Huh, seems Gemini uses the same thought process as I do
#Ubuntu Security at Canonical
When not fixing vulnerabilities, I collect and fix vintage #arcade cabinets.
Marc Deslauriers
@mdeslaur
- 138 Followers
- 227 Following
- 196 Posts
AI bug reports are unsustainable.
@wdormann So I guess we now have to obfuscate our new CVE description to not mention the heap overflow in the kernel which is what we fixed.
@wdormann Things are a bit more nuanced here...so Ubuntu ships with a polkit rule that allows admin users at the console to mount disks and loopback devices. While the heap overflow is in the kernel, CAP_SYS_ADMIN is required to mount filesystem images. We created the CVE as being Ubuntu specific, but the kernel CNA got upset and said they care about filesystem issues. So we transferred the CVE to them, and then they rejected it and told us to create a new one for our Ubuntu specific issue.
Lukasz OlejnikGREAT change is approaching. NIST will standardise prohibition of requirement of composing passwords from various character styles, and requirement for periodic password changes. These are harmful and obsolete rules. Now they will be treated as a cybersecurity weakness https://pages.nist.gov/800-63-4/sp800-63b.html
I wonder how many cars are going to survive Y2038.
snipe ⭑⭒⭒⭒⭒ 
Joseph CoxNew from 404 Media: more details on this year’s badge coder being physically escorted off stage
- spoke to Entropic (the hardware ppl). Said the task was “nearly impossible”
- #DEFCON said Entropic went 60% over budget
- more
https://www.404media.co/def-con-badge-maker-pulled-off-stage-amid-claims-of-non-payment-and-failed-work/
- spoke to Entropic (the hardware ppl). Said the task was “nearly impossible”
- #DEFCON said Entropic went 60% over budget
- more
https://www.404media.co/def-con-badge-maker-pulled-off-stage-amid-claims-of-non-payment-and-failed-work/
@hdm was great!