Before my son was born my wife and I read all these books and stuff on babies. We also took these fancy classes.
Literally none of them told us the baby would try to headbutt.
THEIR HEADS HURT. THEY HEADBUTT YOUR FACE
Literally none of them told us the baby would try to headbutt.
THEIR HEADS HURT. THEY HEADBUTT YOUR FACE
π₯°89π33β€12π€―8β€βπ₯4π―2π1π₯1
Meanwhile on X, I volunteered to run TorGuard VPNs social media. They're a big donor to vx-underground.
In one day I got in trouble. I made a joke we're laying off the engineering department and apparently it's not cool to joke about laying people off
In one day I got in trouble. I made a joke we're laying off the engineering department and apparently it's not cool to joke about laying people off
π182β€29π€£22π’10π€―8π5π₯°2β€βπ₯1π±1
> be me
> long day at long day factory
> decide to relax
> open x
> it's the everything app
> click "For You"
> first post
> trans person crying
> say they're burden on family
> say they're being kicked out
> point camera at three bottles of pills
> open all bottles
> take all pills at once
> record their suicide
> x, the everything app
> long day at long day factory
> decide to relax
> open x
> it's the everything app
> click "For You"
> first post
> trans person crying
> say they're burden on family
> say they're being kicked out
> point camera at three bottles of pills
> open all bottles
> take all pills at once
> record their suicide
> x, the everything app
π’178π37π€£36π±11π€―10β€6π6π₯°4π€2π―2π2
I'm currently:
- writing over 500,000,000 lines of code a day
- running 400 different agents
- building 9 different apps
My wife and her boyfriend are so proud of me. What's your excuse?
- writing over 500,000,000 lines of code a day
- running 400 different agents
- building 9 different apps
My wife and her boyfriend are so proud of me. What's your excuse?
π€£212π₯°21π€17π«‘8π5β€3π±1π1
When people ask what I do for a living I have no idea how to explain to them I collect, develop, and reverse engineer malware.
I usually say, "I do stuff with computers".
Then I immediately change the conversation and hide.
I usually say, "I do stuff with computers".
Then I immediately change the conversation and hide.
π€75π₯°25β€8π€£8π5π3
Was surfing the internet and found some kid who is sharing his malware proof-of-concepts online. His work is primarily recycling and recreating existing techniques for him to study or to demonstrate the ideas to others.
Is his code good? No, God no. It is littered with errors, poor naming conventions, and extremely dangerous control flow. I love it him for this, unironically.
This kid having bad code shows he isn't using AI to work. He is legit. He is putting himself out there, demonstrating what he can do (or can't do), and showing he isn't afraid to get criticized.
I love seeing people grind and put in the work. It's the pain that makes you good. Taking shortcuts doesn't achieve anything.
I don't know if it he is on social media stuff, but you're doing good stuff, "CaptMag". Keep putting in work. You'll go far. I see you, gang.
Is his code good? No, God no. It is littered with errors, poor naming conventions, and extremely dangerous control flow. I love it him for this, unironically.
This kid having bad code shows he isn't using AI to work. He is legit. He is putting himself out there, demonstrating what he can do (or can't do), and showing he isn't afraid to get criticized.
I love seeing people grind and put in the work. It's the pain that makes you good. Taking shortcuts doesn't achieve anything.
I don't know if it he is on social media stuff, but you're doing good stuff, "CaptMag". Keep putting in work. You'll go far. I see you, gang.
β€171π₯°15π11π«‘7β€βπ₯4π3π1π―1
vx-underground
Was surfing the internet and found some kid who is sharing his malware proof-of-concepts online. His work is primarily recycling and recreating existing techniques for him to study or to demonstrate the ideas to others. Is his code good? No, God no. It isβ¦
I'm sorry, CaptMag, I love you, dawg, but I audibly laughed when you initialized your unsigned integers (DWORD) to NULL.
If you want to get really technical, NULL on Windows is defined as zero, so it ... sort of ... makes sense, you are technically setting your unsigned integers to zero, but NULL is supposed to indicate an invalid pointer.
I have no idea how your IDE hasn't been screaming at you about this.
If you want to get really technical, NULL on Windows is defined as zero, so it ... sort of ... makes sense, you are technically setting your unsigned integers to zero, but NULL is supposed to indicate an invalid pointer.
I have no idea how your IDE hasn't been screaming at you about this.
β€79π€£33π±9π7π₯°5β€βπ₯3π€©1
> be nerds
> look into persona (used by discord)
> kyc (know your customer) service
> used for age verification
> search on internet (shodan)
> find weird server
> image 1
> openai-watchlistdb.withpersona
> openai-watchlistdb-testing.withpersona
> lolwtf
> look inside
> supposed to be behind cloudflare to hide ip
> openai messed up
> not behind cloudflare
> real ip shown
> using google cloud
> lookup cert history
> 2023-11-16 created
> 2024-02-28 gets cert
> 2024-03-04 prod goes live
> google stuff
> openai and persona partners
> partner around timeline of certs
> back to searching stuff
> find withpersona-gov
> look inside
> okta (image 2)
> lolwtf
> look inside
> website accidentally leaking stuff
> fedramp-private-backend-api
> look inside
> api .js accidentally exposed
> look inside
> wtf "SARInstructionsCard"
> wtf "app.onyx.withpersona-gov"
> wtf "FINTRAC"
> wtf "PrivatePartnershipProjectNameCodes"
> image 3
> wtf "AsyncSelfie"
> look inside
> openai, persona, send data to us gov
> feds map face to financial records
> map face using AI
> map face to ICE stuff
> api stores data for lots of stuff
> image 4
tl;dr persona kyc and openai are frens, using your selfie for verification and sending to ICE (or USGOV in general), using AI to tie to your financial records. see subsequent post for full write-up. its long and not mobile friendly
> look into persona (used by discord)
> kyc (know your customer) service
> used for age verification
> search on internet (shodan)
> find weird server
> image 1
> openai-watchlistdb.withpersona
> openai-watchlistdb-testing.withpersona
> lolwtf
> look inside
> supposed to be behind cloudflare to hide ip
> openai messed up
> not behind cloudflare
> real ip shown
> using google cloud
> lookup cert history
> 2023-11-16 created
> 2024-02-28 gets cert
> 2024-03-04 prod goes live
> google stuff
> openai and persona partners
> partner around timeline of certs
> back to searching stuff
> find withpersona-gov
> look inside
> okta (image 2)
> lolwtf
> look inside
> website accidentally leaking stuff
> fedramp-private-backend-api
> look inside
> api .js accidentally exposed
> look inside
> wtf "SARInstructionsCard"
> wtf "app.onyx.withpersona-gov"
> wtf "FINTRAC"
> wtf "PrivatePartnershipProjectNameCodes"
> image 3
> wtf "AsyncSelfie"
> look inside
> openai, persona, send data to us gov
> feds map face to financial records
> map face using AI
> map face to ICE stuff
> api stores data for lots of stuff
> image 4
tl;dr persona kyc and openai are frens, using your selfie for verification and sending to ICE (or USGOV in general), using AI to tie to your financial records. see subsequent post for full write-up. its long and not mobile friendly
β€71π±34π€£19π₯°5π€―4π’3π₯1
vx-underground
> be nerds > look into persona (used by discord) > kyc (know your customer) service > used for age verification > search on internet (shodan) > find weird server > image 1 > openai-watchlistdb.withpersona > openai-watchlistdb-testing.withpersona > lolwtf >β¦
full write up: https://vmfunc.re/blog/persona
vmfunc.re
the watchers: how openai, the US government, and persona built an identity surveillance machine that files reports on you to theβ¦
53MB of source code leaked from a government endpoint. 269 verification checks. biometric face databases. SAR filings to FinCEN. and the same company that verifies your ChatGPT account.
β€36π₯13π₯°3
vx-underground
> be nerds > look into persona (used by discord) > kyc (know your customer) service > used for age verification > search on internet (shodan) > find weird server > image 1 > openai-watchlistdb.withpersona > openai-watchlistdb-testing.withpersona > lolwtf >β¦
1. i didnt discover this, vmfunc and friends did. im regurgitating their stuff
2. ive been informed discord stopped using persona. they use something else now. persona is still used in lots of places (like apparently roblox)
3. vmfunc and friends are still doing a write up about it and trying to talk to persona about it.
https://x.com/vmfunc/status/2024100827510517891
2. ive been informed discord stopped using persona. they use something else now. persona is still used in lots of places (like apparently roblox)
3. vmfunc and friends are still doing a write up about it and trying to talk to persona about it.
https://x.com/vmfunc/status/2024100827510517891
X (formerly Twitter)
celeste (@vmfunc) on X
update on "the watchers"
we are in direct written correspondence with persona's CEO. he's been responsive. he's been engaged. all exchanges will be published in full in part 2. a part 3 might be coming too.
now. about the names.
the personnel section wasβ¦
we are in direct written correspondence with persona's CEO. he's been responsive. he's been engaged. all exchanges will be published in full in part 2. a part 3 might be coming too.
now. about the names.
the personnel section wasβ¦
π€£43β€βπ₯9β€4π₯°4π’1
Earlier today X employees bragged X only has 30 employees. Guess which website is down again?
π€£133β€8π―7π₯4π₯°2
Meanwhile at Microsoft: Microsoft deployed botched security rules and Exchange Online accidentally flagged legitimate emails as malicious.
From February 5th to February 12th, "thousands" of safe emails were flagged as phishing emails
https://www.bleepingcomputer.com/news/microsoft/microsoft-anti-phishing-rules-mistakenly-blocked-emails-teams-messages/
From February 5th to February 12th, "thousands" of safe emails were flagged as phishing emails
https://www.bleepingcomputer.com/news/microsoft/microsoft-anti-phishing-rules-mistakenly-blocked-emails-teams-messages/
BleepingComputer
Microsoft: Anti-phishing rules mistakenly blocked emails, Teams messages
Microsoft says an Exchange Online issue that mistakenly quarantined legitimate emails last week was triggered by faulty heuristic detection rules designed to block credential phishing campaigns.
π₯°16π3β€1
vx-underground
Meanwhile at Microsoft: Microsoft deployed botched security rules and Exchange Online accidentally flagged legitimate emails as malicious. From February 5th to February 12th, "thousands" of safe emails were flagged as phishing emails https://www.bleepiβ¦
tldr if you're missing an email, or forgot to read an email, just blame it on Microsoft. Ez GG
π₯°25π5β€2