Erling Ellingsen

@steike

ex-fb prodsec

Oslo, Norway
alf.nu
Sumali noong Agosto 2008
10 Larawan o video Mga larawan at video

Mga Tweet

Binlock mo si @steike

Sigurado ka bang gusto mong tingnan ang mga Tweet na ito? Hindi maa-unblock ng pagtingin ang mga Tweet ni @steike

  1. Naka-pin na Tweet
    Peb 23, 2017

    Make your own colliding PDFs:

    6 mga sagot 295 retweet 280 gusto
    I-undo
  2. Ago 9, 2018

    Ooh! On DOS, this was a much faster way to allocate space than writing zeros—but you would get whatever was on disk (so, random data from deleted files). This led to an early privacy panic when private data turned up inside the cache files of some online service client… Prodigy?

    I learnt about ✨file holes✨ on Unix!
    4 (na) gusto
    I-undo
  3. May 22, 2018

    Someone should set up a meta-tags-as-a-service company that keeps track of all the new browser features and automatically opts your site out of the ones that create unnecessary attack vectors

    This is a bad idea.
    1 sagot 2 retweet 6 (na) gusto
    I-undo
  4. Ni-retweet ni
    Abr 3, 2018

    Do I even want to know why Debian has a security update for beep(1) today?

    34 mga sagot 427 retweet 1,073 gusto
    I-undo
  5. Mar 13, 2018

    This is so great. Also, to save some work: If you have a crazy hetereogenous setup, it's enough to automate the setup for one domain. You can CNAME _acme-challenge.[everything else] to that (once) and just serve all the TXT records from there (extra garbage is ignored)

    Let's Encrypt wildcard certificates and ACMEv2 are available today! More information can be found here:
    3 gusto
    I-undo
  6. Peb 16, 2018

    Online shopping is a lot easier when you take into account that (1) humans make systems (2) reliably comparing free-format street addresses is a difficult but unsexy problem

    1 retweet 5 gusto
    I-undo
  7. Ene 7, 2017

    Posted four old browser bugs and a new one

    1 sagot 36 mga retweet 53 gusto
    I-undo
  8. Nob 24, 2016

    today

    I-undo
  9. Nob 24, 2016

    In progress. and are back up, soon.

    Any plans to revive ? I can't get it to work through .
    1 sagot 1 retweet 9 (na) gusto
    I-undo
  10. Ago 28, 2016

    Oh hey, that's CVE-2011-3441! (except on iOS no extra tricks were needed, just 1.2.3.4%20.victim.㏄ and get cookies)

    Blogged again! Explaining same origin policy bypass in Firefox (CVE-2015-7188) thanks to quirk in IP address parsing
    1 retweet 3 gusto
    I-undo
  11. Ago 11, 2016

    It looks like the same solution should work in all the modern browsers with small modifications. This is surprising.

    Sumasagot kay @steike
    And by the way - are you going to perhaps provide us with some hint for random4? ;)
    1 sagot 1 gusto
    I-undo
  12. Ago 3, 2016

    Had a bunch of alert(1)-to-win levels left over that weren't really security related. General ecmascript golf time!

    1 sagot 14 mga retweet 18 gusto
    I-undo
  13. Abr 7, 2016

    Is your entire domain 'X-Frame-Options: DENY', but not your error pages? Now's as good a time as any to fix it… (iframe UXSS in Safari)

    2 sagot 4 mga retweet 15 gusto
    I-undo
  14. Mar 18, 2016

    We gave the whole internet keys so airport security won't break open your luggage. They do anyway. In other news, an FPGA dev kit is a bomb.

    1 retweet 3 gusto
    I-undo
  15. Mar 10, 2016

    "Can you please provide me the last 4 characters of the cPanel password to verify ownership of the account?" - cc :-)

    1 sagot 1 gusto
    I-undo
  16. Peb 7, 2016

    fin-fin wifi, men utløpt sertifikat på . Bonus om den kan bli synlig i DNS for de som bruker ⒏⒏⒏8 e.l

    1 sagot
    I-undo
  17. Dis 15, 2015

    @Fridababy_HQ assuming you don't have an online phramacy seo side business, your web server is hacked

    I-undo
  18. Okt 5, 2015

    "Code cleanup and fixes"

    1 sagot 2 retweet 1 gusto
    I-undo
  19. Ni-retweet ni
    Set 10, 2015

    Slides for my talk about FireEye:

    6 mga sagot 257 retweet 168 gusto
    I-undo
  20. Hun 22, 2015
    Sumasagot kay

    @JamEngulfer221 Sort of. Each user gets a sandbox branch. Hmm, I guess there should be a way to request a merge...

    1 sagot
    I-undo

Hindi pa nagtu-Tweet si:@steike.

Ang paglo-load ay mukhang natatagalan.

Maaaring lumagpas na sa kapasidad ang Twitter o nakakaranas ng panandaliang problema. Subukan muli o bisitahin ang Twitter Status para sa karagdagang impormasyon.

    Maaari mo ring magustuhan

    ·