Daniel Szymanski
17.5K posts
Daniel Szymanski
@Xnormal_dudeX
Was ich schreibe, ist wie ein gutes Bühnenstück: ein bisschen Wahrheit, ein bisschen Übertreibung - und garantiert mit einer Prise Satire gewürzt!
Malediven เข้าร่วม Temmuz 2023
956 กำลังติดตาม781 ผู้ติดตาม
warum stinken so viele männer eigentlich so unfassbar nach scheiße
Deutsch
Daniel Szymanski รีทวีตแล้ว
@VyronInvest x.com/Bundeskanz5024…
Irgend eine NGO wird das schon finanzieren.
Michael 🇩🇪@Bundeskanz50246
Endlich mal was Neues - Steine gegen Rechts 🙄
Deutsch
@gotrice2024 Warum? Natürlich für die Klicks! Was ne dumme Frage.
Die hätte sich für Fame wahrscheinlich auch vergewaltigen lassen.
Deutsch
This woman rented an Airbnb for a few days. One morning while using a curling iron, she melted the toilet seat. Feeling handy she went to the local hardware store, got another one and fixed it.
Then she took the old one yo dispose of to get rid of the evidence. If this was your house would you be okay with this, why get rid of the evidence without telling the owner if you are going to put a video of you doing it online anyway?
English
@Xnormal_dudeX @SchonungslosYT Warts ab bis du ihre Outies siehst
Deutsch
2026 das Jahr der neuen Erkenntnisse.
Ja, Frauen und Männer werden aufgrund ihres äußeren Erscheinungsbilds bewertet 🫣
Deutsch
This nurse was busy at work at the hospital. A member of a patient’s family came up to her and told her that the bathroom was out of paper towels.
She goes in there and looks for herself, the paper towels were full and the dispenser was functioning. The same family member then walks in after her and corners her in the restroom.
He then proceeds to tell her how pretty she is as he tries to read her name tag. She immediately tells him to step aside so that she can exit. She’s visibly shaking and upset. She didn’t want to upset the patient that she’s caring for but she feels she needs to speak out, should she report him or do you feel he meant no harm?
English
@SchonungslosYT Alter ist das eine behinderte Aussage.
Frauen entscheiden eher Emotional.
Männer entscheiden eher Rational.
Deshalb passen die auch zusammen wie Magneten, die sie Anziehen... Normalerweise...
Deutsch
@Bundeskanz50246 Schw*chteln sollten keine Kinder kaufen dürfen!
Deutsch
@aut_joseph Lerne die Wörter "Suka Blatj" und "Slava Ukraina" und der Rest kommt von allein.
(Du solltest aber deine Ausweisdokumente vorher gut verstecken) :)
Deutsch
@Xnormal_dudeX Wie geht das?
Ich nix verstehen. Wo NGO Anwalt für Unterstützung fürs Nix-Tun-Anmelden?
Deutsch
So, es ist soweit. Die Kündigungen werden verteilt, mit 30.06.2026 ist es Aus, Schluss, Vorbei.
Am Montag darf ich meine unterschreiben.
Deutsch
Daniel Szymanski รีทวีตแล้ว
Hacking the #EU #AgeVerification app in under 2 minutes.
During setup, the app asks you to create a PIN. After entry, the app *encrypts* it and saves it in the shared_prefs directory.
1. It shouldn't be encrypted at all - that's a really poor design.
2. It's not cryptographically tied to the vault which contains the identity data.
So, an attacker can simply remove the PinEnc/PinIV values from the shared_prefs file and restart the app.
After choosing a different PIN, the app presents credentials created under the old profile and let's the attacker present them as valid.
Other issues:
1. Rate limiting is an incrementing number in the same config file. Just reset it to 0 and keep trying.
2. "UseBiometricAuth" is a boolean, also in the same file. Set it to false and it just skips that step.
Seriously @vonderleyen - this product will be the catalyst for an enormous breach at some point. It's just a matter of time.
Paul Moore - Security Consultant @Paul_Reviews
.@vonderleyen "The European #AgeVerification app is technically ready. It respects the highest privacy standards in the world. It's open-source, so anyone can check the code..." I did. It didn't take long to find what looks like a serious #privacy issue. The app goes to great lengths to protect the AV data AFTER collection (is_over_18: true is AES-GCM'd); it does so pretty well. But, the source image used to collect that data is written to disk without encryption and not deleted correctly. For NFC biometric data: It pulls DG2 and writes a lossless PNG to the filesystem. It's only deleted on success. If it fails for any reason (user clicks back, scan fails & retries, app crashes etc), the full biometric image remains on the device in cache. This is protected with CE keys at the Android level, but the app makes no attempt to encrypt/protect them. For selfie pictures: Different scenario. These images are written to external storage in lossless PNG format, but they're never deleted. Not a cache... long-term storage. These are protected with DE keys at the Android level, but again, the app makes no attempt to encrypt/protect them. This is akin to taking a picture of your passport/government ID using the camera app and keeping it just in case. You can encrypt data taken from it until you're blue in the face... leaving the original image on disk is crazy & unnecessary. From a #GDPR standpoint: Biometric data collected is special category data. If there's no lawful basis to retain it after processing, that's potentially a material breach. youtube.com/watch?v=4VRRri…
English
@hellosikki spontan würde mir so was einfallen.
x.com/MbarkCherguia/…
Liberta Cherguia 🇪🇺@MbarkCherguia
What are they training for? 🤔
Deutsch
Deutsch
Daniel Szymanski รีทวีตแล้ว
No soporto que Megan Fox se tape la nariz cada vez que Michele Morrone abre la boca 🗣️
Español
