🌻The one who retweets your retweet 💚🤍🖤

Any writers following me here? I'm restricting replied due to potential spam, but you can reply in other ways. I have a friend who lives to write, but don't have anybody to share their 22+ years of worldbuilding work with. Where can we find people who are passionate for writing?

◇~◇ definitely not another blacksmith...heh..

Sheltering the littlest flames

피드백 일부!

You don't appreciate how incredibly hard it is to use the extremely limited English vocabulary creatively when you grew up with proper Slavic profanities.

This comic really makes it clear how it feels being where I live right now. I can't change the fact that I'm black, and the people that take issue with that will see it immediately. I can't change the fact that I've been legally diagnosed with autism, and the people in charge have access to that. There is one thing I can do to keep myself safe though. 🙃

this is why nonsexual nudity in art is peak

IT HAS BEEN FOUND THANK YOU BRO 🙏🙏🙏🙏

산책

Hey guys, I promised to make the AI disclaimer label available as a download. Here are three different versions; all-white, all-black, and a version with a red accent. You can download all of these from the Google Drive link in the following tweet. Hope you find these useful!

Hacking the #EU #AgeVerification app in under 2 minutes. During setup, the app asks you to create a PIN. After entry, the app *encrypts* it and saves it in the shared_prefs directory. 1. It shouldn't be encrypted at all - that's a really poor design. 2. It's not cryptographically tied to the vault which contains the identity data. So, an attacker can simply remove the PinEnc/PinIV values from the shared_prefs file and restart the app. After choosing a different PIN, the app presents credentials created under the old profile and let's the attacker present them as valid. Other issues: 1. Rate limiting is an incrementing number in the same config file. Just reset it to 0 and keep trying. 2. "UseBiometricAuth" is a boolean, also in the same file. Set it to false and it just skips that step. Seriously @vonderleyen - this product will be the catalyst for an enormous breach at some point. It's just a matter of time.

.@vonderleyen "The European #AgeVerification app is technically ready. It respects the highest privacy standards in the world. It's open-source, so anyone can check the code..." I did. It didn't take long to find what looks like a serious #privacy issue. The app goes to great lengths to protect the AV data AFTER collection (is_over_18: true is AES-GCM'd); it does so pretty well. But, the source image used to collect that data is written to disk without encryption and not deleted correctly. For NFC biometric data: It pulls DG2 and writes a lossless PNG to the filesystem. It's only deleted on success. If it fails for any reason (user clicks back, scan fails & retries, app crashes etc), the full biometric image remains on the device in cache. This is protected with CE keys at the Android level, but the app makes no attempt to encrypt/protect them. For selfie pictures: Different scenario. These images are written to external storage in lossless PNG format, but they're never deleted. Not a cache... long-term storage. These are protected with DE keys at the Android level, but again, the app makes no attempt to encrypt/protect them. This is akin to taking a picture of your passport/government ID using the camera app and keeping it just in case. You can encrypt data taken from it until you're blue in the face... leaving the original image on disk is crazy & unnecessary. From a #GDPR standpoint: Biometric data collected is special category data. If there's no lawful basis to retain it after processing, that's potentially a material breach. youtube.com/watch?v=4VRRri…

I'm not sure which one to draw By: AYANAKI

Forging water into a blade.

Some color \ texture palletes from my refsheets I do love scaly creatures.

💙

~ 🖤🧡 snek knight , ref almost done ~

My next Artbook “Modern Dragons” will be launching on Kickstarter in one week!

Israel has destroyed 37,836 homes, killed 2,000+ people, and murdered 250+ children in Lebanon. It’s only been 40 days.