@cadey@pony.social
@cadey@pony.social avatar

cadey

@cadey@pony.social

🔞 Minors, please DNI

Any statements are my own, not my employer's

Archmage of Infrastructure, NixOS nephlemancer, kastermakfa, acquirer of S-tier waifus, one of six #pluralgang

ΘΔ

zi ya-so /zi ja.soʊ/

This profile is from a federated server and may be incomplete. Browse more on the original instance.

cadey, to random
@cadey@pony.social avatar

the old internet is dying, the new internet struggles to be born, now is the time of monsters

cadey, to random
@cadey@pony.social avatar

"No way to prevent this" says users of only programming language where this regularly happens

cadey,
@cadey@pony.social avatar

the syslog() function in glibc has a buffer overflow that lets attackers get root. it's had it SINCE FUCKING 1993. FOR MY ENTIRE TIME ON THIS PLANET.

When will enough be fucking enough and we ban the writing of new programs in C from an industry standards level?

cadey, to random
@cadey@pony.social avatar

Malware is just software that does something the user doesn't want it to. A good example is Microsoft Windows.

cadey, to random
@cadey@pony.social avatar

I tried using Email but the onboarding was very confusing. I have to choose a server? And I'm at the whims of server admins having petty disputes for if my posts are delivered to my friends?

cadey, to random
@cadey@pony.social avatar

You can take any PGP-encrypted e-mail whatsoever, reply to it with “I'm sorry, this appears as gibberish to me”, and the sender will sigh ruefully and re-send it as plaintext.

cadey, to random
@cadey@pony.social avatar

and the gods saw that prometheus had stolen the YAML, and the gods thundered "NO!", but prometheus did not understand, for he heard only "Norway"

cadey, to random
@cadey@pony.social avatar

Build yourself tools that only you will need

Keep the internet weird

cadey, to random
@cadey@pony.social avatar

"Slack hates the idea that anybody who uses it might ever develop any level of comfort with the program. I love their dedication to keeping me on my toes and slightly confused. It’s exactly what I want from an app that’s central to all my workflows."

cadey, to random
@cadey@pony.social avatar

Related to the latest round of everyone finding out what happens when you write image decoders in C++ now known as CVE-2023-5129: you may want to update every electron app on your machine as much as possible. Electron is built on the foundation of Google Chrome and it turns out that the webp vulnerability is also present in Electron. Annoyingly, this is going to require you to figure out which vendors have patched their apps for the vulnerability. Good luck.

You probably should update Discord immediately.

cadey, to random
@cadey@pony.social avatar

https://antidepressantsortolkien.vercel.app/

cadey, to random
@cadey@pony.social avatar

"No way to prevent this" say users of only language where this regularly happens

https://xeiaso.net/shitposts/no-way-to-prevent-this/CVE-2024-22252/

cadey, to random
@cadey@pony.social avatar

Piracy is preservation

cadey, to random
@cadey@pony.social avatar

This discord server could have been a forum post

cadey, to random
@cadey@pony.social avatar

A trans friend of mine just got banned from LinkedIn for not using the name on their driver's license. Is there anyone I know that can help them?

EDIT: this has been escalated with support, trust&safety, and other layers. This should be handled for now. Thanks anonymous helper!

cadey, to random
@cadey@pony.social avatar

Anything can be a message queue if you use it wrongly enough

https://xeiaso.net/blog/anything-message-queue

cadey, to random
@cadey@pony.social avatar

Becoming incredibly deranged watching people jump between a half dozen mobile-only centralized algorithmic troughs because the equivalent of an email address is too hard

cadey, to random
@cadey@pony.social avatar

"UPDATE: We have evidence to suggest that a known nation-state actor is actively exploiting CVE-2023-22515 and continue to work closely with our partners and customers to investigate." https://confluence.atlassian.com/security/cve-2023-22515-privilege-escalation-vulnerability-in-confluence-data-center-and-server-1295682276.html

exploit: post request with setup=false, post request for creating a new admin user https://github.com/Chocapikk/CVE-2023-22515/blob/main/exploit.py#L78-L92

If you run self-hosted and it is visible to the public internet, page on-call. This is super bad.

cadey, to random
@cadey@pony.social avatar

liblzma and xz version 5.6.0 and 5.6.1 are vulnerable to arbitrary code execution compromise

https://xeiaso.net/notes/2024/xz-vuln/

cadey, to random
@cadey@pony.social avatar

file extensions are just file pronouns

cadey, to random
@cadey@pony.social avatar

Wanna work with me to revolutionize DevRel at @flydotio? Apply today!

https://fly.io/jobs/developer-relations-engineer/

cadey, to random
@cadey@pony.social avatar

If you want me to change how I write my articles, you can pay me an eye-watering amount of money per article (more than I will ever make off of any individual article, even a super-banger).

cadey, to random
@cadey@pony.social avatar

Much ado about "nothing"

https://xeiaso.net/blog/2024/much-ado-about-nothing/

cadey, to random
@cadey@pony.social avatar

"No way to prevent this" says users of the only programming language where this regularly happens

https://xeiaso.net/shitposts/no-way-to-prevent-this/CVE-2023-6246/

cadey, to random
@cadey@pony.social avatar

"in general, 'run your open-source project so that people don't invoke Evangelion to explain the emotional experience of working on it' seems like good advice"

  • All
  • Subscribed
  • Moderated
  • Favorites
  • provamag3
  • InstantRegret
  • mdbf
  • ethstaker
  • magazineikmin
  • GTA5RPClips
  • rosin
  • thenastyranch
  • Youngstown
  • osvaldo12
  • slotface
  • khanakhh
  • kavyap
  • DreamBathrooms
  • JUstTest
  • Durango
  • everett
  • cisconetworking
  • Leos
  • normalnudes
  • cubers
  • modclub
  • ngwrru68w68
  • tacticalgear
  • megavids
  • anitta
  • tester
  • lostlight
  • All magazines
    •