X_Cli @x_cli@infosec.exchange
- Real Name
- Florian Maury
- Occupation
- Network Guardian Angel
I am a RNG (Random Network-#infosec Guy): do not expect better toots than those produced by an infinite number of monkeys. #Antispeciesist
Joined Nov 2017
```
permissions-policy: interest-cohort=()
```
is the new
```
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
```
A fucking header you have to put on every single resource just to compensate for dumb af browser decisions with insane default behaviors.
According to you, what is the maximum acceptable average delay for a candidate to reply to emails, during a job application procedure?
Additional detail: the job is 100% remote.
https://mathstodon.xyz/@JordiGH/106069915175679006
I am reading "Let's unite and be inclusive, by splitting the community." Also, fuck logic.
If I could ditch GNU like I ditched Signal this week, I would have, over this move.
X_Cli
boosted
In Support of Richard Stallman - Normalizing Truth, Reason, Dialogue
https://stallmansupport.org/index.html #stallman #rms
X_Cli
boosted
#Signal turning into a crypto-ponzi currency scheme?
https://www.stephendiehl.com/blog/signal.html
Surprise!
That Signal:
- isn't really free/libre software (as Moxie denied freedom to redistribute modified version)
- would *never* federate (political choice of centralization)
- updated server software wasn't published
- invaded people's phonebooks
- runs on Amazon+NSA's infrastructure
- is virtually impossible to use out of Google's infrastructure -
- etc.
...didn't seem to be enough to alarm Signal users.
X_Cli
boosted
The #Signal messenger has become very problematic lately, and most of its problems come from it being centralised.
You may want to follow and support a decentralised messenger project instead, there are many of them on the Fediverse:
➡️ @snikket_im - New initiative giving XMPP servers & clients a newbie-friendly unified look and feel
➡️ @xmpp - The XMPP standards foundation
➡️ @matrix - Matrix is best known for its Element client
➡️ @delta - Messaging through email
➡️ @briar - P2P messaging
https://docs.python.org/3/library/os.path.html#os.path.join
```
>>> pathlib.Path('/titi') / '/toto'
PosixPath('/toto')
```
> If a component is an absolute path, all previous components are thrown away and joining continues from the absolute path component.
I wonder how many path transversal injections are enabled by this behavior.
Apparently, someone thought that was a good idea. To that person, I say "fuck you".
#Python is a horrible language. Just don't.
https://social.nah.re/@alex/106011448319986577
People ranting about OpenPGP integration (or lack thereof) in Thunderbird always make me laugh. The issue is not integration. OpenPGP as a format should die. Now.
X_Cli
boosted
I'm very grateful to David for putting this to succinctly: /etc/resolv.conf
(/via https://twitter.com/dave_universetf/status/1374239110857035783)
X_Cli
boosted
RT @josecastillo
Selected machine learning attacks; first in a series.
1. Cyberpunk
2. Looney Tunes
3. Magritte
4. Witchcraft
Debian Python maintainer is refusing to compile Python with PIE. This has been the case for years and years and in bullseye, PIE is explicitly disabled because the default flags (rightfully) enable it by default.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919134
So sad to see such a distro undermined by that kind of maintainers.
I have production networks where Suricata (all versions, old old stable, old stable and stable) is returning false negative reports on 25% of suspicious files. I filled a bug report 9 months ago, with a pcap sample to reproduce the bug, and an analysis. The devs and community could not care less. I am baffled. It seems to me you have to takedown bugs by yourself if you want something fixed. Sad.
X_Cli
boosted
Petit fil en guise de #mémo pour le #téléenseignement (au cas où on ne soit pas les seul‧e‧s confronté‧e‧s au problème un an après tout le monde...):
Tout d'abord, un peu de lecture:
https://framablog.org/2020/08/27/quelques-conseils-pour-tele-enseigner/
If you are a junior developer, please don't write that you are a full stack developer. Understand that people with years of experience don't dare write that. You are either showing that you don't know what you want to do, or that you are delusioned and full of yourself and need to learn about the Dunning Kruger syndrom.
X_Cli
boosted
#JeRecrute (Enfin, mon employeur). Deux CDI.
Ingénieur informatique orienté R&D https://www.afnic.fr/fr/l-afnic-en-bref/recrutement/offres-d-emploi/ingenieur-r-d-labs-h-f-cdi-4.html (#DNS et autres trucs)
Juriste https://www.afnic.fr/fr/l-afnic-en-bref/recrutement/offres-d-emploi/l-afnic-recrute-1-juriste-d-entreprise-junior-h-f-3.html (entre autres les procédures internes de résolution des litiges)
Allez-y pour les RT, les boosts, les partages.
Do you have a hard time recruting a system developer? It's been six months and I am still searching and found noone. I'm not saying we can't interest them with a good package and they choose to go elsewhere. I'm not even having good resume in my inbox. Do you share that experience?
Je suis toujours à la recherche d'un dev système Python/Go. Télétravail OK en France. Boite de sécurité informatique, création de poste, ASAP. https://www.welcometothejungle.com/fr/companies/gatewatcher/jobs/developpeur-systeme_paris
X_Cli
boosted
Attestation COVID-19 en ligne : un outil de surveillance globale sur Internet ? https://www.broken-by-design.fr/posts/attestation-covid-19/
Je me demande s'ils sont débiles et négligeants ou malveillants. Je vois pas de troisième voie.
- Real Name
- Florian Maury
- Occupation
- Network Guardian Angel
I am a RNG (Random Network-#infosec Guy): do not expect better toots than those produced by an infinite number of monkeys. #Antispeciesist
Joined Nov 2017
