HackerTrans
TopNewTrendsCommentsPastAskShowJobs

itintheory

no profile record

comments

itintheory
·قبل 10 أيام·discuss
> the Switch 2 takes carts

I believe the switch 2 carts don't contain the actual game, just a license key. The game is downloaded on first run.
itintheory
·قبل 12 يومًا·discuss
Somehow not in the wayback machine or archive.ph. Probably just coincidence.
itintheory
·قبل 15 يومًا·discuss
> blue teamers

Pretty sure you mean red team here. While I've heard people refer to any offensive security (eg including blackhat) as 'red team' , it typically means people you've hired or contracted to try to break into your systems, whereas the blue team are people you've hired to build and operate your security defenses. Red and blue team are both your employees / contractors but perform different functions.
itintheory
·قبل 17 يومًا·discuss
> nobody deploys `node:latest`

Oh how I wish that were true.
itintheory
·قبل 17 يومًا·discuss
Pull-through cache the images. Sure, they could decide you can't pull anymore, or impose problematic rate limits, but you shouldn't add a runtime dependency on their registry in any case.
itintheory
·قبل 23 يومًا·discuss
Another own goal - eliminate screw worm from north america...
itintheory
·قبل 29 يومًا·discuss
Huh. I remember playing a very similar game on Apple II, but I believe it had a Dutch / European theme, and was called something like "Ooperhoofd". I can't find any reference to it online. Maybe it was a 'modded' version of this? That one, and Odell Lake[0] were the best disks in the library computer lab in middle school.

[0] https://classicreload.com/apple2-odell-lake.html
itintheory
·قبل 29 يومًا·discuss
For some reason this made me think of Pirates Constructible Strategy Game [0]

[0]: https://en.wikipedia.org/wiki/Pirates_Constructible_Strategy...
itintheory
·قبل 30 يومًا·discuss
They should have called this "WishingWell". I'm wishing them well, but some of these projects are so over the top pie-in-the-sky silly, and funded with $0.25.
itintheory
·قبل 30 يومًا·discuss
Care to share any specifics?
itintheory
·الشهر الماضي·discuss
Same. I have used the controller as a container. Take a backup of the configuration and you don't even need to keep it running. I returned to a network after two years, fired up a controller, imported the config backup and g2g
itintheory
·الشهر الماضي·discuss
Gonna need a description of the correct way to do these things. I have a feeling I'll be one of today's lucky 10,000.
itintheory
·الشهر الماضي·discuss
It has a name in the security industry, Insecure Direct Object Reference (IDOR) [1]. Somewhat related to Path Traversal [2]. Unfortunately CFAA is very broad and can be (mis)interpreted in wild ways.

[1] https://cheatsheetseries.owasp.org/cheatsheets/Insecure_Dire... [2] https://owasp.org/www-community/attacks/Path_Traversal
itintheory
·الشهر الماضي·discuss
There are many good options. [1]

[1] https://news.ycombinator.com/item?id=48321089
itintheory
·الشهر الماضي·discuss
I was thinking along similar lines to what you've suggested here, but then I considered how many VPS might be configured by folks following some random web tutorial, to set up their LAMP stack (or whatever), that end up doing something like what was described.
itintheory
·الشهر الماضي·discuss
This feels like using sudo is just inherently unsafe.
itintheory
·الشهر الماضي·discuss
Parallel construction is when they use illegally obtained evidence to construct a separate set of ostensibly legitimate evidence. Like, an illegal wiretap might lead to someone being in the right place at the right time to witness a crime.
itintheory
·قبل شهرين·discuss
<always has been meme>

While containers have some useful properties, it was never intended to be, and never really functioned as a strict security boundary. We've duct-taped around that, and it's reasonably good now, but that only goes so far.
itintheory
·قبل شهرين·discuss
I'm surprised that this has apparently been ongoing for 6-7 months. I thought outfits like GitGuardian, or solo researchers with trufflehog (etc) would find leaked keys in days, not months. Maybe this is related to the major growth of github? The scanners can't keep up?
itintheory
·قبل شهرين·discuss
Yep, that's the advice from AWS for the previous set of vulnerabilities:

https://aws.amazon.com/security/security-bulletins/2026-027-...

That one also includes disabling user namespaces. Could be problematic if they're in use.