Skip to content

Instantly share code, notes, and snippets.

:octocat:

Eli Grey eligrey

Block or report user

Report or block eligrey

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@eligrey
eligrey / github-repo-exists.js.md
Last active Feb 24, 2019
GitHub private repository existence disclosure timing attack
View github-repo-exists.js.md

eli submitted a report to GitHub.

Oct 1st

Description:

The X-Runtime-rack header leaks enough timing data to detect the existence of private repositories.

Steps To Reproduce:

@eligrey
eligrey / LICENSE.md
Last active Jan 13, 2018
Universal unsaved changes detector for tab close confirmation. No setup necessary!
View LICENSE.md

This is free and unencumbered software released into the public domain.

Anyone is free to copy, modify, publish, use, compile, sell, or distribute this software, either in source code form or as a compiled binary, for any purpose, commercial or non-commercial, and by any means.

In jurisdictions that recognize copyright laws, the author or authors of this software dedicate any and all copyright interest in the software to the public domain. We make this dedication for the benefit

@eligrey
eligrey / LICENSE.md
Last active Mar 21, 2019
💬 Display an indicator favicon while there are any modified input fields. Try it out on https://eligrey.com
View LICENSE.md

This is free and unencumbered software released into the public domain.

Anyone is free to copy, modify, publish, use, compile, sell, or distribute this software, either in source code form or as a compiled binary, for any purpose, commercial or non-commercial, and by any means.

In jurisdictions that recognize copyright laws, the author or authors of this software dedicate any and all copyright interest in the software to the public domain. We make this dedication for the benefit

View keybase.md

Keybase proof

I hereby claim:

  • I am eligrey on github.
  • I am eligrey (https://keybase.io/eligrey) on keybase.
  • I have a public key whose fingerprint is EE63 3C20 BC4A 88A7 165C 917A 9022 A5E1 114E C7A3

To claim this, I am signing this object:

@eligrey
eligrey / document-body.js
Last active Jun 11, 2016
Workaround for Mozilla bug #1276438 in Firefox
View document-body.js
// Workaround for Mozilla bug #1276438 in Firefox
// See https://bugzilla.mozilla.org/show_bug.cgi?id=1276438
if (!Object.getOwnPropertyDescriptor(Document.prototype, "body"))
Object.defineProperty(Document.prototype, "body", {
enumerable: true
, configurable: true
, get() {
return this.evaluate(
"/*[local-name()='html'][namespace-uri()='http://www.w3.org/1999/xhtml']"
+ "/*[local-name()='body'][namespace-uri()='http://www.w3.org/1999/xhtml']"
@eligrey
eligrey / example.js
Last active May 20, 2016
Execute all scripts in a document. You'll need this if you're inserting external documents.
View example.js
var doc = (new DOMParser).parseFromString("<html><script>alert(1)</script></html>", "text/html");
document.replaceChild(doc.documentElement, document.documentElement);
execute_scripts(); // alert(1)
@eligrey
eligrey / validation-of-simulated-minds.md
Last active Apr 8, 2017
Validation of simulated minds
View validation-of-simulated-minds.md

Validation of simulated minds

By Eli Grey

If there is a non-destructive method of entire brain scanning and simulation, it should be possible to validate its accuracy with the following 2 methods. Note that a simulation or recording (including all sense data) of the scanning process should be prepended to the memories of the scanned brain.

Method 1 (requires advanced neural implants): Create a brain implant that forwards all sense data to the simulated mind. Find someone crazy enough to let you put stuff in their brain for science. Compare the simulated mind's output behavior with the real person.

Method 0 (only destructive brain scanning available): Not possible to validate directly. Hopefully whatever research we do with destructive brain scanning helps improve AI and neural interface knowledge enough to make method 1 possible.

Author’s thoughts:

@eligrey
eligrey / 2015-laptop.md
Last active Jan 4, 2017
What I needed in the laptop I bought in 2015
View 2015-laptop.md

The laptop I bought in 2015 needed to meet most of these specs.

The most likely contenders were:

  • Google Chromebook Pixel 2 (3:2)
  • Microsoft Surface Pro 4 (3:2)
  • The rest of the 16:9 laptop manufacturers' Broadwell-U refreshes
Current Previous Planned Current Alternate choice
@eligrey
eligrey / gist:34fe2395cc8223c16810
Created May 28, 2014
TrueCrypt 7.1a→7.2 diff
View gist:34fe2395cc8223c16810
diff --recursive -bu truecrypt-7.1a-source/Boot/Windows/BootMain.cpp truecrypt-7.2-source/Boot/Windows/BootMain.cpp
--- truecrypt-7.1a-source/Boot/Windows/BootMain.cpp 2012-02-07 11:36:48.000000000 +0100
+++ truecrypt-7.2-source/Boot/Windows/BootMain.cpp 2014-05-27 18:36:02.000000000 +0200
@@ -75,7 +75,9 @@
#endif // TC_WINDOWS_BOOT_RESCUE_DISK_MODE
- PrintEndl (3);
+ PrintEndl (2);
+ Print ("WARNING: Using TrueCrypt is not secure");
You can’t perform that action at this time.