Olivia
Online
blasty
@bl4sty
irresponsible disclosure aficionado
The Netherlands
Joined April 2009
1.1K Following
17.3K Followers
4.4K Posts
sifting thru vibeslopped finding artifacts is the ultimate lootbox experience
I had just managed to get rid of my i-missed-warcon FOMO and then you had to post this thread! ;-) my BAD for not making it this year. (and my bad for not even bothering to follow up to the invitation; mr. @h0wlu and mr. @antisnatchor I'm sorry! I'll bring fresh warez next edition. promise!)
sounds like you guys had a good time though! :-)
thank _god_ THOR chain is safu again! hopefully they can get the chain operational again asap. my lazarus acquaintance told me there's an immense backlog of loot that needs to be chain-hopped pronto!
Update: We disclosed all remaining bugs to Thorchain despite no bounty program.
Who to follow
starlabs
@starlabs_sg
A Singapore company that discovers vulnerabilities to help customers mitigate the risks of cyber attacks. Organisers of @offbyoneconf
raptor
@0xdea
When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.
Project Zero Bugs
@ProjectZeroBugs
A bot that posts the latest blog posts and disclosures from Google's Project Zero
I fully stand by their rationale btw, let that be clear..
the term "whitehat" has a pretty washed/depraved meaning in web3 land anyway π
the zellic grayhat division *will* come and halt + pilfer your magic internet money chain if you start yoinking bounties
We reported a critical loss of funds bug to @Thorchain (32M TVL, 150M FDV)
They silently patched it and told us their bug bounty program is permanently retired.
We have more Thorchain chain halt DoS vulns. We intend to release them (open disclosure) in the coming few days
damn lil bro doesnt beat round the bush 2day
@GuanniQu gotcha!
"eventually you realize the thing is actually complex, and it needs sustained attention and you move on to next idea"
yup, it's a good wakeup call that whatever you were trying to do was not at all merely a sustained robotic engineering effort. or the output does not make sense from a value/benefit point of view. no amount of slopping can (really) save you from something that is inherently broken by design or built upon a naive foundation by an operator who wasn't too invested in the idea in the first place.
@b1ack0wl don't forget the part where the documentation is outdated/missing and the examples are broken/un(der)maintained and you're pretty much on your own in the depths of hell for 36 hours but you came out as a stronger person
@badlogicgames looks like good panning to me
every other io shield out there getting port mogged
This is what peak I/O shield looks like.
VGA, DVI, DisplayPort, or HDMI? Yes.
Analog or optical 5.1 audio? Yes.
PS/2, USB2 or USB3? Yes.
eSATA? Yes. Two.
Bonus RS232 with a 3D printed bracket on the side~
(From an old home server I just shut down after many years ^^)
tinfoil hat plot twist: TeamPCP is secretly ran by Socket employees
TeamPCP just did an interview where they were asked what defenders should do to stop supply chain attacks.
Their advice: pin versions to a specific hash, use least-privilege tokens, restrict IDE extensions. And then, verbatim: "The company Socket will detect the malware before the package even reaches your machine."
So... thanks, I think?
We're not putting this on the testimonials page.
But at the same time, if you're not yet using @SocketSecurity to protect your supply chain, what are you waiting for?
did they bump the PoW difficulty on the https://t.co/0CNid285sA http frontend? had to stare at anime girl loading screen for a good 30 seconds on a recent iphone just now ;-/
@defendtheworld picking on freebsd is reserved exclusively for lollersk8erz
cool. now that malware is instantly (re-)written/vibed in any language I think having access to high quality decompilers for as many languages as possible will become increasingly more important.
of course next to pivoting languages/runtimes "the bad guys" will also start vibing new LLVM passes, virtual machines, antidebug && whatnot now since the engineering effort/cost is practically zero. ;)
For years, Rust binaries made reversing a nightmare. Modern decompilers only support C, lacking meaningful types, constructs, and language-specific functions. Led by @34r7hm4n, we're releasing our S&P work Oxidizer, the first deep Rust decompiler, built on angr!
Interested? π§΅π
@halvarflake (and I'm always surprised how much the outcome of a turn can change if you pad it with some seemingly pointless steering/nudging/encouragement, even if it seems really "stuck")
prompting skill issue! ;-) what I do is a silly shellscript around a cli agent (I'm using pi: https://t.co/s613DLHSLJ ; its neat, imho!). let the agent churn through a full turn on a prompt. part of prompt has an IMPORTANT clause that tells agent to leave a flag file on filesystem (as well as proof artifact) to signal goal completion. https://t.co/puwkvM6co0 picks up signal and does additional e2e verification of goal claim. (this is just one out of infinite ways to skin this cat, of course)
Last Seen Users on Sotwe
ΰΈͺΰΈΰΉΰΈΰΈΰΈ²ΰΈ‘ΰΉΰΈΰΉΰΈΰΈ°
Seen from Thailand
Nudism
k12
Seen from Vietnam
ΩΩΨ±Ψ«
Seen from Ukraine
Queen - King
Seen from Turkey
Ψ§ΩΩΨΨ΄ ΩΩΨ¨Ω π±πΎ
ΰΉΰΈΰΈΰΉΰΈΰΈ²ΰΉΰΈ‘ΰΈ΅ΰΈ’ΰΈΰΉΰΈΰΈ’
Seen from Thailand
πππ ππ¨π―π’π πΏ
Seen from Turkey
ByBaskaN
Seen from Turkey
Black
Seen from Qatar
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers