HackerTrans
トップ新着トレンドコメント過去質問紹介求人

ebeip90

no profile record

コメント

ebeip90
·3 年前·議論
For hobbyist use, is this really any better than macOS' "say" command?

Once you've downloaded the Premium voices (e.g. Zoe) it's just a CLI, no API or hidden bells and whistles.

    $ say -v 'Zoe (Premium)' "This is an example of the Zoe voice for my comment on Hacker News."

You'll have to download the voice ahead of time, but Zoe (public) and Maeve (internal) are both excellent voices.
ebeip90
·4 年前·議論
^ This

Supercooled water was something I thought of later, but I didn't think about the presence / lack of bubbles from normal freezing.
ebeip90
·4 年前·議論
Tired: Here's the exact way to duplicate and bypass our tamper detection.

Wired: Make the tamper detection not duplicatable.
ebeip90
·4 年前·議論
This is garbage tamper detection.

Take a Dremel to the phone to scratch it random and custom. Laser etch a QR code if you want, maybe a GPG signature.

Freeze the phone in a 5-gallon bucket.

FedEx overnight early AM international delivery.

Full LTE GPS tracker on the package with minute-by-minute updates.

Ensure customer tests melted water for co2 content (it will fizz) and nitrogen content (will probably also fizz) in case somebody was clever and dropped LNOX or dry ice to re-freeze.

Retrieve phone that was tampered at the factory ahead of time, despite best efforts.
ebeip90
·5 年前·議論
This is the dumbest thing they could do.

“Ah yes, all you hackers and crackers, please take this DRM’ed copy of IDA and please obey the licensing agreement and don’t bypass the DRM.”
ebeip90
·5 年前·議論
Right click on the dock → Turn hiding on

I also prefer: ... → Position on screen → Left
ebeip90
·5 年前·議論
Yes.
ebeip90
·5 年前·議論
Interesting, I had a very well-done phone attempt against my American Express card two weeks ago.

I have to wonder if all that data came from the TMobile hack.

* The caller ID was spoofed (not just the name, the actual number on my phone bill and phone app logs are a real AMEX number).

* The caller claimed to be reporting a fraudulent attempt on my account

* In order to verify my identity, please read back the six-digit PIN they're sending me (~ALARM BELLS GO OFF~)

* SMS 2FA shows up, "Enter this code to add your card to Apple Pay" (Oddly, this message doesn't carry the "WE WILL NEVER CALL YOU FOR THIS CODE" all previous SMS 2FA carried)

* I ask for a call-back number, for security purposes. I'm told "This is AMEX. This is AMEX." every time I ask.

I hung up, and froze the card. Then I called AMEX with the number listed on the back of the card. They acknowledged they did NOT call me at any point that day, that a transaction WAS attempted AFTER I froze the card, and issued a new card.

The caller was calm, call-centery, had my full name, credit card number, expiration, 4-digit CVV, and phone number.

I also learned that AMEX doesn't actually cancel the old card... my regularly billed transactions and new online purchases went through just fine with the old card info. I called AMEX to ask them to unambiguously reject all attempts for all previous card numbers, they acknowledged. Tried a few days later, the old number still works...
ebeip90
·5 年前·議論
This is the correct answer!
ebeip90
·5 年前·議論
Coffee is for closers^W quoters. ABQ.

Always. Be. Quoting.

Also, you should be checking your Bash scripts with shellcheck, which will tell you when to do this with ~99% accuracy.

(For the uninitiated: https://www.youtube.com/watch?v=GrhSLf0I-HM)
ebeip90
·5 年前·議論
If you're using ZSH, this will give you a Python-style backtrace showing the specific line of each failure, even with nested function calls.

https://gist.github.com/zachriggle/8574964d2e3078cdfae84b574...

e.g.

    An error occurred on ./test:18
    Frame 1 (./test:21)
    18           false
    19       }
    20
    21   >>> a

    Frame 2 (./test:6)
    3        source TRAPERR.zsh
    4
    5        a() {
    6    >>>     b
    7        }
    8
    9        b() {

    Frame 3 (./test:10)
    7        }
    8
    9        b() {
    10   >>>     c
    11       }
    12
    13       c() {

    Frame 4 (./test:14)
    11       }
    12
    13       c() {
    14   >>>     d
    15       }
    16
    17       d() {

    Frame 5 (./test:18)
    15       }
    16
    17       d() {
    18   >>>     false
    19       }
    20
    21       a
ebeip90
·5 年前·議論
I wonder if they used Monodraw[1] to create their diagrams?

Looks like they did!

[1]: https://monodraw.helftone.com
ebeip90
·5 年前·議論
For those using zsh, you can get better quoting (and only when necessary, and handles non-printable characters and newlines better) than using printf.

run() { if dry; then echo "${(q-)@}" else "$@" fi }
ebeip90
·5 年前·議論
Not only does it do this, it does all kinds of forward emulation, thanks to Unicorn.

https://github.com/pwndbg/pwndbg/blob/dev/caps/disasm_taken_...

This also works for stepping through e.g. ROP gadgets during exploitation.
ebeip90
·5 年前·議論
Pwndbg author here, glad that you like it!

If you think there are any ways we can improve, please don't hesitate to create an Issue on Github for new features or bug fixes.
ebeip90
·5 年前·議論
Mac still has AppleScript, and for the past several years you can write Javascript (JXA) to achieve the same goals, with an extremely similar interface but a less-insane syntax