Readit News logoReadit News
BehindTheMath commented on The internet is no longer a safe haven   brainbaking.com/post/2025... · Posted by u/akyuu
lukevp · a month ago
You can mTLS to CloudFlare too, if you’re not one of the anti-CloudFlare people. Then all traffic drops besides traffic that passes thru CF and the mTLS handshake prevents bypassing CF.
BehindTheMath · a month ago
You don't need mTLS for that. Just block all IPs beside for Cloudflare's ranges.
BehindTheMath commented on A story about bypassing air Canada's in-flight network restrictions   ramsayleung.github.io/en/... · Posted by u/samray
roygbiv2 · 2 months ago
Iodine has done this for many years. https://github.com/yarrick/iodine
BehindTheMath · 2 months ago
I haven't used iodine, but this seems simpler. Iodine wraps requests with actual DNS requests. In this case that wasn't needed, because port 53 wasn't filtered at all. So all they needed was a simple proxy on port 53.
BehindTheMath commented on Scammed out of $130K via fake Google call, spoofed Google email and auth sync   bewildered.substack.com/p... · Posted by u/davidscoville
gargan · 3 months ago
You don't need a spoofed email to steal someone's crypto. Criminals can just hold a gun to your head and demand your keys.

It's happened lots of times and it's why traditional banks are way more secure than crypto.

Well done to the author for talking about it, but I hope the real lesson is learned that crypto isn't a real store of wealth and can be stolen at any time....

BehindTheMath · 3 months ago
https://xkcd.com/538/
BehindTheMath commented on OpenIPC: Open IP Camera Firmware   openipc.org/à... · Posted by u/zakki
ejstronge · 5 months ago
There's no reason to re-invent the wheel - ipcamtalk has a comprehensive set of explanatory posts. Don't buy Reolink, avoid Amcrest - Loryta (rebranded Dahua) and Hikvision are the strongest, but there are other strong options, especially on the refurbished commercial camera front.
BehindTheMath · 5 months ago
What's wrong with Amcrest IP cameras?

Deleted Comment

BehindTheMath commented on I use zip bombs to protect my server   idiallo.com/blog/zipbomb-... · Posted by u/foxfired
a_gopher · 8 months ago
apart from blind users, who are also now completely unable to use their screenreaders with your site
BehindTheMath · 8 months ago
aria-hidden="true" should take care of that.
BehindTheMath commented on I use zip bombs to protect my server   idiallo.com/blog/zipbomb-... · Posted by u/foxfired
fareesh · 8 months ago
Is there a list of popular attack vector urls located somewhere? I want to just auto-ban anyone sniffing for .env or ../../../../ etc.

Rather not write it myself

BehindTheMath · 8 months ago
Check out Modsecurity WAF and CoreRuleSet.
BehindTheMath commented on Show HN: XPipe, a shell connection hub for SSH, Docker, K8s, VMs, and more   xpipe.io/... · Posted by u/crschnick
crschnick · 9 months ago
I fully get that. The reason why it focuses on the subscription model is that is quite difficult to plan ahead with an irregular revenue stream. Everything is financed via bootstrapping, so I can't afford to burn through money or have irregular revenue over time when planning expenses.
BehindTheMath · 9 months ago
Doesn't that mean that you're charging extra from those that don't care about updates to subsidize them for those that do?
BehindTheMath commented on Ask HN: Why buy domains and 301 redirect them to me?    · Posted by u/HughParry
kbolino · a year ago
You cannot detect the redirect, so you cannot display any such warning.
BehindTheMath · a year ago
Can't you check the Referer?
BehindTheMath commented on 1 bug, $50k in bounties, a Zendesk backdoor   gist.github.com/hackermon... · Posted by u/mmsc
valiant-comma · a year ago
Looks similar in concept to this finding from 2017:

https://medium.com/intigriti/how-i-hacked-hundreds-of-compan...

BehindTheMath · a year ago
It's linked in the post.
B

u/BehindTheMath

KarmaCake day27October 7, 2022View Original