Pinned toot

Introducing ZeroBB! A minimalistic forum (bulletin board) on the Tor network. If you have news to report, ideas to share, dislike moderation, and prefer to be anonymous, then this is for you. is based on ZeroBin which is an open-source online paste tool where the server has zero knowledge of pasted data. The data is encrypted/decrypted in the browser using 256 bits .

gd6is466quuhsgzbztyv4sjswdhgfi

You need Tor to access this URL. Boosts are welcome.

modrobert boosted

On some tracks I layer floppy drive sounds behind the drums. Here's a short video showing how it's done :)

🎵: fanlink.tv/199

modrobert boosted
modrobert boosted

So there's a "novel" #VPN attack with a fancy name "#TunnelVision". I argue that this is not novel at all. It is quite well known that these routes bypass routes set up by a VPN. Case example: Here is the TunnelVision attack described in September 2023: lowendtalk.com/discussion/1888 #infosec #cybersecurity

modrobert boosted
modrobert boosted

A recent #Amiga demo "Backslide to Arcanum" by Cosmic Orbs included a mind-blowing fullscreen 50Hz rotozoom effect on Amiga 500. Having created a rotozoomer on A500 back in the day I knew exactly how incredibly hard it is to make such routine run fast. The effect has now been dissected and there's also author's writeup.
• Dissect of the effect by Alexander Grupe: heckmeck.de/blog/skew-this/
• Jobbo's writeup: cosmicorbs.com/blog/backslide
• Backslide to Arcanum at Pouet: pouet.net/prod.php?which=96604
#demoscene #amiga #retrocomputing

modrobert boosted

WebLlama is a llama3 finetuned model for browsing the web using human language. Outperforms GPT4 github.com/McGill-NLP/webllama

modrobert boosted

In other words. If someone wasn't aware of that yet. #radare2 turns 18 this year. So it means that it can legally drink alcohol, go to prison, vote in the upcoming elections, drive heavy machines and enter a casino. Not necessarily in this order.

modrobert boosted
modrobert boosted
modrobert boosted

want a serious macOS security flaw that has been public for a decade+? sshd_config gets rewritten every time you install an update which enables password authentication. really hoping this gets fixed one day
discussions.apple.com/thread/2

modrobert boosted

The backdoor author was working with #xz project for 2 years, and actively fixed "valgrind problems" caused by his backdoor. He also tried to push the backdoor to Fedora 40 and 41.

To quote the post at news.ycombinator.com/item?id=3 :
"He has been part of the xz project for 2 years, adding all sorts of binary test files, and to be honest with this level of sophistication I would be suspicious of even older versions of xz until proven otherwise."
#infosec #cybersecurity #backdoor #liblzma

"Red Hat Product Security learned that the latest versions of the “xz” tools and libraries contain malicious code that appears to be intended to allow unauthorized access. Specifically, this code is present in versions 5.6.0 and 5.6.1 of the libraries."

----

"Under the right circumstances this interference could potentially enable a malicious actor to break sshd authentication and gain unauthorized access to the entire system remotely."

redhat.com/en/blog/urgent-secu

modrobert boosted

There is a lot of prehistoric cryptography still out there. You just don’t realize it, but you depend on it every day.

modrobert boosted
modrobert boosted

#bird #crow #smart #spikes

These crows removing the bird-prevention spikes from this new condo. They are not having it!

youtube.com/watch?v=_Bn9FONAkU

modrobert boosted

In 2022, Tom Lehrer released all his songs, lyrics and works to the public domain, an amazing move. While checking on the site, I found out he silently released more material in September of 2023 - a DAT tape of his work with an orchestra and some solo piano takes that are not elsewhere. If you're a Lehrer fan, quite a surprise.

archive.org/details/Tom_Lehrer

modrobert boosted

We are happy to tell you that we accept your proposal "Broom not included: curling the modern way" in the Network devroom at #FOSDEM 2024.

It looks like I will blab at FOSDEM again.

"In this vulnerability disclosure report, we discuss details of 5Ghoul – a family of implementation-level 5G vulnerabilities. Such a family of vulnerabilities are present in the firmware implementation of 5G mobile network modems from major chipset vendors i.e., Qualcomm and MediaTek. Consequently, many 5G-capable commercial products such as smartphones, Customer-premises Equipment (CPE) routers and USB modems are potentially impacted due to the employment of vulnerable 5G modems in such products."
asset-group.github.io/disclosu

Show more
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.