Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
Search - "itsec"
Doing some Christmas shopping.
Creating some throwaway accounts in various e-shops
Some e-shops send me my password via email upon registration.
I've spent the better half of a day emailing those e-shops to revise their IT security policies.
Haven't bought a single gift yet.
Time well spent!6
That log4j RCE is some fucking nasty business!!! Its exploits have already been observed multiple times in our company scope.
Time for some unplanned Saturday evening hot-patches :/
P.S. Why the fuck leave such a feature enabled as default??? I mean really, whose brilliant idea was "let's leave the message parser enabled as well as the LDAP query hooks... BY FUCKING DEFAULT!!!"
I mean really, is anyone using that? ANYONE?
And then they laugh at me when I say "stay away from frameworks", "use as little libraries as possible", "avoid foreign code in your codebase",...
you know what.... JOKE'S ON YOU!10