Lesley Carhart 
Pals, I wrote about some common things I've seen across many #cybersecurity career mentoring sessions in recent months. https://tisiphone.net/2023/01/03/lessons-learned-from-cybersecurity-mentoring/
He/him 📍QLD AU
h4sh
- 4 Followers
- 54 Following
- 122 Posts
Security engineer, blue/red/purple team, open source enthusiast, bullshit detector
He/him 📍QLD AU
He/him 📍QLD AU
Space RogueFirst day back at work in the new year? Don't forget to update your passwords from ending in 22 to 23
https://ironicsans.substack.com/p/the-strangest-computer-manual-ever
We need more computer manuals like this
mhoyeLook, if a core Bitcoin developer can get their whole wallet emptied out unrecoverably on them, and that developer's immediate reflex is to start calling a centralized authority for help, it's time to stop pretending this entire cryptocurrency exercise is ever going to work. We're done here.
BrianKrebsYour periodic reminder that just because a URL is saved at archive.org doesn't mean it's going to stay there.
Last year, I wrote a series about proxy services marketed to cybercriminals, and that relied heavily on Archive.org links to document various connections. After my story ran, the person that those links concerned asked Archive to remove those links from their database, which they did. The person in question came back and said hey, what you said in your story is wrong because there's no supporting evidence and you must remove this. Archive.org confirmed they removed all of the pages at the request of the domain holder, and that was that.
If you stumble upon a page that is in archive.org and you want to make sure there is a record that won't be deleted at some point, consider saving the page to archive.today/archive.ph
Alternatively, of course, you could save the page locally, using something like Firefox's built-in full page screenshot (right click on page). Better yet, save the Archive.org pages you want locally.
ergetMy favourite review on Google Maps is for an Antarctic research station. Unfortunately, their penguin is not a people pleaser.
My code is full of bugs that create features
Featurebugs!
Haroon MeerWhen building a product - it’s surprisingly tempting to match competitor features even if you think they are bad ideas - because not having them sounds like a deficiency/un-smart.
It’s why so many products end up working equally badly.
controversial opinion: in C userland code, calling free() is completely unnecessary, and detrimental to security.
if there are no dynamically sized memory that needs resizing in your program, don't even use malloc(), just use the stack and int x = strlen(something); char buf[x]; if you use malloc, not calling free() will prevent the exploitation of ANY heap based memory bugs, including use-after-free and double-free (see the common thing about both? they need free()!)
the OS will reclaim all memory when your program exits. If you're making a server, make it multi-processed using fork instead of pthreads; that way when one of your sub-workers run out of memory when you don't free, just kill and spawn another one
if there are no dynamically sized memory that needs resizing in your program, don't even use malloc(), just use the stack and int x = strlen(something); char buf[x]; if you use malloc, not calling free() will prevent the exploitation of ANY heap based memory bugs, including use-after-free and double-free (see the common thing about both? they need free()!)
the OS will reclaim all memory when your program exits. If you're making a server, make it multi-processed using fork instead of pthreads; that way when one of your sub-workers run out of memory when you don't free, just kill and spawn another one
Mergan