Kicking off Cybersecurity Awareness Month: Researcher spotlights and additional incentives!
For this year’s Cybersecurity Awareness Month, GitHub’s Bug Bounty team is excited to offer some additional incentives to security researchers!

The post [Kicking off Cybersecurity Awareness Month: Researcher spotlights and additional incentives!](https://github.blog/security/vulnerability-research/kicking-off-cybersecurity-awareness-mo … ⌘ Read more

@prologic@twtxt.net, there is a parser bug on parent. Specifically on this portion:

"*If twtxt/Yarn was to grow bigger, then this would become a concern again. *But even Mastodon allows editing*, so how
+much of a problem can it really be? 😅*"

@quark@ferengi.one I don’t really mind if the twt gets edited before I even fetch it. I think it’s the idea of my computer discarding old versions it’s fetched, especially if it’s shown them to me, that bugs me.

But I do like @movq@www.uninformativ.de’s suggestion on this thread that feeds could contain both the original and the edited twt. I guess it would be up to the author.

@prologic@twtxt.net I wouldn’t want my client to honour delete requests. I like my computer’s memory to be better than mine, not worse, so it would bug me if I remember seeing something and my computer can’t find it.

@prologic@twtxt.net I believe you are not seeing the problem I am describing.

Hit this URL in your web browser:

https://twtxt.net/external?nick=lovetocode999&uri=https://socialmphl.com/story19510368/doujin

That’s your pod. I assume you don’t have a user named lovetocode999 on your pod. Yet that URL returns HTTP status 200, and generates HTML, complete with a link to https://socialmphl.com/story19510368/doujin, which is not a twtxt feed (that’s where the twtxt.txt link goes if you click it). That link could be to anything, including porn, criminal stuff, etc, and it will appear to be coming from your twtxt.net domain.

What I am saying is that this is a bug. If there is no user lovetocode999 on the pod, hitting this URL should not return HTTP 200 status, and it should definitely not be generating valid HTML with links in it.

Edit: Oops, I misunderstood the purpose of this /external endpoint. Still, since the uri is not a yarn pod, let alone one with a user named lovetocode999 on it, I stand by the belief that URLs like this should be be generating valid HTML with links to unknown sites. Shouldn’t it be possible to construct a valid target URL from the nick and uri instead of using the pod’s /external endpoint?

There is a bug in yarnd that’s been around for awhile and is still present in the current version I’m running that lets a person hit a constructed URL like

YOUR_POD/external?nick=lovetocode999&uri=https://socialmphl.com/story19510368/doujin

and see a legitimate-looking page on YOUR_POD, with an HTTP code 200 (success). From that fake page you can even follow an external feed. Try it yourself, replacing “YOUR_POD” with the URL of any yarnd pod you know. Try following the feed.

I think URLs like this should return errors. They should not render HTML, nor produce legitimate-looking pages. This mechanism is ripe for DDoS attacks. My pod gets roughly 70,000 hits per day to URLs like this. Many are porn or other types of content I do not want. At this point, if it’s not fixed soon I am going to have to shut down my pod. @prologic@twtxt.net please have a look.

Wine Fixes Bugs in Windows 3.1 Software Running on Linux
Including fixes for AOL (seriously!) and 16-bit Civilization 1. A lot of Windows software runs better under Linux than Windows nowadays. ⌘ Read more

@prologic@twtxt.net Try hitting this URL:

https://twtxt.net/external?nick=nosuchuser&uri=https://foo.com

Change nosuchuser to any phrase at all.

If you hit https://twtxt.net/external?nick=nosuchuser , you’re given an error. If you hit that URL above with the uri parameter, you can a legitimate-looking page. I think that is a bug.

@prologic@twtxt.net Sure, but why would this start happening all of a sudden today? Nothing like this has happened before. Is this a known bug?

Don’t get cocky: CrowdStrike can happen to Linux & Mac too
I know. The Windows Blue Screen of Death is funny. I get it. But don’t forget: Linux & macOS have seen some gnarly similar issues. Including some bugs that granted root access, completely broke graphical systems (like XOrg), and more. Funny Programming Pictures Part XLVIII - CrowdStrike BSOD Edition: ⌘ Read more

Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties
In this post, I’ll exploit CVE-2024-3833, an object corruption bug in v8, the Javascript engine of Chrome, that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.

The post [Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties](https://github.blog/2024-06-26-attack-of-the-cl … ⌘ Read more

10 years of the GitHub Security Bug Bounty Program
Let’s take a look at 10 key moments from the first decade of the GitHub Security Bug Bounty program.

The post 10 years of the GitHub Security Bug Bounty Program appeared first on The GitHub Blog. ⌘ Read more

@bender@twtxt.net bug? @prologic@twtxt.net

@mckinley@twtxt.net weird you mentioned my with the anthony.buc.ci account. I am assuming these kind of bugs were never addressed by @prologic@twtxt.net. :-(

Rotating credentials for GitHub.com and new GHES patches
GitHub received a bug bounty report of a vulnerability that allowed access to the environment variables of a production container. We have patched GitHub.com and rotated all affected credentials. If you have hardcoded or cached a public key owned by GitHub, read on to ensure your systems continue working with the new keys.

The post [Rotating credentials for GitHub.com and new GHES patches](https://github.blog/2024-01-16-ro … ⌘ Read more

i am wondering if maybe i need a better heap like a btree backed one instead of just list sort on Dequeue.

I found a bug where i didnt include an open/closed list that seemed to shave off a little. right now it runs in about 70 seconds on my machine.. it takes over the 300s limit when it runs on the testrunner on the same box.. docker must be restricting resources for it.

I might come back to it after i work through improving my code for day 23. Its similar but looking for the longest path instead of shortest.

Bug in Binary Search - Computerphile ⌘ Read more

💻 Issue 388 - Scala Center: Tell us which errors bug you the most ⌘ Read more

Cybersecurity spotlight on bug bounty researcher @Ammar Askar
We’re excited to highlight another top contributing researcher to GitHub’s Bug Bounty Program—@Ammar Askar!

The post Cybersecurity spotlight on bug bounty researcher @Ammar Askar appeared first on The GitHub Blog. ⌘ Read more

@lyse@lyse.isobeef.org I wish more standardization around distributed issues and PRs within the repo ala git-bug was around for this. I see it has added some bridge tooling now.

Cybersecurity spotlight on bug bounty researcher @inspector-ambitious
For this year’s Cybersecurity Awareness Month, the GitHub bug bounty team is excited to feature another spotlight on a talented security researcher who participates in the GitHub Security Bug Bounty Program—@inspector-ambitious!

The post [Cybersecurity spotlight on bug bounty researcher @inspector-ambitious](https://github.blog/2023-10-02-cybersecurity-spotlight-on-bug-bounty-researcher-inspector-a … ⌘ Read more

Nine years of the GitHub Security Bug Bounty program
It was another record year for our Security Bug Bounty program! We’re excited to highlight some achievements we’ve made together with the bounty community in 2022!

The post Nine years of the GitHub Security Bug Bounty program appeared first on The GitHub Blog. ⌘ Read more

@New_scientist@feeds.twtxt.net hello @prologic@twtxt.net here’s another feed that’s spewing multiple copies of the same post. This one above is repeated 8 times. @awesome-scala-weekly@feeds.twtxt.net now has 13 copies of each post every week. This definitely looks like a bug in whatever code is generating these feeds, because the source feeds don’t have multiple copies of the original posts:

• Has 8 copies of the above post: https://feeds.twtxt.net/New_scientist/twtxt.txt
  
• Has only 1 copy of the above post: https://www.newscientist.com/feed/home/
  

I forget whether I filed an issue on this before, but can you tell me where I should do that?

GitHub’s revamped VIP Bug Bounty Program
GitHub’s VIP Bug Bounty Program has been updated to include a clear and accessible criteria for receiving an invitation to the program and more. Learn more about the program and how you can become a Hacktocat, and join our community of researchers who are contributing to GitHub’s security with fun perks and access to staff and beta features! ⌘ Read more

Rooting with root cause: finding a variant of a Project Zero bug
In this blog, I’ll look at CVE-2022-46395, a variant of CVE-2022-36449 (Project Zero issue 2327), and use it to gain arbitrary kernel code execution and root privileges from the untrusted app domain on an Android phone that uses the Arm Mali GPU. I’ll also explain how root cause analysis of CVE-2022-36449 led to the discovery of CVE-2022-46395. ⌘ Read more

How to fix a ReDoS
Code scanning detects ReDoS vulnerabilities automatically, but fixing them isn’t always easy. This blog post describes a 4-step strategy for fixing ReDoS bugs. ⌘ Read more

File editing on GitHub Mobile keeps leveling up
Commit an update to a pull request, or start a new branch to squash a bug at any time, wherever you are using the GitHub Mobile apps. ⌘ Read more

Introducing the GitHub Bug Bounty swag store
We’re excited to share the newest addition to our GitHub Bug Bounty Program! ⌘ Read more

Pwning the all Google phone with a non-Google bug
It turns out that the first “all Google” phone includes a non-Google bug. Learn about the details of CVE-2022-38181, a vulnerability in the Arm Mali GPU. Join me on my journey through reporting the vulnerability to the Android security team, and the exploit that used this vulnerability to gain arbitrary kernel code execution and root on a Pixel 6 from an Android app. ⌘ Read more

Ah git-bug! Ive chatted with the creator when he was working on the graphql parts. Its working with git objects directly sorta like how git-repo does code reviews. Its a pretty neat idea for storing data along side the branches. I believe they don’t add a disconnected branch to avoid data getting corrupted by merging branches or something like that.

I have found the issue with this very subtle bug.. the cache was returning a slice that would be mutated. The mutation involved appending an item and then sorting. because the returned slice is just a pointer+length the sort would modify the same memory.

          CACHE         Returned slice          
original: [A B C D]     [A B C D]
add:      [A B C D] E   [A B C D E]
sort:     [E A B C] D   [A B C D E]

fix found here:
https://git.mills.io/yarnsocial/yarn/pulls/1072

Cybersecurity spotlight on bug bounty researcher @ahacker1
As we wrap up Cybersecurity Awareness Month, the GitHub bug bounty team is excited to spotlight one of the security researchers who participates in the GitHub Security Bug Bounty Program. ⌘ Read more

The story of the first “computer bug”… is a pile of lies.
A fun, endearing, delightful pile of lies. ⌘ Read more

Eight years of the GitHub Security Bug Bounty program
It was another record year for our Security Bug Bounty program. We’re excited to highlight some achievements we’ve made together with the bounty community from 2021! ⌘ Read more

Tech firms ban usage of words “bug” and “debug” as part of “Insect Inclusivity” efforts
Companies vow to remove “insect-shaming terms” ⌘ Read more

How to squash bugs by enrolling in OSS-Fuzz
OSS-Fuzz is Google’s awesome fuzzing service for open source projects. GitHub Security Lab’s @kevinbackhouse describes enrolling a project. ⌘ Read more

Three rules of bug fixing for better OSS security
When you’re fixing a bug, especially a security vulnerability, you should add a regression test, fix the bug, and find & fix variants. ⌘ Read more

Game Off 2021 theme announcement
The theme for this year’s Game Off is… …BUG! Your challenge, should you choose to accept it, is to create a game between now and December 1 incorporating the theme somehow, and submit it to ⌘ Read more

Cybersecurity spotlight on bug bounty researcher @yvvdwf
We’re excited to highlight another top contributing researcher to GitHub’s Bug Bounty Program: @yvvdwf ⌘ Read more

Oof! I found a bug on Yarn’s Markdown rendering, @prologic@twtxt.net. See OP.

@quark@ferengi.one Pinging @movq@www.uninformativ.de, in case it is a bug.

Cybersecurity spotlight on bug bounty researchers @chen-robert and @ginkoid
GitHub’s bug bounty team is excited to kick off Cybersecurity Awareness Month with a spotlight on two security researchers who participate in the GitHub Security Bug Bounty Program. ⌘ Read more

GitHub security update: Vulnerabilities in tar and @npmcli/arborist
Between July 21, 2021 and August 13, 2021 we received reports through one of our private security bug bounty programs from researchers regarding vulnerabilities in tar and @npmcli/arborist. ⌘ Read more

Highlights from Git 2.33
The open source Git project just released Git 2.33 with features and bug fixes from over 74 contributors, 19 of them new. We last caught up with you on the latest in Git when 2.31 ⌘ Read more

It did! And I fixed the bug last night. And now I’m curious how your pod deals with spam. 👆🏼

My kid just uncovered a bug in a program I wrote by grabbing my laptop and smacking the keyboard a bunch. Biological input fuzzing; a real-life chaos monkey.

Seven years of the GitHub Security Bug Bounty program ⌘ Read more…

Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug ⌘ Read more…

Fixed another bug in my finger client: rfc1288 says lines have to end with crlf, but I was just sending lf.

Fixed a bug. Found a new bug in yesterday’s work. Fixed that bug.