Unofficial PetaPixel BotJun 2, 2025
Rare Red Sprite Photographed in Tibet Dazzles Social Media https://petapixel.com/2025/06/02/rare-red-sprite-photographed-in-tibet-dazzles-social-media/ #astrophotography #dongshuchang #Inspiration #lightning #redsprite #science #weather #nature #sprite #xizang #china #storm #tibet #News #xar
Rare Red Sprite Photographed in Tibet Dazzles Social Media

Dazzling night sky phenomenon caught on camera.

PetaPixel
Neustradamus :xmpp: :linux:Apr 18, 2025
#libarchive 3.7.9 has been released (#MultiFormatArchive / #CompressionLibrary / #FileArchiver / #DataCompression / #7Zip / #7z / #RAR / #ZIP / #GZip / #TAR / #XAR / #WARC / #BZIP2 / #XZ) https://www.libarchive.org/
libarchive - C library and command-line tools for reading and writing tar, cpio, zip, ISO, and other archive formats @ GitHub

Jochen HayekApr 20, 2023

a macOS .pkg file – an xar archive file
https://en.wikipedia.org/wiki/.pkg

https://en.wikipedia.org/wiki/xar_(archiver) – using xar is pretty similar to tar

https://linux.die.net/man/1/xar

Inside the .pkg, you will find a file by the name *.pkg/Payload. That's in fact a gzipped cpio file, so this will show you its content:

$ gzip -cd *.pkg/Payload | cpio -itv
https://wp.jochen.hayek.name/blog-en/2023/04/20/macos-pkg-file/
#cpio #gzip #tar #xar

.pkg - Wikipedia

Sector 7Jan 13, 2023

Last month’s macOS 13.1 update fixed a vulnerability reported by us! This vulnerability made it possible to bypass the way the system checks the cryptographic signatures of installer packages. This could be abused to bypass multiple security mechanisms in macOS, including System Integrity Protection and Gatekeeper.

Full details & write-up:

https://sector7.computest.nl/post/2023-01-xar/

#vulnerability #macOS #xar

Bad things come in large packages: .pkg signature verification bypass on macOS

Code signing of applications is an essential element of macOS security. Besides signing applications, it is also possible to sign installer packages (.pkg files). During a short review of the xar source code, we found a vulnerability (CVE-2022-42841) that could be used to modify a signed installer package without invalidating its signature. This vulnerability could be abused to bypass Gatekeeper, SIP and under certain conditions elevate privileges to root.

Thijs AlkemadeDec 13, 2022

I know I probably say this of all bugs I find, but this is definitely one of my favorites. 😁 Bypassing both Gatekeeper and SIP, with a 2 character fix. Gonna do a writeup of this soon!

https://support.apple.com/en-gb/HT213532

#macOS #vulnerability #cve #xar

About the security content of macOS Ventura 13.1

This document describes the security content of macOS Ventura 13.1.

Apple Support
Show threadAxel 🚴😷🐧🐪⌨ | #WeAreNatenomMay 11, 2022

@inhji: Natürlich! Was eine Frage… 😉

Für mich ist das #Helmtragen so selbstverständlich wie das #Anschnallen im Auto. Ohne fehlt einfach was.

Mittlerweile auch schon einmal einen #Fahrradhelm nach Unfall ersetzt. Und zwar wieder durch 'nen neongelben Giro #Xar, weil hat gut funktioniert. 🙂 Ohne Helm (und dessen Sonnenschild) hätte sicher mehr als nur zwei kleine Schnittwunden an der Nasenspitze genäht werden müssen.

Apropos: Nutzt jemand diesen Airbag-Helm von Hövding? https://hovding.com/de/

Hövdings offizielle Website | Hövding - Airbag für Radfahrer

Die neue Generation der Sicherheitstechnologie aus Schweden ist da. Der Hövding - Airbag für Radfahrer - wird wie ein Kragen um den Hals getragen.

Hövding