Me: Threat-hunting rare DNS lookups in a corporate network. Confluence: https://www.google.com/search?&q=%22atlassian-domain-for-localhost-connections-only.com%22 …pic.twitter.com/pse4VwORiZ
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
See if I was smart I would have done this first instead of having blind faith they had a good architecture
I could have gotten paid with dollars instead of internet points I’m a fucking tool
i love how much breaks with strings
love this
Back in the late 90’s, during strong crypto export restrictions, South African banks used a local proxy based on OpenSSL to upgrade 40-bit to 128-bit crypto. The only possible way this could work is with a local CA cert doing PitM attacks.
It was a hard coded CA cert! 


I did some software archaeology a few years back and confirmed my suspicions.
And for keys in binary format: https://citp.princeton.edu/our-work/memory/code/ … (packaged as "rsakeyfind" and "aeskeyfind" i.e. without the ER suffix in Debian and derivatives)
the app could reach out to a server to do the crypto on its behalf, no? I understand it doesn't in this case & I understand that's still a huge vuln that can be abused to do crypto on behalf of an attacker. but, unless I'm missing something, it can be done without embedding key
(I'm less trying to be pedantic and more trying to find out if there's something I'm missing)
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.