💚🧡 𝘏𝘢𝘤𝘒𝘢𝘯
@hackancuba.bsky.social
Linuxero, informático y algo más... Me gustan las impresoras :) | GPG 0x35710D312FDE468B | Matrix: @hackan:http://mozilla.org | Mastodon: @hackancuba@fosstodon.org
Reposted by 💚🧡 𝘏𝘢𝘤𝘒𝘢𝘯
We only have a few of these left from the Dicefunder earlier this year and we will be selling them on Friday.
Good King Omund's Box of Dice
A new game for a new age! Draw Steel is the breathtaking new, action-oriented, fantasy RPG from MCDM that’s both fun to play and fun to run!
shop.mcdmproductions.com
November 26, 2025 at 7:11 AM
We only have a few of these left from the Dicefunder earlier this year and we will be selling them on Friday.
Reposted by 💚🧡 𝘏𝘢𝘤𝘒𝘢𝘯
Reposted by 💚🧡 𝘏𝘢𝘤𝘒𝘢𝘯
movie: we can't trace their payload, it's behind two layers of base64!
computer knowers: *groan*
reality:
computer knowers: *groan*
reality:
November 25, 2025 at 1:17 PM
movie: we can't trace their payload, it's behind two layers of base64!
computer knowers: *groan*
reality:
computer knowers: *groan*
reality:
Reposted by 💚🧡 𝘏𝘢𝘤𝘒𝘢𝘯
Level 4 DRAW STEEL Metal Troubadour - Riffs and a Song for the abilities!
YouTube video by BarcodeDM
www.youtube.com
November 19, 2025 at 10:46 PM
Reposted by 💚🧡 𝘏𝘢𝘤𝘒𝘢𝘯
Reposted by 💚🧡 𝘏𝘢𝘤𝘒𝘢𝘯
The “peace plan” for Ukraine is just a framework for Russia & the US to take assets away from Ukrainian recovery, and to ensure Russia evades accountability for war crimes
Europe can, and must, craft better with Ukraine
A point by point analysis of the shambles:
www.greatpower.us/p/28-points-...
Europe can, and must, craft better with Ukraine
A point by point analysis of the shambles:
www.greatpower.us/p/28-points-...
28 Points Later
A definitive guide to the Russian zombie diplomacy of Trump’s peace plan for Ukraine — aka what happens when you let the Russians eat your brains
www.greatpower.us
November 21, 2025 at 9:22 PM
The “peace plan” for Ukraine is just a framework for Russia & the US to take assets away from Ukrainian recovery, and to ensure Russia evades accountability for war crimes
Europe can, and must, craft better with Ukraine
A point by point analysis of the shambles:
www.greatpower.us/p/28-points-...
Europe can, and must, craft better with Ukraine
A point by point analysis of the shambles:
www.greatpower.us/p/28-points-...
Reposted by 💚🧡 𝘏𝘢𝘤𝘒𝘢𝘯
Draw Steel Ancestry Guide - Part 1! #drawsteel
YouTube video by Matthew Colville
youtu.be
November 22, 2025 at 3:16 AM
@hellomcdm.bsky.social hey guys, i have a quick question regarding discord: i was trying to join the server but it errors out; observing the request, i see a 403 response with "the user is banned from this guild", which is interesting, as I have never been in the server before :thinking:
any clues?
any clues?
November 8, 2025 at 12:26 AM
@hellomcdm.bsky.social hey guys, i have a quick question regarding discord: i was trying to join the server but it errors out; observing the request, i see a 403 response with "the user is banned from this guild", which is interesting, as I have never been in the server before :thinking:
any clues?
any clues?
Reposted by 💚🧡 𝘏𝘢𝘤𝘒𝘢𝘯
Some of the OPM memos ordering federal employees to return to offices and ordering hiring freezes were written by people who worked on Project 2025, according to metadata on the documents www.404media.co/opm-memos-to...
Memos to Federal Employees Were Written By People With Ties to Project 2025, Metadata Shows
James Sherk and Noah Peters appear as the authors of memos sent by the Office of Personnel Management.
www.404media.co
January 27, 2025 at 11:43 PM
Some of the OPM memos ordering federal employees to return to offices and ordering hiring freezes were written by people who worked on Project 2025, according to metadata on the documents www.404media.co/opm-memos-to...
Reposted by 💚🧡 𝘏𝘢𝘤𝘒𝘢𝘯
Accelerando is one of my favorite sci-fi novels. I would say it's been highly influential in tech.
Today I learned it is available for free under a CC license below.
(Yes, I am kind of slow for ebook news I prefer the physical stuff)
www.antipope.org/charlie/blog...
Today I learned it is available for free under a CC license below.
(Yes, I am kind of slow for ebook news I prefer the physical stuff)
www.antipope.org/charlie/blog...
Accelerando - Charlie's Diary
I hope that if you enjoy the ebook you'll consider buying my other books, but this is the only reminder you'll get. (I'm not into shareware with nag screens ...)
www.antipope.org
January 10, 2025 at 6:59 PM
Accelerando is one of my favorite sci-fi novels. I would say it's been highly influential in tech.
Today I learned it is available for free under a CC license below.
(Yes, I am kind of slow for ebook news I prefer the physical stuff)
www.antipope.org/charlie/blog...
Today I learned it is available for free under a CC license below.
(Yes, I am kind of slow for ebook news I prefer the physical stuff)
www.antipope.org/charlie/blog...
Reposted by 💚🧡 𝘏𝘢𝘤𝘒𝘢𝘯
I'm watching some folks reverse engineer the xz backdoor, sharing some *preliminary* analysis with permission.
The hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system().
It's RCE, not auth bypass, and gated/unreplayable.
The hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system().
It's RCE, not auth bypass, and gated/unreplayable.
This might be the best executed supply chain attack we've seen described in the open, and it's a nightmare scenario: malicious, competent, authorized upstream in a widely used library.
Looks like this got caught by chance. Wonder how long it would have taken otherwise.
Looks like this got caught by chance. Wonder how long it would have taken otherwise.
Woah. Backdoor in liblzma targeting ssh servers.
www.openwall.com/lists/oss-se...
It has everything: malicious upstream, masterful obfuscation, detection due to performance degradation, inclusion in OpenSSH via distro patches for systemd support…
Now I’m curious what it does in RSA_public_decrypt
www.openwall.com/lists/oss-se...
It has everything: malicious upstream, masterful obfuscation, detection due to performance degradation, inclusion in OpenSSH via distro patches for systemd support…
Now I’m curious what it does in RSA_public_decrypt
March 30, 2024 at 5:13 PM
I'm watching some folks reverse engineer the xz backdoor, sharing some *preliminary* analysis with permission.
The hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system().
It's RCE, not auth bypass, and gated/unreplayable.
The hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system().
It's RCE, not auth bypass, and gated/unreplayable.
A new #Blake2Signer major is incoming!
Likely to be released this week 🤘, but it could happen next one 😎
Likely to be released this week 🤘, but it could happen next one 😎
January 10, 2024 at 12:29 AM
A new #Blake2Signer major is incoming!
Likely to be released this week 🤘, but it could happen next one 😎
Likely to be released this week 🤘, but it could happen next one 😎
Blake2Signer Xmas Edition: gitlab.com/hackancuba/b...
A patch release w/ less than minor changes, but ensuring support for Python 3.12 (and upcoming releases) and PyPy 3.10. Also, this is the last one supporting Python 3.7, as a new major is up ahead, simply to ditch it :D
A patch release w/ less than minor changes, but ensuring support for Python 3.12 (and upcoming releases) and PyPy 3.10. Also, this is the last one supporting Python 3.7, as a new major is up ahead, simply to ditch it :D
Release v2.5.3 · HacKan / blake2signer · GitLab
Release v2.5.3 All release tags are signed, and release packages are also signed. Always check signatures prior using this software.
gitlab.com
December 27, 2023 at 5:22 PM
Blake2Signer Xmas Edition: gitlab.com/hackancuba/b...
A patch release w/ less than minor changes, but ensuring support for Python 3.12 (and upcoming releases) and PyPy 3.10. Also, this is the last one supporting Python 3.7, as a new major is up ahead, simply to ditch it :D
A patch release w/ less than minor changes, but ensuring support for Python 3.12 (and upcoming releases) and PyPy 3.10. Also, this is the last one supporting Python 3.7, as a new major is up ahead, simply to ditch it :D
So, what's this twitter?
August 31, 2023 at 1:38 AM
So, what's this twitter?