Sounds like you’re living in the year 3024.
Sounds like you’re living in the year 3024.
As much as I like the spirit of the idea, it honestly sounds pretty hard to enforce. What constitutes a mistake, bad memory, or a polished turd of a statement versus an act of deception?
Nothing wrong with a little sunshine.
And it’s a weird article, because about half the article is also (named) people saying the exact opposite during the same timeframe. So at best people close to him can’t even agree. Headline seems like bait.
Then I guess “dox” in this context is resolving your name to other PII? I originally read it as more of a way to unmask people online.
You take that back
Don’t think they’re saying it negates the non-selfish part of the act.
Needless to say it’s powerful and thorough.
I mean, this does need to be said. It’s important details I was hoping to learn from the article. Otherwise it’s spooky stories we can’t actually build defenses for.
My hot take: You shouldn’t downvote comments you disagree with in a thread asking for hot takes.
Bio-neural gel packs here we come.
Article doesn’t really go into how TLOxp can dox/unmask people.
Even if you’re poking at a black box and are reporting that “it acts funny when I poke it this way.” I’m my opinion, a reporter should send along a script or at least explicit instructions on how to repro.
I take the report more serious since it demonstrates you have an understanding of the issue or exploit. It will also save my time and it’s likely a trivial effort for the reporter since they’ve the context and knowledge of the issue loaded up and ready to go.
Missing key info. Read the article.
Being a 3rd place you can’t even walk to because you have to cross those huge parking lots and all the traffic they bring. Not to mention none of them had decent places to actually collect and hang out.
Ah, I thought you were using the shower as a way to cool down the air for your house. This makes way more sense.
Any tips other than the fan…
Agree that people like to fluff the severity of bugs they report. It’s better for prestige and bounty payouts. But this is a little more nuanced.
“While I didn’t really intend the module to be used for any security related checks, I’m very curious how an untrusted input could end up being passed into ip.isPrivate or ip.isPublic [functions] and then used for verifying where the network connection came from.”
It’s interesting, that it would be hard to make a case that there was a “vulnerability” in the ip
package. But it seems like this package’s entire purpose is input validation so it’s kind of weird the dev thinks otherwise.
Recurring incidents like these raise the question, how does one strike a balance? Relentlessly reporting theoretical vulnerabilities can leave open-source developers, many of who are volunteers, exhausted from triaging noise.
The researchers need to provide proofs of concept. Actual functional exploits.
I’ve never gotten this to work very well. Though I didn’t do it with a fan. Any tips?
If you have cool nights, setup fans up at night to bring the house down to a lower temperature. Close everything up in the morning when the outside temp starts rising above your inside temp. If your place is insulated reasonably and there’s no excessive sun from windows, it will stay cool for the day.
Protip: Setup the fans in all rooms on one side of a chokepoint in your house/apartment (stairwell/hallway) to exhaust, to encourage airflow. Open up all the windows on the other side for intake. It’ll also help reduce pockets of hot air left over from the day before.
The thing that usually kills windows is shitty drivers. So people with different hardware can have completely different experiences.