How I Mastered Blind SQL Injection With One Simple Method
Transforming my web security skills by learning to listen to a silent database
[Continue reading on InfoSec Write-ups Ā»](https://infosecwriteups.com/how-i-mastered-blind-sql-injection-w ā¦ ā Read more
Automating stateful apps with Kubernetes Operators
Member post originally published on the Middleware blog by Keval Bhogayata, covering Automating Stateful Apps with Kubernetes Operators. If youāve ever had issues with scaling databases or automating upgrades in Kubernetes, Operators can help by savingā¦ ā Read more
** Encrypt & Decrypt Database Fields in Spring Boot Like a Pro (2025 Secure Guide)**
āYour database backup just leaked. Is your data still safe?ā
[Continue reading on InfoSec Write-ups Ā»](https://infos ā¦ ā Read more
How to Add MCP Servers to Claude Code with Docker MCP Toolkit
AI coding assistants have evolved from simple autocomplete tools into full development partners. Yet even the best of them, like Claude Code, canāt act directly on your environment. Claude Code can suggest a database query, but canāt run it. It can draft a GitHub issue, but canāt create it. It can write a Slack message,ā¦ ā Read more
Hopefully I can muster up the energy to start this new project:
Put up lots of thermometers and hygrometers in the apartment, have them report their readings wireless to a database.
I suspect that Iāll have to ābuildā these myself, because ready-to-use kits most like require some sort of cloud service. Dunno, havenāt checked yet.
↳
In-reply-to
»
I would personally rather see something like this:
ā¤ Read More
@alexonit@twtxt.alessandrocutolo.it My problem is I donāt see a world where we donāt employ some form of cryptography to use as keys for threads in databases and other such things honestly. Iām not going to use url#timestamp as keys.
I corrupted my SQLite test database with sed -i s/ā¦ $(find ā¦). Clearly, I found too many files. Thatās the signal to go to bed.
↳
In-reply-to
»
is it normal for my yarn pod mentions tab to be totally empty because it's been like this from the start
ā¤ Read More
@kat@yarn.girlonthemoon.xyz @kat@yarn.girlonthemoon.xyz Pretty sure I have many more mentions in the database than the one and only one I see hmmm š¤ ā Iāll have a look at the code when I can and the SQL query itās using
↳
In-reply-to
»
Now thatās interesting. Some of these bots start crawling at URLs like this:
ā¤ Read More
Chances are the database bought wasnāt cheap at all and was aold by some scam company that probably ripped them from six figures or more for a database thatās full of rubbish. š¤£
Now thatās interesting. Some of these bots start crawling at URLs like this:
That is obviously completely wrong. But I can explain it. Some years ago, I screwed up my nginx rewrite rules, and thatās how these broken URLs came to be.
It all redirects to /git now, which is why that endpoint sees so much traffic lately.
But what does that mean? Why do they start there? I can only speculate that this company bought an old database of web links and they use that to start crawling. And it was probably a cheap one, because these redirects have been fixed for quite a long time now.
linodeās having a major outage (ongoing as of writing, over 24 hours in) and my friend runs a site i help out with on one of their servers. we didnāt have recent backups so i got really anxious about possible severe data loss considering the situation with linode doesnāt look great (it seems like a really bad incident).
ā¦anyway the server magically came back online and i got backups of the whole application and database, iām so relieved :ā)
** āBefore injection, understandingāāāāWhat every hacker needs to master before exploiting a NoSQLā¦**
NoSQL database types
[Continue reading on InfoSec Write-ups Ā»](https: ā¦ ā Read more
VectorVFS: your filesystem as a vector database
VectorVFS is a lightweight Python package that transforms your Linux filesystem into a vector database by leveraging the native VFS (Virtual File System) extended attributes. Rather than maintaining a separate index or external database, VectorVFS stores vector embeddings directly alongside each fileāturning your existing directory structure into an efficient and semantically searchable embedding store. VectorVFS supports Metaās Percepti ā¦ ā Read more
Throwing it all away - how extreme rewriting changed the way I build databases
Comments ā Read more
↳
In-reply-to
»
We havet an AI assistant at work, new version came out today "nearby restaurant recommendations" mentioned. Gotta try that!
ā¤ Read More
@kat@yarn.girlonthemoon.xyz yes, both the newsletter and the podcast, from time to time.
@prologic@twtxt.net I was not expecting much, but since the list of restaurants near company buildings, was hard coded into it, I did expect it to at least copy the menu text, from the websites, in its database. Ironically, the only restaurant where it got something right, is the only one, where the websites has the text as a transparent PNG, the AI has to convert to text.
BL!ND.exe || Breaching Databases in Total Silence ā Read more
I asked ChatGPT what it knows about Twtxt š And surprisingly itās rather accurate:
Twtxt is a minimalist, decentralized microblogging format introduced by John Downey in 2016. It uses plain text files served over HTTPāno accounts, databases, or APIs.
In 2020, James Mills (@prologic@twtxt.net) launched Yarn.social, an extended, federated implementation with user discovery, threads, mentions, and a full web UI.
Both share the same .twtxt.txt format but differ in complexity and social features.
↳
In-reply-to
»
jenny really isnāt well equipped to handle edits of my own twts.
ā¤ Read More
@movq@www.uninformativ.de json and database put together sounds terrifying. i must try jenny
jenny really isnāt well equipped to handle edits of my own twts.
For example, in 2021, this change got introduced:
https://www.uninformativ.de/git/jenny/commit/6b5b25a542c2dd46c002ec5a422137275febc5a1.html
This means that jenny will always ignore my own edits unless I also manually edit its internal ājson databaseā. Annoying.
That change was requested by a user who had the habit of deleting twts or moving them to another mailbox or something. I think that person is long gone and I might revert that change. š¤
A threat model for opposing authoritarianism
A decade ago, I published a book on privacy āDragnet Nation: A Quest for Privacy, Security, and Freedom in a World of Relentless Surveillance.ā In the book, and since then, in articles and speeches, I have been dispensing advice to people on how to protect their privacy. But my advice did not envision the moment we are in ā where the government would collaborate with a tech CEO to strip-mine all of our data from government databases and use i ā¦ ā Read more
The Gov Defunded the CVE! And Then it Didnāt! (It Gets Weirder.)
This story of how the Common Vulnerabilities & Exposures Database almost (supposedly) went offline is truly bizarre. ā Read more
Windows Recall returns, and its companion feature does not keep data on-device
Remember Windows Recall, the Windows feature that would take a screenshot of your desktop every three seconds, stored them in a database, and then let you search through them at later dates? The feature has been hobbled by implementation problems, security issues, and privacy troubles, and has been released in preview and pulled since its original unveiling. Well, itās back in ā¦ ā Read more
↳
In-reply-to
»
@prologic yay! One down! š
Have you figured out the single duplication issue?
ā¤ Read More
@prologic@twtxt.net is it twice on database, or simply rendering twice? If you manually expunge it, will it affect the yarn?
wahhh i wanna work towards my dream of offering pay as you can web hosting (static & dynamic) but i donāt know how!!!!! i keep drifting towards hosting panels but i donāt exactly have fresh linux servers for those nor do i like the level of access they require. so iām like ok i can do the static site part with SFTP chroot jails and a front-end like filebrowser or somethingā¦. but then what about the dynamic sites!!!!!!! UGH
granted i doubt iād get much interest in dynamic sites but iād like to do this old school where i can offer people isolated mySQL databases or something for some project (iām thinking PHP based fanlistings), which means i could do it the old school way ofā¦ people ask me to run it and i do it for them. but i kind of want to let people have access to be able to do it themselves just short of giving them SSH access which isnāt happening
Data Protection Working Group Deep Dive Session at KubeCon + CloudNativeCon London
Data on Kubernetes is a growing field, with databases, object stores, and other stateful applications moving to the platform. The Data Protection Working Group focuses on data availability and preservation for Kubernetes ā including backup, restore,ā¦ ā Read more
Exposed DeepSeek database leaking sensitive information, including chat history
Article URL: https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak
Comments URL: https://news.ycombinator.com/item?id=42871371
Points: 503
# Comments: 326 ā Read more
FINALLY!! Got #Caddy server up and running and got rid of nginx proxy manager and Mysql database containers š„³š„³š„³
been playing with making fun scripts using charm CLIās gum library :P
one that gets lyrics from an open lyrics databaseās API and accepts input for artist & song names: https://asciinema.org/a/697860
and one that uses a user-provided last.fm API key to pull whatās currently playing or what last played on your account :) https://asciinema.org/a/697874
My journey as a speaker in Cloud Native Ayacucho: a young community embracing cloud native technologies
Community post by Daniel Israel GarcĆa Bustinza, Ayacucho, PerĆŗ I am Daniel Israel GarcĆa Bustinza, writing from Huanta, Ayacucho, PerĆŗ. I am a cloud solutions architect and database specialist, and I help organizations migrate to theā¦ ā Read more
Kubernetes for databases: weighing the pros and cons
Member post originally published on The New Stack by Kate Obiidykhata, Percona Over the past few decades,Ā databaseĀ management has shifted from traditional relational databases on monolithic hardware to cloud native, distributed environments. With the rise of microservicesā¦ ā Read more
Cloud Neutral Postgres Databases with Kubernetes and CloudNativePG
Member post by Gabriele Bartolini, VP Chief Architect of Kubernetes at EDB Abstract This article delves into the concept of cloud neutralityā a term I prefer over agnosticismā in PostgreSQL deployments. It highlights the transformative impactā¦ ā Read more
Backup and recovery for Vector Databases on Kubernetes using Kanister
Community post by Pavan Navarathna Devaraj and Shwetha Subramanian AI is an exciting, rapidly evolving world that has the potential to enhance every major enterprise application. It can enhance cloud-native applications through dynamic scaling, predictive maintenance,ā¦ ā Read more
Data Protection Working Group deep dive at KubeCon + CloudNativeCon Salt Lake City
Community post by Dave Smith-Uchida, Technical Leader, Veeam (Linkedin, GitHub) Data on Kubernetes is growing with databases, object stores, and other stateful applications moving to the platform. The Data Protection Working Group (DPWG) focuses on dataā¦ ā Read more
I demand full 9 digit nano second timestamps and the full TZ identifier as documented in the tz 2024b database! I need to know if there was a change in daylight savings as per the locality in question as of the provided date.
↳
In-reply-to
»
I wrote some code to try out non-hash reply subjects formatted as (replyto ), while keeping the ability to use the existing hash style.
ā¤ Read More
BTW this code doesnāt incorporate existing twts into jennyās database. Itās best used starting from scratch. Iāve been testing it using a custom XDG_CACHE_HOME and XDG_CONFIG_HOME to avoid messing with my ārealā jenny data.
I wrote some code to try out non-hash reply subjects formatted as (replyto ), while keeping the ability to use the existing hash style.
I donāt think we need to decide all at once. If clients add support for a new method then people can use it if they like. The downside of course is that this costs developer time, so I decided to invest a few hours of my own time into a proof of concept.
With apologies to @movq@www.uninformativ.de for corrupting jennyās beautiful code. I donāt write this expecting you to incorporate the patch, because it does complicate things and might not be a direction you want to go in. But if you like any part of this approach feel free to use bits of it; I release the patch under jennyās current LICENCE.
Supporting both kinds of reply in jenny was complicated because each email can only have one Message-Id, and because itās possible the target twt will not be seen until after the twt referencing it. The following patch uses an sqlite database to keep track of known (url, timestamp) pairs, as well as a separate table of (url, timestamp) pairs that havenāt been seen yet but are wanted. When one of those āwantedā twts is finally seen, the mail file gets rewritten to include the appropriate In-Reply-To header.
Patch based on jenny commit 73a5ea81.
https://www.falsifian.org/a/oDtr/patch0.txt
Not implemented:
- Composing twts using the (replyto ā¦) format.
- Probably other important things Iām forgetting.
It took me so long to find the cause of a memory leak in GoBlog. I thought it was smart to use a cache for prepared database statements. But I didnāt read the documentation and didnāt know that prepared statements need to be closed when they are no longer needed to free up the allocated resources. š¤¦āāļø I finally fixed it by removing the prepared statement cache altogether. Less code, fewer problems in the future, and the cache wasnāt much of an improvement anyway. I also learned about the usefulness of memory profil ā¦ ā Read more
Celebrating 10 years of Kubernetes: the evolution of database operators
Member post originally published on Since its launch in June 2014, Kubernetes has revolutionized container orchestration, transforming how applications are managed and scaled.Ā The Data on Kubernetes Community (DoKC) created an infographic to celebrate Kubernetesā tenth anniversary andā¦ ā Read more
Erlang Solutions: Let Your Database Update You with EctoWatch
Elixir allows application developers to create very parallel and very complex systems. Tools like Phoenix PubSub and LiveView thrive on this property of the language, making it very easy to develop functionality that requires continuous updates to users and clients.
But one thing that has often frustrated me is how to cleanly design an application to respond to database record updates.
A typical pattern that Iāve used is t ā¦ ā Read more