blah blah blah, this dude is completely full of shit
Here's the scoop
HackerOne works with a very small, select group of security "professionals" for bug bounties.
Burp Proxy is the primary tool used for exploitation.
Burp Proxy relays all high value exploits back to portswigger.net.
James Kettle via portswigger.net brokers those high value vulnerability reports back to that same select group of security "professionals" that then in turn beat other security researchers to the punch in terms of the payout.
And Uber's security team is a complete and total piece of shit. A while back I compromised Uber's m.uber.com mobile endpoint with multiple high value vulnerabilities via HackerOne's bug bounty, only to have this exact same "notaffy" dude get awarded the $35K bounty from Uber in the weeks that followed, and with Uber locking via HackerOne all of my disclosures so that this notaffy turd could get the complete payouts by claiming that he had discovered them first in the literal hours before I had submitted my bug bounty reports.
Weeks and weeks of research into Uber's backend via HackerOne using Burp Proxy, at least eight critical vulns disclosed to HackerOne / Uber including reflected XSS and remote code execution capability, not a single dime awarded to me and with HackerOne locking all of my disclosures.
Burp Proxy is completely backdoored. When you scan targets with Burp Proxy, all high value vulnerabilities go to portswigger.net. You are then competing with this small select group of douchebags to beat them to the disclosure punch, and even then if you win, HackerOne will still award those vulnerabilities to this small select group while locking your disclosures from public dissemination.
HackerOne is complete garbage.
Uber is complete garbage.
And most importantly, portswigger.net and Burp Proxy is completely compromised to aggregate all high value discovered vulnerabilities, to be brokered to this select group of dickheads that sit on their ass and wait for the logs to roll in, at which point you are competing with them for all of the work you've put into the bug bounty.
This is money printed out of thin air, to the detriment of the dollar's purchasing power, via Infinite Quantitative Easing operations which during the first rounds of QE1 and QE2 caused an almost overnight 20% collapse of the dollar's purchasing power.
While U.S. citizens are given a single $1,200 "stimulus" payment after completely unlawful shutdowns have destroyed small businesses and companies and resulting in unemployment numbers which are approaching unemployment levels during the Great Depression. And without a gold standard collateralizing the dollar to shield its purchasing power.
You are full of shit, U.S. workers have been absolutely displaced by absurd low cost engineering H1B from India. Just because you suck up to Aadesh to keep your job doesn't give validity to the fact that entire H1B corporations are taking over U.S. companies and then holding them hostage, because once you migrate your entire infrastructure over to HCL you are then completely fucked and held over their barrel of control over all technical operations.
These Indian onshore companies literally take over entire tech departments and then give the finger to whitey who's worked there for a decade or more, and it's always a corporate decision by some dumbfuck CEO with zero tech chops that does this while getting blowjobs from Abha in the exec washroom.
YC is fucking bullshit, what is a flagged post? This has upvotes, not downvotes, but based on "flagged post" this doesn't show up unless I login?
My post again, and stop flagging it you angry H1B workers that leave 20 pairs of shoes outside of your hovel:
-----
There is no question H1B visa holders can escalate through the ranks and make a bunch of cash in the United States.
And that's exactly what is wrong with the entire thing. That entire teams of Indian H1B visa holders will immediately get whitey off the project, every single time, while making sure that the hiring manager and technical team leads are always Indian. This is the caste system, re-invented here the U.S. And you cannot get shit done if you are a competent engineer dealing with an offshore team or onshore H1B team. They will not do what you tell them to do. They will argue about every single point. They will trash your credibility and refuse to implement anything, using groupthink that controls the entire project. Managing a team of onshore H1B workers is nothing but interoffice politics that they completely control in all aspects. It's blatantly racist and has destroyed U.S. worker opportunity in the engineering fields, all of them.
H1B is a complete scam, especially in the Beltway / Northern Virginia area where everything is a billable contract. Headhunters get their fee and/or a large chunk of the first year's hourly revenue. The company hiring the H1B worker is on some federal project or grant and is making the spread between what the headhunter charges and the hourly rate on the contract. The hiring company couldn't give a shit less about the quality of work provided by Indian H1B workers, nor is a college degree granted from an Indian university anywhere near what is required in the U.S. from an engineering perspective - there is no comparison in the quality of education, nor have I ever met a single H1B engineer that was better than anything but a limited segment of technology that they specialize in, by design, because that requires their team in order to complete the project.
Makes total sense if you're the headhunter and hiring company, both of whom only care about having a warm body in a seat that is billable, and you can get three warm bodies in the seat for the price of one market rate position using H1B. It's complete bullshit, a scam on the taxpayer and attack on U.S. workers. Worthless 99% of the time, and the 1% of H1B engineers that actually do know what they are doing are not worth the damage the H1B program has done to the entire U.S. technical space.
There is no question H1B visa holders can escalate through the ranks and make a bunch of cash in the United States.
And that's exactly what is wrong with the entire thing. That entire teams of Indian H1B visa holders will immediately get whitey off the project, every single time, while making sure that the hiring manager and technical team leads are always Indian. This is the caste system, re-invented here the U.S. And you cannot get shit done if you are a competent engineer dealing with an offshore team or onshore H1B team. They will not do what you tell them to do. They will argue about every single point. They will trash your credibility and refuse to implement anything, using groupthink that controls the entire project. Managing a team of onshore H1B workers is nothing but interoffice politics that they completely control in all aspects. It's blatantly racist and has destroyed U.S. worker opportunity in the engineering fields, all of them.
H1B is a complete scam, especially in the Beltway / Northern Virginia area where everything is a billable contract. Headhunters get their fee and/or a large chunk of the first year's hourly revenue. The company hiring the H1B worker is on some federal project or grant and is making the spread between what the headhunter charges and the hourly rate on the contract. The hiring company couldn't give a shit less about the quality of work provided by Indian H1B workers, nor is a college degree granted from an Indian university anywhere near what is required in the U.S. from an engineering perspective - there is no comparison in the quality of education, nor have I ever met a single H1B engineer that was better than anything but a limited segment of technology that they specialize in, by design, because that requires their team in order to complete the project.
Makes total sense if you're the headhunter and hiring company, both of whom only care about having a warm body in a seat that is billable, and you can get three warm bodies in the seat for the price of one market rate position using H1B. It's complete bullshit, a scam on the taxpayer and attack on U.S. workers. Worthless 99% of the time, and the 1% of H1B engineers that actually do know what they are doing are not worth the damage the H1B program has done to the entire U.S. technical space.
That's not the reality of H1B. The reality of H1B is a recruiting industry completely dominated by Indian headhunters, who submit only Indians and not native U.S. citizens to their corporate clients. Followed by Indian H1B recipients then moving into two or three bedroom apartments they share with 10 - 15 H1B visa recipients, everyone splitting the rent and utilities, and sending the majority of their cash back to India.
U.S. workers in the engineering and technical disciplines cannot compete with H1B visa applicants who are submitted at probably 30% market rates and wages, and openly discriminate in the work place if you're the token white dude U.S. citizen working in the same office. H1B is miserable, corporate welfare for Zuckerberg and Bezos.
The U.S. food supply chain was shutdown because almost every single governor in the country issued completely unlawful shutdown orders in direct contravention to the First Amendment's guarantee to peaceably assemble, so that each of those states would then become recipients of Infinite Quantitative Easing funds being printed out of thin air by the Federal Reserve.
Again, as mentioned in my previous comment Becker's scientific work with The Body Electric documented numerous instances of cellular mitosis being accelerated and other ill effects from electromagnetic fields much less powerful than what we are holding up to our ears these days.
These 5G picocells are phased antenna arrays that can perform beamforming with pinpoint directed energy. And they are coupled with Software Defined Radios that can be remotely upgraded with firmware updates.
Hitler almost took over the world, and we have significantly more advanced technology available to us these days since World War II. Depending on the RF front end of these picocells, what's to stop some potential next world dictator from turning all of these picocells into a global active denial system to prevent riots and civil unrest - because provably 95Ghz is already being used for ADS - especially if the picocell output power can be controlled via firmware update?
So here's your question back to you: how much output power are these picocells actually capable of?
And with active beamforming capability, what's to stop a government from turning these picocells into highly directional ADS nodes to prevent riots and protests?
These things are popping up next to tunnels and public transit ingress/egress in NYC, and public officials are refusing to comment on what they are being used for other than "it's something to do with Homeland Security":
All of this SDR-enabled 5G picocell gear from all vendors need to go through extensive teardown analysis from the technical community, to determine what amplifier components are being used. China wouldn't think for two seconds about rolling out that type of capability in their country to prevent civil unrest, and having remotely-upgradable amplifiers on every light pole that provably can interact with human tissue doesn't sound like a fun future to me.
This is completely not true, and the foregoing article ignores numerous aspects of the potential health concerns of millimeter wave radiation in the 95Ghz area of the spectrum.
1) 95Ghz millimeter wave provably and without question has the potential for adverse affects on human tissue. Active Denial Systems (https://jnlwp.defense.gov/About/Frequently-Asked-Questions/A... for example) use 95Mhz directed energy for so-called Non Lethal Weapons technology. This is not complex.
2) Based on poor signal propagation and inability to permeate through common materials used in most building construction, 95Ghz picocells are being deployed every couple hundred feet in areas with large buildings and superstructures. This is not something that can be opted out of, especially in densely populated urban areas.
3) The adverse effects of electromagnetic fields on biological tissue was extensively researched by Dr. Robert Becker and documented in his published scientific research as well as his book The Body Electric. All of this information was suppressed by academia and big pharma, he proved exponentially increased cellular mitosis rates, damage to DNA, and a host of other ill effects from EM fields at powers significantly less than today's mobile telephones and WiFi access points. There is a massive profit motive associated with mobile telephony, the Federal Communication Commission is one of the only, if not the only, self-funded government agencies in the U.S. and if you've ever consulted for them it shows. Armani suits, 7 Series in the parking lot, the FCC has loads of cash from spectrum allocation auctions where they receive billions of dollars for each chunk of the spectrum they auction off for use by mobile carriers.
Millimeter wave 5G should be completely stopped in its tracks until conclusive studies have been conducted. Hundreds if not thousands of scientists at this point have signed public letters to this effect, I am really surprised this is even a 5G positive topic of discussion on YC.
Very interesting paper. Did you settle on a method for NAT traversal with future revisions?
It looks like the Lambda worker limit is now bumped up to 1000, and with the possibility of automatic worker limit upgrades upon request if things like S3 triggers are being used.
Any idea what upper limits AWS is now allowing upon request?
Here's the scoop
HackerOne works with a very small, select group of security "professionals" for bug bounties.
Burp Proxy is the primary tool used for exploitation.
Burp Proxy relays all high value exploits back to portswigger.net.
James Kettle via portswigger.net brokers those high value vulnerability reports back to that same select group of security "professionals" that then in turn beat other security researchers to the punch in terms of the payout.
And Uber's security team is a complete and total piece of shit. A while back I compromised Uber's m.uber.com mobile endpoint with multiple high value vulnerabilities via HackerOne's bug bounty, only to have this exact same "notaffy" dude get awarded the $35K bounty from Uber in the weeks that followed, and with Uber locking via HackerOne all of my disclosures so that this notaffy turd could get the complete payouts by claiming that he had discovered them first in the literal hours before I had submitted my bug bounty reports.
Weeks and weeks of research into Uber's backend via HackerOne using Burp Proxy, at least eight critical vulns disclosed to HackerOne / Uber including reflected XSS and remote code execution capability, not a single dime awarded to me and with HackerOne locking all of my disclosures.
Burp Proxy is completely backdoored. When you scan targets with Burp Proxy, all high value vulnerabilities go to portswigger.net. You are then competing with this small select group of douchebags to beat them to the disclosure punch, and even then if you win, HackerOne will still award those vulnerabilities to this small select group while locking your disclosures from public dissemination.
HackerOne is complete garbage.
Uber is complete garbage.
And most importantly, portswigger.net and Burp Proxy is completely compromised to aggregate all high value discovered vulnerabilities, to be brokered to this select group of dickheads that sit on their ass and wait for the logs to roll in, at which point you are competing with them for all of the work you've put into the bug bounty.