I hereby claim:
- I am arkadiyt on github.
- I am arkadiyt (https://keybase.io/arkadiyt) on keybase.
- I have a public key whose fingerprint is F5A7 AB36 B8B6 6B9F 77D9 452C B6AE 1E34 2F87 804B
To claim this, I am signing this object:
I hereby claim:
To claim this, I am signing this object:
Month | Link | |
---|---|---|
August 2017 | https://news.ycombinator.com/item?id=14901313 | |
July 2017 | https://news.ycombinator.com/item?id=14688684 | |
June 2017 | https://news.ycombinator.com/item?id=14460777 | |
May 2017 | https://news.ycombinator.com/item?id=14238005 | |
April 2017 | https://news.ycombinator.com/item?id=14023198 | |
March 2017 | https://news.ycombinator.com/item?id=13764728 | |
February 2017 | https://news.ycombinator.com/item?id=13541679 | |
January 2017 | https://news.ycombinator.com/item?id=13301832 | |
December 2016 | https://news.ycombinator.com/item?id=13080280 |
Rubygems blog post: http://blog.rubygems.org/2017/08/27/2.6.13-released.html
Ruby-lang blog post: https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/
Description:
Rubygems supports a gem server discovery mechanism, where if you set your gem source as https://example.com
, the gem client will do a SRV dns lookup on _rubygems._tcp.example.com
to determine where it should send requests to.
A MITM can intercept that dns request and return whatever server they want, forcing the gem client to download code from a malicious server.
#!/usr/bin/env bash | |
set -e | |
# Usage: | |
# ./assume-exec.sh --role-arn=<role-to-assume> \ | |
# --role-session-name=<name-for-session> \ | |
# --external-id=<external-id> -- <command-to-run> | |
while [ $# -gt 0 ]; do | |
case "$1" in |
Hello, | |
This message will help you determine if your Amazon SageMaker Canvas App is affected by the issue disclosed in CVE-2021-44228 [1] relating to Apache Log4j, and provide steps you can take to address the issue. Please note that these actions will not delete any of your datasets or model but will only apply the fix in the app needed for remediating the CVE. | |
1) Determine regions in which you have created a Canvas App. | |
2) Search Amazon SageMaker in AWS Console and click on it. This will take you to SageMaker Console Dashboard. | |
3) In the left Navigation, under “SageMaker Domain”, click on “Canvas”. This will take you to the list of domain users you have created. |
Vanguard: | |
- Your new password must have 6–20 characters, with at least 2 letters and 2 numbers. | |
Bank of America: | |
- Contain 8 to 20 characters | |
- Have at least 1 uppercase letter, 1 lowercase letter, and 1 number | |
- Not repeat the same number or letter more than 3 times in a row | |
- Not include spaces, and contain only the following special characters: @ # * ( ) + = { } / ? ~ ; , . - _ | |
Chase: |
require 'base64' | |
require 'json' | |
require 'openssl' | |
require 'time' | |
def secure_compare(a, b) | |
return false unless a.bytesize == b.bytesize | |
l = a.unpack "C#{a.bytesize}" |
## Configuration file for a typical Tor user | |
## Last updated 28 February 2019 for Tor 0.3.5.1-alpha. | |
## (may or may not work for much older or much newer versions of Tor.) | |
## | |
## Lines that begin with "## " try to explain what's going on. Lines | |
## that begin with just "#" are disabled commands: you can enable them | |
## by removing the "#" symbol. | |
## | |
## See 'man tor', or https://www.torproject.org/docs/tor-manual.html, | |
## for more options you can use in this file. |
Cryptopals is a set of cryptographic challenges, originally published here: https://cryptopals.com
Set 8 of the challenges was never published publicly, until late March 2018. However the cryptopals website was not updated to include the challenges. This gist compiles the 8th set of the Cryptopals challenges.
title | link |
---|---|
57. Diffie-Hellman Revisited: Small Subgroup Confinement | https://toadstyle.org/cryptopals/513b590b41d19eff3a0aa028023349fd.txt |
58. Pollard's Method for Catching Kangaroos | https://toadstyle.org/cryptopals/3e17c7b35fcf491d08c989081ed18c9a.txt |
59. Elliptic Curve Diffie-Hellman and Invalid-Curve Attacks | https://toadstyle.org/cryptopals/a0833e607878a80fdc0808f889c721b1.txt |
Hello, | |
Google was notified that your Chrome Web Store item, “Zoom Redirector" with ID fmaeeiocbalinknpdkjjfogehkdcbkcd, allegedly infringes upon the trademark(s) of other(s). | |
As a result, your item was removed from the Chrome Web Store. | |
We have attached a copy of the original notice we received for your reference. If you have any questions or concerns about this issue, please address them directly to the complainant: enf.zoom.1704282@enfappdetex.com. | |
If the complainant responds to the original trademark notice to authorize the republishing of your item, and your item does not otherwise violate the Developer Terms of Service, Program Policies or Branding Guidelines, we will reinstate it. Otherwise, if your account is still in good standing and the nature of your item allows for republishing, you may consider releasing a new, non-infringing version of your item to the Chrome Web Store under a new package name. These are the only avenues for reinstatement. Any attempts to republish this extension will be den |