://btw-2015.informatik.uni-hamburg.de/res/proceedings/Hauptband/Wiss/Neumann-Unnesting_Arbitrary_Querie.pdf
👍1
TRUFFLE–1 $ 1,299
Truffle-1 is an AI inference engine designed to run opensource models at home, on 60 Watts.
https://preorder.itsalltruffles.com/features
Truffle-1 is an AI inference engine designed to run opensource models at home, on 60 Watts.
https://preorder.itsalltruffles.com/features
super detailed explanation of the CVE-2024-1086 Linux v5.14-v6.7 privilege escalation exploit
https://pwning.tech/nftables/
I hope beginners will learn from my VR workflow and the seasoned researchers will learn from my techniques.
https://pwning.tech/nftables/
Pwning Tech
Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques
A tale about exploiting KernelCTF Mitigation, Debian, and Ubuntu instances with a double-free in nf_tables in the Linux kernel, using novel techniques like Dirty Pagedirectory. All without even having to recompile the exploit for different kernel targets…
🤔1
xz/libzlma backdoor!
the infosec world is getting more and more interesting
https://www.openwall.com/lists/oss-security/2024/03/29/4
the infosec world is getting more and more interesting
https://www.openwall.com/lists/oss-security/2024/03/29/4
🤯3
block-traffic-we-cant-analyze /sigh/
https://community.cloudflare.com/t/russia-blocks-tls-v1-2-requests-to-cloudflare-edges/636460
https://community.cloudflare.com/t/russia-blocks-tls-v1-2-requests-to-cloudflare-edges/636460
Cloudflare Community
Russia blocks TLS v1.2 requests to cloudflare edges
There is a lot of reports about connection issues from russia when: a) Connecting to a cloudflare-proxied website that has TLS v1.3 explicitly disabled in cloudflare dashboard (examples: app.plex.tv, vrchat.com) b) Using specific network stacks like .NET’s…
😱1
Llama 3 released today
https://github.com/meta-llama/llama3/blob/main/MODEL_CARD.md
UPD: it seems quantized versions for llama.cpp are already available, though surprisingly not from TheBloke %)
https://huggingface.co/NousResearch/Meta-Llama-3-8B-Instruct-GGUF
https://github.com/meta-llama/llama3/blob/main/MODEL_CARD.md
UPD: it seems quantized versions for llama.cpp are already available, though surprisingly not from TheBloke %)
https://huggingface.co/NousResearch/Meta-Llama-3-8B-Instruct-GGUF
GitHub
llama3/MODEL_CARD.md at main · meta-llama/llama3
The official Meta Llama 3 GitHub site. Contribute to meta-llama/llama3 development by creating an account on GitHub.
interesting. TLDR:
they say mimesis ~ conformism enables cooperation under uncertainty; asperger ~ nonconformism enables diversity; both seem to be important for the civilization to operate
https://twitter.com/Altimor/status/1780846658387124551
they say mimesis ~ conformism enables cooperation under uncertainty; asperger ~ nonconformism enables diversity; both seem to be important for the civilization to operate
https://twitter.com/Altimor/status/1780846658387124551
X (formerly Twitter)
Flo Crivello (@Altimor) on X
Many people are hating on this video, but I actually think it's a fascinating display of the two very distinct modes that exist to relate with reality: mimesis vs. first principles thinking.
95% of people operate by mimesis. Truth doesn't matter to them…
95% of people operate by mimesis. Truth doesn't matter to them…
👍3