@whitequark I don't get it 🤔
Notices by Billy O'Neal (malwareminigun@infosec.exchange)
-
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Tuesday, 28-Oct-2025 08:54:41 JST
Billy O'Neal
-
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Monday, 27-Oct-2025 02:37:29 JST
Billy O'Neal
@whitequark *gestures to https://chromium.googlesource.com/infra/goma/client/+/6bae3f8023bfb7b861b2c0b1e12aa0be55f0f829/README.md *
-
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Friday, 17-Oct-2025 07:41:34 JST
Billy O'Neal
@cthos What happened with Framework?
In conversation from infosec.exchange permalink -
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Wednesday, 01-Oct-2025 02:28:45 JST
Billy O'Neal
@whitequark I like how this post is evergreen and applies to every OS
In conversation from infosec.exchange permalink -
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Thursday, 18-Sep-2025 00:05:48 JST
Billy O'Neal
@vncresolver @catsalad hmmmm I've heard of honeypots but not furrypots
In conversation from gnusocial.jp permalink -
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Wednesday, 17-Sep-2025 16:48:29 JST
Billy O'Neal
@0xabad1dea It's true that taking random dependencies without thought for how they are maintained is problematic but if anything npm gives you tools like lock files to at least get to repeatability and similar.
It's no different in any other system like apt or dnf etc.
In conversation from infosec.exchange permalink Attachments
-
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Friday, 12-Sep-2025 07:43:26 JST
Billy O'Neal
@meowray "A binary heap where someone wanted to get 𝒻𝒶𝓃𝒸𝓎"
In conversation from infosec.exchange permalink -
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Saturday, 30-Aug-2025 14:12:01 JST
Billy O'Neal
@prettygood The bell makes me think https://infosec.exchange/@jerry
In conversation from infosec.exchange permalink Attachments
-
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Thursday, 07-Aug-2025 07:30:44 JST
Billy O'Neal
@whitequark All in all, another brick in the https://xkcd.com/927/
In conversation from infosec.exchange permalink Attachments
-
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Tuesday, 01-Jul-2025 03:32:44 JST
Billy O'Neal
@whitequark *Explosions and Fire bursts in with a tye die shirt on*
In conversation from infosec.exchange permalink -
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Monday, 02-Jun-2025 03:26:43 JST
Billy O'Neal
@whitequark Getting people to stop wanting the liberal democracy takes decades but there are certainly important inflection points where switches are thrown. The system that put DJT in power was democratic. Whether we can say that in 2026 is unfortunately in question :(
In conversation from infosec.exchange permalink -
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Monday, 02-Jun-2025 03:19:13 JST
Billy O'Neal
@whitequark It does say 2023.
In conversation from infosec.exchange permalink -
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Saturday, 24-May-2025 23:08:44 JST
Billy O'Neal
@whitequark Please tell me it’s “Bull Shit Definition Language”
In conversation from gnusocial.jp permalink -
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Friday, 18-Apr-2025 06:27:38 JST
Billy O'Neal
@GossiTheDog 4 day weekend? :O
In conversation from infosec.exchange permalink -
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Thursday, 13-Mar-2025 03:44:29 JST
Billy O'Neal
I believe @GossiTheDog 's line here is "pass the bong"
In conversation from infosec.exchange permalink Attachments
-
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Tuesday, 28-Jan-2025 16:14:08 JST
Billy O'Neal
@GossiTheDog of course if you just delete your profile then they can’t view it in China either
In conversation from infosec.exchange permalink -
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Sunday, 19-Jan-2025 02:01:36 JST
Billy O'Neal
@ryanc except it’s a firewall broken if one ever sees a packet from the target….
In conversation from infosec.exchange permalink -
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Tuesday, 24-Sep-2024 10:20:00 JST
Billy O'Neal
@mcc @PeterSommerlad obligatory @lmanul https://goomics.net/62/
In conversation from infosec.exchange permalink -
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Thursday, 02-Nov-2023 05:20:35 JST
Billy O'Neal
@lanodan sorry I don’t know why I said snap, I meant flatpak.
In conversation from gnusocial.jp permalink -
Embed this notice
Billy O'Neal (malwareminigun@infosec.exchange)'s status on Thursday, 02-Nov-2023 04:54:26 JST
Billy O'Neal
@lanodan If I make a snap package or similar I don't have to manage that, because my app comes with all its dependencies.
Similarly if my app is a bash script or I can statically link everything that matters.
Again, putting that into an rpm or deb does not fix the original argument, since that rpm or deb won't be signed by the distro. Installing malicious code through an rpm or deb is no different than installing malicious code through curl|sh.
If you require it to be signed by the distro, you are back in 'supporting Linux actually means supporting ~10 different platforms since there are ~5 distros that matter and their different versions are different universes'. This is a big part of why there's almost no commercial software on Linux.
In conversation from gnusocial.jp permalink