HackerTrans
TopNewTrendsCommentsPastAskShowJobs

bobince

no profile record

comments

bobince
·4 months ago·discuss
> Countless time wasted because the anti-virus or some other part of Windows locked a file.

And the whole edifice of “you need to reboot to update anything” is a knock-on effect of the file locking/sharing model, leading to the misery of “we forced a reboot and lost your work again, sucks to be you”.
bobince
·5 months ago·discuss
OVH are putting up prices in the same way, with the same reasoning. (I don't know about storage, but VPS stuff I'm using is going up ~20%.)

Used to be every VPS refresh cycle you'd get more server for less money. This is miserable
bobince
·5 months ago·discuss
Of all the things I wrote on SO, including many actually-useful detailed explanations, it was this drunken rant that stuck, for some reason.
bobince
·last year·discuss
Yes, they're originated by PayPal, but collected by a different original recipient and from there sent on to the victim. The envelope-recipient is not part of the material signed by DKIM, so the signature remains valid.

The To: header _is_ part of the signed material so will list the original recipient not the victim — but the attacker sets the recipient name/address to something misleading like “Order Received” to obscure this, and sets the store name to some long text that will be misleading when templated into the PayPal invoice request mail text.

PayPal have long had a problem with failing to make untrusted supplied text clear in their communications, but this is an unusually convincing attack.

I don't know why they always use (compromised?) onmicrosoft subdomains in particular. In the samples I've seen they're getting an SPF softfail so it doesn't seem MS's relays are passing SPF for paypal (sendgrid's might...)
bobince
·2 years ago·discuss
Script running on usercontent.github.com:

- is allowed to set cookies scoped to *.github.com, interfering with cookie mechanisms on the parent domain and its other subdomains, potentially resulting in session fixation attacks

- will receive cookies scoped to *.github.com. In IE, cookies set from a site with address "github.com" will by default be scoped to *.github.com, resulting in session-stealing attacks. (Which is why it's traditionally a good idea to prefer keeping 'www.' as the canonical address from which apps run, if there might be any other subdomains at any point.)

So if you've any chance of giving an attacker scripting access into that origin, best it not be a subdomain of anything you care about.
bobince
·2 years ago·discuss
Yeah it's a thin layer over MSI tables, so if you don't already know how Windows Installer works then it's not at all clear how to do many seemingly-basic installer tasks. And few people really know how Windows Installer works because that is itself obscure, poorly designed and documented.

But a thin layer over MSI is actually what you want; the commercial tools that preceded WiX and tried to abstract away what Windows Installer was actually doing were much worse. Because Windows Installer is such a mess of counterintuitive design and bugs that you are going to need to debug it.

WiX is to be saluted for greatly reducing the level of misery involved in making installers for Windows. But the level of misery is still very high indeed.