saint

joined 2 years ago
MODERATOR OF
work
arduino
lectures
saugumas
bofh
books
raw
war
matrix
bpf
magick
this
main
movingpictures
nubodumas
sorted by: new top controversial old
3
RAW on pornography (www.rawillumination.net)
7
Pluralistic: Precaratize bosses (19 Apr 2024) – Pluralistic: Daily links from Cory Doctorow (pluralistic.net)
72
Ukraine war: Nato pledges more advanced air defences to Kyiv (www.bbc.com)
4
A quick post on Chen’s algorithm (blog.cryptographyengineering.com)
 

But there is a saying in our field that attacks only get better.

-6
Generation Z is unprecedentedly rich (archive.ph)
 

Is this the real life? Is this just fantasy?

7
The betrayal of Ukraine and Germany’s misreading of history (nickcohen.substack.com)
1
CVE-2024-31497: Secret Key Recovery of NIST P-521 Private Keys Through Biased ECDSA Nonces in PuTTY Client (seclists.org)
 

ECDSA NIST-P521 keys used with any vulnerable product / component should be considered compromised and consequently revoked by removing them from authorized_keys, GitHub, ...

82
GitHub - kevinbentley/Descent3: Descent 3 by Outrage Entertainment (github.com)
5
Americans are still not worried enough about the risk of world war (www.noahpinion.blog)
5
Book Review | GOAT: Who Is the Greatest Economist of All Time and Why Does It Matter?, by Tyler Cowen (www.independent.org)
 

Check out the book page as well (and you can download the book for free) - https://goatgreatesteconomistofalltime.ai/en

8
GitHub - paul-gauthier/aider: aider is AI pair programming in your terminal (github.com)
 

Yea or Nay?

13
Intel and Lenovo servers impacted by 6-year-old BMC flaw (www.bleepingcomputer.com)
 

Although the vulnerability was addressed in August 2018, the maintainers of Lighthttpd patched it silently in version 1.4.51 without assigning a tracking ID (CVE).

This led the developers of AMI MegaRAC BMC to miss the fix and fail to integrate it into the product. The vulnerability thus trickled down the supply chain to system vendors and their customers.

BMCs are microcontrollers embedded on server-grade motherboards, including systems used in data centers and cloud environments, that enable remote management, rebooting, monitoring, and firmware updating on the device.

In short - it is a BIOS/virtual keyboard and mouse accessible via internet and if you can access it - you are controlling the computer. Of course, to have such devices exposed without adequate protection is an interesting idea by itself, but there are quite some dedicated server providers that do it for various reasons (less work).

view more: ‹ prev next ›