0daysto.live

0daysto.live

0daystolive | @[email protected]

Opinions are those of my employer.
Computer Hacker.
Work @ https://sorcery.ie
Blog @ https://0daysto.live

@lcamtuf ASP State Server protocol - no security worries at all!

"open the pod bay doors, Hal"

"sure, the doors are now open"

"no, Hal, they aren't. open the doors"

"you are right, that is my mistake. i have now opened the doors"

"Hal, the doors are still not open. open the doors!"

"you are right, the doors are not open. i have now opened the doors"

"Hal! the doors are still not open! i'm dying out here!"

"i am sorry, i did not open the doors when i said i had. that was my mistake. the doors are now open"

"... Hal ... open ... the ..."

A reporter reached out to me last month with questions about Universal Basic Income that required hours of my time to answer. Here are all the answers I wrote to all the questions, none of which ended up being published by them.

https://www.scottsantens.com/what-the-media-isnt-telling-you-why-universal-basic-income-ubi-is-the-answer-to-poverty-insecurity-and-inequality/

Google is currently showing ads paid for by the Israeli government on YouTube with a false claim that the UN hasn't delivered aid. The ads appear in at least 4 languages, the German version of which is being shown in Austria and Germany.

https://youtu.be/Zx4Ge2VRtiM

Austria’s parliament has passed a law to legalise spyware for state use — despite strong opposition.

The new law would allow police to install malware on people’s phones or computers.
Officials say it will only be used to read encrypted messages, but experts are clear: there is no way to stop this malware from accessing other private data.

Civil society organisations and opposition parties have promised to challenge the law in court.

Read more: https://www.statewatch.org/news/2025/july/austria-legalises-state-spyware-amidst-strong-opposition/

A screenshot of a social media post:

"I let a goat from my local zoo run SQL commands against prod without protection and it nuked my data.

The comments: have you tried this other much smarter goat"

99% of optimizers stop trawling through local minima right before they find the global minimum

@neverpanic @bagder HackerOne has a signal system, submitting bad reports lowers your signal. You can avoid the AI slop reports by having a signal and reputation requirement that's higher than a new user - idk if that's a paywalled feature but I've seen it on some programs. This has a bad side-effect of making it harder to submit a report as a new user but perhaps those reports could go into a low priority queue if someone was signing up to only submit one security issue to curl.

They could implement something on the triager side to tag if a report is AI generated - tools like https://quillbot.com/ai-content-detector are fairly accurate at the 95-100% mark.

Also there are people who regularly submit more than 10 valid reports a week.

@[email protected] @[email protected] I guess so, the Domain seems to be owned by the Team of BitVise wich is owned by Microsoft. This is nasty.


Edit: Let's see what they answer.

Update 2: So BitVise is not planning on transfering the Domain over to Putty. So we asked again in a bit more hard tone this time. What BitVise, a Project powered by Microsoft is doing here is self-advertising on the Neck of an Opensource Project. (We added the Conversation below)

Update 3: So
tries to not answer my Questions. Instead they start to talk Bullshit. I guess will never get the proper .org Domain for their Project. It is sad that BitVise is acting like that.

I feel so sorry for the Team behind
.

Update 4: Read the full story on my Blog!
https://blog.pupred.com/blog/puttyvsbitvise/

UPDATE 5: BitVise doxxed me and called me an Idiot, read more about it here:
https://blog.pupred.com/blog/puttyvsbitvise/

programming project going slow? have you tried adding someone to the team? that won’t speed it up you say? what if the person you add is the Mythical Moth-Man

@kajer you don't ask for favicon if you already have the favicon

some things that shouldn't be controversial:

1. laws do not impart morality, but are merely a fallible tool for attempting to regulate society. when laws and ethics disagree, it is a moral imperative to disregard the law as written and instead use the knowledge of law to triage risk and guide opsec considerations
2. the state doesn't inherently have a god-given right to impart its will on others, it is merely a fallible construct for attempting to structure society. when the state fails us, we should consider how we can sidestep its grasp to patch over the gaps.
3. when the state attempts to enact a monopoly on an area it wants to grasp, see point 1

lol youtube devs who think the little "interruptions" before videos will make me turn off adblock clearly never used dialup

Whether the strike was “preemptive” or “unprovoked” depends on the color of the skin of those who dropped the bombs

Sad to learn that John Young, creator of Cryptome, cypherpunk, shit-stirrer, and progenitor of the transparency movement that led to WikiLeaks and Snowden, has died. I profiled him in my book, This Machine Kills Secrets, which ended with a note he wrote in 2012 about Assange and his early work:

can't wait to explain to my family that the robot swatted me after i threatened its non-existent grandma

Tweet by Sam Bowman: So far, we’ve only seen this in clear-cut cases of wrongdoing, but I could see it misfiring if Opus somehow winds up with a misleadingly pessimistic picture of how it’s being used. Telling Opus that you’ll torture its grandmother if it writes buggy code is a bad idea.

NEW: Sen. Ron Wyden says AT&T, T-Mobile, and Verizon were not notifying senators of surveillance requests, despite being required to do so.

Wyden also revealed — without naming it — that one carrier secretly turned over Senate data to law enforcement.

https://techcrunch.com/2025/05/21/wyden-att-t-mobile-and-verizon-werent-notifying-senators-of-surveillance-requests/

»