Isn't just as illegal as exploiting them for nefarious purposes? That's a pretty big risk to take to help a few dozen strangers on the Internet. What happens if your fix has an unforeseen interaction with some…
> the Switch 2 takes carts I believe the switch 2 carts don't contain the actual game, just a license key. The game is downloaded on first run.
Somehow not in the wayback machine or archive.ph. Probably just coincidence.
> blue teamers Pretty sure you mean red team here. While I've heard people refer to any offensive security (eg including blackhat) as 'red team' , it typically means people you've hired or contracted to try to break…
> nobody deploys `node:latest` Oh how I wish that were true.
Pull-through cache the images. Sure, they could decide you can't pull anymore, or impose problematic rate limits, but you shouldn't add a runtime dependency on their registry in any case.
Another own goal - eliminate screw worm from north america...
Huh. I remember playing a very similar game on Apple II, but I believe it had a Dutch / European theme, and was called something like "Ooperhoofd". I can't find any reference to it online. Maybe it was a 'modded'…
For some reason this made me think of Pirates Constructible Strategy Game [0] [0]: https://en.wikipedia.org/wiki/Pirates_Constructible_Strategy...
They should have called this "WishingWell". I'm wishing them well, but some of these projects are so over the top pie-in-the-sky silly, and funded with $0.25.
Care to share any specifics?
Same. I have used the controller as a container. Take a backup of the configuration and you don't even need to keep it running. I returned to a network after two years, fired up a controller, imported the config backup…
Gonna need a description of the correct way to do these things. I have a feeling I'll be one of today's lucky 10,000.
It has a name in the security industry, Insecure Direct Object Reference (IDOR) [1]. Somewhat related to Path Traversal [2]. Unfortunately CFAA is very broad and can be (mis)interpreted in wild ways. [1]…
There are many good options. [1] [1] https://news.ycombinator.com/item?id=48321089
I was thinking along similar lines to what you've suggested here, but then I considered how many VPS might be configured by folks following some random web tutorial, to set up their LAMP stack (or whatever), that end up…
This feels like using sudo is just inherently unsafe.
Parallel construction is when they use illegally obtained evidence to construct a separate set of ostensibly legitimate evidence. Like, an illegal wiretap might lead to someone being in the right place at the right time…
<always has been meme> While containers have some useful properties, it was never intended to be, and never really functioned as a strict security boundary. We've duct-taped around that, and it's reasonably good now,…
I'm surprised that this has apparently been ongoing for 6-7 months. I thought outfits like GitGuardian, or solo researchers with trufflehog (etc) would find leaked keys in days, not months. Maybe this is related to the…
Yep, that's the advice from AWS for the previous set of vulnerabilities: https://aws.amazon.com/security/security-bulletins/2026-027-... That one also includes disabling user namespaces. Could be problematic if they're…
Sounds like this one is in the same kernel modules as dirtyfrag, so the existing mitigations (if in place) are sufficient.
Did we read different articles? That's right in there...
My interpretation would be that cars are necessary to live in places where urban design assumes that we'll use cars to get around. Many cities are designed this way. Similarly, phones are required now for some…
> Currently implemented with support for 7 popular games. The enhancement engine sounds great, but it'd be nice to know which games it's for...
Isn't just as illegal as exploiting them for nefarious purposes? That's a pretty big risk to take to help a few dozen strangers on the Internet. What happens if your fix has an unforeseen interaction with some…
> the Switch 2 takes carts I believe the switch 2 carts don't contain the actual game, just a license key. The game is downloaded on first run.
Somehow not in the wayback machine or archive.ph. Probably just coincidence.
> blue teamers Pretty sure you mean red team here. While I've heard people refer to any offensive security (eg including blackhat) as 'red team' , it typically means people you've hired or contracted to try to break…
> nobody deploys `node:latest` Oh how I wish that were true.
Pull-through cache the images. Sure, they could decide you can't pull anymore, or impose problematic rate limits, but you shouldn't add a runtime dependency on their registry in any case.
Another own goal - eliminate screw worm from north america...
Huh. I remember playing a very similar game on Apple II, but I believe it had a Dutch / European theme, and was called something like "Ooperhoofd". I can't find any reference to it online. Maybe it was a 'modded'…
For some reason this made me think of Pirates Constructible Strategy Game [0] [0]: https://en.wikipedia.org/wiki/Pirates_Constructible_Strategy...
They should have called this "WishingWell". I'm wishing them well, but some of these projects are so over the top pie-in-the-sky silly, and funded with $0.25.
Care to share any specifics?
Same. I have used the controller as a container. Take a backup of the configuration and you don't even need to keep it running. I returned to a network after two years, fired up a controller, imported the config backup…
Gonna need a description of the correct way to do these things. I have a feeling I'll be one of today's lucky 10,000.
It has a name in the security industry, Insecure Direct Object Reference (IDOR) [1]. Somewhat related to Path Traversal [2]. Unfortunately CFAA is very broad and can be (mis)interpreted in wild ways. [1]…
There are many good options. [1] [1] https://news.ycombinator.com/item?id=48321089
I was thinking along similar lines to what you've suggested here, but then I considered how many VPS might be configured by folks following some random web tutorial, to set up their LAMP stack (or whatever), that end up…
This feels like using sudo is just inherently unsafe.
Parallel construction is when they use illegally obtained evidence to construct a separate set of ostensibly legitimate evidence. Like, an illegal wiretap might lead to someone being in the right place at the right time…
<always has been meme> While containers have some useful properties, it was never intended to be, and never really functioned as a strict security boundary. We've duct-taped around that, and it's reasonably good now,…
I'm surprised that this has apparently been ongoing for 6-7 months. I thought outfits like GitGuardian, or solo researchers with trufflehog (etc) would find leaked keys in days, not months. Maybe this is related to the…
Yep, that's the advice from AWS for the previous set of vulnerabilities: https://aws.amazon.com/security/security-bulletins/2026-027-... That one also includes disabling user namespaces. Could be problematic if they're…
Sounds like this one is in the same kernel modules as dirtyfrag, so the existing mitigations (if in place) are sufficient.
Did we read different articles? That's right in there...
My interpretation would be that cars are necessary to live in places where urban design assumes that we'll use cars to get around. Many cities are designed this way. Similarly, phones are required now for some…
> Currently implemented with support for 7 popular games. The enhancement engine sounds great, but it'd be nice to know which games it's for...