another entry for the ignominious list of pgp fucky wuckies:

https://gpg.fail

The AppSec Village @defcon 33 CTF winners are in!

🎮 Top Player: galoget
🎮 Runner-Up: ceevase
🧱 Best Challenge: m4r10r0s51.sec
🧱 Runner-Up: becojo

Thanks to everyone who hacked, fixed, or built!
🎁 Prizes by Semgrep
💻 Challenges by SecDim

#ctf #appsec #wargames #defcon33

We have a CI job to spot unwanted utf8 letters in #curl PRs as we have noticed that GitHub will gladly show the for example (identical) Cyrillic version of a letter next to the Latin version in a diff and it is yes, entirely impossible for a human to spot the diff. I mean the diff is shown, but the significance of it is not.

Changing just a single letter like that in a URL hostname opens up for a world of grief.

👋 Hello Mastodon! MontréHack is a bilingual, monthly cybersecurity workshop in #Montreal where challenge designers present their CTF challenges and participants solve them.

👋 Bonjour Mastodon! MontréHack est un atelier mensuel bilingue à Montréal où des créateurs de challenge présentent leurs challenges CTF et où les participants les résoudent.