zerdnem

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

zerdnem

We are exploring our options for "Terms of use" and "Privacy policy" generation

Good known options

• Write it based on other sites and have a lawyer check it (estimate $100 to $200 for 1 hour)
• https://www.iubenda.com/en
  • $27/year for hosted international privacy policy (no terms of use without $990/year)
  • Sample: https://www.iubenda.com/privacy-policy/8032310
• https://termsfeed.com/
  • Nickle and dime pricing
• $72 estimated for privacy policy

zerdnem

/**
 * example C code using libcurl and json-c
 * to post and return a payload using
 * http://jsonplaceholder.typicode.com
 *
 * Requirements:
 *
 * json-c - https://github.com/json-c/json-c
 * libcurl - http://curl.haxx.se/libcurl/c
 *