3 private links
https://news.ycombinator.com/item?id=15091426
Mick Stute
Programming for 35+ yearsFeatured on ForbesUpvoted by
Janko Jerinic , Principal Engineer at Amazon Web Services (2022-present) and
Hubert Taler , Software engineer and project leaderAuthor has 902 answers and 5.8M answer viewsUpdated 8y
This was mine:
I was hired by a psychologist to fix a program that seemed to have "strange output" written by one of his ex-grad students. It was a program that reads a data file, asks about 50 questions, does some calculations, and comes up with some score based on this PhD's research. It's on a research 3B2 at the university. He demonstrates the program and sure enough there seemed to be strange flashing words on the screen when it moves from question to question, and they don't seem nice. I agree to do it, should be pretty straightforward, so he'll pay me by the hour to determine how big the fix is and then we'll agree to a fee.
This blog post explains why cybersecurity shouldn't be a special stream of work in organizations, and presents opportunities for security programs to become more constructive and less gatekeepy.
Tianhao Chi and Puneet Sood, Google Public DNS The Domain Name System (DNS) is a fundamental protocol used on the Internet to translate hum...
Management tool for the information security management system / Outil de gestion du système de management de la sécurité de l'information - GitHub - dbarzin/deming: Management tool for the information security management system / Outil de gestion du système de management de la sécurité de l'information
Pour le recrutement, il est utile de disposer de questions standards permettant d’apprécier rapidement l’aptitude des candidats à appr ́ehender divers sujets et approches. Nous présentons dans cet article le processus de sélection des candidats à une formation technique en SSI – des questions parfois éloignees du cœur du sujet, mais dont nous justifions la pertinence.
AutoWarp is a critical vulnerability in Microsoft Azure Automation Service that allows unauthorized access to other customer accounts using the service.
Bing Sun, Jin Liu, Chong Xu
McAfee
Article sur le retour à la libc, avec la théorie et des exemples
De retour ! Après plus d'un an d'absence sur le blog, je décide enfin d'écrire un article annoncé sur Twitter il y a déjà plusieurs mois. Lorsque l'on débute dans le monde des exploits système, on...