Me standing next to a conceptual work of art based on my keynote. I’m wearing a black dress and my dark wavy hair has a gradient from purple to hot pink.
Karaokeynote for @bsidessf.org is in the bag & now I’m free to enjoy the rest of the conference. Alright everyone, you heard me: go save the world! 🌺💖
Thank you, dad, for bringing this machine to my life. It was a fun box with a huge impact for this 12-year-old then, as well as for thousands of 0patch users worldwide today.
With its 6 KB of memory, even with a built-in BASIC interpreter, I was forced to learn coding in Z80 assembly to get anything interesting done. A minor detail in retrospect, but without that, @0patch.bsky.social would likely not exist today as we're writing our security patches in assembler.
So each Galaksija is basically unique, ours having a wooden case for the computer, and a plastic box for the sound extension (attached at its back), both covered with black wallpaper.
Galaksija came as a DIY kit, requiring one to solder all components to the motherboard, assemble the keyboard, obtain additional chips from a small electronics shop in Austria, but most notably -- create one's own chassis.
Big thanks to BSidesLjubljana (0x7ea.bsidesljubljana.si) for allowing me to show Galaksija to conference attendees before handing it over to the museum.
Photo of my computer Galaksija, with a sound extension attached
42 years after my father and I had assembled it, our first computer "Galaksija" has found a new home at Computer History Museum (www.racunalniski-muzej.si), where diligent caretakers of our regional computer history will have it displayed for nostalgic and curious visitors.
All that the Turing Test proves is that human are much, much stupider than Alan Turing ever suspected.
Oh, clever, thanks!
Of course having the server auto-sign a customized installer would be a seriously risky thing to do (exposing the signing key) and today with the requirement for the key to be on a secure hardware device may also be impossible to implement. So are customized installers even possible anymore?
Thanks, Eric, for explaining why this is a bad idea. When one wants to provide users with a signed installer, but also make it super easy for said installer to be able to auto-register the product to user's account, adding user-specific data as padding sounds like almost the only reasonable option.
Adobe tries to cheat Authenticode, which can result in additional blocks and security warnings.
textslashplain.com/2024/11/15/b...
Zimperium has discovered more than 760 Android apps that steal and relay NFC data to a remote attacker
zimperium.com/blog/tap-and...
Aardvark is a labor of love and mission for the whole team. We are super excited to bring it to you. Sign up for the beta immediately!!! openai.com/index/introd...
The latest WindowsUpdate disables Windows Explorer previews for files that were downloaded from the Internet or are on Internet Zone network shares.
gist.github.com/ericlaw1979/...
Need a summary of all the ways the White House has gutted science?
🧪Or are you scientist who needs to hear your work valorized in song?
From brilliant songwriter, Elle Cordova:
“If they don’t like the data in your graphs/they’ll just turn the lights out in your lab”
youtube.com/shorts/AYm9w...
I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-gl...
If you want to understand the struggle anyone doing input validation has, just look at ver 16.0 of the unicode standard: unicode.org/versions/Uni...
Unicode 16.0 adds 5185 characters, for a total of 154,998 characters
244 pages.
yeah, good luck with that.
<script>alert('𐒀𐒁𐒂')</script>
Five-ish years ago, @lizthegrey.com told me tech workers needed to organize because the tech giants would automate their jobs, the market would flood with talent and they would lose bargaining power. I thought it was unlikely. Here’s a story about me being wrong. www.nytimes.com/2025/08/04/t...
Morning in Kyiv. No sleep. Air quality is extremely bad. City is covered in thick smoke.
This is Russian terror, aimed at people who chose to stay, resist and fight.
Re-reading Stumbling on happiness by @danielgilbert.bsky.social and loving every page again. Relatable facts, interesting actual and thought experiments wrapped in just my type of humor.
OAuth is hard and we often find security flaws, but this is next level. Kudos to Modzero.
A friendly reminder from the Patron Saint of the Internet, Deth Veggie
So sorry to hear this. Chipped in and sharing.
Hey, we can sell you a USB-HDMI adapter that works well in your office but flickers on stage.
Threat actors are exploiting a recently patched vulnerability in the Roundcube webmail server.
Attacks began two days after a patch was published on GitHub.
FearsOff believes attackers bin-diffed the code before a final patch was ready and started exploiting servers.
fearsoff.org/research/rou...
