HackerTrans
TopNewTrendsCommentsPastAskShowJobs

new23d

no profile record

Submissions

What data do coding agents send, and where to?

chasersystems.com
2 points·by new23d·8 bulan yang lalu·1 comments

Obfuscating outbound traffic via a Suricata "firewall"

new23d.com
1 points·by new23d·tahun lalu·1 comments

Living-off-the-land Dynamic DNS for Route 53

new23d.com
1 points·by new23d·tahun lalu·1 comments

An analysis of CRL sizes from various CAs

chasersystems.com
1 points·by new23d·2 tahun yang lalu·4 comments

[untitled]

2 points·by new23d·2 tahun yang lalu·0 comments

comments

new23d
·5 bulan yang lalu·discuss
netim.com has been reliable over the years for me
new23d
·8 bulan yang lalu·discuss
Our report seeks to answer some of our questions for seven of the most popular agentic code editors and plugins. By intercepting and analysing their network flows across a set of standardised tasks, we aim to gain insight into the behaviour, privacy implications, and telemetry patterns of these tools in real-world scenarios. Incidentally, a side-effect was running into OWASP LLM07:2025 System Prompt Leakage for three of the chosen coding agents. You can see the system prompts in the appendix.
new23d
·tahun lalu·discuss
Obfuscation via egress firewalls and evasive binary development with an iterative LLM agent.
new23d
·tahun lalu·discuss
Use AWS Route53?
new23d
·tahun lalu·discuss
Making a dynamic DNS client with aws and jq CLI, with a least-privilege IAM role and a SystemD service.
new23d
·2 tahun yang lalu·discuss
Exactly the same happened with me. Picking up the phone and responding to email (in weeks, not hours or days) didn't lower my bills. This sort of marketing is perhaps deflection.
new23d
·2 tahun yang lalu·discuss
We'll be working on that in the coming days. Thought the data at this point was a good start.
new23d
·2 tahun yang lalu·discuss
Some initial observations:

• Google's CRLs from the same intermediate CA (same public key) have different URLs and different content when pulled from different hosts (google.com, youtube.com).

• DigiCert has sharded according to 'assurance' class, algorithm, year and acquisition's name.

• Sectigo also has sharded according to 'assurance' class [1].

• GlobalSign has sharded by the yearly quarter presumably.

• HTTP Cache-Control maxage (or s-maxage), 'Expires' and 'Next Update' within the CRL file are not in sync.

• Some CAs other than Let's Encrypt also do not publish CRL URLs in the leaf certificates.

[1] https://www.sectigo.com/knowledge-base/detail/Sectigo-Interm...
new23d
·2 tahun yang lalu·discuss
We collected some data [1] on the viability of only CRLs as the future (phasing out OCSP) - motivated by Let's Encrypt's announcement today [2].

Data is on CRL availability, number of entries, expiry & refresh times, etc. from various x509 leaf server SSL certificates.

[1] https://news.ycombinator.com/item?id=41058138 [2] https://news.ycombinator.com/item?id=41046956
new23d
·2 tahun yang lalu·discuss
We collected some data on the viability of only CRLs as the future (phasing out OCSP) - motivated by Let's Encrypt's announcement today [1].

Data is on CRL availability, number of entries, expiry & refresh times, etc. from various x509 leaf server SSL certificates.

[1] https://news.ycombinator.com/item?id=41046956
new23d
·2 tahun yang lalu·discuss
TLS 1.3 and ESNI (now called Encrypted Client Hello - ECH) are separate standards, although you'll see ECH only enabled in bleeding edge stacks. In fact, ECH is still in IETF draft phase [1].

It can be disabled if an organisation wishes to. I wrote about how to do this in Chrome [2,3], and will write about Firefox when I get a chance.

[1] https://datatracker.ietf.org/doc/draft-ietf-tls-esni/ [2] https://chasersystems.com/blog/disabling-encrypted-clienthel... [3] https://news.ycombinator.com/item?id=37823262
new23d
·2 tahun yang lalu·discuss
Product appears to be an ID Tent from Evi-Paq. It has inches on the front 'leg' and cms on the rear.

https://forensicssource.com/collections/evidence-markers/pro...
new23d
·2 tahun yang lalu·discuss
Stay near a transport hub so you can connect with your prospects and customers regularly, by travelling. Working along side other founders in the B2B space would be extremely beneficial too.
new23d
·2 tahun yang lalu·discuss
Wait till they get to the part where it can be easily bypassed. I spoke about it [1] at the fwd:cloudsec conference [2] in July 2022. Others have raised concerns about discovery of these bypasses too [3].

[1] https://www.youtube.com/watch?v=DKSa32qWiRw [2] https://fwdcloudsec.org/ [3] https://canglad.com/blog/2023/aws-network-firewall-egress-fi...
new23d
·2 tahun yang lalu·discuss
This is the FlightRadar24 playback of the flight: https://www.flightradar24.com/data/flights/la800#34506b53

At time ~02:27, a dip in the altitude can be seen in the flight data chart.
new23d
·2 tahun yang lalu·discuss
No.
new23d
·2 tahun yang lalu·discuss
+1 for 14"
new23d
·2 tahun yang lalu·discuss
My interest in Framework is the DIY repairability. Not interested in modular upgrades but hot swappable ports on the side and should something need replacing, can be done in a relatively shorter and more predictable timespan than with ThinkPads and EliteBooks these days. Have had terrible experience with those in the last few years.