@wirepair@mastodon.social
@wirepair@mastodon.social avatar

wirepair

@wirepair@mastodon.social

Principal Vulnerability Research Engineer - Vulnerability Research @ GitLab. Does GameDev at Night some times. In Japan for the foreseeable future.

This profile is from a federated server and may be incomplete. Browse more on the original instance.

wirepair, to random
@wirepair@mastodon.social avatar

People answering requests for advice with chatgpt responses can fuck right off.

wirepair, to random
@wirepair@mastodon.social avatar

> We find that
LLMs can pinpoint many more issues than traditional static
analysis tools, outperforming traditional tools in terms of recall
and F1 scores.

Here we fucking go folks. ROLLS EYES SO HARD THEY BURN THROUGH BACK OF SKULL

wirepair, to random
@wirepair@mastodon.social avatar

dude, never make a survey take more than 10 minutes https://user-surveys.cs.fau.de/index.php?r=survey%2Findex&sid=361794

wirepair, to random
@wirepair@mastodon.social avatar

I dunno what this illness is but it hurts. Feels like someone punched both my kidneys and jabbed all my joints with needles

wirepair, to random
@wirepair@mastodon.social avatar

TIL: You can do scripting in CSharp with Microsoft.CodeAnalysis.CSharp.Scripting:

https://github.com/dotnet/roslyn/blob/main/docs/wiki/Scripting-API-Samples.md#expr

wirepair, to random
@wirepair@mastodon.social avatar

yep, memory management is hurrd https://github.com/jrouwe/JoltPhysics/issues/1088

wirepair, to random
@wirepair@mastodon.social avatar

blarg https://github.com/jrouwe/JoltPhysics/issues/1088 this is a strange bug, i bet I am doing something wrong

wirepair, to random
@wirepair@mastodon.social avatar

https://arxiv.org/abs/2404.15596
gasp someone finally realized that intra-procedural detection of vulns using ML is actually not all that helpful!?

wirepair, to random
@wirepair@mastodon.social avatar

Whatever happened to that bug bed scare that was sweeping the world, did we win?

Starship Troopers GIF

wirepair, to random
@wirepair@mastodon.social avatar

Aww yah bringing back Takeshi castle https://youtu.be/hBEzf_BPSs4?si=v7ct48uMqNw9KyH2

wirepair, to random
@wirepair@mastodon.social avatar

Maybe I’ll try red wine only booze consumption for a while… https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9535674/

> For example, greater beer and spirit consumptions have been correlated with a higher waist‐to‐hip ratio. Conversely, wine has largely shown null or inverse associations with waist‐to‐hip ratio.

wirepair, to random
@wirepair@mastodon.social avatar

Yep, I’m in Texas

wirepair, to random
@wirepair@mastodon.social avatar

My wife just gifted me aggretsuko line stamps and they are wonderful

wirepair, to random
@wirepair@mastodon.social avatar

https://arxiv.org/pdf/2402.18189.pdf now THIS is kinda more what i was thinking, but not images... gotta read this paper now

wirepair, to random
@wirepair@mastodon.social avatar

is... a project really necessary for this? https://github.com/migtissera/Sensei isn't that literally these models jobs?

wirepair, to random
@wirepair@mastodon.social avatar

oh my fucking god https://www.youtube.com/watch?v=nOp57ck-1Rs dude...

@gsuberland you'll like this one.

wirepair, to gamedev
@wirepair@mastodon.social avatar

Latest post on how I got movement working for server/clients using some trigonometry which I definitely had never used before!

https://wirepair.org/2024/02/10/understanding-basic-trigonometry-to-calculate-movement-for-server-clients/

wirepair, to random
@wirepair@mastodon.social avatar

mmm adding lerp into the mix makes my character bounce suddenly which is.. Weird. heh

wirepair, to random
@wirepair@mastodon.social avatar

YAML is the new XML.

wirepair, to random
@wirepair@mastodon.social avatar

I would LEGIT shoulder check this dude if he tried that in front of me on the stairs https://www.youtube.com/watch?v=UvkgmyfMPks&t=225s

wirepair, to random
@wirepair@mastodon.social avatar

like this is cool shit, and probably one of the few legit use cases i've seen for LLMs and security: https://security.googleblog.com/2023/08/ai-powered-fuzzing-breaking-bug-hunting.html

wirepair, to random
@wirepair@mastodon.social avatar

oof on riot laying off 11% of workforce:

https://www.riotgames.com/en/news/2024-player-update

wirepair, to random
@wirepair@mastodon.social avatar

Friendly reminder if you answer LinkedIn “ask the expert” nonsense, not only are you giving free labor, your answers are mostly being used for training AI models with RLHF

wirepair, to random
@wirepair@mastodon.social avatar

thinking out loud regarding protecting messages with ChaChaPoly1205.

Right now each message has a nonce sent with it, this is a serious waste of bandwidth for a game and I don't think the protection is necessary. Instead each session generates a unique key for each user and also sends a nonce-generating-key to be used in libsodium's: randombytes_buf_deterministic with nonce-generating-key+packetsequenceid.

I think this should be safe since sessions will last a few hours max... (I think?)

wirepair, to random
@wirepair@mastodon.social avatar

it's time for .. spot the redirect vulnerability in .NET MVC!

[HttpGet]  
 public IActionResult LogOnTryCreate(string returnUrl)  
 {  
 if (Uri.TryCreate(returnUrl, UriKind.Relative, out var result))  
 {  
 return Redirect(result.ToString());  
 }  
 // ...   
 }

What input would allow an attacker to redirect a user to a third party site and why?

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • osvaldo12
  • DreamBathrooms
  • mdbf
  • InstantRegret
  • ngwrru68w68
  • magazineikmin
  • everett
  • thenastyranch
  • Youngstown
  • slotface
  • cisconetworking
  • kavyap
  • ethstaker
  • JUstTest
  • modclub
  • GTA5RPClips
  • khanakhh
  • tacticalgear
  • Durango
  • rosin
  • normalnudes
  • Leos
  • provamag3
  • tester
  • cubers
  • anitta
  • lostlight
  • All magazines
    •