D•Scribe
  • Communities
  • Create Post
  • Create Community
  • heart
    Support Lemmy
  • search
    Search
  • Login
  • Sign Up
culpritus [any]@hexbear.net to Slop.@hexbear.netEnglish · 2 months ago

turns out there's some zero-day bugs in that pie

hexbear.net

message-square
28
link
fedilink
77

turns out there's some zero-day bugs in that pie

hexbear.net

culpritus [any]@hexbear.net to Slop.@hexbear.netEnglish · 2 months ago
message-square
28
link
fedilink

most of the instances are offline or admin only login last I checked

https://lemmy.ml/modlog/14815

  • Fossifoo [comrade/them]@hexbear.net
    link
    fedilink
    English
    arrow-up
    12
    ·
    2 months ago

    “security tweaks” michael-laugh

    • RedWizard [he/him, comrade/them]@hexbear.net
      link
      fedilink
      arrow-up
      7
      arrow-down
      1
      ·
      edit-2
      2 months ago

      Yeah I’m no expert but [the bug they fixed could theoretically get cloud hosting private keys for the hosted service]

      • floquant@lemmy.dbzer0.com
        link
        fedilink
        arrow-up
        8
        ·
        2 months ago

        Complete hallucination, this is improper validation of requests, nothing about fetching something or leaking credentials.

        Also, 169.254.0.0/16 is the link-local IPv4 network so it doesn’t even make sense outside of the fact that aws servers may get metadata on such networks (which again is absolutely unrelated to this diff). Is this a 3b model? Seems like it ran out of context, maybe it loaded the entire html page.

        • RedWizard [he/him, comrade/them]@hexbear.net
          link
          fedilink
          arrow-up
          5
          ·
          2 months ago

          Yeah I’m no expert

          I’ll bold it next time. However, thank you for your analysis!

      • mathemachristian [he/him]@hexbear.netM
        link
        fedilink
        arrow-up
        6
        ·
        2 months ago

        is this live? If it is please remove the comment and tell the devs. This could put people who already are being harassed on the regular by trolls at risk. I don’t know if IP addresses are logged, not everyone uses burner email addresses etc.

        I can’t even mod the comment bc then it just shows up on the modlog, i’d have to remove the entire post.

        • RedWizard [he/him, comrade/them]@hexbear.net
          link
          fedilink
          arrow-up
          6
          arrow-down
          1
          ·
          2 months ago

          They patched it. This is what the threat was.

          • mathemachristian [he/him]@hexbear.netM
            link
            fedilink
            arrow-up
            5
            ·
            2 months ago

            Ah good

          • floquant@lemmy.dbzer0.com
            link
            fedilink
            arrow-up
            1
            ·
            2 months ago

            It was not, that’s only what deepseek said it was. I don’t know why you edited the comment to hide the details of the hallucination instead of accepting that it fluked.

            • RedWizard [he/him, comrade/them]@hexbear.net
              link
              fedilink
              arrow-up
              4
              ·
              2 months ago

              I changed it before I read your comment because a mod asked me to. Relax.

Slop.@hexbear.net

slop@hexbear.net

Subscribe from Remote Instance

Create a post
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !slop@hexbear.net

For posting all the anonymous reactionary bullshit that you can’t post anywhere else.

Rule 1: All posts must include links to the subject matter, and no identifying information should be redacted.

Rule 2: If your source is a reactionary website, please use archive.is instead of linking directly.

Rule 3: No sectarianism.

Rule 4: TERF/SWERFs Not Welcome

Rule 5: No bigotry of any kind, including ironic bigotry.

Rule 6: Do not post fellow hexbears.

Rule 7: Do not individually target federated instances’ admins or moderators.

Visibility: Public
globe

This community can be federated to other instances and be posted/commented in by their users.

  • 412 users / day
  • 1.08K users / week
  • 1.69K users / month
  • 3.46K users / 6 months
  • 5 local subscribers
  • 873 subscribers
  • 3.43K Posts
  • 72K Comments
  • Modlog
  • mods:
  • VILenin [he/him]@hexbear.net
  • MiraculousMM [he/him, undecided]@hexbear.net
  • Hestia [she/her, fae/faer]@hexbear.net
  • oscardejarjayes [comrade/them]@hexbear.net
  • Diva (she/her)@lemmy.ml
  • Diva [she/her]@hexbear.net
  • mathemachristian [he/him]@hexbear.net
  • UI: unknown version
  • BE: 0.19.18
  • Modlog
  • Legal
  • Instances
  • Docs
  • Code
  • join-lemmy.org