Jay Linski 🐿

395 posts

Jay Linski 🐿

@jay_linski

›› web enthusiast with a strong interest in privacy and security

Austria Katılım Haziran 2016

286 Takip Edilen119 Takipçiler

Jay Linski 🐿 retweetledi

Fabio De Masi 🦩@FabioDeMasi·23 Ara

Man fragt sich wie die Vorratsdatenspeicherung bei einem Täter geholfen hätte, der alles öffentlich angekündigt hat und vor dem Behörden gewarnt wurden?

Julius Betschka@JuliusBetschka

"Natürlich hätte die Bundesregierung mehr tun müssen, um den "Wilden Westen" in den sozialen Medien zurückzudrängen", sagt CDU-Innenexperte Thorsten Frei im @stern-Interview, verspricht Vorratsdatenspeicherung & mehr Kontrolle der Öffentlichkeit.#Magdeburg stern.de/politik/deutsc…

Deutsch

544

19.8K

Jay Linski 🐿@jay_linski·16 Kas

@0xntrm The "register_argc_argv" is "On" by default in the official PHP image, since it uses the defaults: #L128" target="_blank" rel="nofollow noopener">github.com/php/php-src/bl… You have to manually set the production-ini file to be secure against this CVE. I actually documented this 6 years ago. 😅 github.com/docker-library…

English

Martin Haunschmid | @ntrm@infosec.exchange

Martin Haunschmid | @[email protected]@0xntrm·15 Kas

I'm starting from the PHP docker container and copy all the relevant methods from above, get rid of dependencies and unnecessary stuff and check, whether I can control the value returned in the environment check. Please excuse my PHP, it's not my first language 😶‍🌫️

Martin Haunschmid | @ntrm@infosec.exchange tweet media

English

381

Martin Haunschmid | @[email protected]@0xntrm·15 Kas

Well, I'm ✨brainfried✨ from this workday anyways and it's Friday evening here, so why not analyze the newly dropped Laravel Vulnerability (CVE-2024-52301). If I got something wrong, let me know!

English

910

Jay Linski 🐿 retweetledi

Forum Informationsfreiheit@amtsgeheimnisAT·28 Eyl

Happy Right to Know Day! Auch dieses Jahr vergeben wir „Die Mauer des Schweigens“ für „besondere Verdienste um die Verweigerung amtlicher Antworten“. 🥁 … 1/

Deutsch

3.7K

Jay Linski 🐿@jay_linski·24 Ağu

@MaOberlehner

GIF

QME

Markus Oberlehner 🔭@MaOberlehner·23 Ağu

So I've trained FLUX.1 with photos of me...

English

1.2K

Jay Linski 🐿 retweetledi

SEC Consult@sec_consult·18 Eki

Why implementing root detection can drag you into a false sense of security 🔓 👉 r.sec-consult.com/rootdetection @densi_1101 #MobileSecurity #AndroidSecurity #AppSecurity #infosecurity

English

341

Jay Linski 🐿@jay_linski·6 Eki

@chrolear You could use SVG sprites: sprite-your-svgs.vercel.app But it's only useful when using hundreds of SVGs: bstefanski.com/blog/can-svg-s…

English

Otsch (@otsch.codes at bluesky) 👨🏻‍🦰👨‍💻@chrolear·5 Eki

I'm just building a landingpage for crwl.io and am just thinking about performance. Currently I'm wondering if using sprites for images is still a thing? 🤔😅

English

158

Jay Linski 🐿@jay_linski·5 Eyl

@UKAdrianReed They (booking.com) sent an official security warning today. A bit late, but it seems they are aware of the issue.

English

Adrian Reed@UKAdrianReed·3 Eyl

@jay_linski Yep, that was my thought too. Or alternatively, spear-phishing or direct social engineering at the hotels. E.g. an email that looks genuine, hotel logs in via a link, attacker then has password. Doesn't seem as though Booking are taking it as seriously as they should...

English

135

Adrian Reed@UKAdrianReed·22 Ağu

It appears @bookingcom has a security issue. Phishing messages via their own internal messaging system. Received this today. The phishing domain was registered today. Informed hotel, Booking .com and the domain registrar. Seems I'm not the only one (see quoted tweet below)

✨ Bianca Toeps ✨@biancatoeps

Jezus wat slecht dit, @bookingcom! Phishing via hun eigen app en mailsysteem. Niet ingetrapt gelukkig, maar wtf.

English

4.9K

Jay Linski 🐿 retweetledi

M.F@DerFichtl·1 May

Pünktlich zum Staatsfeiertag ist mein kleines Sideproject: tu-felix.at fertig geworden. Analyse von 1,3 Mio. .at-Domains, IPs, Ports, DNS-Records, HTTP-Headern und HTML ...

Deutsch

1.3K

Jay Linski 🐿@jay_linski·17 Şub

@LiveOverflow *Chrome only does 6 concurrent HTTP/1.1 requests per domain

English

399

LiveOverflow 🔴@LiveOverflow·17 Şub

TIL: Chrome only does 6 concurrent HTTP requests per domain youtube.com/clip/Ugkx7l4VD…

English

14.9K

Jay Linski 🐿@jay_linski·3 Şub

I periodically run a PHP script that makes >100 HTTP requests in sequence. After upgrading from PHP 8.0 to 8.2, CPU usage and execution time more than doubled. Turns out that reusing the cURL handle (instead of doing "curl_init()" for each request) improves performance A LOT. 🚀

English

122

Jay Linski 🐿@jay_linski·21 Tem

@technicallife Falls du eher alleine spielen willst: Steam Deck

Deutsch

Christoph@technicallife·20 Tem

Angenommen ich hab Bock auf eine Spielkonsole aktuell, was kauft man da so?

Deutsch

Jay Linski 🐿@jay_linski·23 Haz

@BBleimschein Serious question: with the knowledge from today, do you still think that Bitcoin will reach $100k/BTC this year?

English

3ene@BBleimschein·23 Haz

In roughly a year from now, I'm pretty certain #Bitcoin will have broken the ATH and be above $100k/BTC. Many people will be surprised, how this happened as it's in such a bear market right now. Do your own research.

English

Jay Linski 🐿@jay_linski·4 Haz

@secresDoge mobile.twitter.com/ido_cohen2/sta…

DarkFeed@ido_cohen2

🌐 BlackCat (ALPHV) #Ransomware team added the EU liaison office of the state of Carinthia (Austria 🇦🇹) The group is threatening to publish more details about government members 🧭 #BlackCat #ALPHV

QME

Sebastian Bicchi@secresDoge·3 Haz

#ALPHV (#BlackCat) hat begonnen Daten des Landes #Kärnten zu veröffentlichen. Darunter finden sich E-Mails, Corona-Tests, jede Menge Ausweise, ausgestellte VISA(!), politische Positionspapiere, ein großer Folder zu Hypo, Bankomat-Karten und vieles mehr.

Deutsch

Jay Linski 🐿 retweetledi

Markus Oberlehner 🔭@MaOberlehner·24 May

📝 Wrote a few lines about a controversial topic: is Software Architecture anything like *real* Architecture? I say yes! markus.oberlehner.net/blog/refactori…

English

Jay Linski 🐿@jay_linski·4 Mar

@dyn___ ESNI was replaced by ECH: blog.cloudflare.com/encrypted-clie… I hope it becomes a reality soon.

English

Aaron Grattafiori@dyn___·3 Mar

Now would be a great time for Russians to be able to have encrypted SNI options beyond FF+Cloudflare. The IETF seems to be plodding along given the RFC is almost four years old at this point.

English

Jay Linski 🐿 retweetledi

CCC Updates@chaosupdates·14 Şub

Chaos Computer Club meldet 6,4 Millionen Datensätze in über 50 Leaks. Betroffen waren staatliche Institutionen und Unternehmen (mit „Elasticsearch“, ungeschützten MySQL-Servern, Symfony Profilern) ccc.de/de/updates/202…

Deutsch

100

241

Jay Linski 🐿@jay_linski·11 Şub

@jensimmons I had to disable SameSite=Lax cookies because of this bug: bugs.webkit.org/show_bug.cgi?i… This frustrates me because it lowers the security of the website I'm working on.

English

Jen Simmons@jensimmons·8 Şub

Everyone in my mentions saying Safari is the worst, it’s the new IE… Can you point to specific bugs & missing support that frustrate you, inhibit you making websites/apps. Bonus points for links to tickets. Specifics we can fix. Vague hate is honestly super counterproductive.

English

1.2K

242

2.1K

Jay Linski 🐿@jay_linski·11 Şub

@valorin 😉

GIF

QME

Stephen Rees-Carter@valorin·10 Şub

So, I've hacked an app, and hacker a server... what's next?

English

Keşfet

@0xntrm @MaOberlehner @densi_1101 @chrolear @UKAdrianReed @bookingcom @LiveOverflow @technicallife