|
ate all the Oreos posted:does NPM still let you delete packages you own completely from the service? i remember a while ago someone had a tantrum and deleted a package that was depended on by like, every other package and broke most of everything because NPM just lets you do that poo poo you can't omit the part of the idiocy where the package was "left-pad", which adds spaces to the beginning of a string to pad it out to a certain length
|
# ? Jun 22, 2017 14:35 |
|
|
# ? May 17, 2024 16:50 |
|
ate all the Oreos posted:does NPM still let you delete packages you own completely from the service? i remember a while ago someone had a tantrum and deleted a package that was depended on by like, every other package and broke most of everything because NPM just lets you do that poo poo With restrictions http://blog.npmjs.org/post/141905368000/changes-to-npms-unpublish-policy Although some admin sidestepped the rules at one point I think thus making them pointless.
|
# ? Jun 22, 2017 15:03 |
|
Chris Knight posted:lol developers https://github.com/ChALkeR/notes/blob/master/Gathering-weak-npm-credentials.md quote:At least one password was significantly inappropriate — to the extent that one wouldn't want that to be linked to them online and could be publicly blamed in that case (i.e. not just a swearword). Don't use offensive passwords — those could (and in this case were) leaked to the public in cleartext. I really want to know what that one was!
|
# ? Jun 22, 2017 15:18 |
|
fins posted:I really want to know what that one was! what's a nubian
|
# ? Jun 22, 2017 15:19 |
|
Cocoa Crispies posted:you can't omit the part of the idiocy where the package was "left-pad", which adds spaces to the beginning of a string to pad it out to a certain length Excuse me. Which adds characters to the beginning of a string to pad it out to a certain length, incorrectly. JavaScript code:
|
# ? Jun 22, 2017 15:34 |
|
I'm looking at Symantec CSP for some industrial control stuff and it seems nice in that it brings selinux-like restrictions to windows-applications but it does it through Symantec kernel drivers and it seems like if you're a determined attacker you're just going to go after that privileged surface instead. I'm already doing the patching/emet/applocker/endpoint firewall route and I'm really on the fence if I am gaining anything with this or if there is another way to accomplish it that is less risky. I can always yell at the software vendor to stop running everything at system and start using the OS integrity levels but that is going to take year.' I dunno, just spitballing.
|
# ? Jun 22, 2017 15:59 |
|
flakeloaf posted:what's a nubian not much what's a nubian with you?
|
# ? Jun 22, 2017 15:59 |
|
fishmech posted:actually a bunch of the conservative christians are leaving it ever since they decided to outright allow gays, and founding lovely splinter groups like camp life or whatever is that their actual name if so the irony is delicious buttcrackmenace fucked around with this message at 16:33 on Jun 22, 2017 |
# ? Jun 22, 2017 16:04 |
|
ate all the Oreos posted:does NPM still let you delete packages you own completely from the service? i remember a while ago someone had a tantrum and deleted a package that was depended on by like, every other package and broke most of everything because NPM just lets you do that poo poo the npm community's reaction is mostly "oh, that's good, it shows that people are learning!" a few people believe that a repo full of garbage is at best worrying, and at worst would make it harder to find useful modules. that person above got mad at me when i said that their 'eh, works for me' reaction was defeatist and apathetic, because they apparently work for npm. also i learned that npm has employees, somehow.
|
# ? Jun 22, 2017 17:03 |
|
anthonypants posted:https://twitter.com/maybekatz/status/872552185459908608 also npm shows up on "unicorn" lists because it's worth over a billion dollars somehow
|
# ? Jun 22, 2017 17:12 |
|
BangersInMyKnickers posted:I'm looking at Symantec CSP for some industrial control stuff and it seems nice in that it brings selinux-like restrictions to windows-applications but it does it through Symantec kernel drivers and it seems like if you're a determined attacker you're just going to go after that privileged surface instead. I'm already doing the patching/emet/applocker/endpoint firewall route and I'm really on the fence if I am gaining anything with this or if there is another way to accomplish it that is less risky. I can always yell at the software vendor to stop running everything at system and start using the OS integrity levels but that is going to take year.' how is it better than the windows-native mac framework provided by microsoft https://msdn.microsoft.com/en-us/library/windows/desktop/bb648648%28v=vs.85%29.aspx
|
# ? Jun 22, 2017 17:57 |
|
anthonypants posted:https://twitter.com/maybekatz/status/872552185459908608 guys, we did it. we located the worst haircut. also this is officially the grimdark cyberpunk future. billion dollar companies employ people who choose to resemble shadowrun campaign art, and computer software is distributed casually by idiots
|
# ? Jun 22, 2017 17:57 |
Notorious b.s.d. posted:guys, we did it. we located the worst haircut. have you not gone outside in half a decade or something
|
|
# ? Jun 22, 2017 17:58 |
|
cinci zoo sniper posted:have you not gone outside in half a decade or something
|
# ? Jun 22, 2017 18:01 |
|
also i like the haircut, it's cute
|
# ? Jun 22, 2017 18:01 |
|
imo the haircut is good
|
# ? Jun 22, 2017 18:11 |
|
yeah youre broken if you think its the worst haircut ever.
|
# ? Jun 22, 2017 18:19 |
|
hi I'm from 1998 and the chelsea cut is the hot new thing
|
# ? Jun 22, 2017 18:22 |
|
i really like the current style of live music, with emphasis. i'm so so tired but hearing music makes me so happy: https://www.youtube.com/watch?v=9Y6H-YjsE9Q concentrate on apparent requirement for voice and sounds, they sound really good atm... e: i get really drunk but love some special ppl, awareness of the good style makes me feel much better! https://www.youtube.com/watch?v=X_e55X-0W7M
|
# ? Jun 22, 2017 18:28 |
|
lol https://github.com/ChALkeR/notes/blob/master/Gathering-weak-npm-credentials.md
|
# ? Jun 22, 2017 18:50 |
|
https://grsecurity.net/an_ancient_kernel_hole_is_not_closed.php spender
|
# ? Jun 22, 2017 18:56 |
|
has marcan issued his rebuttal? i miss spender being on twitter
|
# ? Jun 22, 2017 19:05 |
|
Notorious b.s.d. posted:how is it better than the windows-native mac framework provided by microsoft The application doesn't use that (yet, high on my request list), everything runs as high. I won't even be considering CSP if it did.
|
# ? Jun 22, 2017 19:26 |
|
quote:Hacking Sony’s SIEA for fun and unreleased games
|
# ? Jun 22, 2017 20:09 |
|
quote:It is hard to understate the critical nature of this site
|
# ? Jun 22, 2017 20:12 |
|
Subjunctive posted:It is hard to understate the [...] nature of this s[h]ite
|
# ? Jun 22, 2017 20:54 |
|
poz my ancient hole
|
# ? Jun 22, 2017 21:42 |
|
Notorious b.s.d. posted:guys, we did it. we located the worst haircut. that haircut is fine, DAD however that twitter profile at least made me aware of this site: http://my.pronoun.is/butt/butt/butt%27s/butts/buttself
|
# ? Jun 23, 2017 04:36 |
|
note how windows is explicitly called out and excluded windows abi specifies that dynamic stack allocations larger than a page should touch every page, so that the allocation won't skip the guard page
|
# ? Jun 23, 2017 08:05 |
|
hackbunny posted:note how windows is explicitly called out and excluded Bbbbut my.performance -- the actual reason Linux and crew give
|
# ? Jun 23, 2017 11:43 |
|
anyone use any of those "we scan your paper mail and send it to you via email" services? it seems like the perfect recipe for identity theft but I'm not living in the states and no longer have someone who can reliably check my mail for me
|
# ? Jun 23, 2017 15:45 |
|
Ur Getting Fatter posted:anyone use any of those "we scan your paper mail and send it to you via email" services? Is identity theft even "in person" these days? It seems like it's all stealing electronic records and forging paperwork and done from other countries to hamper investigations. I don't think any paperwork I get has my SSN on it anyway. Bhodi fucked around with this message at 15:50 on Jun 23, 2017 |
# ? Jun 23, 2017 15:47 |
|
Ur Getting Fatter posted:anyone use any of those "we scan your paper mail and send it to you via email" services? I use MyUSPS and got an email the other day that the postal service will start letting you see scans of the address side of everything coming to you in the mail for free. Not quite as bad as having the content scanned, but at least you'll know if it's worth checking the mail that day.
|
# ? Jun 23, 2017 16:09 |
|
effika posted:I use MyUSPS and got an email the other day that the postal service will start letting you see scans of the address side of everything coming to you in the mail for free.
|
# ? Jun 23, 2017 16:47 |
|
Notorious b.s.d. posted:guys, we did it. we located the worst haircut. i remember being young and seeing all the olds moaning about haircuts on kids these days and hoping i wouldnt do the same thing if i made it that long
|
# ? Jun 23, 2017 16:49 |
|
anthonypants posted:is that like for a po box? because that owns All postal addresses- they are rolling it out this year. It's using the same equipment they use right now to scan & encode the address, they've just added stuff to make it automatically show up for you if you've linked your account to that address.
|
# ? Jun 23, 2017 16:52 |
|
effika posted:I use MyUSPS and got an email the other day that the postal service will start letting you see scans of the address side of everything coming to you in the mail for free. that owns but I think that only give you a heads up about the sender? i need someone to actually open my mail which i suppose is the tricky part
|
# ? Jun 23, 2017 17:01 |
|
Ur Getting Fatter posted:that owns but I think that only give you a heads up about the sender? grats on finding a branch of the us government not willing to do deep packet inspection
|
# ? Jun 23, 2017 17:22 |
|
flakeloaf posted:grats on finding a branch of the us government not willing to do deep packet inspection but in this case i want the government to inspect my packets if you know what i mean edit: but seriously yeah, I understand that not having my mail snooped on is a good thing.
|
# ? Jun 23, 2017 17:33 |
|
|
# ? May 17, 2024 16:50 |
|
some danish developer noticed that his daycare had a form where you could look up anyone by their ss# & it had no ratelimiting, so you could pretty much enumerate the entire search space & get all valid #s + name + address (only 36,500,000 possibles). he disclosed it to the vendor, and then went directly to the media & now the vendor is pressing charges for hacking article in danish http://nyheder.tv2.dk/krimi/2017-06-21-fandt-fejl-i-it-system-da-son-skulle-i-institution-nu-er-han-sigtet-for-hacking
|
# ? Jun 23, 2017 17:37 |