Richard Leach
@hydahy.bsky.social
Dad, cat feeder, security underminer, occasional Perl core contributor. Appreciates cyberpunk, ASMR, wistful literature, and people being demonstrably good at things.
Reposted by Richard Leach
🚨BOOM!! The Petition calling for a public inquiry into Russian influence on UK politics & democracy has now rocketed past 50,000 signatures! Let’s get it to 100,000. If a petition is what it’s going to take let’s get this done!
petition.parliament.uk/petitions/74...
petition.parliament.uk/petitions/74...
November 25, 2025 at 9:39 PM
🚨BOOM!! The Petition calling for a public inquiry into Russian influence on UK politics & democracy has now rocketed past 50,000 signatures! Let’s get it to 100,000. If a petition is what it’s going to take let’s get this done!
petition.parliament.uk/petitions/74...
petition.parliament.uk/petitions/74...
Reposted by Richard Leach
For software developers: there's currently a highly sophisticated hacking group targeting developers with backdoored coding skills tests. They typically take the form of large source codes specific to your skillset. Please email any suspicious code to me on: suspicious-skill-tests@protonmail.com
1/2
1/2
November 27, 2025 at 6:19 PM
For software developers: there's currently a highly sophisticated hacking group targeting developers with backdoored coding skills tests. They typically take the form of large source codes specific to your skillset. Please email any suspicious code to me on: suspicious-skill-tests@protonmail.com
1/2
1/2
Amazing design choices.
From the department of head scratches comes this counterintuitive news: Microsoft says it has no plans to change a remote login protocol in Windows that allows people to log in to machines using passwords that have been revoked.
arstechnica.com/security/202...
arstechnica.com/security/202...
Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.
Researchers say the behavior amounts to a persistent backdoor.
arstechnica.com
April 30, 2025 at 9:00 PM
Amazing design choices.
Reposted by Richard Leach
BREAKING.
From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.
From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.
April 15, 2025 at 5:23 PM
BREAKING.
From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.
From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.
Reposted by Richard Leach
This popped up on HN the other day, and it was one of the more fun “classical cryptography” posts I’ve seen in ages. Roughly speaking, someone discovered that AI models like Claude can decode the Caesar cipher, even when the “key” used is enormous. fi-le.net/byzantine/
fi-le.net
fi-le.net, the Fiefdom of Files
fi-le.net
April 8, 2025 at 7:40 PM
This popped up on HN the other day, and it was one of the more fun “classical cryptography” posts I’ve seen in ages. Roughly speaking, someone discovered that AI models like Claude can decode the Caesar cipher, even when the “key” used is enormous. fi-le.net/byzantine/
Reposted by Richard Leach
The core trilma here remains the same - the govt needs to accept one of three things: high student migration, higher domestic student fees (or higher taxes to fund universities) or university bankruptcies. Those are the only options, given where we are. Pick one.
The UK government is proposing to finally finish off its universities by further tightening the terms of the graduate visa route. The stupid fools. Playing with dangers they don't even understand. www.ft.com/content/f441...
UK Home Office’s reform of graduate visas runs into opposition
[FREE TO READ] Education department at odds with plan to curb number of overseas students allowed to stay in Britain
www.ft.com
April 8, 2025 at 7:58 AM
The core trilma here remains the same - the govt needs to accept one of three things: high student migration, higher domestic student fees (or higher taxes to fund universities) or university bankruptcies. Those are the only options, given where we are. Pick one.
Enjoyed this insecure deserialisation talk that has a data science focus: youtu.be/yrM1ryBaIJs
April 6, 2025 at 1:19 PM
Enjoyed this insecure deserialisation talk that has a data science focus: youtu.be/yrM1ryBaIJs
Reposted by Richard Leach
I got Linux running in a PDF file using a RISC-V emulator.
PDFs support Javascript, so Emscripten is used to compile the TinyEMU emulator to asm.js, which runs in the PDF. It boots in about 30 seconds and emulates a riscv32 buildroot system.
linux.doompdf.dev/linux.pdf
github.com/ading2210/li...
PDFs support Javascript, so Emscripten is used to compile the TinyEMU emulator to asm.js, which runs in the PDF. It boots in about 30 seconds and emulates a riscv32 buildroot system.
linux.doompdf.dev/linux.pdf
github.com/ading2210/li...
January 31, 2025 at 8:02 PM
I got Linux running in a PDF file using a RISC-V emulator.
PDFs support Javascript, so Emscripten is used to compile the TinyEMU emulator to asm.js, which runs in the PDF. It boots in about 30 seconds and emulates a riscv32 buildroot system.
linux.doompdf.dev/linux.pdf
github.com/ading2210/li...
PDFs support Javascript, so Emscripten is used to compile the TinyEMU emulator to asm.js, which runs in the PDF. It boots in about 30 seconds and emulates a riscv32 buildroot system.
linux.doompdf.dev/linux.pdf
github.com/ading2210/li...
Reposted by Richard Leach
(please re-post for reach - thank you!)
Learned a cool new Linux trick? Know an interesting quirk in a network protocol? Or have something else to share?
Write a 1-page article for the #6 issue of Paged Out! :)
pagedout.institute?page=cfp.php
Soft deadline is Feb 1st.
Learned a cool new Linux trick? Know an interesting quirk in a network protocol? Or have something else to share?
Write a 1-page article for the #6 issue of Paged Out! :)
pagedout.institute?page=cfp.php
Soft deadline is Feb 1st.
January 7, 2025 at 7:41 AM
(please re-post for reach - thank you!)
Learned a cool new Linux trick? Know an interesting quirk in a network protocol? Or have something else to share?
Write a 1-page article for the #6 issue of Paged Out! :)
pagedout.institute?page=cfp.php
Soft deadline is Feb 1st.
Learned a cool new Linux trick? Know an interesting quirk in a network protocol? Or have something else to share?
Write a 1-page article for the #6 issue of Paged Out! :)
pagedout.institute?page=cfp.php
Soft deadline is Feb 1st.
Recording devices gonna record:
Apple acknowledges that Siri unintentionally recorded private conversations
"The only clue that users seemingly had of Siri's alleged spying was eerily accurate targeted ads that appeared after they had just been talking about specific items"
arstechnica.com/tech-policy/...
"The only clue that users seemingly had of Siri's alleged spying was eerily accurate targeted ads that appeared after they had just been talking about specific items"
arstechnica.com/tech-policy/...
Siri “unintentionally” recorded private convos; Apple agrees to pay $95M
Apple users may get $20 each for up to five Siri-enabled devices.
arstechnica.com
January 3, 2025 at 9:28 AM
Recording devices gonna record:
Enjoyed listening to Randall Monroe in person tonight. Fun stories, positive outlook, and enthusiasm for discovery that bubbles off the guy. Still a few more UK tickets available: www.fane.co.uk/randall-munroe
November 11, 2024 at 11:04 PM
Enjoyed listening to Randall Monroe in person tonight. Fun stories, positive outlook, and enthusiasm for discovery that bubbles off the guy. Still a few more UK tickets available: www.fane.co.uk/randall-munroe
Unauthenticated RCE via painstakingly figured-out PoC at 4.30pm on a Friday. Excitement smashing into relief.
October 4, 2024 at 5:29 PM
Unauthenticated RCE via painstakingly figured-out PoC at 4.30pm on a Friday. Excitement smashing into relief.
Reposted by Richard Leach
The technical term for this is "negligent dumbassery."
September 26, 2024 at 7:12 PM
The technical term for this is "negligent dumbassery."
Practised (outline) pitching a tent for the first time since cub scouts. Don't remember it being advertised as sinister-looking.
September 4, 2024 at 4:47 PM
Practised (outline) pitching a tent for the first time since cub scouts. Don't remember it being advertised as sinister-looking.