| Off Topic > Forum Games |
| YOU CRINGE YOU LOSE |
| << < (4971/5652) > >> |
| Decepticon:
--- Quote from: Master Matthew² on February 23, 2017, 10:05:52 PM --- --- Quote from: Trymos on February 23, 2017, 09:59:57 PM ---https://bugs.chromium.org/p/project-zero/issues/detail?id=1139 --- Quote ---On February 17th 2017, I was working on a corpus distillation project, when I encountered some data that didn't match what I had been expecting. It's not unusual to find garbage, corrupt data, mislabeled data or just crazy non-conforming data...but the format of the data this time was confusing enough that I spent some time trying to debug what had gone wrong, wondering if it was a bug in my code. In fact, the data was bizarre enough that some colleagues around the Project Zero office even got intrigued. It became clear after a while we were looking at chunks of uninitialized memory interspersed with valid data. The program that this uninitialized data was coming from just happened to have the data I wanted in memory at the time. That solved the mystery, but some of the nearby memory had strings and objects that really seemed like they could be from a reverse proxy operated by cloudflare - a major cdn service. A while later, we figured out how to reproduce the problem. It looked like that if an html page hosted behind cloudflare had a specific combination of unbalanced tags, the proxy would intersperse pages of uninitialized memory into the output (kinda like heartbleed, but cloudflare specific and worse for reasons I'll explain later). My working theory was that this was related to their "ScrapeShield" feature which parses and obfuscates html - but because reverse proxies are shared between customers, it would affect *all* Cloudflare customers. We fetched a few live samples, and we observed encryption keys, cookies, passwords, chunks of POST data and even HTTPS requests for other major cloudflare-hosted sites from other users. Once we understood what we were seeing and the implications, we immediately stopped and contacted cloudflare security. --- End quote --- https://news.ycombinator.com/item?id=13718752 holy forget --- End quote --- Tales from 4chan: Anon Works IT Part 5 --- End quote --- |
| The Yorkshire ripper:
--- Quote from: cooolguy32 on February 23, 2017, 07:02:17 PM --- what a waste of loving animation and talent --- End quote --- A human being actually said this about the video |
| cromartini:
--- Quote from: Trogtor on February 23, 2017, 06:53:51 PM --- --- End quote --- OH forget WRONG THREAD. |
| MoltenKitten:
$182 for pressing fast forward on other people's songs? Maybe I should get into the nightcore business |
| Glass Joe:
--- Quote from: MoltenKitten on February 24, 2017, 09:40:21 AM --- $182 for pressing fast forward on other people's songs? Maybe I should get into the nightcore business --- End quote --- isn't that stuff a violation of fair use laws? once the people who make music get wind of it that person's gonna get DMCA'd out the ass |
| Navigation |
| Message Index |
| Next page |
| Previous page |