Tonight’s project was connecting a #Meshtastic node to a raspberry pi zero using GPIO
The 4 pins I needed almost lined up exactly, which was nice
Now it’ll run the BBS I’m working on
https://github.com/joshbressers/meshbbs
Tonight’s project was connecting a #Meshtastic node to a raspberry pi zero using GPIO
The 4 pins I needed almost lined up exactly, which was nice
Now it’ll run the BBS I’m working on
https://github.com/joshbressers/meshbbs
In the case of any list, if you're actually doing it right, things should be dropping off the list
I'm not sure anything has ever really come off any security list because an effort was made to get rid of it
Maybe if CISAs push to stop using memory unsafe languages, in 200 years, we can remove buffer overflows :P
The two obvious lists that get the most attention are the OWASP Top Ten and this new list from MITRE
Then when I realized they probably ARE the most effective lists around, it made me sad
The most effective security efforts are lists of vulnerabilities that minimally change every time they are updated
This was meant to be a joke, but then I realized it's also true
@allanfriedman @kurtseifried @mkolsek
In the analog world, I would probably bucket this into the "aftermarket" category, but it still a bit different
@allanfriedman @kurtseifried I have minimal experience with the closed source universe, but this is sort of the commercial Linux distribution model
Folks like Red Hat, Suse, and Canoncial support open source they didn't write, sometimes for a decade
Long after the upstream has given up on those versions
@allanfriedman I don't understand what you mean by "3rd party software support"
@kurtseifried probably decades :)
You can buy a jug of McRib sauce, just in time for Christmas!!!
@foo this caused me to spend more time than I want to admit fiddling with my monitor today
@JoshCGrossman I know a place you can tell such stories :)
Shoot me a DM if you ever want to be a guest (no rush, the invite doesn't expire)
@luis_in_brief this is the phishing training of the open source world
So I don't want to dis on that work, but I took it with the intention of making some changes and ended up basically rewriting the whole thing with modification in mind
@sethmlarson Did they fit that on one side of one card?
Because if yes, that's 🍌
@accidentalciso @Viss @mttaggart
I have a theory about this, but we shall see how it plays out
Twitter started out fun, but I don't think it's for the reasons everyone thinks it is. Nobody knew how to appease the outrage robot overlords, so everyone just did whatever, and that was fun
But some people figure it out, and that's what made it less fun
I have no doubt the robot overlords will be appeased much more quickly this time, maybe too quickly
@lcamtuf What about Firefox!
Let's just see how they are funded and
...
right
Yeah, but they didn't have the internet!!!
...
oh ... wait
This is fine
...
is it?
IS IT?!?!
THOUGHT FOR THE DAY: Search algorithms on the ad-funded web are all about *selling you something you don't need or want*. Marketing in the purest sense. When the W3C opted for ad-supported web rather than microbilling to fund build-out of the internet to the general public back in 1996 they made a terrible mistake: in the 30 year time scale it may turn out to have cost us democracy.
@wdormann I'm too lazy and stupid to dig too deeply into this
But my graph uses the CVE release date, then looks at if it has CPE data
If older CVEs are updated, or data that isn't CPE gets added, I don't show it
VP of Security at Anchore - Podcaster (http://opensourcesecuritypodcast.com http://hackerhistory.com) - Blogger (http://opensourcesecurity.io) - He/Him
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.