Please tell your friends about federated social media site that speaks several fediverse protocols thus serving as a hub uniting them, hubzilla.eskimo.com, also check out friendica.eskimo.com, federated
macroblogging social media site, mastodon.eskimo.com a federated microblogging site, and yacy.eskimo.com an uncensored federated search engine. All Free!
Les bug bounty hunters nโont quโaฬ bien se tenir car Google va bientoฬt tenter de les remplacer (comme ils ont deฬjaฬ remplaceฬ pas mal de creฬateurs web) graฬce aฬ leur nouvelle IA baptiseฬe Big Sleep. En effet, celle-ci vient de prouver quโelle peut deฬtecter des failles de seฬcuriteฬ que meฬme les meilleurs hackers humains ont loupeฬes. Et je ne vous parle pas de petites vulneฬrabiliteฬs bidons, mais de veฬritables failles dans des logiciels critiques.
Vous vous souvenez quand je vous parlais de XBOW, cette IA qui eฬtait devenue numeฬro 1 sur HackerOne ? Eh bien Google vient de rentrer dans la danse avec Big Sleep, et visiblement ils ne sont pas venus pour rigoler. Lโapproche est diffeฬrente mais tout aussi impressionnante.
Big Sleep, cโest le fruit dโune collaboration entre Google Project Zero (lโeฬquipe dโeฬlite qui trouve des failles zero-day) et DeepMind (les geฬnies derrieฬre AlphaGo). Ensemble, ils ont creฬeฬ une IA capable dโanalyser du code source et de deฬtecter des vulneฬrabiliteฬs de manieฬre autonome. Le nom โBig Sleepโ vient dโailleurs du roman noir de Raymond Chandler (lien affilieฬ), un clin dโลil au coฬteฬ deฬtective de lโIA.
La premieฬre vraie victoire de Big Sleep, cโest donc dโavoir trouveฬ une vulneฬrabiliteฬ stack buffer underflow dans SQLite, la base de donneฬes la plus utiliseฬe au monde. Cette faille eฬtait passeฬe sous le radar de tous les outils de fuzzing traditionnels et des chercheurs humains. LโIA a reฬussi aฬ lโidentifier en analysant les patterns de code et en comprenant la logique profonde du programme.
Ce qui est vraiment fou avec Big Sleep, cโest sa capaciteฬ aฬ comprendre le contexte et la seฬmantique du code car contrairement aux outils de fuzzing classiques qui bombardent le programme avec des donneฬes aleฬatoires pour voir sโil crashe, Big Sleep lit et comprend reฬellement ce que fait le code.
Cโest la diffeฬrence entre un lecteur de Korben.info qui lit lโun de mes articles et qui est content. Et un lecteur de Korben.info (ou pas dโailleurs) qui lit lโun de mes articles en diagonale (ou juste le titreโฆlol), qui ne comprend rien et qui part ensuite mโinsulter sur les reฬseaux sociaux ^^.
Google explique que Big Sleep utilise une approche en plusieurs eฬtapes. Dโabord, lโIA analyse le code source pour comprendre sa structure et son fonctionnement. Ensuite, elle identifie les zones potentiellement vulneฬrables en se basant sur des patterns connus mais aussi sur sa compreฬhension du flux de donneฬes. Enfin, elle geฬneฬre des cas de test speฬcifiques pour confirmer lโexistence de la vulneฬrabiliteฬ.
Les 20 vulneฬrabiliteฬs deฬcouvertes touchent diffeฬrents types de logiciels, des bibliotheฬques systeฬme aux applications web. Google reste discret sur les deฬtails exacts pour des raisons eฬvidentes de seฬcuriteฬ, mais ils confirment que toutes les failles ont eฬteฬ corrigeฬes avant toute exploitation malveillante. Cโest le principe du responsible disclosure : on trouve, on preฬvient, on corrige, et seulement apreฬs on communique.
Ce qui diffeฬrencie Big Sleep de XBOW, cโest surtout lโapproche. Laฬ ouฬ XBOW excelle dans les bug bounties publics avec une approche plus agressive, Big Sleep semble plutoฬt orienteฬ vers lโanalyse en profondeur de code complexe. Les deux IA sont donc compleฬmentaires et montrent bien que lโavenir de la cyberseฬcuriteฬ passera par ces assistants intelligents.
Dโailleurs, Google ne compte pas garder Big Sleep pour lui et lโeฬquipe travaille sur une version open source qui permettra aฬ la communauteฬ de beฬneฬficier de cette technologie. Lโideฬe cโest de deฬmocratiser la recherche de vulneฬrabiliteฬs pour que meฬme les petites entreprises puissent seฬcuriser leur code.
Mais attention, tout nโest pas rose non plus car que se passera-t-il si des acteurs malveillants mettent la main sur ce genre dโIA ? La course aux armements entre attaquants et deฬfenseurs risque de fortement sโacceฬleฬrer drastiquement. Google assure avoir mis en place des garde-fous, mais on sait tous que dans le domaine de la seฬcuriteฬ, rien nโest jamais garanti aฬ 100%.
Selon Google, Big Sleep peut analyser en quelques heures ce qui prendrait des semaines aฬ une eฬquipe humaine et contrairement aฬ vous les vacanciers eฬternels, lโIA ne se fatigue pas, ne fait pas dโerreur dโinattention, et peut traiter des volumes de code monumentaux. Sur les 20 vulneฬrabiliteฬs trouveฬes, au moins 5 eฬtaient consideฬreฬes comme critiques avec un score CVSS supeฬrieur aฬ 8.
Pour voir les dernieฬres deฬcouvertes de BigSleep cโest par ici.
Lโobjectif pour Google aฬ terme cโest de creฬer une IA capable de comprendre non seulement le code, mais aussi lโintention derrieฬre le code, donc si vous eฬtes deฬveloppeur ou responsable seฬcuriteฬ, il est temps de prendre ce sujet au seฬrieux. Les IA comme Big Sleep et XBOW ne sont pas des gadgets, donc commencez aฬ reฬfleฬchir aฬ comment inteฬgrer ces outils dans vos processus de deฬveloppement et surtout, nโattendez pas que les attaquants sโen servent contre vous.
BRITAIN is โnot just complicit, but an active participantโ in Israelโs genocide in Gaza, activists said today during a protest by British Jews against attacks on Palestine.
DEAR FRIENDS. IF YOU LIKE THIS TYPE OF CONTENT, SUPPORT SOUTHFRONT WORK: MONERO (XMR): 86yfEHs6pkoDEKCxc6MAnQX8cVHmzhYxMVrNuwKgNmqpWK8dDxjgGnK8PtUNJMA...
Mit meinem Handrรผcken hinten an ihren Oberschenkeln vorbeigleiten. รber den Arsch, bis zum Hals. Und ihr ins Ohr flรผstern, dass sie das bis zum Ende ertragen muss.
Die Polizei nutzt immer รถfter Staatstrojaner. Im Jahr 2023 durfte sie 130 Mal Gerรคte hacken und ausspionieren, 68 Mal war sie damit erfolgreich. Das ist eine Verdopplung innerhalb von zwei Jahren. Das geht aus der offiziellen Justizstatistik hervor. Justizstatistik 2023: Polizei hackt alle fรผnf Tage mit Staatstrojanern
The comments of Ramirez have clearly struck a nerve on both sides. For my part, I am very proud of both my Irish-Sicilian background. My Sicilian grandparents came to this country at the turn of the century. They were deeply proud of their heritage but always insisted that their children identify as Americans first and foremost.
Democrat Rep. Delia Ramirez (D., Ill.) is locked into a fierce fight with the White House over controversial remarks at the second annual Panamerican Congress held in Mexico, including declaring, โโฆ
Google has released security updates to address multiple security flaws in Android, including fixes for two Qualcomm bugs that were flagged as actively exploited in the wild. The vulnerabilities include CVE-2025-21479 (CVSS score: 8.6) and CVE-2025-27038 (CVSS score: 7.5), both of which were disclosed alongside CVE-2025-21480 (CVSS score: 8.6), by the chipmaker back in June 2025. CVE-2025-21479 posted by pod_feeder
In der Nacht zum Mittwoch wechseln sich Wolken und Sonne ab, im Sรผden ist es gering bewรถlkt. An der Kรผste gibt es noch einzelne Schauer. Die Temperaturen sinken auf 15 Grad an der See und 9 Grad im Harzvorland. Im Binnenland lรคsst der Wind nach und weht aus westlicher Richtung. An der See bleibt es frisch mit starken bis stรผrmischen Bรถen. /LL
GitHub is introducing non-essential cookies on web pages that market our products to businesses. These cookies will provide analytics to improve the site experience and personalize content and ads ...
A lot of people donโt know that Ghislaine Maxwellโs dad, Robert Maxwell, played a pivotal role in setting up the system for how science research gets publish...
This is really interesting, but also quite a big deal because it means if you care enough to do ANY kind of honest research, you're really likely to just bang into undiscovered things by accident, because the whole scientific community is chasing their tails so nobody is really asking any questions (except of course "how do I get published")...
Singapore - Saba:
Gold prices fell on Sunday, affected by profit-taking after the sharp rise in the previous session following the release of weaker-than-expected US jobs data, which reinforced expectations of a Federal Reserve interest rate cut in โฆ
Great from @pluralistic on why my individual efforts to remove myself from Big Tech's clutches won't achieve anything, and why we need systematic responses, not individual ones. pluralistic.net/2025/07/31/unsโฆ
Microsoft's AI-fueled 4 trillion valuation highlights the massive impact of the AI bubble on the US economy. AI investments are now acting as a private sector stimulus, contributing more to US economic growth than consumer spending. However, a clear and sustainable business model remains elusive. In many ways, the current AI boom mirrors the dynamics of the dot-com era.
I know you don't agree with my anti-AI stance, but this kinda proves my point. If AI is a bubble (it is), then the market pushes for AI in everything, and everything dependent on AI will cause an economic bloodbath when it pops. An Anti-AI model may be the only foil against a worse outcome.
@Sh4d0w_H34rt O think it's important to separate the tech from the capitalist industry using it. Meanwhile, an economic crash was already in the works even without AI. All the bubble did was postpone what was already inevitable.
It's also informative to see how this tech is being integrated into Chinese economy for contrast.
A friend just sent me this article about losing a spouse.
"You think you're prepared. you go in with boxes and garbage bags. You tell yourself youโll be strong. You think, โItโs just stuff.โ
But then you open a drawer. And their handwriting is still on a notepad. Their scent still clings to the sleeves of that sweater you begged them to throw out every winter. Their shoes are still lined up by the door like they might be back any minute.
You find yourself sitting on the floor, holding a shirt to your face, trying to memorize a smell you know is already fading. You whisper โIโm sorryโ to objects you tuck away in boxes. You fold things neatly like youโre still trying to take care of them. You pause before tossing something out, because what if that was their favorite?
No one tells you how loud the silence is when their closet door creaks open.
No one tells you how heavy an empty coat can feel in your hands. No one tells you that cleaning out a space can shatter you all over again.
Itโs not just cleaning. Itโs letting go of little pieces you were never ready to lose. Itโs closing a drawer for the last time and feeling like youโre betraying them. Itโs packing up the life you shared, while your heart silently begs, please donโt make me.
Because deep down, youโre not just packing away their things โ
Columbia University's recent suspension and expulsion of more than 70 students for a Palestine demonstration is the latest sign the school's crackdown on activism is not simply about campus conduct, but appeasing political pressure from Washington.
Columbia Universityโs recent suspension and expulsion of more than 70 students for a Palestine demonstration is the latest sign the schoolโs crackdown on activism is not simply about campus conduct, but appeasing political pressure from Washington.
Mark Mansour notes that the overt, unabashed gerrymandering proposed by Texas Republicans is designed, by their own admission, to "enhance the political efficacyโ of GOP votes.
What this is really about is enhancing the political efficacy of WHITE RURAL voters. As Mansour says, it's "a chilling disenfranchisement of millions of votersโespecially Black, Latino, and Asian Americans."
As Tom Schaller and Paul Waldman show in their important 2024 study White Rural Rage: The Threat to American Democracy, no demographic group is so catered to politically and has so much unmerited and outsized clout as white rural voters. They write:
โNo group was ever dealt a better electoral hand than rural White Americans."
The inflated power of rural White voters confers upon them an unusual ability to force state and national governments to cater to their preferences and grievances. Herein lies the danger: precisely because they wield inflated power, rural Whitesโ increasingly tenuous commitments to democratic norms and traditions are magnified across the U.S. political system in many of the same ways their preferences have been for two centuriesโ (p. 63).
"Partisan gerrymandering is legal because the US Supreme Court declared in 2019 that it is too difficult for federal judges to ensure that congressional districts are fairly drawn. (A demonstrably false claim.)"
"Having washed its hands of voter suppression like a modern-day Pontius Pilate, the Supreme Court relinquished control of congressional districting to a patchwork of inconsistent, flawed, and (sometimes) corrupt state legislatures. Chaos ensued."
โTrump knows he canโt win the upcoming mid-term elections, so he is trying to rig them. And the way he is trying to do it is to dismantle the Voting Rights Act of 1965 as we know it. He is trying, for example to try and dismantle Hispanic and African-American opportunity districts."
Billy Begala explains how the Republican gerrymandering proposal wants to "carve up Texas like a Christmas ham," disenfranchising Black and Hispanic voters and privileging rural white ones.
At Trumpโs command, the Texas GOPโs redistricting maps strip voting power away from Black Texans and are an insult to us all โ regardless of partisan stripes.
Russia's Foreign Ministry spokesperson has announced that Moscow is prepared to increase collaboration with BRICS countries to combat the pressure of illegal US sanctions.
Trump said if oil drops another $10 per barrel, it could force Russia to end the war against Ukraine. He also promised to raise tariffs on India within a day.
Talk about powerful: Rachel Maddow last night on how "we're beyond waiting and seeing now":
"Whether you're looking at small scale local stories or the biggest picture stories about what's happening in our country, the story is the same and it is now an undeniable thing. We have crossed a line. we are in a place we did not want to be, but we are there."
Rachel Maddow points out that the thing most Americans were dreading has come to pass, and the United States has changed profoundly in only six months of aut...
"Whether you're looking at small scale local stories or the biggest picture stories about what's happening in our country, the story is the same and it is now an undeniable thing. We have crossed a line. We are in a place we did not want to be, but we are there. The thing we were all warning about for the last few years is not coming. It is here. We are in it."
"We do now live in a country that has an authoritarian leader in charge. We have a consolidating dictatorship in our country. and it sounds melodramatic to say it, i know, but just go with that for a minute, right? Think. Think in melodramatic terms. Think in cinematic terms. Imagine the cartoon level caricature of what you think a dictatorship looks like."
Reminds me of how, at my writing group last month, one of the members talked about how gross it was that there were people lining up to get autographs from Dean Cain. You know, because heโs MAGA and so the people getting the autographs were probably also pieces of shit. Iโm sure if I said anything anti-liberal theyโd kick me right out for being โpolitical.โ But that dipshit going off about Republicans? A-OK.
Transition vegane, je remplace le lait entier par le lait d'avoine barista de Oatly dans les cรฉrรฉales et j'ai trouvรฉ une glace Ben&Jerry's "Chocolate fudge brownie" vegane ! #AspirantVegan #GoVegan #Vegan
Bon, le lait d'avoine est au moins 1 euros plus cher que le lait, donc j'en prendrais moins. Et la glace fait 15 euros le kilo versus dix balles pour la version pas vegane. Passer vegane, รงa coรปte plus cher sur un paquet de truc. Surtout si on cuisine pas.
tiens, รงa y est, le rรขpรฉ vegan Nourish est arrivรฉ dans mon supermarchรฉ local. Toujours pas de vรฉgรฉtariens ni vegans dans la famille, mais c'est bon ร savoir quand on a des potes qui viennent manger. J'ai failli en prendre pour tester mais la petite a soufflรฉ en regardant le plafond ๐
TEHRAN โ Protests condemning Israelโs devastating war and deliberate starvation campaign in Gaza continue to sweep across the globe, as activists, politicians, and ordinary citizens demand an end to the violence and immediate humanitarian aid.
In 2019, the American Ayatollah (the Supreme Court) said that it was totally fine to gerrymander, as gerrymandered maps could not be reviewed by federal courts (Rucho v. Common Cause).
Now, with a slim majority, Texas Republicans are gerrymandering on racial lines to disempower voters because they cannot win elections on merits. As a result, Texas Democrats have fled the state, denying the governing body of quorum.
This is "American Democracy" failing spectacularly.
Texas Republicans are trying to redraw congressional districts to pick up five additional U.S. House seats. Democrats face financial and political risk in their bid to block the GOP plan.
The problem with having a system of governance where rigged popularity contests determine who controls the apparatus of the state is that you have a system of governance where rigged popularity contests determine who controls the apparatus of the state.
Anyone in the FA fam suffer from gout? Anyone of you know of any natural remoidies to take? My wife was been in pain for the past 5 days and she went to the ER yesterday. The Er dock determined it was that. No breakage in her right foot. Still waiting on the damn ensurance to approve the med she needs. God I hope i don't get it. Having Arther is bad enough. Glad its not sever though.
Whatโs the truth about lectins, and how can you safely enjoy foods like tomatoes and bell peppers? Barbara O'Neill explains how proper preparation of these f...
I have been unemployed for over a year, hustling here and there while trying to find something long term in the current hell that is the tech industry. My cat has kidney problems and I need help to cover vet bills amounting to around 500โฌ.
Zach Clouseau
in reply to Miraculixxxen • • •Sensitive content
Adam Edam
in reply to Miraculixxxen • • •Sensitive content
Miraculixxxen
in reply to Adam Edam • • •Sensitive content
Thank you
My Other Account
in reply to Miraculixxxen • • •Sensitive content
jabu
in reply to Miraculixxxen • • •Sensitive content
Have fun!
Kinky_me
in reply to Miraculixxxen • • •Sensitive content
Miraculixxxen
in reply to Kinky_me • • •Sensitive content
Kinky_me
in reply to Miraculixxxen • • •Sensitive content
tamarisk
in reply to Miraculixxxen • • •Sensitive content