This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.
On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that
You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228
This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log| import os | |
| import pickle | |
| import warnings | |
| import numpy as np | |
| import pandas as pd | |
| from sklearn.model_selection import train_test_split | |
| from tensorflow.keras.callbacks import EarlyStopping | |
| from tensorflow.keras.layers import Dense | |
| from tensorflow.keras.layers import Dropout |
this is a rough draft and may be updated with more examples
GitHub was kind enough to grant me swift access to the Copilot test phase despite me @'ing them several hundred times about ICE. I would like to examine it not in terms of productivity, but security. How risky is it to allow an AI to write some or all of your code?
Ultimately, a human being must take responsibility for every line of code that is committed. AI should not be used for "responsibility washing." However, Copilot is a tool, and workers need their tools to be reliable. A carpenter doesn't have to
| (def safe-requires | |
| "List of namespaces to require and refer when inside user ns at load time. | |
| Can be given an initialization body to execute after having been required. | |
| To do so, wrap the lib spec in a vector, and all elements after the lib | |
| spec vector will be evaled after the lib spec has been required." | |
| '[[clojure.repl :as repl :refer (source apropos dir pst doc find-doc)] | |
| [clojure.java.javadoc :as javadoc :refer (javadoc)] | |
| [clojure.pprint :as pprint :refer (pp pprint)] | |
| [clojure.stacktrace :as stacktrace :refer (e)] |
This week NN Group released a video by Jakob Nielsen in which he attempts to help designers deal with the problem of customers being resistant to their new site/product redesign. The argument goes thusly:
There's slightly more to it than that, he caveats his argument with requiring you to have of course followed their best practices on product design, and allows for a period of customers being able to elect to continue to use the old site, although he says this is obviously only a temporary solution as you don't want to support both.
| upstream warehouse_inventory { | |
| zone inventory_service 64k; | |
| server 10.0.0.1:80; | |
| server 10.0.0.2:80; | |
| server 10.0.0.3:80; | |
| } | |
| upstream warehouse_pricing { | |
| zone pricing_service 64k; | |
| server 10.0.0.7:80; |
| " deoplete.vim contains vim settings relevant to the deoplete autocompletion | |
| " plugin | |
| " for more details about my neovim setup see: | |
| " http://afnan.io/2018-04-12/my-neovim-development-setup/ | |
| " deoplete options | |
| let g:deoplete#enable_at_startup = 1 | |
| let g:deoplete#enable_smart_case = 1 | |
| " disable autocomplete by default |
