| pronouns | he/they |
| homepage | https://andrewabernathy.com |
| pixelfed | https://pixelfed.social/@andrewabernathy |
| home location | Seattle, Washington, USA |
RE: https://mastodon.social/@Mastodon/116766061778856495
I've used the Patreon option for years at the $20/month tier, but they have lower (and higher) tiers, as well as custom one-time non-Patreon donation options. If you get any value from Mastodon and can afford to, please consider supporting social media which doesn't have a paywall, doesn't have ads, doesn't mess with your feed, doesn't lock you in, and isn't extracting and monetizing your personal data.
✈️ New Blog Post: Your Boarding Pass Is a Skeleton Key. Frontier Airlines Doesn't Care.
Frontier's mobile API returns full passport numbers, home addresses, children's DOB, credit card details, and KTNs for any booking. The only auth? A PNR and last name. Printed on every boarding pass.
Reported March 3rd. 105 days later, still live. They fixed the least important vuln and ghosted me on the rest. They also updated the website code and somehow made the leaks worse.
Full writeup: https://bobdahacker.com/blog/frontier-airlines-hack
#InfoSec #BugBounty #ResponsibleDisclosure #FrontierAirlines #Security #CyberSecurity #Privacy #Aviation #PCIDSS #DataExposure
How I found that anyone with a boarding pass photo can pull full passport numbers, home addresses, children's dates of birth, credit card details, and Known Traveler Numbers for every passenger on a Frontier Airlines booking. Reported March 3rd. Still live 105 days later.
One of the main skills of a landscape photographer is being there at the right time.
That usually means checking multiple weather apps, trying not to miss fog, rain clearing, clouds, tides, moonrise, etc. It is tiring, and it is easy to forget or miss the window.
That's why I built PhotoSignal - a web app for photography weather alerts.
Basic account is free.
I’ve just launched it, so I’d appreciate any feedback.
This is an amazing post. I had no idea about Fabrice Bellard
https://xcancel.com/ID_AA_Carmack/status/2064095424420487226
"Basically, LLMs often return content that reads similar to the query that users ask it, so brands doing AI-engine optimization can study what people are asking AI and can create content that closely mirrors those queries on Reddit."
It's getting bad. Like 80+% of our instance applications are AI-generated now, and it's a huge waste of time to action them.
There seem to be several different models, and they all use throwaway email providers and VPNs.
We have one model that just "wants community" in a couple sentences, one that is looking for "tech-minded, open source friends", one that just spews word-salad, one that copies and pastes other people's bios, and at least a couple that try various plausible messages.
The better they get, the more resources it takes us to identify and reject them.
They're like fucking fruit flies.
A Look at the Lisa’s Menu System
Marcin Wichary at Unsung: I’ve been emulating the Apple Lisa recently, and I was struck by how many of its UI strings were slightly or wholly different than what we’re used to. It makes sense. Lisa came out in 1983 as Mac’s predecessor and really the first GUI that is directly linked to what we’re using today. Even though it borrowed things from work done at Xerox, tons of conventions were not established yet.
BobDaHacker 🏳️⚧️
Anton Gorlin
Dgar
Jeffrey Bergier
Jon Henshaw
🅰🅻🅸🅲🅴 (🌈🦄)
512 Pixels