HackerTrans
TopNewTrendsCommentsPastAskShowJobs

123malware321

no profile record

comments

123malware321
·vor 2 Monaten·discuss
well you might say that, but they got bought, so in making nothing which no one needed they did find their perfect match, anthropic, who also builds nothing and sells hot air :D.

We might have our opinions on AI and slop, but in the end of the day this was a business play and it worked out for the players. Separate that from the actual product and u can respect they did really well for themselves.
123malware321
·vor 3 Monaten·discuss
"I'm afraid i have some bad news Greg... We're gonna have to call you Gunter from now on... it appears ... you are German."

"But... Aber... Ab... 9!"
123malware321
·vor 3 Monaten·discuss
I don't know anyone reviewing these tools that is impressed who is also someone who earns they paycheck doing bugbounties and finding actual CVE.

Generally these things only find memory corruption stuff which is almost never the type of bug you're looking for, and it costs a lot which negates your bug bounty payout.

Each time they preach, ooh, 0day found, bla bla.

In this domain you need to be specific or you are just yelling clickbait into the wind.

What type of 0day, what did the exploit actually look like.

'complex 4 stage with heap spray' - that sounds really simple actually.... complex for memory corruption goes into multi-process, maybe things between kernel/usermode, or crazy 18-20 stage exploits people pop against things like MS Teams etc....

Even if there were some cool results by any of these projects, the amount of nonsense blurted out in articles around them really makes them seem useless tools that are overmarketed by a bunch of excited children who dont really know what they are doing.

Get a dopamine hit, post on reddit, LOL. Hacking the planet (powered by Claude -_-)
123malware321
·vor 4 Monaten·discuss
ASL: M\16\EU Current role: Webmaster Remote: No Willing to relocate: No Technologies: HTML, IRC, DCC, Macromedia Flash, E-Mail, FTP, HTTP, Dreamweaver, HLDS, AdminMod, TFC, Worms Armageddon Looking for: the answer to the question that drives us... Resume: Stop

Hi, I am ZxBlaster9001. My experience is mainly focused around updating the timestamp on copyright messages in website footers. I also permanently ban people for making smug remarks on IRC where I have multiple channels with Q and users respect my authority. I develop in notepad with the latest web technologies and recently have taken up Dreamweaver to ensure my customers require the latest standards and tiers in bandwidth available from my hosting providers. I make 150k$ a month from link-wheels between gambling and pornography websites and run schemes to boost ad referrals through them for additional ROI. I still live with my parents who love me a lot. And before you ask: IT'S A COMMAND CENTER!
123malware321
·vor 5 Monaten·discuss
dont be jealous. working for some evil corporate is soulsucking for most humans. Only few thrive in such environments. most will try to get quick $$ and exit before they feel completely dead inside.
123malware321
·vor 5 Monaten·discuss
well considering you use components like DFA to build compilers, yes they are determenistic. you also have reproducible builds etc.

or does your binary always come out differently each time you compile the same file??

You can try it. try to compile the same file 10 times and diff the resultant binaries.

Now try to prompt a bunch of LLMs 10 times and diff the returned rubbish.
123malware321
·vor 5 Monaten·discuss
if you think someone with 1B is the same as someone with every month a minus number on their account then you are deluded.

A good measure of prosperity is quality of life, which sadly in our wonderful civilization one needs to buy with money.

And a little note. Billionaires do not eat the same food, do not take the same healthcare, and do not buy similar consumer goods for the most part. Maybe they will get the iPhone, but if you think a poor person can afford an iPhone maybe you also don't really understand what it is to be poor.

Poor people fighting hungerpains working their shit jobs. Poor people suffer from mental ailments induced by the stresses of being poor.

There is no parallel.
123malware321
·vor 5 Monaten·discuss
this is quite interesting but it has some weird stuff in there which makes me doubt some of the info. I am wondering if it's missing some links (or I am) or that the info is maybe incomplete or somehow wrong.

For example, it mentions exploits for CISCO devices being a primary entry point into tap systems. makes sense, because afaik these devices hold things like tap bridges which control stuff. (not sure ofc, but some info on it was disclosed 12 years ago.. snmp tap bridges).

Then it goes on and says suddenly: "Salt Typhoon deployed a sophisticated persistence mechanism designed to survive exactly the remediation attempts carriers would eventually undertake. The primary implant, documented by Trend Micro researchers under the name GhostSpider, operated entirely in memory without touching disk, evading traditional antivirus that scans for malicious files"

Afaik, you do not install anti-virus on a CISCO switch or router, or ASA. I've never seen it. The smart install stuff is also network devices, not some kind of app on a user device. So how would anti-virus really be able to see it even if it was on the disk.

Forensic tooling might not be able to find it if its in memory (and the device was powered off... dont do this!) but that's a completely different ballpark.

Wondering if anti-virus and forensic tooling was swapped / confused, or if there is some kind of missing piece of info about a malware that this piece pertains to.

fyi, ghostspider is a windows based malware, so hence i don't see the correlation to the mentions on CISCO popping and getting into the devices that hold taps.

https://www.trendmicro.com/en_us/research/24/k/earth-estries... (mentioned a bit down on the page)

The original article the info in this one relates to https://archive.md/CgRWt#selection-4559.0-4559.257 also doesn't seem so sure about the nature of the breach. it does not mention such specific capabilities.

They mention that us lawmakers / security folks noted: "The hackers also had the ability to “record phone calls at will”, according to Anne Neuberger, who was a deputy US national security adviser at the time." which is one of the more concrete statements. This statement is completely different from 'having access to wiretaps'

As far as I know this used to be done via things like this: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6... which would be very specific access to these cisco devices (so that part _does_ seem to align, the CVE's vs. the capabilities).

It's a very interesting read and pretty well written. Definitely tickles my curiosity, but if anyone has more information related to the specific claims of accessing tap infrastructure rather than telco general infra, this would be welcome!
123malware321
·vor 7 Monaten·discuss
considering it still cost 40$ for a 2 year old game, i think they are way beyond the excuse of small team low budget trying to make cool stuff. They have receive shit tons of money and are way to late trying to optimise the game. When it came out it ran so pisspoor i shelved it for a long time. Trying it recently its only marginally better. its really poorly optimised, and blaming old tech is nonsense.

People make much more smooth and complex experiences in old engines.

You need to know your engine as a dev and dont cross its limits at the costs of user-experiences and then blame your tools....

The whole story about more data making load times better is utter rubbish. Its a sign of pisspoor resource management and usage. For the game they have, they should have realized a 130GB install is unacceptable. It's not like they have very elaborate environments. A lot of similar textures and structures everywhere.. its not like its some huge unique world like The Witcher or such games...

There is an astronomical amount of information available for free on how to optimise game engines, loads of books, articles, courses.

How much money do you think they have made so far?

"Arrowhead Game Studios' revenue saw a massive surge due to Helldivers 2, reporting around $100 million in turnover and $76 million in profit for the year leading up to mid-2025, significantly increasing its valuation and attracting a 15.75% investment from Tencent"

75 million in profit but can't figure out how to optimise a game engine. get out.
123malware321
·vor 7 Monaten·discuss
nice read but i think i dont agree really on the higher thinking part.

it says higher thinking is the key to not be outpaced by AI, but they are designing now systems with AI that do just that... you will not be able to outpace it.

I think ultimately, either a large part of jobs will completely disappear, or drastically change shape.

You can see the same in factories, where new equipment replaces workers, now that equipment needs maintenance / operators etc. , which also get automated, and changes again the jobs in the factory, on and on.

It might be hard to accept, but ultimately a lot of jobs will disapear and that means there will be much less jobs. A solution would be not to be required to have a job, but in our current economic / political system this is not possible in 90+% of communities. (some places have the right culture for this... but its usually remote and harsh places...).

If you want to keep having 'value' in this sense, hard skills are likely going to be more useful. handicrafts too. manual labor that still needs to be done manual or has added quality if done manually by a human.

robots are much harder to build to replace your intricate skills than say a piece of software that automates your daily office tasks, whatever that office job might be.

Also ofcourse which, i think, won't go away, is a lot of social work. that might even become more and more. why? people will get depressed being out of a job in massive scales. people will feel useless because the world is changing from a 'person has value because they can provide xyz' to a totally different paradigm (maybe we'll need to be nice to eachother for one?? YUCK). And ofcourse, a lot of social work, works because its done by humans. there are many things a human can offer which a robot or AI cannot. like closeness, holding someones hand if they are about to cry, yada yada.

I hope, that humans will accept that most work will be done by software and drones. and that it will lead people to look at other ways of putting value to themselves and others.

maybe then there is a chance that humans will become more human again - and drones can be drones. like it should be. (a lot of humans are drones now because they do the work of drones!)
123malware321
·vor 7 Monaten·discuss
you can burn off your finger prints
123malware321
·vor 7 Monaten·discuss
someone once told me the only code format that matters is what te debugger spit back out to u once u look at it properly in its true form :D
123malware321
·vor 7 Monaten·discuss
people have been doing this ever since clipboard exist...
123malware321
·vor 7 Monaten·discuss
everything is dead after november passes
123malware321
·vor 7 Monaten·discuss
ML and AI killed it between 2011-2016 somewhere. https://en.wikipedia.org/wiki/Dead_Internet_theory
123malware321
·vor 7 Monaten·discuss
https://linux.die.net/man/1/man https://linux.die.net/man/1/info

for a lot of linux things these 2 utils / commands are good, if pages are available etc. etc. - i prefer info in there to any online docs.

ofcourse, that doesn't include things 'on linux' but not linux, unless they are installed and include for example man pages (a lot of things do this actually, which is nice.)

know its not like devdocs perhaps but its a good core base of knowledge people can tap into when working on linux. imho a lot of answers can be found in there.

you can also add your own man pages / info pages specific to an org or machine and tell people how to open those pages to include offline docs for things u like in a bit of a standard way across linux devices. (i never seen a linux that doesn't support these commands, but didn't try all distros ofc...)
123malware321
·vor 7 Monaten·discuss
as you noted its even chance tis auto-generated or included in a large batch of copycat activities trying to copycat any repos which have certain engagement with them.

you could contact github about that sid e if there's issues on there, but thats MS so they arent always as helpful. For the social media thats a bit shittier, as people are free to register names, its not illegal or against the EULA.

if you are worried about scams, you could put a note or an additional .md file on your projects which emphasizes these accounts are not affiliated to your project. - depending on the volume of impersonations that might be a bit much bookkeeping, so perhaps a generic message on readme.md that there are people impersonating, and if applicable a list of your own accounts that _are_ affiliated with the project. - then atleast/perhaps people can be aware of the situation from visiting your github.
123malware321
·vor 8 Monaten·discuss
the distro exist, but this is not the download site. https://www.snowlinux.de/

i would suspect it's malware and recommend not to touch. the download site is some peer-to-peer download service thing.