Pinned
could not for the life of me figure out how to buy a bus ticket in Milan. it was literally easier to get a shell 😆
yan
20.2K posts
yan
@bcrypt
security engineering @brave / helped build Let's Encrypt, Privacy Badger, and HTTPS Everywhere @eff / physics alum @mit / rabbit enthusiast
Joined November 2012
- in january 2023, i had a simple ultrasound done at SimonMed. they sent me 4 bills totaling $5137 for it. after a year of emails and phone calls, they finally admitted today that i only owed $140.53 and are mailing me a refund check! here's how i did it 🧵
- my friend sophie got fired from her job at Facebook and turned down a $64,000 severance package in order to leak this, so u better read it.
- PSA i can spoof any mit.edu email and it will pass all DKIM/SPF/etc. checks. here's an email i sent to myself pretending to be a famous MIT-affiliated podcaster - thanks gmail for auto-inserting the profile pic :) MIT may fix this someday but in the meantime
- so crazy that if u just touch a computer in the right ways u can make like 100 billion dollars
- reminder that the bcrypt hash function ignores input above a certain length! so if you do bcrypt(username || password) for some reason, a sufficiently long username will make it accept any password. to fix this you can sha256 the input first.Okta allowing login bypass for any usernames with 52+ characters is insane Official Security Advisory: trust.okta.com/security-advis…
- Replying to @bcryptconfirmed that Facebook lets me exclude black, asian, and hispanic people from seeing my ads. why can't i exclude white people?
- ROFL at andrew huberman saying that if you have a 20% chance of pregnancy in any given month, the chance of being pregnant after 6 months is 120%
- Replying to @bcrypttl;dr if u have insurance check that the amount ur billed lines up with what insurance says u owe before paying. if u overpaid u can try a demand letter to get a refund. ask the provider for a superbill. also "Never Pay the First Bill" has some tips for negotiating a bill down.
- i…. just received a children’s book about a rabbit who travels back in time to medieval europe and gets everyone hyped about blockchain
