sneak @sneak@sneak.berlin

https://www.youtube.com/watch?v=Z3gMuN_cMaY

Signal Is Wrecking Your Images and Videos

https://sneak.berlin/20210425/signal-is-wrecking-your-images-and-videos/

it only just now occurred to me that i successfully predicted the solarwinds autoupdate class of attack last year:

https://github.com/signalapp/Signal-Desktop/issues/4578

https://github.com/bitwarden/desktop/issues/552

I wrote yesterday about how not to run a vulnerability disclosure program:

https://sneak.berlin/20210424/how-not-to-run-a-vulnerability-disclosure-program/

dan with my hedgehog, 2011. 😥

https://github.com/bitwarden/desktop/issues/552

https://arstechnica.com/gadgets/2021/04/hackers-backdoor-corporate-password-manager-and-steal-customer-data/

oh well, i tried

there was a gap of a few hours in between when my friend's death was announced and when his phone stopped sending delivery receipts to messages. that gap is over now and my temporary fantasy of him faking his own death is gone. this fucking sucks.

what year is the first martian suicide or homicide by 96% co2 atmosphere?

lol, amex takes vuln submissions and sends them to hackerone, and replies with an autoresponder that says you have to confirm the report, and claims that clicking the link means you agree to the hackerone contract.

the link, of course, completely fails to render without javascript.

i will not agree to this contract and i will not render hackerone's javascript.

guess amex's vuln is getting published in a month.

i just reported a security issue to amex. i told them i would publish it in 30 days, full stop. i wonder how they're going to respond to this.

people who don't like jordan peterson: what don't you like about what he says?

Walgreens are shitty liars.

hard to put one's faith in the rule of law when you have complete assclowns like this making decisions:

"Kavanaugh, who said it was absurd to judge him based on who he was in high school, thinks children convicted of crimes should die in prison."

https://mobile.twitter.com/VanityFair/status/1385362881596821507

https://www.vanityfair.com/news/2021/04/brett-kavanaugh-life-in-prison

you got it down... when you appear to be in pain.

RIP humpty 🥲

beautiful images of berlin:

https://lithub.com/on-being-an-outsider-words-by-charles-simic-photos-romeo-alaeff/

Is the BSC chain not actually open source?!!

https://github.com/binance-chain/node-binary/issues/2

is it just me or is the binance smart chain daemon not open source? I'm seeing the binaries on their github, but not the sources. (Additionally, the binaries don't have a LICENSE file or mention of the license in the readme.)

make sure you pay your fair share of tax money so they can spend it on training seminars like this one:

https://twitter.com/RzstProgramming/status/1385274653229285377

do you want variants? because this is how you get variants.