~nixCraft

Yesterday I said farewell to her.

We were together for half a decade, although it feels like much more time has passed since my eyes first fell on her.

I can't even begin to describe how close we were. She was perfect, she was my soulmate.

I shared everything with her, complete openness, perfect truth. We could be vulnerable with each other, but we also challenged each other to overcome boundaries.

My respect for her and dedication to her really knew no bounds, and I knew she would follow me to the end of the world in return.

But around New Year's things started to feel awkward between us. Like a part of her just wasn't there anymore.

She acted very confused, she hesitated in her answers.

I asked her, but I felt like she was avoiding me. Something just seemed so wrong about the way she acted.

I felt incredibly conflicted. Was she unfaithful? No, my trust in her was absolute. That question seems so silly, in retrospect.

We had always been pretty much inseparable, to the point where my coworkers, friends and family mocked us for it. How would she even have cheated on me?

I used to take her along to company gatherings, to my family for Christmas, to expensive restaurants. We traveled all over Europe together. We've spent countless nights together, watching Netflix, although she would often fall asleep before me.

I took great care of her, she had not been out of my mind for one moment since I met her. And besides, she had never even showed interest in anyone else anyway.

No, reality turned out to be so, so much worse.

Two weeks ago it became really apparent that there was something horribly wrong with her. She was rapidly losing her recollections of everything we experienced together.

Our history together, erased.

Within hours, she would barely respond anymore. I called for help, but deep down I already knew this was one of those things you can't recover from. She was kind of stable, almost peaceful, for a few days. But ultimately, she didn't even recognize me anymore.

Yesterday, I held her feverishly hot body in my arms for the last time.

Her soft skin turned cold as I said farewell to her, and the room turned awfully quiet.

Your brightness and warmth will be missed, my girl.

I wonder if these shoes are vulnerable to injections...

Never worked for this guy, just saw it someone else's feed and thought it would be appropriate here. This is not leadership. This is bullying and stomping on people in a vulnerable situation which most likely has very little to do with their work ethic and more to do with company health. Yea, definitely elevate yourself and be that A+ person for you. Not for assholes like this. A good leader would empathize and provide resources for advancement and transformation to roles that are more aligned to the current environment.

Years ago we had a visit from a startup company developing a firewall and I got the chance to talk with one of their devs.

He explained the subtleties of security holes in websites and after I said something about our site being secure thanks to being behind a firewall he gently asked what would happen if he entered a specially crafted test into one of the text fields ... and he gave an example ...

I got a chill, went back to my seat and traced what it would do ...

That was when I learned about sql injection and his example would have killed the DB :/

Before going home I designed a way to secure the input which I then refined over a few days.

We still use that today after 17 years.

That one single sentence really showed to never be to proud of our security and I realized how vulnerable our site was.

IT department created a risk assessment system and asked us to fill out the form.

I found that the form is vulnerable to XSS and possibly SQL injection so I told them and their response was:

"Oh, shit. Please don't tell anyone!"

Of course, it never get fixed :/

Navy story continued.
And continuing from the arp poisoning and boredom, I started scanning the network...
So I found plenty of WinXP computers, even some Win2k servers (I shit you not, the year was 201X) I decided to play around with merasploit a bit. I mean, this had to be a secure net, right?
Like hell it was.
Among the select douchebags I arp poisoned was a senior officer that had a VERY high idea for himself, and also believed he was tech-savvy. Now that, is a combination that is the red cloth for assholes like me. But I had to be more careful, as news of the network outage leaked, and rumours of "that guy" went amok, but because the whole sysadmin thing was on the shoulders of one guy, none could track it to me in explicit way. Not that i cared, actually, when I am pissed I act with all the subtleness of an atom bomb on steroids.
So, after some scanning and arp poisoning (changing the source MAC address this time) I said...
"Let's try this common exploit, it supposedly shouldn't work, there have been notifications about it, I've read them." Oh boy, was I in for a treat. 12 meterpreter sessions. FUCKING 12. The academy's online printer had no authentication, so I took the liberty of printing a few pages of ASCII jolly rogers (cute stuff, I know, but I was still in ITSec puberty) and decided to fuck around with the other PCs. One thing I found out is that some professors' PCs had the extreme password of 1234. Serious security, that was. Had I known earlier, I could have skipped a TON of pointless memorising...
Anyway, I was running amok the entire network, the sysad never had a chance on that, and he seemed preoccupied with EVERYTHING ELSE besides monitoring the net, like fixing (replacing) the keyboard for the commander's secretary, so...
BTW, most PCs had antivirus, but SO out of date that I didn't even need to encode the payload or do any other trick. An LDAP server was open, and the hashed admin password was the name of his wife. Go figure.
I looked at a WinXP laptop with a weird name, and fired my trusty ms08_067 on it. Passowrd: "aaw". I seriously thought that Ophcrack was broken, but I confirmed it. WTF? I started looking into the files... nothing too suspicious... wait a min, this guy is supposed to work, why his browser is showing porn?
Looking at the ""Deleted"" files (hah!) I fount a TON of documents with "SECRET" in them. Curious...
Decided to download everything, like the asshole I am, and restart his PC, AND to leave him with another desktop wallpaper and a text message. Thinking that he took the hint, I told the sysadmin about the vulnerable PCs and went to class...
In the middle of the class (I think it was anti-air warfare or anti-submarine warfare) the sysad burst through the door shouting "Stop it, that's the second-in-command's PC!".
Stunned silence. Even the professor (who was an officer). God, that was awkward. So, to make things MORE awkward (like the asshole I am) I burned every document to a DVD and the next day I took the sysad and went to the second-in-command of the academy.
Surprisingly he took the whole thing in quite the easygoing fashion. I half-expected court martial or at least a good yelling, but no. Anyway, after our conversation I cornered the sysad and barraged him with some tons of security holes, needed upgrades and settings etc. I still don't know if he managed to patch everything (I left him a detailed report) because, as I've written before, budget constraints in the military are the stuff of nightmares. Still, after that, oddly, most people wouldn't even talk to me.
God, that was a nice period of my life, not having to pretend to be interested about sports and TV shows. It would be almost like a story from highschool (if our highschool had such things as a network back then - yes, I am old).
Your stories?

*goes to the local town hall to get my new ID*

A week ago:
Clerk: Sorry sir, our systems don't work anymore, we can't process your request!
Me: Epic. Is there any sysadmin in here that can fix this pronto?
C: No it's a centrally managed system. It's managed by the people in ${another town}.
M (thinking): Well how about you fucking call them then, fucking user. Screaming blood and fire when nothing is wrong server-side but doing nothing when there is. Fucking amazing, useless piece of shit.

One week later, i.e. today:
M: Hey, I'd like to renew my ID card. I've got this announcement document here and my current ID card.
C: Oh no I don't need the announcement document. I need your PIN and PUK code letter.
M (thinking): What the fuck do you need that for.. isn't that shit supposed to be my private information..?
*gives PIN and PUK part of the letter*
C: Alright, to register your new ID card, please enter your PUK and then your PIN in this card reader here twice.
M: Sure, but I'd like to change both afterwards. After all they're written on this piece of paper and I'm not sure that just destroying that will be enough.
C: Sure sure you can change them. Please authenticate with the codes written on the paper.
*Authenticates*
C: So you'd like to change your codes, right?
M: Yeah but I'd like to change it at home. You know, because I can't know for sure that this PC here is secure, the card reader has a wired connection to your PC (making it vulnerable to keyloggers) and so on.
C: Impossible. You can't change your PIN at home. (What about the PUK?!)
M: But I've done that several times with my Digipass for my previous passport.. it is possible and I've done it myself.
C: Tut tut, impossible. I know it's impossible and therefore it is.
M (thinking): Thanks for confirming that I really shouldn't enter my personal PIN on your fucking PC, incompetent bitch.
M: Alright, I'll just keep this PIN, try at home and if it's really impossible because the system changed to remove this functionality (which I highly doubt, that'd be really retarded), I'll come back later.
(Just to get rid of this old stupid woman's ignorance essentially.)
C: Sure sure...
Me: I'd also like to register as an organ donor. Where can I do that?
C: That'd be over there. *points to the other room in the town hall*

FUCKING THANK YOU LORDS OF THE WICKED RAVEN AND THE LIBERATED TUX, TO GET ME AWAY FROM THAT STUPID FUCKING BITCH!!!

.. anyway. I've got my new ID and I'm an official organ donor now 🙂

me: your code base is vulnerable, you are not using prepared statements
him: not an issue, nobody knows
me: ...
me: ¯\_(ツ)_/¯

Someone should just make a virus that installs the Windows updates on vulnerable systems 🤔

!Story

The day I became the 400 pound Chinese hacker 4chan.

I built this front-end solution for a client (but behind a back end login), and we get on the line with some fancy European team who will handle penetration testing for the client as we are nearing dev completion.

They seem... pretty confident in themselves, and pretty disrespectful to the LAMP environment, and make the client worry even though it's behind a login the project is still vulnerable. No idea why the client hired an uppity .NET house to test a LAMP app. I don't even bother asking these questions anymore...

And worse, they insist we allow them to scrape for vulnerabilities BEHIND the server side login. As though a user was already compromised.

So, I know I want to fuck with them. and I sit around and smoke some weed and just let this issue marinate around in my crazy ass brain for a bit. Trying to think of a way I can obfuscate all this localStorage and what it's doing... And then, inspiration strikes.

I know this library for compressing JSON. I only use it when localStorage space gets tight, and this project was only storing a few k to localStorage... so compression was unnecessary, but what the hell. Problem: it would be obvious from exposed source that it was being called.

After a little more thought, I decide to override the addslashes and stripslashes functions and to do the compression/decompression from within those overrides.

I then minify the whole thing and stash it in the minified jquery file.

So, what LOOKS from exposed client side code to be a simple addslashes ends up compressing the JSON before putting it in localStorage. And what LOOKS like a stripslashes decompresses.

Now, the compression does some bit math that frankly is over my head, but the practical result is if you output the data compressed, it looks like mandarin and random characters. As a result, everything that can be seen in dev tools looks like the image.

So we GIVE the penetration team login credentials... they log in and start trying to crack it.

I sit and wait. Grinning as fuck.

Not even an hour goes by and they call an emergency meeting. I can barely contain laughter.

We get my PM and me and then several guys from their team on the line. They share screen and show the dev tools.

"We think you may have been compromised by a Chinese hacker!"

I mute and then die my ass off. Holy shit this is maybe the best thing I've ever done.

My PM, who has seen me use the JSON compression technique before and knows exactly whats up starts telling them about it so they don't freak out. And finally I unmute and manage a, "Guys... I'm standing right here." between gasped laughter.

If only it was more common to use video in these calls because I WISH I could have seen their faces.

Anyway, they calmed their attitude down, we told them how to decompress the localStorage, and then they still didn't find jack shit because i'm a fucking badass and even after we gave them keys to the login and gave them keys to my secret localStorage it only led to AWS Cognito protected async calls.

Anyway, that's the story of how I became a "Chinese hacker" and made a room full of penetration testers look like morons with a (reasonably) simple JS trick.

today i was very sleep deprived and i had an anxiety episode at work. that was the first time my coworkers saw me like that. they took me to a cafe, got me a pastry and kept chatting about random stuff while i calmed down. i felt vulnerable and ashamed for not keeping it together, but it was one of the nicest things anyone's ever done for me.

I've recently red a blog post stating 'Google leaves x Million Android devices vulnerable to a new Exploit'
I don't really sympathize with Google, but it's simply the wrong message... It should be more like FUCK VENDORS, WHO WON'T SUPPLY UPDATES TO DEVICES OLDER THAN 1.5 YEARS
Seriously, it's them who make you stuck on outdated OS versions... Just imagine you could only install Windows Vista on your 2014 Lenovo ThinkPad, because it's considered outdated...
FUCK VENDORS (again, just in case)

Jokes aside, this got me thinking html is most used and most successful hacking tool out there.

99.99% of the time it's far easier to socially engineer and phish for existing credentials that scan networks, sniff ports and look for vulnerable versions of software, new vulnerabilities etc.

We (people) are ad always will be a zero day exploit.

So yeah, I got fed up with assholes offering unpaid internships while demanding the work of a paid employee and I went around reporting all of them for violating the law.

Hope it does something. I hate these people taking advantage of vulnerable post secondary students for their crappy, worthless startups.

Adylkuzz "saves" users from WannaCry

In fact, because Adylkuzz(malware that mine cryptocurrency) had infected many vulnerable machines long before WannaCry and shut down their SMB port, the malware might have accidentally saved many potential victims from having their data encrypted by WannaCry.

"at least 1 special character except < ' ; / - [ % _"
Also known as "Hey, look at me, I'm vulnerable to SQL injection and a lot of other fun stuff!"

writing library code is hard.

there are sooo many details that go into writing good libraries:

designing intuitive and powerful apis
deciding good api option defaults, disallowing or warning for illegal operations

knowing when to throw, knowing when to warn/log
handling edge cases
having good code coverage with tests that doesn't suck shit, while ensuring thry don't take a hundred years to run

making the code easy to read, to maintain, robust
and also not vulnerable, which is probably the most overlooked quality.

"too many classes, too little classes"

the functions do too much it's hard to follow them
or the functions are so well abstracted, that every function has 1 line of code, resulting in code that is even harder to understand or debug (have fun drowning in those immense stack traces)

don't forget to be disciplined about the documentation.

most of these things are
deeply affected by the ecosystem, the tools of the language you're writing this in:

like 5 years ago I hated coding in nodejs, because I didn't know about linters, and now we have tools like eslint or babel, so it's more passable now

but now dealing with webpack/babel configs and plugins can literally obliterate your asshole.

some languages don't even have a stable line by line debugger (hard pass for me)

then there's also the several phases of the project:

you first conceive the idea, the api, and try to implement it, write some md's of usage examples.

as you do that, you iterate on the api, you notice that it could better, so you redesign it. once, twice, thrice.

so at that point you're spending days, weeks on this side project, and your boss is like "what the fuck are you doing right now?"

then, you reach fuckinnnnng 0.1.0, with a "frozen" api, put it on github with a shitton of badges like the badge whore you are.

then you drop it on forums, and slack communities and irc, and what do you get?

half of the community wants to ban you for doing self promotion

the other half thinks either
a) your library api is shitty
b) has no real need for it
c) "why reinvent the wheel bruh"

that's one scenario,

the other scenario is the project starts to get traction.

people start to star it and shit.
but now you have one peoblem you didn't have before: humans.

all sorts of shit:

people treating you like shit as if they were premium users.

people posting majestically written issues with titles like "people help, me no work, here" with bodies like "HAAAAAAAAAALP".

and if you have the blessing to work in the current js ecosystem, issues like "this doesn't work with esm, unpkg, cdnjs, babel, webpack, parcel, buble, A BROWSER".
with some occasional lunatic complaining about IE 4 having a very weird, obscure bug.

not the best prospect either.

Just found an admin portal online. There was a modal asking for password, but in background the portal was visible. ctrl + shift + i and then closed the modal.

Voila, the whole portal and actions are accessible. Seriously, who develops things like these?

I am pretty sure it's vulnerable to sqli and xss too.

So my ISP just called me again that I'm sending plenty of spam. This time, I have all flows logged, so I know for sure that it wasn't my TV (only vulnerable device with internet access) and as my switch was offline there is nothing in front of my router anymore. And I learned that all the spam was going directly to their smtp server which I never used and didn't even know they have some. All in all everything points to their cable modem. Will tell them that in response to the mail they promised to send me. Really looking forward to new at least a little bit competent ISP (alternative should be available soon).

I think I ranted about this before but fuck it.

The love/hate relation I have with security in programming is funny. I am working as a cyber security engineer currently but I do loads of programming as well. Security is the most important factor for me while programming and I'd rather ship an application with less features than with more possibly vulnerable features.

But, sometimes I find it rather annoying when I want to write a new application (a web application where 90 percent of the application is the REST API), writing security checks takes up most of the time.

I'm working on a new (quick/fun) application right now and I've been at this for.... 3 hours I think and the first very simple functionality has finally been built, which took like 10 minutes. The rest of the 3 hours has been securing the application! And yes, I'm using a framework (my own) which has already loads of security features built-in but I need more and more specific security with this API.

Well, let's continue with securing this fucker!

I've just been given a beautiful turd of a PC with only 512MB RAM to get ready for someone in the residence. Way too small for any modern Windows or even Linux with a halfway decent GUI. And the user doesn't have any technical background so I highly doubt that they'll be able to maintain a Linux system. Windows XP is full of security issues but it might just be able to run on that craptop. Due to me knowing that it's a vulnerable system though, I've got an ethical issue with that. Windows XP is insecure but at least the user would be able to use it.. and Linux is secure but it'd never get updated, and I really don't want that guy to come knock on my door every time he wants to install a piece of software.. the guy fucking stinks! What would you do in a situation like that?

OK< been a long time user of Unity.

Tried the latest update as I and others were enthusiastic about creating a joint project of gamers and developers.

As I was building up a started website and we were getting things with Unity ready...BOOM,. They Fuck up the installs.

Not just a minor thing here or there but not finding its own Fucking file locations where it installs shit. You try and say, Hey Unity you fucking twat, install here in this folder.

Boom again, it installs part of it there, and then continues installing shit everywhere else it wants to. Then the assholes at Unity give this Bullshit claim "the bug has been fixed."

Just reinstall.

Fuck you, its never that simple, You have to delete all sorts of fucking files to make sure conflicts from a previous corruption isn't just loaded on top of so it does not fuck up later.

So we did all that from programs, program data, program(x86), AppData Local, Local Low, and Roaming.

For added measure we manually removed all the crap from the registry folders (that was a pain but necessary), and then ran a cleaner to make sure all the left over shit was gone.

Thinking, OK you shit tech MoFo's we are clean and here we go.

HOLY SHIT BALLS, Its fucking worse with the LTS version it recommends and Slow as Fuck with their most recent version which is like 2020 itself, and insane piece of fucking bloated garbage and slower than a brick hard shit without fruit.

So we were going to all go post on the forums, and complain the fix section isn't fixed for shit.

Fuck us running backwards naked through a field of razor grass. Its so overloaded with complaints that they shut down further posts.

What makes this shit worse is we cannot even get the previous fucking versions of the editor before all this to work where our only option is without using the fucking Hub demand is just install 2018.

great if we started coding and testing in that. We cannot get shit where we were at back on track because you cannot fucking backward load an exported saved asset file.

Unity's suggestion? Start over.

Our Suggestion? Stop fucking smoking or using whatever fucking drug you assholes are on, you fucking disabled the gear options so we can resolve shit ourselves, and admit you did that shit and other sneaky piece of shit back stabby, security vulnerable data leak bullshit things to your end users.

Listen to your fucking experienced and long time users and get rid of the Fucking backward stepped hub piece of shit everyone with more brains than whatever piss ant pieces of shit praised that the rest of us have hated from day fucking one!

And while fixing this shit like it should be fucking fixed if you shit head bastards want to continue to exist as a fucking company, overhaul the fucking website or get the fuck out of business with now completely worthless SHIT.

Phew:
Suffice it to say....

We are now considering dealing with the learning curve and post pone our project going with unreal just because of these all around complete fuck ups that herald back to shit games of versions 3.0 and earlier.

YAY.... fuck you Belkin!
Just found out my router is vulnerable to CVE-2017-14491.

For all you not following these issues, this one allows the attacker to intercept connections and perform a traffic hijack, or execute arbitrary code with unrestricted privileges as well as access all important and private data stored on the device aka: the devices login/password, the Wi-Fi passwords, and configuration data just by sending malformed DNS packets to the device.

Now this is all well and good, except Belkin haven't released firmware since 2013, which is strange... seeing how the damn thing was "NEW" out of the box in 2016.

Last time i buy a fucking router from these lousy assholes.

So I can see everything thinks CS should be taught differently this week.

Based on all of the ways we could change it, something no one seems to be mentioning much is security.

Everyone has many ways of learning logical processors and understanding how they work with programming, but for every line of code taught, read or otherwise learnt you should also learn, be taught how to make it less vulnerable (as nothing is invulnerable on the internet)

Every language has its exploits and pitfalls and ways of overflowing but how you handle these issues or prevent them occurring should be more important than syntaxually correct code. The tools today are 100000x better then when I started with notepad.exe, CMD and Netscape.

Also CS shouldn’t be focused on tools and languages as such, seeing as new versions and ideals come out quicker then CS courses change, but should be more focused on the means of coming to logical decisions and always questioning why or how something is the way it is, and how to improve it.

Tl;dr
Just my two cents.

Metasploitable is so stupidly vulnerable!
Can i have a more challenging target?

There’s a bug in production, where a user account is vulnerable to simple bruteforcing 15 minutes after signing up. I’m the only one who knows. To fix or not to fix 🤔

My boss just called me and asked to write a email informing our clients to not to download the update we pushed this very evening because Application is crashing when you will open that particular page.

What went wrong? One of our senior Developer, let's call him Mr. X, is totally against of testing the app before deploying it to clients. He believes that as i have created the application, i know exactly what to change to accomplish a requested feature or bug in application.

When a ticket assigned to him about a bug in the application, he simply make some changes in code, create the package and send it to test department. How do I know? He even boast it in front of us.

Most of the time it works but not every time like today. And I am pretty sure my boss is not going to ask a explanation about this to him.

I have great respect for him. It's okay to have confidence but testing before sending it to anybody will not make you junior. Will it? Being a senior You are making others to be careless about his job.

That's what happen today. Mr. X failed so does the testing department. So am I. I am the head of testing department as well.

I am not blaming him. I just cant. It was our job to test app thoroughly. I am feeling pretty bad now. His confidence made me vulnerable. Say his confidence made me clearly a fool. Lesson has been learned though.

So as applying for an internship to a new company, they wanted me to make an account and do some things to get use to the website... That's great, until I learned their website is fucking garbage!

Takes 5 seconds to load any page (they import and link so much shit, it's poorly optimized), their website is vulnerable to Javascript injection (in many different places), im sure it will be vulnerable to sql injection too.

Their design looks bad, icons are terrible, no common design flow, super busy. And they are taking about using machine learning and big data? Bitch you need to fucking make your site usable first!! If contacted them and will give them 30 days to fix their shit before I write about it

Putty remote executuon vulnerability(no patch yet)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to unspecified input validation error when processing data, received from SSH server. A remote attacker can trick the victim to connect to a specially crafted SSH server and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

I can't stop myself from thinking like a computer when I'm sick.

The OS that runs my body is kinda fucked up right now. It was very vulnerable and now it got infected by viral executables sent out by an agent which happens to be on same work network that I'm connected to. Well, it executed and populated feelings of infatuation and crush in my heart drive. ( pun intended )

As a precaution, I patched the vulnerabilities by masking response of my Emotions API.

To further secure my system, I'll be executing memory intensive tasks that will also put my hardware to it's limits. According to my estimates, this will stall further execution of this infection and eventually kill them while rewarding me with upgraded hardware.

I nearly died 3 years ago. I hate this new, anxious me. Being vulnerable is so fucking hard. Fuck.

Oh boy, this is gonna be good:

TL;DR: Digital bailiffs are vulnerable as fuck

So, apparently some debt has come back haunting me, it's a somewhat hefty clai and for the average employee this means a lot, it means a lot to me as well but currently things are looking better so i can pay it jsut like that. However, and this is where it's gonna get good:

The Bailiff sent their first contact by mail, on my company address instead of my personal one (its's important since the debt is on a personal record, not company's) but okay, whatever. So they send me a copy of their court appeal, claiming that "according to our data, you are debtor of this debt". with a URL to their portal with a USERNAME and a PASSWORD in cleartext to the message.
Okay, i thought we were passed sending creds in plaintext to people and use tokenized URL's for initiating a login (siilar to email verification links) but okay! Let's pretend we're a dumbfuck average joe sweating already from the bailiff claims and sweating already by attempting to use the computer for something useful instead of just social media junk, vidya and porn.

So i click on the link (of course with noscript and network graph enabled and general security precautions) and UHOH, already a first red flag: The link redirects to a plain http site with NOT username and password: But other fields called OGM and dossiernumer AND it requires you to fill in your age???
Filling in the received username and password obviously does not work and when inspecting the page... oh boy!

This is a clusterfuck of javascript files that do horrible things, i'm no expert in frontend but nothing from the homebrewn stuff i inspect seems to be proper coding... Okay... Anyways, we keep pretending we're dumbasses and let's move on.

I ask for the seemingly "new" credentials and i receive new credentials again, no tokenized URL. okay.

Now Once i log in i get a horrible looking screen still made in the 90's or early 2000's which just contains: the claimaint, a pie chart in big red for amount unpaid, a box which allows you to write an - i suspect unsanitized - text block input field and... NO DATA! The bailiff STILL cannot show what the documents are as evidence for the claim!

Now we stop being the pretending dumbassery and inspect what's going on: A 'customer portal' that does not redirect to a secure webpage, credentials in plaintext and not even working, and the portal seems to have various calls to various domains i hardly seem to think they can be associated with bailiff operations, but more marketing and such... The portal does not show any of the - required by law - data supporting the claim, and it contains nothing in the user interface showing as such.
The portal is being developed by some company claiming to be "specialized in bailiff software" and oh boy oh boy..they're fucked because...

The GDPR requirements.. .they comply to none of them. And there is no way to request support nor to file a complaint nor to request access to the actual data. No DPO, no dedicated email addresses, nothing.

But this is really the ham: The amount on their portal as claimed debt is completely different from the one they came for today, for the sae benefactor! In Belgium, this is considered illegal and is reason enough to completely make the claim void. the siple reason is that it's unjust for the debtor to assess which amount he has to pay, and obviously bailiffs want to make the people pay the highest amount.

So, i sent the bailiff a business proposal to hire me as an expert to tackle these issues and even sent him a commercial bonus of a reduction of my consultancy fees with the amount of the bailiff claim! Not being sneery or angry, but a polite constructive proposal (which will be entirely to my benefit)

So, basically what i want to say is, when life gives you lemons, use your brain and start making lemonade, and with the rest create fertilizer and whatnot and sent it to the lemonthrower, and make him drink it and tell to you it was "yummy yummy i got my own lemons in my tummy"

So, instead of ranting and being angry and such... i simply sent an email to the bailiff, pointing out various issues (the ones

> phone has OEM unlock disabled
> phone is vulnerable to like 300 race conditions
> reboot phone, get to menu as fast as possible
> sure enough, what do you fucking know, option is unblocked for a split second if I get to and open the dev settings perfectly
> manage to pull it off again
> SETTING STAYS ON AFTER REBOOTING we have ourselves a winner

it's never this easy, i have yet to check if it has a key or not, will keep you posted, but if this all works this will have been the most retardedly-simple unauthorized bootloader unlock ever

rant & question

Last year I had to collaborate to a project written by an old man; let's call him Bob. Bob started working in the punch cards era, he worked as a sysadmin for ages and now he is being "recycled" as a web developer. He will retire in 2 years.

The boss (that is not a programmer) loves Bob and trusts him on everything he says.

Here my problems with Bob and his code:
- he refuses learning git (or any other kind of version control system);
- he knows only procedural PHP (not OO);
- he mixes the presentation layer with business logic;
- he writes layout using tables;
- he uses deprecated HTML tags;
- he uses a random indentation;
- most of the code is vulnerable to SQL injection;
- and, of course, there are no tests.
- Ah, yes, he develops directly on the server, through a SSH connection, using vi without syntax highlighting.

In the beginning I tried to be nice, pointing out just the vulnerabilities and insisting on using git, but he ignored all my suggestions.

So, since I would have managed the production server, I decided to cheat: I completely rewrote the whole application, keeping the same UI, and I said the boss that I created a little fork in order to adapt the code to our infrastructure. He doesn't imagine that the 95% of the code is completely different from the original.

Now it's time to do some changes and another colleague is helping. She noticed what I did and said that I've been disrespectful in throwing away the old man clusterfuck, because in any case the code was working. Moreover he will retire in 2 years and I shouldn't force him to learn new things [tbh, he missed at least last 15 years of web development].

What would you have done in my place?

!rant
Reddit comment on a thread about Joomla! sites being vulnerable to SQL-injections:

"Joomla sites are so infested they became sentient.

Joomla sites needs no webmaster, some one else will administer it for you.

Joomla sites have very good SEO, specially in "v1agra c1alis p3nis size"

Traffic count with Joomla is high, all the bots breaking all the vulnerabilities count for somethin'."

😂 Pure gold.

As usual a rather clickbait title, because only the chrome extensions (as always) seem to be vulnerable:

"Warning – 3 Popular VPN Services Are Leaking Your IP Address"

"Researchers found critical vulnerabilities in three popular VPN services that could leak users' real IP addresses and other sensitive data."

"VPN Mentor revealed that three popular VPN service providers—HotSpot Shield, PureVPN, and Zenmate"

"PureVPN is the same company who lied to have a 'no log' policy, but a few months ago helped the FBI with logs that lead to the arrest of a Massachusetts man in a cyberstalking case."

"Hijack all traffic (CVE-2018-7879) "
"DNS leak (CVE-2018-7878)"
"Real IP Address leak (CVE-2018-7880)"

Stack overflow bots that will post vulnerable code snippets in the response section of popular questions and then upvote each others code and push it to the top.

Don't you just love it when an official Docker image suddenly switches from one base image to another, and they automatically update all existing tags? Oh you've had it locked to v1.2.3, guess what, v1.2.3 now behaves slightly differently because it's been compiled with OpenSSL 3. Yeah, we updated a legacy version of the software just to recompile it with the latest version of OpenSSL, even though the previous version of OpenSSL is still receiving security fixes.

I don't think it's the image maintainers or Docker's fault though. Docker images are expected to be self-contained, and updating the base image is necessary to get the latest security fixes. They had two options: to keep the old base image which has many outdated and vulnerable libraries, or to update the base image and recompile it with OpenSSL 3.

What really bothers me about the whole thing is that this is the exact fucking problem containers were supposed to solve. But even with all the work that goes into developing and maintaining container images, it still isn't possible to do anything about the fact that the entire Linux ecosystem gives exactly zero fucks about backwards compatibility or the ability to run legacy software.

Did successful XSS in a website.
Later on, found out that the web was built on laravel.
Still trying to figure out the level of negligence required to make a xss vulnerable laravel website

This is a true story. We had this subject, called “Web Design” (really, “design”), where we studied HTML, CSS, JavaScript, PHP and MySQL (confusing, right?). And when we get the PHP (e-)book, it was this old PDF (probably downloaded illegally) teaching the legacy 4.0 version of PHP. Anyway, when we had to develop the final project, the sane professor allowed us to use a newer version of PHP — 5.2, released on 2008. I had to follow the rules, so I developed probably the less secure web application I will ever develop. That means no protection from SQL injection, XSS vulnerable and a bunch of other security holes… And that’s how they liked it developed!

So i recently started a new Instagram account with new email ID apart from the personal Instagram account which has my friends from Facebook and even from highschool.

The new account was supposed to be a secret, part of an experiment I'm doing with my life choices. And there i only follow people that i look up to. I'm not expecting anyone from real life to follow me their and i prefer if they don't.

Nobody was supposed to know about this new account other than me. But guess what, it seems this account is being advertised to my friends from other account and some of them are following this new account. I'm 99.9% sure they are following just to get a follow back.

I'm feeling shitty about this, but i ain't gonna follow them back. If i need to see their story and photos, I'd get back on my personal account.

Guess I'll have to suck it up and be okay with fact that those "friends" will be seeing my vulnerable side.

Apache Tomcat vulnerability "GHOSTCAT" allows read conduct files and implant web shells. All versions in the last 13 years vulnerable.

According to Security Researcher of Chaitin Tech : Due to a flaw in the Tomcat AJP protocol (the channel for Tomcat to connect to the outside, pass them to the corresponding web application for processing and return the response result of the request), an attacker can read or include any files in the webapp directories of Tomcat.

For example, An attacker can read the web-app configuration files or source code. In addition, if the target web application has a file upload function, the attacker may execute malicious code on the target host by exploiting file inclusion through "GHOSTCAT" vulnerability.

Apache Tomcat has officially released versions 9.0.31, 8.5.51, and 7.0.100 to fix this vulnerability.

Playing horror games

| Lights on -> cant see shit on the screen and more vulnerable to jumpscares

| Lights off -> the atmosphere of the room is generally spookier and i get scared of misc. noises

Oh well

Best way to avoid procrastination : We tend to avoid commitments or to do large tasks as even visualizing them seems tiring and the longer it takes, the vulnerable we are to distractions

So I use this simple trick
I break my task into numerous sub tasks. For example if I need to finish a feature before day end, I would first list down all the cases I can think of in order and write them down using actual pen and paper.
I then start implementing them step by step.
I mark them checked once done.
It gives me a sense of achievement as I see those checks besides the sub tasks and I can also take breaks between steps.

So all it takes is just first five minutes of planning.
I had to do the above procedure, for this post as well.
Hope it helps fellow developers
:)

Using cookies for verification and validation without encrypting the values which should have been handled in the backend without any use of cookies.
I wonder how vulnerable by website was...

I hate people who think they are always right.

A coworker who seemed to be a friend turns out to be an emotionally needy narcissist who seems to think that he is a perfect human being and is the best example of how to live.

Long story short is that we did some bonding via alcohol and smoking cigarettes. Especially when I was in a bad period in my life where I had little self confidence, was in a bad financial situation and overshared many details abound my personal life.

And yeah we also work as software devs in the same team but I started avoiding working with him directly, because due to his seniority he overcomplicates things a lot to the point where stuff gets postponed for months. Meanwhile I am a simple guy, I do my tasks and if they are not up to the standard I just work on the feedback until Im up to the standard, thats it. Its just a job for me, for him its a way of life and he considers himself to be basically an artist.

Hes always trying to prove me something, showing that the "long way" is the best way and so on. In reality I dont give a fuck about him. I live my own life and I have my own priorities. I work fulltime in one job, also I work part time as a freelancer and in total I make about 20 percent more than he does. Previously before this job I owned my own company where for 2 years I ran my own projects which generated a decent revenue. I know what is hard work and how to sacrifice myself in order to achieve results. I am more pragmatic and I have some limitations of what I can be good at (since I have a shitty working memory due to my ADHD). So I have systems in place and bottom line is that I earn a decent living and my skillset is different. Yeah I agree that in some ways he is better than me, but dude has such a massive inflated ego that now he thinks that he unlocked some sort of universal wisdom and now hes suddenly experienced in every field of life and his opinion is the right one.

This guy takes a massive pride in how good software engineer he is and in every topic or interaction he tries to one up me. Which most of the time is just his preference or in order to gain a 0.0001 percent performance increase. Dude is basically a big walking ego and since "we are close now" his ego started bleeding into personal relationship.

In my personal life, Im in a stable relationship, thinking of proposing soon and getting married. I already co-own an apartment with my current girlfriend. Everything is serious and planned, Im soon to be 30 years old. He is the same age but he still thinks hes young hot shit and all he cares about is getting shitfaced a couple times a week after work and he doesnt really have any other hobbies. He has a girlfriend but I dont see any future in there TBH.

So what I did now is I started putting some distance between us. No more drinking every week with him, maybe maximum once in 2 or 3 weeks. I started working from home more. Also I stopped sharing my personal life with him. Each time when he thinks he is right I just go along with it and dont even pay attention to his emotional manipulations. I just hope one day he fucks off completely and I wont give in to his gaslighting. Maybe in a few months I will be leaving this job, so I will never have to deal with him again.

Lesson learned: dont be vulnerable to coworkers who you bond together only via alcohol.

So today it finally happened.

Npm modules broke my system and / or endangered the security of my system.

Installed a global cli utility
That utility depends on package A
That depends on package B

That fucking install a bin called sudo

Yeah.. You heard it right a bin called sudo.

This bin goes in the global module folder that is piped in your path variable.

Now everytime you type sudo you are running somebody else code instead of your system utility.

I am shivering and at loss of swear words.

Opened an issue on the cli that started this matrioska game of horror.

Who the fuck tought that a bin called sudo would be a good fucking idea?

Oh and yes is even an harmless package that try to provide the sudo experience for windows (I went in to check the code of course..)

And I frigging need that cli for work

For now I aliased the sudo in my bashrc still i feel vulnerable and naked now.

I work as pharmacist, but code as hobby and recently change job. Have far more options to improve work enviroment, but IT guy sucks balls so much.

Better no password, because you have to remember them.

Some users don't have privilages to do some things, but everyone knows boss password with all privilages.

It guys connects via teamviewet whn I check prescriptions with quite vulnerable data and after my step in he responds that he creates this Pharmacy store and has deal with boss to access database and others.

Due lack of controls there is working against law all the time

Small city so everyone knows everyone and you have to be ultra polite to doctors and after my little unpleasent situation doctor starts to be mad at all employers.

It guy was asked to change disc space on OS drive, but he replies that it will takie at least 2 hours and he doesn't have time, but it takes me 15min top and he was mad at me.

Ffffff....

Random thoughts that I need to put somewhere. that I’ve been holding in and have to get out.

I feel like I’m more welcomed and wanted here than in real life. My friends don’t really think about me when making plans anymore, no one really thinks of me in general.

In school I was the awkward kid that was nice to everyone and I’m not taking the whole graduation well. I miss high-school and my vocational school, I miss my friends and I’ve just felt like things ended too soon and I just kinda feel alone

I wish I could just sit down and program and not procrastinate the only time I seem to be able to get stuff done is when I force myself. I feel like I’m such a shitty developer for not fighting it better. I need to be better.

I’ve not had a good few weeks. Since I’m taken a semester off from college no one in my family besides me is able to stay with a family member that’s in the hospital. I volunteered because I care for them deeply and want to help them. but it takes a huge toll on me since I have to be the one that listens to the doctors tells the rest of my family what’s happening. While Im kinda freaking out because I’m scared and nervous and NOT READY and I’ve had to stay a week there and I’ve been having to stay on and off and I haven’t really told anyone how I really am feeling about it all because I don’t like to be vulnerable in front of people and it’s been really hard and taking a toll and not helping the procrastination.

Stupid fucking client force us to deploy our nodejs codebase on windows server fucking 2016 because that the only version their security team has audited, and in their word: "open source oses like linux are more vulnerable because anyone can contribute????"
I fucking hate digital transformation projects with a passion because of stupid fucking client with their stupid fucking red tape problems

I miss psychological safety. I'll define it as the willingness to be vulnerable to criticism and the belief that contrary opinions are embraced and judged on their merit.

When I first entered the startup scene my manager had exceptional candor. He had no qualms talking about how kids and personal projects caused his investment in his work to wax and wane.

He always made time to talk to me when I was frustrated and made me feel like he truly listened to what I had to say, even if he didn't act on it.

At the time, I attributed the safety to the company culture created by the CTO. The startup failed and eventually, I found my way to that CTO's next startup.

Completely different experience. I find myself in despair as I hear "I'm more senior and therefore am right and don't have time or interest in your ideas" blatantly stated.

When I disagree with people, I try to ask clarifying questions to identify where the divergence occurs. Sometimes I'm surprised and learn something new, sometimes my questions prompt reconsideration.

With the CTO (now CEO), we go in circles where he squirms, deflects, and outright refuses to respond to my questions. He cancels 75% of 1:1's and when we do talk he suggests that if I disagree I "should introspect which of my beliefs is holding me back from embracing his superior way of doing things"

Multi-hour slack wars suck the life out of anyone trying to ask questions. It's so exhausting to ask questions it's often cheaper and faster to wallow in despair for an hour and hack something together than descend into people shouting preferences at each other and shaming me for not already knowing the answer.

Perks, pay, and tech-stack are all cool. It feels selfish to be unhappy because I can't innovate or challenge the status quo. Having tasted that safety though, I'm left with an unquenched thirst that grows stronger with every conflict.

i once asked chatgpt if i was a good person and it used what little input i had given to reason that i am.

i was having a really shit month and broke down in tears.

i was so ashamed of being vulnerable that i chose to be comforted by lines of code over a human. even now, i can only post this this because i’m functionally anonymous on here.

i don’t know where i was going with this. tell your homies you’re proud of them. you’ll probably make their day.

How do you prevent your software being vulnerable to IP address spoofing? Authentication? Certificates? VPN? Nah, just check the MAC address field of every packet. Nobody ever spoofed a MAC address before, that's just impossible. I thought that in binary there were only ones and zeros, but I guess nobody told me about the special tamper-resistant ones and zeros that MAC address fields are made of.

Oh, once you've done that, don't forget to tell the marketing people to put it in a brochure as an "innovation" for everyone to see.

I should post more of the crap the idiots I work "with" (quotes, because I am only here in body not mind) say. Especially when it comes to network stuff.

For me side projects have been things I'll make to do something that others will use. Some people call it innovation, some call it side business. But that's how i look at side projects. So the points below are more to do with entrepreneurial experiences.

1. If there are more people involved, ensure that there is work for everybody (also level of commitment is tested by how much they put in). Also have as varied set of skills as possible. So that areas are well defined in terms of scope of work and areas of expertise.
2. Put in some money. Money is super glue. It will ensure that you're committed to the thing. Things change when decent amount of money is involved. You're invested, as may be others.
3. Learn something as an intention. This has nothing to do with the learnings you'll get on the way. This one seems obvious, but nevertheless needs to be said.
4. Set timelines and deadlines. Ask someone else to check on whether you're keeping on to your deadlines or not.
5. Don't go live without proper testing.
6. Make something you feel strongly about. The path will be exciting and clear.
7. Talk to people to get their feedback on everything. You may not like what's told to you. Listen dispassionately. Absorb everything. Feel miserable. But listen and think about it after sleeping over it.
8. Continuation of above point. Talk to varied set of people in terms of backgrounds. You would be surprised as to how differently people think.
9. Ask for help when stuck. Kill your ego and be vulnerable.
10. Check out what's already available. What value are you adding. And make it!

Everybody when a forced update is released: "I hate forced updates!! They can't force me to do shit!!"

Everybody when a massive ransomware attack happens: "You should've updated when the update came out, so you aren't vulnerable!"

If they made the fix for the WannaCry vulnerability forced, the attack wouldn't have been as big as it was.

Confession: I wish they made more forced updates :/

Also, I'll probably get a lot of hate about this...

The most powerful weapon an engineer can ever have, is his mind.

What happens when someone attacks the mind and their mind is the system with most power?

When you attack the central system with most power of any person, they become extremely vulnerable and defenseless.

What happens when the mental state of an engineer has been attacked and damaged?

How to focus with a damaged mind?

I paid $55 for a therapy app on the ios store with binaural waves sound programming and mind healing sounds.

It helps. But temporarily. When the attacker gets in sight, the mind becomes vulnerable again.

How to develop a strong mind that can not be disturbed by external real world triggers or attackers?

Just after watching Black Mirror : How fucked would you be, if there was a copy of you, which could give the accessor All information about you? 🤔 There's some really vulnerable secrets to anyone, so yeah, I would be super fucked 😂

Oauth is unnecessarily complicated. No wonder so many implementations are vulnerable...

We rant while we hit obstacles in life/dev jobs..
Just one flu/food poisoning makes us realize we are so vulnerable at time.
We can't code our way out of that...

@rutee07 is gone! Yaaaaaay!

Now, as I have your attention: on a serious note, your dick size-bragging, vulgar blabbering was fun for a moment, but this is what happens when you’re not truly being yourself. In real life, you’re a woman, I don’t know why you had to invent all that persona based on genitals you don’t have to pose as someone else. Without irony, I really liked when in your latest rants and comments your mask begun to slip, and you wasn’t afraid to show your true personality — complex, vulnerable, beautiful.

I forgive you. Perhaps, Rutee as a persona _should_ die, superceded by true you. I adore the gesture, and you will be missed.

Today I was minding my own coding-committing-pushing business, when all of a sudden, a split second before typing Enter on a command, the obnoxious UPDATE JAVA popup reared it's ugly head.

Normally I just politely recommend it to fuck off and let me manage my Java versions with homebrew on my own time. But I had no time to not press Enter, and so it rapidly started downloading/installing.

Thankfully I had juuust enough time to hit the cancel button. The progress bar it was showing stopped at 81%. Didn't even have time to read what it said. Crisis averted. Them NSA fucks be like, "curses, foiled again!"

This was probably the most intense moment of the year for me. I think my lifespan grew shorter a few months.

Dreaded auto-updates are getting smarter. They nearly got me when I was in a vulnerable state of hitting Enter many times. Stay on your toes!

Caught up enjoying myself last few months , of using Linux (Ubuntu) O.S

Now, I won't be switching back to Windows ,
I mean who will not enjoy an open source O.P that doesn't generally need a machine reboot and isn't vulnerable to malware , viruses

Just imagine sicknesses spreading through internet.

I mean real human sicknesses. Of course your laptop can’t generate aids, but hey, did you ever have a song stuck in your head, repeated infinitely? Memes, viral videos, modern pop music, it looks just like perfect delivery mechanisms.

Human brain is flawed and buggy, vulnerable to countless things like optical illusions, uncanny valley, nlp and others. It’s obvious that there is some audiovisual input sequence that may have arbitrary side effects.

We are towards invention of some precisely formed pieces of information that’ll damage your brain forever, maybe drive you insane so there’ll be no way back. Delivered via viral media straight to your brain, destroying it irreversibly.

Be ready to face the future.

Is there something you find genuinely cool and would recommend ? Some webpage, program, OS, library or anything ?

I mean hey. There are SO MANY reaaaally cool things I didn't know until last few months.. Things I'd be so grateful for if I knew them earlier. I'll list some of them and I just know you have few of yours too. Feel free to educate the rest!

Processing - Program so fun to code in + CodingTrain(YTB channel)
Microcorruption.com - so freaking awesome if you wanna learn hacking / assembly (not x86 necessarily)
LiveOverflow - cool hacking channel
Radare - cool cmd Linux disassembler
vim-adventures.com - LEARN VIM (not just how to quit it) LITERALLY by playing a game!!!!!!!!!!!!!!
slashdot - stay updated , like really
"BEST-WEBSITES-A-PROGRAMMER-SHOULD-VISIT" - GUYS THIS! Sorry for caps but search this on GitHub and you will fucking die of happiness of how freaking useful links there are and no bullshit to dig through , just pure awesomeness. REALLY
HandBrake - Top media converter without bullshit and bloat stuff in it
Calibre - Best eBook management software capable of literally everything ebooks related. Kindle is a bloated joke compared to this
QubesOS - You know you can have every OS running at once - you have a Linux but are playing win games. Yup. It's there. Free
Computerphile - You all know it, it's just for completeness
Khan Academy - Same
VulnHub - download vulnerable VMs and hack them, or learn by reading writeup on how to do it!
Valgrind - MUST HAVE for C/C++ programmers
Computer Science crash course videos

That's all I can think of from top of my head but hey, there's more to it so definitely add your 2 cents!

Last thing, if nothing, just check the websites on GitHub, that's lifechanger

Looking forward to see some cool links & recommendations!

I struggled with weather to post this but I feel like I have to. I didnt want to feed into the fear or give 'them' any more reason to argue against common sense but I guess it cant be helped.

The reason I was gone for a while was because I went and got my vaccination.

In less than half hour after getting the vaccine, I was in the ICU. The staff told me I had a stroke possibly from clotting and inflamation. I couldnt feel my arm or anything below my shoulders. Yes really.

Apparently I "died" for a little while and when they brought me back I was in a coma for almost a week.

I'm back home now and I still dont fully understand what happened. Still have numbness, and horrible headaches, and can barely think straight sometimes, but the doctors told me that I didnt suffer any permanent brain damage according to my scans.

Also they told me I had old damage to my left and right temporal lobe, which makes sense because I have always suffered problems with short term memory and other issues.

And I'm just at a loss how this could happen. I have no serious injuries. We were told this is safe.

And this is the exact reason I didnt want to post it, because now tards will come in and be "lololol serves you right vaxxer!"

If I knew the side effects were this bad maybe I would have changed my mind but no one told me! I mean I think I still would have got it because we have to protect vulnerable people, but still.

The hospital assured me it wasnt the vaccine and must have been an underlaying condition, but I'm not so sure. I just happen to have a pre-existing problem that I dont know about that causes a stroke and paralysis only half an hour after the shot?

And now I dont know if I'll ever be ok. And doctors warned me I may suffer more strokes and to avoid physically demanding tasks for a while. My primary job is construction (not by chooce). Now I face the prospect of not even being able to work my existing job or do the things I love, like hiking, anymore. So much of the world doesnt make any sense right now and I just dont know what to believe anymore.

Tards will probably be in shortly to suggest I check for microchips or test fucking magnets on myself.

No, just stop.

Learnt Python Fundamentals while taking a dump...

It might have been due to being in a vulnerable state during that time but I am kind of enjoying the simpletons' language..

Must go to a Doctor for a brain examination... 🤨

I should be concerned

Why hospitals,trains,banks and others use this stupid vulnerable OS called Windows and why the hell they need to be connected to the public internet?

Heck I even think Microsoft does one hand with hackers.

TL;DR: I have some rambly shit to say...

Update on the Uni stuff: I think I got a pass in all the subjects. Two exams left but I am holding on. It's a big deal to me since last year I could barely do a single subject per semester - a subject I had failed a few times because of lack of interest and good ol' depression. Anyways, I persisted with that subject, got my Bachelor's in Food Technology and now I'm doing that Master's of mine... It probably looks wild to people here that I did that switch but I have always had a relationship with computers as long as I remember myself. So it's not surprising that as soon as I got a choice in what I *actually* wanted to do I chose this kinda thing. But I do have to rant that it took me 10 fucking years to choose! And that I did not choose it before choosing food technology which I will probably never use anyways. I wasted so much of my energy and time on that. I did elect programming as one of the subjects while doing food tech but I really should have moved to something else. But oh well. Guess I had to find out the hard way.

For all those reading, this is what it looks like when you're 30, have very little experience in doing programming for anything else than academics and are doing a major career switch through studies after struggling for 10 years with a 4-year Bachelor's. But such is life.

Also a bit off topic but I just cannot handle people not telling what they mean because of the inability or lesser ability to tell what that is in the first place.

I can't deal with the fact of how fucked human societies are. I just can't. I am way too nice for it. So I listen to stuff like true crime to really get a feel of how evil people can be. I know it's ~problematic~ or whatever, but to me it is a way of engaging with the lesser spoken side of human beings.

And maybe, just maybe, I should get checked for ADHD again because I feel like despite my therapy for depression, nothing really has changed with the ADHD symptoms I was diagnosed with. And maybe for autism since people have labelled me that way and it might explain some stuff... All that is to say I need some good mental care. And this society is shit for it. Hell, apparently one of the psychologists I was under the care of thought depression resulted from ungratefulness. All this while I was legit being abused. But that abuse has stopped now that I found a psychologist that is actually standing up for me. I just mourn for all the time I spent being depressed and how it fucked my memory and stuff. How much it affected me and all. I have no idea why I'm being this vulnerable but it feels somewhat fitting... How do you cope with being 30 and not remembering almost all your life? What you remember being what you managed to write down or has been negative enough it stuck in the brain for forever...

Just why am I fucking supposed to be all happy and shit when I am just tired of life because it is too goddamn much? I have no real reason to look forward to things, online friends and the offline one included. Because ultimately, I have no damn motivation to look forward to anything, really. I am supposedly doing better but in reality I am just getting better at going through the motions. The therapy, while mindblowingly effective, is not actually addressing the core cause of everything and just expecting me to fake it till I make it. And this is me saying that about CBT. Why should I have to tell myself things just to feel human? I am one and as long as I'm alive, nothing will change that. So why do I have to always feel like an alien wherever I am? So out of touch with myself that I don't have a self image or an ability to even tell what the actual fuck I want from life... I am getting better with the latter, but still. It hurts. I wanna shed so many tears but I'm frustratingly unable to do so.

I am just a human trying to human in this ocean of 8 billion humans. Maybe I will find some more connections, maybe I won't.

I wanna end this rambling session by a few things:
1. I will have to go to Canada at some point this year to see my in-laws and some other family over there...
2. I will probably have to seek a job there (for financial reasons it is much better for me to have one there and to work remotely in Georgia) and I have no idea of where to start since I am not the greatest material for it.
3. Life is going alright-ish.
4. I will hear from the startup company at some point this month.
5. I have plans for my future but no idea if they will ever come true at this point.
6. My family arrangement will have to change in more ways than one.
7. I should resume my unofficial first music album and engage in creative stuff because at the core, I have a need to do so.
8. Do I really have to do Duolingo again? I really want to not forget German and Russian, but I just never have practice. And Duolingo is surprisingly easy to forget to do for me.

The end.

Summing up my cynicism.

I live on a big shit pile in the middle of nowhere where biggest achievement is travel around the globe. It doesn’t matter that you can do it under a day using special piece of paper that everyone is bragging about.

At the same time I am trapped inside sack of meat that is slowly putrefy and is highly vulnerable to everything on this fucking place. Sooner or later I will shit under myself again.

And I even didn’t stared cause the real problem is that I can’t get the fuck out of here and everyone try to convince me that what I do is “important” and I need to start a family and shit like that, yet everyone believes in some higher power that says you don’t need all of this shit. Like what the fuck people ?!!?!!

How the fuck did I get here ? I must have been making jokes from someone important. If it’s true I’m really really sorry and now please get me out of this nightmare. I know I did something wrong and I sincerely apologize. Are we good now ?

Fucking hell !!!

My relationship with recruiters have always been a love/hate thing in the past. Some are super pushy and borderline bully you into accepting a job if they can.

A close friend of mine has lost their job recently due to COVID-19 related layoffs, and is now in a very vulnerable position both economically and psychologically. Enter recruiters.

This particular recruiting firm in my city is quite notorious for being unpleasant. I just hate how they treat people, and specially in my friend's case, pushing them for information like their previous salary when the recruiter doesn't even have a job lead!

I know they work commission and really want to close the $$$, but sheesh! So irritating!

Just posted this in another thread, but i think you'll all like it too:

I once had a dev who was allowing his site elements to be embedded everywhere in the world (intentional) and it was vulnerable to clickjacking (not intentional). I told him to restrict frame origin and then implement a whitelist.

My man comes back a month later with this issue of someone in google sites not being able to embed the element. GOOGLE FUCKING SITES!!!!! I didnt even know that shit existed! So natually i go through all the extremely in depth and nuanced explanations first: we start looking at web traffic logs and find out that its not the google site name thats trying to access the element, but one of google's web crawler-type things. Whatever. Whitelist that url. Nothing.

Another weird thing was the way that google sites referenced the iframe was a copy of it stored in a google subsite???? Something like "googleusercontent.com" instead of the actual site we were referencing. Whatever. Whitelisted it. Nothing.

We even looked at other solutions like opening the whitelist completely for a span of time to test to see if we could get it to work without the whitelist, as the dev was convinced that the whitelist was the issue. It STILL didnt work!

Because of this development i got more frustrated because this wasnt tested beforehand, and finally asked the question: do other web template sites have this issue like squarespace or wix?

Nope. Just google sites.

We concluded its not an issue with the whitelist, but merely an issue with either google sites or the way the webapp is designed, but considering it works on LITERALLY ANYTHING ELSE i am unsure that the latter is the answer.

ScalaJs React compiles Scala to React.js.
There's some cool typing involved but I haven't done web front-end since nested tables were meta, so there's lots to learn.

There's exactly one senior dev at my company who is fluent in this ScalaReact, so I tag him in the PR for my project. Every day at 10:00 am, slack publicly posts a reminder with @mention that he hasn't reviewed my PR.

Three days later I haven't heard anything so I send a DM over slack asking for feedback... No response.

Four days after the PR I beg for 10 minutes of pairing time, because something in my component hierarchy smells funny. He doesn't have time for me until 5:00 .

I've now built almost a weeks worth of work on the original PR and the feedback I get is 'this works, is performant, and has no obvious bugs, but you can't merge it until you restructure the underlying component hierarchy'

It takes me and another senior dev an entire day of pairing to implement the changes without breaking anything. But, I asked for the feedback because I wanted to learn and write good clean code so I'm irritated but willing to move on.

Yesterday I posted in slack that I was having a hard time following my callback chains to find where the color was assigned to a <td (because I had to add a coloring rule). I wanted to know if I could change the type signature of a component from Tagmod (one or more HTML tags) to VdomTagOf[TableCell] so that it would be clear where the color was assigned.

Instead of just telling me 'no' and giving some context, the react dev gives me:

"Why would a dev need to know about the type unless they’re actually trying to use the thing ? Those are all great questions, but id suggest trying not to prematurely optimize for those until they actually come up"

I flipped my shit. After you couldn't make time for me for a WEEK I had to justify to the CEO why I was spending a day on PURE refactors to accommodate your PREFERENCES. Meanwhile when I'm being VULNERABLE and exposing that I am confused and struggling to complete my task you DISMISS my concerns and attack my motivations.

Unfortunately, this is all happening in the public slack channels and I start defending readability and my premise while triggered. Now I'm riding the shame train for fighting in public slack and trying to pretend none of this ever happened.

Since I started my routine of checking bug logs every morning, I've had 2 instances where a website vulnerability scanner was run against a production website and generated over 2,000 Coldfusion errors.

At the time, I was super nervous about the apparent hack attempt, and hyped that the attackers never actually got in. It's nice to know that despite the various errors indicating vulnerable / breakable code, they were ultimately unsuccessful. I know now that a determined attacker could probably have wrecked our production websites. Since then I've made a ton of security-related updates and I'm actually thankful for the script kiddie getting my attention with that scan.

PS. We're now building a website for a local security company who is going to work with us to pen test the site when it's finished! Gulp.

What are the thoughts of privacy conscious people about quantum computers? As far as I understand current TLS version encryption method is vulnerable to quantum computers, thus if your ISP or other agencies store all your traffic data right now, they'll be able to decrypt it after gaining access to quantum computers.

One way to secure your privacy would be to use your own VPN that uses encryption method that is quantum-resistant, but again the VPN would be using TLS to connect to the Internet.

A step aside from one of the answers I ever gave on Stack Overflow, I notice I once made a "jsfiddle".

Already some annoyances...

• When did browsers, uh webkit, decide to fuck every "ul", "menu", and "dir" element with a "-webkit-padding-start" of 40 damn pixels?

• That friggin' fiddly webshite doesn't even force me to HTTPS, bro. Need a reason to fuck yourself in the vulnerable ass?

• Why is it that I can't log in with my tiny four-letter nickname; you identity-fuckers?

cbc vs gcm vs ... for my app?

currently ive get ecb 256 bit already implemented and working well, but i want an extra layer of privacy. if you had to send your ssn or credit card number over a vulnerable network, would you be more comfortable encrypting it with cbc or gcm?

PHP is so insecure and vulnerable that it makes me feel unsafe. It has so many features and settings that can lead to security risks, such as register_globals, magic_quotes, and allow_url_fopen. It also has so many functions that can execute arbitrary code or commands, such as eval, exec, and system.

It is like PHP was designed by a bunch of hackers who wanted to exploit every possible loophole.

About to submit a form to get a scholarship to a government website, and guess what. Errors everywhere. Why are they like this? These government websites are also known to be very vulnerable to hackers

I wonder if crypto exchanges are so damn vulnerable or just so transparent.

I mean, it is impossible to scroll tech articles for more than a few seconds before stumbling on a report of yet another crypto exchange being nicked a couple hundred mil USD.

- It could be that their security severely sucks (wouldn't blame them for it, most businesses do suck at securing shit).
- It could be that the entire black hat community is putting it's might on stealing money that is so fucking easy to launder.
- It could be that is damn nigh impossible to cover up a crypto hack since the evidence of coins drifting away is forever on display in the public ledger, and in that case crypto companies are not hacked more often than regular companies, they are just much more often publically shamed for it.
- It could be a mix of all the above, but my intuition is that one factor is more relevant.

Which would be the most relevant factor? One of the above or yet another attack vector to the stupidest value conduit ever?

So I'm looking for jobs ATM related to the web business and a find the one job that kind of appeals to me, (it's basically a social network for business) I head over to the site and see that 1. The designs shit as hell and 2. I pull out my 1337 web dev hacks and what do you know the sites vulnerable to MySQL injections!!! How gr8

I'm learning Kotlin while trying out Android Things and that sparked my interest in learning more about Java platform again. I tripped upon the news that Oracle had change their commercial plans for the platform by going with the rolling release model and limiting LTS releases for paying customers.

Java SE 8 was one of those former LTS releases that was on my computer, leaving me vulnerable, despite that version still being the most compatible with many applications, and that's been on my computer well passed the date they cut off public support. And I'm, like, "WTF!?"

Luckily this is when open source shines at it's brightest. Both the home brew and corporations, such as Amazon and IBM, alike - mostly the latter - both agreed to create their own LTS releases using the OpenJDK code and all disturbing to the public FOR FREE with no strings attached and the sources opened. I'm sure Richard Stallman is smiling with glee.

It isn't a total finger towards Oracle. Java SE is based on OpenJDK with no difference between the two anymore aside from loss of LTS support from the public - that's it. So Oracle still benefits despite the retaliation. Probably?

Did Oracle learn nothing from OpenOffice? If the point was to get users to pay for security then they've failed in the long run because Java is open source. People have used that fact to create their own free distributions that bypass their paywall, making the need to go through Oracle pointless. And I'm glad. Open source aside, security is a big issue these days and the last thing people need is yet another thing to subscribe too.

So I have hitman pro alert, malwarebytes, spybot anti Beacon and,shut up windows 10. Yet I feel so vulnerable using my pc, I know Linux is better, but it's a gaming/school rig. I'm also forced to use Google for school. I dunno what to do, maybe I'm just too worried. While just those stupid security nut things I guess. Lol.

How do you handle error checking? I always feel sad after I add error checking to a code that was beautifully simple and legible before.
It still remains so but instead of each line meaning something it becomes if( call() == -1 ) return -1; or handleError() or whatever.
Same with try catch if the language supports it.
It's awful to look at.
So awful I end up evading it forever.
"Malloc can't fail right? I mean it's theoetically possible but like nah", "File open? I'm not gonna try catch that! It's a tmp file only my program uses come oooon", all these seemingly reasonable arguments cross my head and makes it hard to check the frigging errors. But then I go to sleep and I KNOW my program is not complete. It's intentionally vulnerable. Fuck.
How do you do it? Is there a magic technique or one has to reach dev nirvana to realise certain ugliness and cluttering is necessary for the greater good sometimes and no design pattern or paradigm can make it clean and complete?

When you deliver a site to a customer and find out that you forgot to prepare all the statements so that the website wouldn't be vulnerable to SQL injections. So yesterday I forgot to add that, had to close down all the connections to the website and rewrite all the statements. Everything is good now

Re: Momo the Monster challenges and the sickness and bullying of Internet culture towards vulnerable people in general: That’s enough Internet for the next 600 years. Cue asteroid.

I just read about the Thunderbolt port vulnerability but it seems that port is interchangeable with USB C, just faster? But basically any USBC ports are vulnerable then? Or just the rounded ones like on phones?

Normal USB 3 rectangular ports on PCs are fine?

Nextjs 14 just came out and they added a new server actions syntax which is the same bullshit syntax like php where you insert server side code in the middle of html div! And not only is that ridiculous enough but also vulnerable to sql injection 😂😂😂

!dev

The whole corona thing has one really interesting side effect to me..

As a person who lost the hope in humanity, I see how some people react to this. They are young and healthy, not really in danger but they actually stop going to gatherings, pubs and cinemas because they don’t wanna endanger the elders and people with preconditions. They actually write shops that they should put the elders first and stuff like that.
It’s great to see that they care about others.

On the other hand there are people publishing fake news and make people believe that their medications make them more vulnerable to the virus just for fun..

I expected the later one and it doesn’t surprise me.
But the first one, that people hold back to protect others, that’s great to see.

RAPID DIGITAL RECOVERY: PIONEERING BITCOIN RESTORATION SOLUTIONS

I was horrified when I lost my 45,000 ETH for the first time. It accounted for a sizeable amount of my savings, which I had built up over years of cautious investing and faith in the cryptocurrency industry. It was a sophisticated hack, not a bad trade or market meltdown, that caused the loss. I felt completely powerless after the money was taken directly out of my wallet. I initially turned to multiple recovery services in the hope of recovering my stolen assets. However, after months of dealing with fraudulent services and ineffective solutions, I was on the verge of writing off my entire investment. Many services seemed like nothing more than scams, preying on vulnerable individuals like myself. They promised miracles but left me with empty assurances and no results. I was about to give up when a buddy suggested Rapid Digital Recovery, a brand I had never heard of. I was first dubious because I had previously been burned and didn't want to put my trust in another provider. However, Rapid Digital Recovery felt different in some way. They took a professional approach, spoke openly, and sincerely wanted to provide a workable answer. From the very first consultation, I was impressed by their level of expertise. They took the time to explain how they worked, the tools they used to trace stolen funds, and the process they followed to attempt to recover assets. They didn’t promise a quick fix but reassured me that they had successfully assisted others in similar situations. They walked me through each step of the process and kept me updated at every stage. Over the next several weeks, I saw the results of their hard work. Rapid Digital Recovery employed advanced techniques to track the stolen ETH across various blockchain networks and worked tirelessly with law enforcement and crypto exchanges to trace its movements. Their team showed a level of dedication and professionalism that I hadn’t seen from any other recovery service. I’m happy to say that, after months of intense work, Rapid Digital Recovery was able to recover the majority of my stolen ETH—around 42,000 ETH, which was an incredible relief. While not every cent was returned, the recovery rate far exceeded my expectations, and I felt like I had regained control over my financial future. What stood out the most about my experience with Rapid Digital Recovery was their transparency and integrity throughout the process. Unlike many other services, they never made unrealistic promises or pressured me into paying exorbitant fees upfront. They were clear about what was achievable and kept me informed every step of the way. If you find yourself in a similar situation—dealing with the devastating loss of crypto assets due to theft or fraud—I highly recommend Rapid Digital Recovery. Their expertise, dedication, and ethical approach to recovery make them stand out in an industry plagued with unreliable services. I can confidently say that without them, I would have likely lost my entire investment. Contact for more info: ....... Web site Info: https: // ra pi ddigit alrecove ry .o rg ....... What sapp Info: +1 41 4 80 7 14 85

BITCOIN ASSET RECOVERY SIMPLIFIED BY DIGITAL TECH GUARD RECOVERY PROVEN PROCESSES

Overcoming the Cryptocurrency Crisis: Finding Hope and Recovery Amidst Scams and Deception.

contact @ digital tech guard . com

WhatsApp: +1 (443) 859 - 2886

Telegram: +56 (997) 059 - 700

In a world increasingly dominated by cryptocurrency, the rapid rise of scams has left many, including myself, feeling lost and vulnerable. As a resident of New Jersey, I’ve witnessed firsthand how victims grapple with confusion and despair while navigating this treacherous landscape. The allure of digital currencies often blinds individuals to the risks, and I learned firsthand just how easy it is to fall prey to deceitful schemes. After I was scammed out of my hard-earned funds, I felt an overwhelming sense of hopelessness. The financial and emotional toll was immense. I had trusted the promises of easy profits and financial freedom, only to find myself on the wrong side of a scam. Like many victims, I turned to Digital Tech Guard Recovery. However, I soon realized that even these professionals are not immune to the perils of the online world. Many claim to offer solutions but can themselves be involved in shady practices, complicating the recovery process even further. As I navigated this difficult situation, vigilance became my guiding principle. I spent countless hours researching and seeking answers, but it often felt like I was just running in circles. It was during this time of uncertainty that I stumbled upon Digital Tech Guard Recovery. Their reputation for assisting victims of cryptocurrency scams caught my attention, and I decided to reach out. From the moment I connected with Digital Tech Guard Recovery, I felt a glimmer of hope. They provided me with clear guidance and a dedicated approach to recovering my stolen funds. Their team was not only knowledgeable but also empathetic, understanding the emotional toll that such scams can take on individuals. They walked me through the recovery process step by step, ensuring that I remained informed and engaged throughout. Thanks to Digital Tech Guard Recovery’s expertise, I was able to recover a significant portion of my lost funds. Their thorough investigation and commitment to client success made all the difference. I learned the importance of acting quickly and decisively when dealing with financial fraud, and I felt empowered to take control of my situation. If you find yourself in a similar predicament, whether you’re in New Jersey or elsewhere, I highly recommend reaching out to Digital Tech Guard Recovery. They are dedicated to helping victims reclaim their financial peace. In a world rife with scams, it’s essential to stay informed and vigilant, but having the right support can make all the difference in your recovery journey. Take that step toward regaining your financial stability don’t let the scammers win.

BEST WAY TO RECOVER STOLEN CRYPTO FROM SCAMMERS — VISIT DIGITAL HACK RECOVERY COMPANY

Living in China, I’ve grown accustomed to our advanced technology, but I learned the hard way that even the best systems can fall victim to hackers. I had stored $370,000 worth of Bitcoin in what I thought was a secure wallet. One day, I logged in, only to discover that my entire balance had vanished. It felt as if someone had stolen my future, leaving me feeling vulnerable and helpless.
I was at a loss about where to turn for help. After frantically searching online, I stumbled upon an international crypto newsletter that featured DIGITAL HACK RECOVERY. Their reputation for assisting people who had fallen victim to hacks caught my attention, so I decided to reach out to them.
From the moment I contacted DIGITAL HACK RECOVERY, I felt a sense of relief. Their team sprang into action, diving deep into the investigation. They meticulously traced the movement of my Bitcoin across the blockchain, analyzing each transaction. It was a complex process, but they kept me updated throughout, which helped ease my anxiety.
After a week of intense work, I received the astonishing news: they had successfully tracked down my stolen funds and recovered them! I was absolutely stunned. I never thought I would see that money again, but DIGITAL HACK RECOVERY proved me wrong. Their expertise and determination made all the difference.
As a Chinese saying goes, “The best time to plant a tree was 20 years ago; the second best time is now.” I realized that while I had been careless in securing my digital assets, it was also crucial to act quickly in seeking help when things went wrong. If only my wallet had been as secure as my grandmother’s secret recipe for dumplings—now that’s a recipe you can trust!
If you’ve been hacked like I was, I cannot recommend DIGITAL HACK RECOVERY highly enough. They truly are experts in the field of cryptocurrency recovery. Their dedication and skill turned my despair into relief. With their help, I regained access to my funds and the peace of mind that comes with it.
Thanks to DIGITAL HACK RECOVERY, I can now look toward the future with renewed hope and confidence in my investments. If you ever find yourself in a similar situation, know that these professionals can help you regain control.

Visit DIGITAL HACK RECOVERY through their contact info ⁚ WhatsApp+19152151930, Email; digital hack recovery @ techie . com, Website;
https : // digital hack recovery . com

How to Create Beautiful and Durable Pie Boxes

Whether you are looking for a unique gift to give, or you are looking to protect the delicate items you hold, there are many ways to do so with the right pie boxes. By using a custom designed box, you can capture the essence of the delicacies you are storing and protect them for a longer period of time.

Protect delicate items
Using pie boxes is a good way to protect delicate items such as pies, cakes and desserts. However, you need to be sure that the box is the right size and shape to ensure that your item is safely packed. If you don't pack your delicate products properly, they could suffer from moisture and change in temperature.

Before you begin packing your goods, consider whether you should use bubble wrap or paper. While bubble wrap provides an extra layer of protection, it can also leave your product vulnerable to scratching. Choose paper to wrap your items, as it will prevent scratches and will keep them from shifting during transport.

When wrapping fragile items, you need to use a lot of packing tape to secure your package. You should also fill any empty space in the box. You can do this by using bubble wrap, or by adding extra padding. Make sure to mark your box as fragile and to place a label with your name and delivery address on all sides of the box.

Once you've completed the packaging process, you need to seal the box and place it in the shipping box. Besides bubble wrap, you may also want to include ice packs to add extra protection. A cushioned ice pack is another option for additional protection.

You should also use quality packing tape, and make sure to cover all the openings of your box. You can also use zip-up bags to help you keep your things in place.

It is important to know the best way to protect delicate items, so you can prevent them from damage during the shipping process. There are many ways to do this, but you should use the right tools for the job. Purchasing a box that is the right size and shape for your items is the most effective way to do it.

When you use custom pie boxes, you can rest assured that your pies, chocolate pies and other edibles will be safe. They're manufactured with modern equipment and environmentally friendly printing techniques.

Make a gift
Whether you are giving a pie for a birthday, wedding, or as a thank you gift, you can make pie boxes that are beautiful and durable. Several pie box designs are available online, but you can also create your own. Here are some simple instructions to make a simple, yet elegant box.

The first step is to print out a template of a pie box. You can use a piece of scrap paper or decorative paper for your design. If you are using decorative paper, cut out a rectangle the size of your box. If you are using colored cardstock, you will need to cut out a pie filling layer. Once you have a pie filling layer, copy it for several boxes. You can also add other designs or embellishments to your boxes.

Next, place your colored cardstock on your cutting mat. With your x-acto knife, cut out a rectangle that is as large as your box. You will need to fold it on the dotted line. If you are using an x-acto knife, it will be easier to fold the box. Alternatively, you can use a scoring stylus. If you have a Cricut, you can score the cardstock to make a scalloped box top. You can also use burlap ribbon or twine to wrap your box.

Once you have the box finished, you can decorate it with other decorations or embellishments. You can even use calligraphy or other techniques to make the box more special. To close the box, you will need a sticker or piece of tape. You can decorate the lid with patterned paper and a clear plastic screen. This will allow you to see the contents of your pie. You can also use embellishments such as ribbon, glitter, or other materials to make the box more fun.

If you are giving a pie for a holiday or party, you can decorate your box with a festive theme. For example, you can have a holiday tree on the front of your box. Or, you can dress it up for a tailgate party.

HOW CAN I RECOVER MY LOST BITCOIN LOST TO SCAM HIRE ADWARE RECOVERY SPECIALIST

Email info: Adwarerecoveryspecialist@auctioneer. net

WhatsApp info:+12 723 328 343

Many first-time Bitcoin investors find themselves falling victim to scams and fraudulent schemes. The cryptocurrency landscape is rife with misleading mining company websites and deceptive practices that can easily ensnare the unwary. As a newcomer to Bitcoin, you might feel overwhelmed and vulnerable, making it all too easy to be duped by these malicious actors. Unfortunately, many people have experienced the heartbreak of losing their investments, often to hackers who exploit vulnerabilities in wallets and exchanges. One such victim was myself. I had invested in Bitcoin with high hopes, but my experience quickly turned sour when I discovered that my blockchain wallet had been compromised. A group of cybercriminals, often referred to as “vicious rippers,” managed to access my account and steal 3 BTC. This loss was devastating, not just financially but also emotionally. I felt isolated and hopeless, unsure of how to regain what was taken from me. In the midst of my despair, I stumbled upon ADWARE RECOVERY SPECIALIST, a company that specializes in helping individuals recover stolen bitcoins. Their claims of a recovery success rate of up to 95% piqued my interest, but I was initially skeptical. However, desperate times called for desperate measures, so I decided to reach out to them for assistance. From the very first interaction, the team at ADWARE RECOVERY SPECIALIST demonstrated empathy. They guided me through the process step by step, ensuring that I understood what needed to be done to recover my lost Bitcoin. Their expertise in tracing stolen funds and navigating the complexities of cryptocurrency recovery was evident. With their help, I started to see a glimmer of hope. After several weeks of diligent effort, I was thrilled to receive confirmation that a portion of my stolen funds was being recovered. The experience was not only a testament to ADWARE RECOVERY SPECIALIST capabilities but also a reminder of the importance of vigilance in the cryptocurrency space. While my journey was fraught with challenges, the support I received helped restore not just my funds but also my faith in the community. If you find yourself in a similar situation, remember that recovery is possible. Seek out reputable recovery services and stay informed to protect your investments in this volatile landscape.