It literally says 2022

A bit unrelated, but I find funny most frameworks don't even have something to prevent CSRF. Most devs don't even know what CSRF are, and some know it only as "the stuff I need to disable because some ajax POST won't work otherwise".

In fact, every time somebody choose flask over Django, I ask what they are going to do about CSRF, only to get a blank stare. Same with manual PHP or using most nodejs web libs.

There are so many websites that are vulnerable to this, and it's something we know well, and have solutions for. Imagine what we don't know about. The internet is really made of swiss cheese.

I used to vape full spectrum THC+CBD cartridges and other forms of "vape juice" ("sugar", "oil", etc. are in that category) and consume THC+CBD edibles all day long, every day (except when I had to drive somewhere, I would stop for 4-6 hours or more prior to the trip), for about 2-3 (maybe 4?) years when I was in a legal state, but then I had to move to a non-legal state and since I have a kid it's no longer possible for me to use any weed (don't want to lose him to the system). I miss it so much, I was so much less stressed and calm with weed, and I was much more focused on work and I slept better. Now, I basically have to take shitty OTC sleep drugs and drink a pot (haha) of coffee a day in order to survive, and I yell way too much at my kid and get too angry at work. I wish we could just legalize it everywhere (fat chance of that happening) and make it like tobacco and alcohol, both of which are way worse for you than a daily weed habit.

I've seen some 1980s shit running THIS YEAR.

I'm working on porting a foxpro database from 1988 that's running an active business which I won't talk about much before it's done, and have actually encountered in Costa Rica an auto parts shop in one of the sketchiest parts of the capital city of this country with a green on black phosphor screen running what looked like dBase III for what they were doing on old IBM PCs.

It's pretty crazy what's out there still. I think the one everyone here is familiar with but might not know is really ancient is the travel booking systems for your plane tickets and accommodations, dating back to the 1960s:

Karsten Nohl - Where in the World Is Carmen Sandiego? (33c3) [1]

[1] https://www.youtube.com/watch?v=vjRkpQever4

Gentle reminder: when sshing into unknown places remember to check your forwarding and dont use your github/etc username.

While that's an interesting vector for attack, is it realistically an issue? Terminals are run as root all the time. I would guess any mainstream ones are well reviewed to not have such exploits work. Are you aware of any actual attacks exploiting terminal parsing in the wild?

Just like the NSA spying on Americans is unlawful [0] the FBI terrorizing political movements is unlawful [1] or the CIA operating in the US is unlawful [2]

Yet, I'm pretty sure all these are still happening, to a certain degree, to this day.

[0] https://www.reuters.com/article/us-usa-nsa-spying-idUSKBN25T...

[1] https://en.wikipedia.org/wiki/COINTELPRO

[2] https://en.wikipedia.org/wiki/Operation_CHAOS

California property tax map:

https://www.officialdata.org/ca-property-tax/