fsebugoutzone.org:9999

       Posts by leftpaddotpy@queer.af
 (DIR) Post #ASgSO8F3Hp4CalWnJo by leftpaddotpy@queer.af
       2023-02-14T22:17:31Z
       
       0 likes, 0 repeats
       
       @flamingspork silly standards. for sure.
       
 (DIR) Post #AShWtkhcvwzzpPBduy by leftpaddotpy@queer.af
       2023-02-15T10:41:30Z
       
       0 likes, 0 repeats
       
       @mjg59 hahahaha yes also github cli, shit is broke yoyou could potentially hardware bind github app credentials, one per user, since those use certificates to make jwts (i described this to an edef who immediately pointed out the lack of nonce; nothing to stop forward dating these, lmao) to acquire short lived bearer tokensbut i would call that a highly creative use of the feature.
       
 (DIR) Post #ASpTPOhTQd82Ird26i by leftpaddotpy@queer.af
       2023-02-19T06:41:21Z
       
       0 likes, 0 repeats
       
       @flamingspork http://www.svengrahn.pp.se/trackind/luna3/SpyBalloon.htm
       
 (DIR) Post #ASuUQvcfa2PERdTW5Y by leftpaddotpy@queer.af
       2023-02-19T17:27:37Z
       
       1 likes, 0 repeats
       
       giving a catgirl a Linux image of an undocumented device from China is like giving a cat a ball of yarn
       
 (DIR) Post #ASuUQxPGwosTyfDqU4 by leftpaddotpy@queer.af
       2023-02-19T19:10:04Z
       
       0 likes, 0 repeats
       
       so far we have found (from the manufacturer, not a user):- ssh key, private, with a description of the qq address of one of the authors- a gitconfig file- browser history- the encryption keys for the ecryptfs for the ruby code- lots of funny binaries to run the hardware- a /bin/rm http endpoint with arbitrary paths- logs and logs and logs from development time- frustratingly hashed known_hosts- frustratingly nontrivial to crack glibc password hashing (salt plus 5k rounds of sha512 isn&#39;t nothing, that&#39;s still a 5k divisor on your cracking speed)
       
 (DIR) Post #AT9ewR3QgKWxom3LY8 by leftpaddotpy@queer.af
       2023-02-28T23:54:43Z
       
       1 likes, 0 repeats
       
       @fasterthanlime you might be interested in this research project: https://github.com/plasma-umass/meshit frees the physical pages that get fragmented without needing a moving gc*, so it works on c/rust/etchow? by implementing a moving gc *on physical memory* while leaving the virtual mappings untouched. what? well, if you allocate randomly within pages and prepare bit maps of usage and AND them together, then you can tell if pages can be fit together, and if so, it unmaps the original ones (and installs a fault handler to catch anyone trying to access them) then moves the physical memory around and remaps the same page at both virtual addresses.