ಟ್ವೀಟ್ಗಳು
- ಟ್ವೀಟ್ಗಳು
- ಟ್ವೀಟ್ಗಳು & ಪ್ರತಿಕ್ರಿಯೆಗಳು
- ಮಾಧ್ಯಮ
@marcan42 ತಡೆಹಿಡಿಯಲಾಗಿದೆ
ನೀವು ಖಚಿತವಾಗಿಯೂ ಈ ಟ್ವೀಟ್ಗಳನ್ನು ನೋಡಲು ಬಯಸುವಿರಾ? ಟ್ವೀಟ್ಗಳನ್ನು ನೋಡುವುದು @marcan42 ಅವರನ್ನು ತಡೆತೆರವುಗೊಳಿಸುವುದಿಲ್ಲ.
-
ಪಿನ್ ಮಾಡಿದ ಟ್ವೀಟ್
This is how the SHA1 collision PDF format trick works (it's really an embedded JPEG format trick)pic.twitter.com/ogPuPegKL6
-
btrfs isn't the "next-gen" Linux filesystem, it's the failed-gen. 10 years in and still not stable. Time to ditch it and try something new.https://twitter.com/delroth_/status/835715425367379968 …
-
Looks like
@Gentoo fixed this shit in the past but it moved to a different config file. Filed bug #610950 to get it fixed again.pic.twitter.com/VAqKfvVfQf
-
Seriously, there is *no fucking reason* why an infrastructure package should be making outbound internet connections. The hell.
-
What the fuck. Usage reporting by default, behind my back, when running an unrelated command after installing your package is *not* cool.pic.twitter.com/Ya501g1sWJ
-
You can still find random authentication cookies for sites affected by
#CloudBleed with a simple Google search... and they work. Scary. -
Hector Martin ಹಿಂಬಾಲಿಸಿದ್ದಾರೆ The Keccak Team ಮತ್ತು Lorenzo Franceschi-B
-
ಪರಿಶೀಲಿಸಿದ ಖಾತೆ@lorenzoFB
I write about hackers, information (cyber) security and digital rights
@Motherboard. Past@Mashable,@Wired Danger Room. Open DM |
[email protected]
-
Hector Martin Retweeted
The sha1 collision blocks might have been a PDF header, but now we have them... https://arw.me/f/1.html https://arw.me/f/2.html pic.twitter.com/1zdD3Z8UXs
-
Hector Martin Retweeted
1/ define prefix 2/ compute collision, based on the prefix (it's an identical prefix collision) 3/ append data to make them both validpic.twitter.com/z6U1c0PK47
-
Hector Martin Retweeted
Make your own colliding PDFs: https://alf.nu/SHA1
-
Due to the way the prefix was crafted and the way the PDF format works, this allows you to make two PDF files with different contents.
-
You can take the two sets of 320 bytes that were published, append *anything* to both sets, and they will still have the same hash.
-
So many people are getting the SHA1 story wrong. With the collision that Google released, *anyone* can create colliding PDFs for *free*.
-
Hector Martin Retweeted
All the amazing crypto attacks in the world, and real security still comes down to someone screwing up memcpy().
-
That also means that if you have any apps that use services behind CloudFlare, you need to revoke their authorizations and re-authorize them
-
Your passwords only get sent to CloudFlare when you log in, but the tokens get sent *on every single request*.
-
Well-designed sites will revoke existing auth tokens on password change, but some won't, and on those, you're screwed.
-
If you're changing passwords due to CloudBleed, remember, it's not the passwords that matter, it's the auth *tokens*.
-
Hector Martin Retweeted
shared infrastructure. homogenous soup of resources. no boundaries. the cloud.pic.twitter.com/Kmny6cDAd8
-
Hector Martin Retweeted
Cloudflare have been leaking customer HTTPS sessions for months. Uber, 1Password, FitBit, OKCupid, etc. https://bugs.chromium.org/p/project-zero/issues/detail?id=1139 …
Hector Martin
Andrew R. Whalley
杏
Erling Ellingsen
Matthew Green
Micah Scott
Tavis Ormandyಲೋಡಿಂಗ್ ಸಮಯ ಸ್ವಲ್ಪ ತೆಗೆದುಕೊಳ್ಳುತ್ತಿರುವಂತೆನಿಸುತ್ತದೆ.
Twitter ಸಾಮರ್ಥ್ಯ ಮೀರಿರಬಹುದು ಅಥವಾ ಕ್ಷಣಿಕವಾದ ತೊಂದರೆಯನ್ನು ಅನುಭವಿಸುತ್ತಿರಬಹುದು. ಮತ್ತೆ ಪ್ರಯತ್ನಿಸಿ ಅಥವಾ ಹೆಚ್ಚಿನ ಮಾಹಿತಿಗೆ Twitter ಸ್ಥಿತಿಗೆ ಭೇಟಿ ನೀಡಿ.