HackerTrans
TopNewTrendsCommentsPastAskShowJobs

lenovouser

no profile record

Submissions

Spam Package "Attack" on NPM

npmjs.com
2 points·by lenovouser·2 ปีที่แล้ว·1 comments

Ask HN: Articles, references and best practices of DDoS defense

1 points·by lenovouser·4 ปีที่แล้ว·0 comments

comments

lenovouser
·6 เดือนที่ผ่านมา·discuss
Enjoyed this, super readable. Would love more "postmortems" like it, and it’s neat that Telegram runs contests like this.
lenovouser
·2 ปีที่แล้ว·discuss
I have just seen this in their Slack, it is kind of crazy that no-one seems to really care. I thought they were really big, but apparently nobody was using them? If you for example search "Equinix Metal" on Google and then click on news nothing shows up.
lenovouser
·2 ปีที่แล้ว·discuss
This account is creating weird spam packages on npm. I can't figure out the reason for it, but it seems fairly elaborate. A lot of the packages depend on each other and the packages get updated over months with bullshit commits like here: https://github.com/erboladaiorg/et-itaque/commits/main/

Not sure what to make of it, I first thought it might be related to the Tea project which previously had the creation of spam packages associated with it, but I haven't found any reference to that in the package sources I looked at.
lenovouser
·4 ปีที่แล้ว·discuss
Why does it matter who he is at the company? I actually like the touch of not making a difference between "regular" employees and being Founder or CEO. On me this made a positive impression. In my opinion what matters is what is being said, not who is saying it.
lenovouser
·4 ปีที่แล้ว·discuss
This seems like a really stupid idea, reminds me a little bit of the Google auto-account-closing thing where no-one knows the real logic or algorithm behind it. And that doesn't work great at all either, as one can see by the countless HN threads of people getting their whole businesses destroyed due to that. Is one even going to get notified when someone gets auto-blocked by Twitter for them?