thesamesam

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Background

On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that

veekaybee

Anti-hype LLM reading list

Goals: Add links that are reasonable and good explanations of how stuff works. No hype and no vendor content if possible. Practical first-hand accounts of models in prod eagerly sought.

Foundational Concepts

Pre-Transformer Models

younesbelkada

# coding=utf-8
# Copyright 2023 The HuggingFace Inc. team. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software

pudquick

brew is a bad neighbor

This isn't a guide about locking down homebrew so that it can't touch the rest of your system security-wise.

This guide doesn't fix the inherent security issues of a package management system that will literally yell at you if you try to do something about "huh, maybe it's not great my executables are writeable by my account without requiring authorization first".

But it absolutely is a guide about shoving it into its own little corner so that you can take it or leave it as you see fit, instead of just letting the project do what it likes like completely taking over permissions and ownership of a directory that might be in use by other software on your Mac and stomping all over their contents.

By following this guide you will:

• Never have to run sudo to forcefully change permissions of some directory to be owned by your account

squarism

Tabs and Windows

Function	Shortcut
New Tab	⌘ + T
Close Tab or Window	⌘ + W (same as many mac apps)
Go to Tab	⌘ + Number Key (ie: ⌘2 is 2nd tab)
Go to Split Pane by Direction	⌘ + Option + Arrow Key
Cycle iTerm Windows	⌘ + backtick (true of all mac apps and works with desktops/mission control)

davidejones

#!/bin/bash

instance_profile=`curl http://169.254.169.254/latest/meta-data/iam/security-credentials/`
aws_access_key_id=`curl http://169.254.169.254/latest/meta-data/iam/security-credentials/${instance_profile} | grep AccessKeyId | cut -d':' -f2 | sed 's/[^0-9A-Z]*//g'`
aws_secret_access_key=`curl http://169.254.169.254/latest/meta-data/iam/security-credentials/${instance_profile} | grep SecretAccessKey | cut -d':' -f2 | sed 's/[^0-9A-Za-z/+=]*//g'`
token=`curl -s http://169.254.169.254/latest/meta-data/iam/security-credentials/${instance_profile} | sed -n '/Token/{p;}' | cut -f4 -d'"'`

file="somefile.deb"
bucket="some-bucket-of-mine"
date="`date +'%a, %d %b %Y %H:%M:%S %z'`"

viktorklang

(*
Installation instructions
=========================

Run as an Application:
1) Open AppleScript Editor and create a new script
2) Paste this file into it
3) Save name it '§(Toggle Wi-Fi)'
   - Or substitute '§' for a symbol that you can press with a single key
4) Put it in Applications/Utilities

joshenders

Original: http://www.shadowandy.net/2012/03/asus-rt-n66u-tomatousb-firmware-flashing-guide.htm

Download Asus RT-N66U Flash utility

• http://support.asus.com/ServiceHome.aspx?SLanguage=en

Download Shibby RT-N66U firmware

• http://tomato.groov.pl/download/K26RT-N/