Readit News logoReadit News
PokestarFan commented on Home Depot GitHub token exposed for a year, granted access to internal systems   techcrunch.com/2025/12/12... · Posted by u/kernelrocks
rao-v · 2 months ago
I’m surprised that GitHub, OpenAI etc. doesn’t have automation to scan the usual surfaces for hashes of their access tokens.

It seems like a cheap and simple thing to offer your customers a little extra safety.

Anybody interested in starting a platform agnostic service to do this?

PokestarFan · 2 months ago
GitHub already has a program to scan for keys, since publishing Discord tokens by mistake used to get the token immediately revoked and a DM from the system account saying why
PokestarFan commented on /dev/null is an ACID compliant database   jyu.dev/blog/why-dev-null... · Posted by u/swills
noir_lord · 4 months ago
Joking aside I can’t ever remember seeing a bug in either bash or zsh, never seen either crash or segfault and anytime I’ve had weirdness it’s always turned out to be me missing something.

Both (along with a lot of the standard utilities) are a testament to what talented C programmers plus years of people beating on them in unintended ways can achieve in terms of reliability/stability.

PokestarFan · 4 months ago
I've been able to trigger a segfault in zsh with certain plugins, a directory with a lot of files/folders, and globs with a bunch of * characters.
PokestarFan commented on Apple takes down ICE tracking apps after pressure from DOJ   foxbusiness.com/politics/... · Posted by u/aspenmayer
no_wizard · 4 months ago
It’s a shame too, because Apple has the money and brand wherewithal to fight the government. See the FBI vs Apple stuff that happened years ago. That actually won them some real converts.

Capitulating over this is Apple showing their supposed core values have significantly hollowed

PokestarFan · 4 months ago
It was obvious Apple was going to bend the knee with that gold plaque.
PokestarFan commented on Libghostty is coming   mitchellh.com/writing/lib... · Posted by u/kingori
sigalor · 5 months ago
Will there also be a React component? Or is this not intended for web frontends? I was wondering, because Vercel et al. were mentioned in the beginning.
PokestarFan · 5 months ago
They mention it's compiled to WASM.
PokestarFan commented on Hidden risk in Notion 3.0 AI agents: Web search tool abuse for data exfiltration   codeintegrity.ai/blog/not... · Posted by u/abirag
cobertos · 5 months ago
People put all kinds of stuff in Notion. People use it as a DB. People catalog things they find online (web clipper). There's collaboration features.

There are many ways

PokestarFan · 5 months ago
If I had to describe it, Notion is if somehow managed to combine OneNote and Excel. Of interest is the fact that the "database" system stores each row as a page with the column values other than title stored in a special way. Of course, this also means that it doesn't scale at all, but I have seen some crazy use cases (an example is replacing Jira).
PokestarFan commented on NPM debug and chalk packages compromised   aikido.dev/blog/npm-debug... · Posted by u/universesquid
tripplyons · 5 months ago
Haven't installed any modules today, but I ran these commands to clear caches for npm and pnpm just to be safe.

npm cache clean --force pnpm cache delete

PokestarFan · 5 months ago
You probably want to check before you clear cache
PokestarFan commented on NPM debug and chalk packages compromised   aikido.dev/blog/npm-debug... · Posted by u/universesquid
bnchrch · 5 months ago
Good god. Not everything has to be about your opinion on AI.
PokestarFan · 5 months ago
GitHub was folded into Microsoft's "CoreAI" team. Not very confidence-inspiring.
PokestarFan commented on NPM debug and chalk packages compromised   aikido.dev/blog/npm-debug... · Posted by u/universesquid
cddotdotslash · 5 months ago
NPM deserves some blame here, IMO. Countless third party intel feeds and security startups can apparently detect this malicious activity, yet NPM, the single source of truth for these packages, with access to literally every data event and security signal, can't seem to stop falling victim to this type of attack? It's practically willful ignorance at this point.
PokestarFan · 5 months ago
NPM is owned by GitHub and therefore Microsoft, who is too busy putting in Copilot into apps that have 0 reason to have any form of generative AI in them
PokestarFan commented on The Therac-25 Incident (2021)   thedailywtf.com/articles/... · Posted by u/lemper
SirMaster · 6 months ago
The question I have is why was the hardware capable of delivering a fatal dose like this. Is that actually ever even a usable output for some legitimate reason?

If not, why not hardware limit the power input to the machine, so even if the software completely failed, it would not be physically capable of delivering a fatal dose like this?

PokestarFan · 6 months ago
I believe that for X-ray mode, the radiation was indirect, so it needed a lot more power. Furthermore, older revisions had hardware locks, and the intent of the Therac-25 was to make it cheaper.
PokestarFan commented on Mark Zuckerberg freezes AI hiring amid bubble fears   telegraph.co.uk/business/... · Posted by u/pera
qeternity · 6 months ago
FAANG has been replaced by Mag7: Alphabet, Amazon, Apple, Broadcom, Meta, Microsoft, and Nvidia.
PokestarFan · 6 months ago
Does Broadcom do anything but get hate for their shitty decisions? They are becoming, if they aren't already, the new Oracle.
P

u/PokestarFan

KarmaCake day137December 8, 2016View Original