piranha

#!/usr/bin/env clojure -M

;;; setup
;; this classloader stuff is needed so that `add-lib` sees the DynamicClassLoader that's used by `require`
(.setContextClassLoader (Thread/currentThread) (clojure.lang.RT/baseLoader))
(require '[clojure.repl.deps :as deps])
(binding [clojure.core/*repl* true]
  (deps/add-lib 'http-kit {:mvn/version "2.8.0"}))

;;; actual script

hackermondev

hi, i'm daniel. i'm a 15-year-old with some programming experience and i do a little bug hunting in my free time. here's the insane story of how I found a single bug that affected over half of all Fortune 500 companies:

say hello to zendesk

If you've spent some time online, you’ve probably come across Zendesk.

Zendesk is a customer service tool used by some of the world’s top companies. It’s easy to set up: you link it to your company’s support email (like [email protected]), and Zendesk starts managing incoming emails and creating tickets. You can handle these tickets yourself or have a support team do it for you. Zendesk is a billion-dollar company, trusted by big names like Cloudflare.

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems.

your weakest link

HyperCrowd

Crippling Facebook

Facebook works with advertisers to target you. These instructions are one of the many ways to begin crippling that relationship. When AI targeting is crippled, your psychosecurity improves :)

1. On your desktop machine, goto https://accountscenter.facebook.com/ads/audience_based_advertising
2. Maximize the browser window
3. Press F12 and click on the Console tab
4. Select the code below, copy it, paste it upon the Console line (The area next to the > character in the Console window), and press enter:

christoofar

This study focuses on the strategies used by the "xz backdoor", an extremely
complex piece of malware that contains its own x64 disassembler inside of it 
to find critical locations in your code and hijacks it by swapping out your 
code with its own as it runs.  Because this a machine-code based attack,
all code written in any program language can be attacked and is vulnerable.

Instead of targeting sshd directly, the xz 
backdoor injects itself in the parent systemd process then hijacks the 
GNU Dynamic Linker (ld), before sshd is even started or libcrypto.so is 

piranha

(defmacro cond+ [& clauses]
  (when-some [[test expr & rest] clauses]
    (condp = test
      :do   `(do ~expr (cond+ ~@rest))
      :let  `(let ~expr (cond+ ~@rest))
      :some `(or ~expr (cond+ ~@rest))
            `(if ~test ~expr (cond+ ~@rest)))))

camsaul

;;; it's a map that hates if you try to get the key `:dataset` from it. NOCOMMIT
(declare ->DatasetHatingMap)

(defn- check-for-dataset-key [k]
  (when (= k :dataset)
      (throw (ex-info ":dataset is deprecated, use :type instead!" {}))))

(p/def-map-type DatasetHatingMap [m]
  (get [_this k default-value]
    (check-for-dataset-key k)

EcZachly

-- first query all the users 
WITH offsets AS (SELECT a.*,
                        EXTRACT(hour FROM ptn.utc_offset) AS utc_offset
                 FROM bootcamp.attendees a
                          JOIN pg_timezone_names ptn ON a.timezone = ptn.name
                 WHERE a.bootcamp_version = 3
                   AND a.timezone IS NOT NULL
                   AND a.content_delivery = 'Live'::text
                  ),
-- then aggregate the users by track and offset, we want matching timezones to fill up first

jschaf

-- create_temporal_past_table creates a new table with the same structure
-- as the current table. Adds triggers to copy all changed or deleted rows
-- from the current table to the past table.
CREATE PROCEDURE admin.create_temporal_past_table(curr_tbl regclass, past_tbl text) AS $fn$
DECLARE
  curr_tbl_qual   text := simc.quote_regclass(curr_tbl);
  past_tbl_schema text := (parse_ident(past_tbl))[1];
  past_tbl_name   text := (parse_ident(past_tbl))[2];
  past_tbl_qual   text := quote_ident(past_tbl_schema) || '.' || quote_ident(past_tbl_name);

digikar99

Coalton: Why is the interop not easier, and why might it be necessary for Coalton to be an entire language in itself?

If you came here searching for the context in which some reddit comments were written, you might want to check out this previous version of the article.

Several blog posts have been written about Coalton, about how it can be useful and what it brings to the table. However, to me, it hasn’t been clear why Coalton is the way to solve the problems that it does solve. Isn’t a simpler solution possible without making a full embedded language, and giving users the cognitive overhead of thinking about interop between normal lisp and coalton?

I have been thinking about this for a while as one of my pasttimes, and below I’ll summarize the better reasons why coalton might be the way it is. Perhaps, I couldn’t se

cpursley

PostgreSQL is Enough

• Simplify: move code into database functions
• Just Use Postgres for Everything
• Just use Postgres
• PostgreSQL is the worlds’ best database
• Postgres is eating the database world
• Hacker News discussion

Background and Cron Jobs