1·
39 minutes agoIt’s always hilarious to see angry racists write opinions on subjects they have no clue about https://oilprice.com/Energy/Coal/Chinas-Renewable-Boom-Masks-a-Quiet-Coal-to-Liquids-Expansion.html
☆ Yσɠƚԋσʂ ☆
- 5.13K Posts
- 8.09K Comments
Joined 6 years ago
Cake day: January 18th, 2020
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
lmao plausible
7·20 hours agoI’m quite confident just from reading the code, cause you can see exactly where the security breaks. Honestly, this is really basic stuff, and it’s kind of shocking. Like in the case of the signature, there’s no logical reason not to reject the activity as soon as auth fails, but instead it just happily marches on. Incidentally, another thing that’s worth noting is just how threadbare the test harness for the project is. Some of the issues would’ve been caught if there was better testing for authentication flows.
If the lead developer was a decent human being, I probably would’ve handled this differently. I have little interest of interacting with them, but it is worth at least making people aware of these serious issues in the software.
I’m deeply insulted I’m not on it already.
I haven’t tried maliciously attacking piefed instances if that’s what you’re asking, but these bugs are absolutely real. I did poke around to confirm the bits LLM found.
I’m amazed I’m not already 🤣
Yeah, it should literally be treated as malware as long as these kinds of security issues persist.
5·1 day agothese people just can’t help tell on themselves
lmao that’s definitely a bannable offence
I guess to be fair I never actually posted anything on piefed, I just called him out when he came to troll on lemmy.
Piefed might be a unique online forum where the lead dev is also the lead troll.
to be fair, they’re already on piefed which is basically the same thing culturally
I’m so insulted by not being on that list!
do go on