HackerTrans
TopNewTrendsCommentsPastAskShowJobs

aviCC

no profile record

Submissions

[untitled]

1 points·by aviCC·2 yıl önce·0 comments

[untitled]

1 points·by aviCC·2 yıl önce·0 comments

[untitled]

1 points·by aviCC·3 yıl önce·0 comments

Ask HN: Print “Hello World” in Python/C/Bash without use W&numbers in your code

1 points·by aviCC·3 yıl önce·1 comments

OAuth Flaw Exposed Social Media Logins to Account Takeover

bankinfosecurity.com
3 points·by aviCC·3 yıl önce·0 comments

[untitled]

1 points·by aviCC·3 yıl önce·0 comments

A New OAuth Vulnerability in a Framework Used in Hundreds of Websites

salt.security
9 points·by aviCC·3 yıl önce·1 comments

Booking.com account takeover shows possible pitfalls in OAuth implementations

csoonline.com
11 points·by aviCC·3 yıl önce·1 comments

Researchers took over Booking.com accounts using a legitimate Facebook link

4 points·by aviCC·3 yıl önce·1 comments

[untitled]

1 points·by aviCC·3 yıl önce·0 comments

[untitled]

1 points·by aviCC·4 yıl önce·0 comments

Ask HN: Programmers – do you still buy/read technical books?

40 points·by aviCC·4 yıl önce·46 comments

Ask HN: What's the best monitor size and type for heavy programmers?

3 points·by aviCC·4 yıl önce·3 comments

Ask HN: Programming courses with certificates – does it help you get a job?

1 points·by aviCC·4 yıl önce·1 comments

Ask HN: Self-learners – how do you give yourself a feedback?

7 points·by aviCC·4 yıl önce·2 comments

[untitled]

1 points·by aviCC·4 yıl önce·0 comments

comments

aviCC
·2 yıl önce·discuss
Wow if that's true and affects more websites, then it's super cool and huge
aviCC
·2 yıl önce·discuss
And a link, if you want to read the official blog post: https://salt.security/blog/security-flaws-within-chatgpt-ext...
aviCC
·2 yıl önce·discuss
Technical details: "The plugin does not authenticate the request, which means that the attacker can insert another memberId (aka the victim) and get a code that represents the victim. With that code, he can use ChatGPT and access the GitHub of the victim."
aviCC
·3 yıl önce·discuss
Invest money on companies who want to improve our life
aviCC
·3 yıl önce·discuss
https://platform.intervee.io/

Provides practical challenges with guidance for graduates in various subjects including Linux, Network, Security, and more..

Computer Science can sometimes be theoretical and learning from practical example is a must.
aviCC
·3 yıl önce·discuss
Actually, the CVE-2023-283131 vulnerability was published with the full details just two days ago. In April Expo published a short post but without too much technical information. You can find more details about CVE-2023-283131 in the link I shared here:

https://salt.security/blog/a-new-oauth-vulnerability-that-ma....

Thank you for bringing up the distinction, and I agree that OpenID can help address some of the issues, but not all of them...
aviCC
·3 yıl önce·discuss
TLDR: A direct link to the interesting technical information: https://salt.security/blog/a-new-oauth-vulnerability-that-ma...
aviCC
·3 yıl önce·discuss
Original article: https://salt.security/blog/traveling-with-oauth-account-take...
aviCC
·3 yıl önce·discuss
https://salt.security/blog/traveling-with-oauth-account-take...

Video: https://youtu.be/IK_AV1UFS-0
aviCC
·3 yıl önce·discuss
This is the link to the research, you provided a link to Reddit: https://salt.security/blog/traveling-with-oauth-account-take...
aviCC
·4 yıl önce·discuss
Makes sense. They are very useful as a monitor stand.
aviCC
·4 yıl önce·discuss
Lol, absolutely not
aviCC
·4 yıl önce·discuss
I use an 11 years old desktop computer, with a few upgrades (memory, SSD). It is good enough for my virtual machines and other heavy programs.

I don't see a reason to invest in a laptop if 90% of the time you work in the same place. For the other 10% - buy a cheap laptop.
aviCC
·4 yıl önce·discuss
I'm going to add a code design course to: https://platform.intervee.io/courses

with challenges that very similar to the problems you described. But it will take a few weeks to be ready.

For your question: Maybe they undervalue a well design code because it's hard to be measured. At the end of the day, you judge them based on their tasks and not quality. Try to give them a motivation to think like architects. What would happen if you ask them to be reviewed by a team member, before pushing it to your review?
aviCC
·4 yıl önce·discuss
Sounds great for Pool Roofing companies