Notices by :niggy: (niggy@poa.st), page 3
-
:niggy: (niggy@poa.st)'s status on Sunday, 24-Sep-2023 19:07:04 JST 
:niggy:
her name is niggy -
:niggy: (niggy@poa.st)'s status on Wednesday, 13-Sep-2023 03:44:00 JST
:niggy:
the code bases are massive, 10s of millions of lines + all the 3rd party libraries, and these bugs are tiny and very hard to find. these are the kind of mistakes that cause memory corruption exploits:
- indexing an array at 1 instead of 0
- freeing an object, then using that object somewhere else
- freeing an object twice
these bugs are rarely even found by humans, but automated fuzzing. it’ll find the most obscure complicated edge-cases that cause these conditions, which a human can’t find by reading the code
-
:niggy: (niggy@poa.st)'s status on Thursday, 07-Sep-2023 10:05:31 JST
:niggy:
got community note access -
:niggy: (niggy@poa.st)'s status on Thursday, 07-Sep-2023 09:29:26 JST
:niggy:
her name is niggy -
:niggy: (niggy@poa.st)'s status on Wednesday, 30-Aug-2023 16:11:09 JST
:niggy:
@Zerglingman @graf no XSS stuff, people worked pretty hard at finding all those vectors in the backend, and the standard Poast frontend (Soapbox) dev is actually competent and has CSP that mitigates that. Soapbox has never had a XSS vulnerability I believe
Even a couple of years ago when I reported exploitable HTML injection (forms + css), there wasn't XSS -
:niggy: (niggy@poa.st)'s status on Tuesday, 22-Aug-2023 23:25:17 JST
:niggy:
@mac_ack @kvit her name is tenshiggy -
:niggy: (niggy@poa.st)'s status on Tuesday, 22-Aug-2023 20:54:09 JST
:niggy:
@jeff oh she is very cute -
:niggy: (niggy@poa.st)'s status on Monday, 21-Aug-2023 16:29:45 JST
:niggy:
@mac_ack her name is niggy -
:niggy: (niggy@poa.st)'s status on Monday, 21-Aug-2023 07:56:36 JST
:niggy:
@MMS21 hmm -
:niggy: (niggy@poa.st)'s status on Saturday, 19-Aug-2023 22:46:24 JST
:niggy:
@luithe @theorytoe -
:niggy: (niggy@poa.st)'s status on Thursday, 17-Aug-2023 19:54:51 JST
:niggy:
@riserise -
:niggy: (niggy@poa.st)'s status on Sunday, 13-Aug-2023 12:27:42 JST
:niggy:
@akariposter @jetzkrieg her name is niggy -
:niggy: (niggy@poa.st)'s status on Saturday, 12-Aug-2023 15:21:20 JST
:niggy:
@Zerglingman always given me issues with bugs and crashes but still love it, really nothing better out there for vector graphics
only Illustrator is comparable in some ways, but windows only -
:niggy: (niggy@poa.st)'s status on Friday, 11-Aug-2023 17:56:35 JST
:niggy:
he was threatening to dox big twitter account (monitoringbias), he's been at UMN for a decade
first he tried denying I had anything but stopped responding after I emailed his financial records from UMN payroll
hopefully he won't be doxing anyone now -
:niggy: (niggy@poa.st)'s status on Friday, 11-Aug-2023 17:56:35 JST
:niggy:
think I've successfully just used this data to blackmail a libtard journalist, a month later and still getting value from it -
:niggy: (niggy@poa.st)'s status on Thursday, 10-Aug-2023 23:33:43 JST
:niggy:
after 12 years just noticed a cod zombies load screen has a friendship wheel -
:niggy: (niggy@poa.st)'s status on Saturday, 05-Aug-2023 00:00:43 JST
:niggy:
@WashedOutGundamPilot @moth_ball friend can you translate these lunar sigils? -
:niggy: (niggy@poa.st)'s status on Friday, 04-Aug-2023 23:54:02 JST
:niggy:
@Pawlicker @alex @lain don't worry friend, I am auditing it -
:niggy: (niggy@poa.st)'s status on Friday, 04-Aug-2023 21:14:42 JST
:niggy:
Hello friends, if you run a Pleroma instance please read this post. I've also attached a heavily redacted version of the issue report.
RT: https://lain.com/objects/ac3fabce-5d9f-4200-bed7-b6d2f748a9e1 -
:niggy: (niggy@poa.st)'s status on Saturday, 29-Jul-2023 15:34:12 JST
:niggy:
@zero @cassidyclown @EdBoatConnoisseur @special-boy If you configure a wireguard/openvpn client you should be able to set up custom routing rules friend. most VPN services give standard configs that just route 0.0.0.0/0 (everything) by default
All 076萌SNS content and data are available under the