Hacker News: cws

New comment by cws in "Book review: There Is No Antimemetics Division"

cws — Mon, 06 Apr 2026 16:17:21 +0000

This article says “Book Review:” but then doesn’t provide the title of a book. I’m confused.

KVM Is The Weak Link – How a $30 Device can own your network

cws — Thu, 19 Mar 2026 18:24:44 +0000

Article URL: https://eclypsium.com/blog/your-kvm-is-the-weak-link-how-30-dollar-devices-can-own-your-entire-network/

Comments URL: https://news.ycombinator.com/item?id=47443697

Points: 3

# Comments: 0

Metacognitive Incommensurability: The Dinner Table Wall

cws — Fri, 26 Sep 2025 16:52:51 +0000

Article URL: https://interpoiesis.substack.com/p/metacognitive-incommensurability

Comments URL: https://news.ycombinator.com/item?id=45388580

Points: 5

# Comments: 0

Software Bill of Materials Requirements in DoD and Federal Guidance

cws — Fri, 12 Sep 2025 16:33:05 +0000

Article URL: https://eclypsium.com/blog/sbom-federal-requirements-guidelines/

Comments URL: https://news.ycombinator.com/item?id=45223894

Points: 5

# Comments: 0

Open Source Tools to Detect CVE-2024-54085

cws — Thu, 10 Jul 2025 22:40:06 +0000

Article URL: https://eclypsium.com/blog/eclypsium-releases-tools-for-detecting-ami-megarac-bmc-vulnerabilities/

Comments URL: https://news.ycombinator.com/item?id=44526491

Points: 4

# Comments: 0

CISA: AMI MegaRAC bug enabling server hijacks exploited in attacks

cws — Fri, 27 Jun 2025 18:14:57 +0000

Article URL: https://www.bleepingcomputer.com/news/security/cisa-ami-megarac-bug-that-lets-hackers-brick-servers-now-actively-exploited/

Comments URL: https://news.ycombinator.com/item?id=44398982

Points: 8

# Comments: 0

OpenBMC Security in Practice: Vulnerabilities, Variants, and AMI MegaRAC OneTree [pdf]

cws — Fri, 20 Jun 2025 18:49:20 +0000

Article URL: https://eclypsium.com/wp-content/uploads/OpenBMC-Security-in-Practice.pdf

Comments URL: https://news.ycombinator.com/item?id=44330734

Points: 4

# Comments: 0

Skittle Factory Dementia Monkey Titty Monetization

cws — Sat, 29 Mar 2025 17:46:54 +0000

Article URL: https://parakeet.substack.com/p/skittle-factory-dementia-monkey-titty

Comments URL: https://news.ycombinator.com/item?id=43517212

Points: 6

# Comments: 0

BMC&C Part 3: New AMI MegaRAC Baseboard Management Controller Vulnerabilities

cws — Tue, 18 Mar 2025 17:39:37 +0000

Article URL: https://eclypsium.com/blog/ami-megarac-vulnerabilities-bmc-part-3/

Comments URL: https://news.ycombinator.com/item?id=43402273

Points: 2

# Comments: 0

Text to CAD Public Alpha

cws — Thu, 11 Jul 2024 15:12:55 +0000

Article URL: https://zoo.dev/text-to-cad

Comments URL: https://news.ycombinator.com/item?id=40937610

Points: 2

# Comments: 0

We need to take satellite ground station security seriously

cws — Tue, 04 Jun 2024 16:51:21 +0000

Article URL: https://spacenews.com/why-we-need-to-take-satellite-ground-station-security-seriously/

Comments URL: https://news.ycombinator.com/item?id=40576531

Points: 4

# Comments: 0

Measuring the Persuasiveness of Language Models

cws — Fri, 03 May 2024 14:03:28 +0000

Article URL: https://www.anthropic.com/research/measuring-model-persuasiveness

Comments URL: https://news.ycombinator.com/item?id=40247781

Points: 3

# Comments: 0

2024 Verizon Data Breach Investigation Report [pdf]

cws — Wed, 01 May 2024 16:08:43 +0000

Article URL: https://www.verizon.com/business/resources/T5be/reports/2024-dbir-data-breach-investigations-report.pdf

Comments URL: https://news.ycombinator.com/item?id=40225228

Points: 122

# Comments: 49

New comment by cws in "Ask HN: Job Titles Solutions Architect vs. Architect"

cws — Wed, 24 Apr 2024 18:33:24 +0000

This is my experience as well. A solutions architect is likely to be working directly with customers to achieve what they want with the product which can involve deployment work, integration work, etc. Sometimes this work is found to be repeatable across customers and may be engineered into the product. An architect (in a software or IT context) can have pretty widely varying responsibilities, usually more focused on building product or internal company environments. But solution architects have been fairly consistent in scope of responsibility across the companies I’ve been exposed to

National Renewable Energy Lab Releases First Clean Energy Cybersecurity Report

cws — Thu, 18 Jan 2024 04:47:13 +0000

Article URL: https://xage.com/blog/nrel-clean-energy-cybersecurity-report/

Comments URL: https://news.ycombinator.com/item?id=39037976

Points: 1

# Comments: 0

New comment by cws in "Which word begins with "y" and looks like an axe in this picture? (2017)"

cws — Thu, 18 Jan 2024 04:41:45 +0000

I really thought it was going to be something about a “Y axis” or “Y Axes”

New comment by cws in "A Technical Analysis of How Spring4Shell (CVE-2022-22965) Works"

cws — Thu, 31 Mar 2022 18:41:12 +0000

This is about CVE-2022-22965. Maybe I’ll edit the title to reflect that.

New comment by cws in "A Technical Analysis of How Spring4Shell (CVE-2022-22965) Works"

cws — Thu, 31 Mar 2022 18:39:49 +0000

Depends a lot on how many Spring apps out there have the prereqs to be vulnerable. The widespread nature of Log4Shell is what made it “worse” than other RCE vulns. I don’t have a sense of how many vulnerable instances of this one might be out there but the number could be enormous.

A Technical Analysis of How Spring4Shell (CVE-2022-22965) Works

cws — Thu, 31 Mar 2022 18:13:42 +0000

Article URL: https://www.extrahop.com/company/blog/2022/a-technical-analysis-of-how-spring4shell-works/

Hacker News: cws

New comment by cws in "Book review: There Is No Antimemetics Division"

KVM Is The Weak Link – How a $30 Device can own your network

Metacognitive Incommensurability: The Dinner Table Wall

Software Bill of Materials Requirements in DoD and Federal Guidance

Open Source Tools to Detect CVE-2024-54085

CISA: AMI MegaRAC bug enabling server hijacks exploited in attacks

OpenBMC Security in Practice: Vulnerabilities, Variants, and AMI MegaRAC OneTree [pdf]

Skittle Factory Dementia Monkey Titty Monetization

BMC&C Part 3: New AMI MegaRAC Baseboard Management Controller Vulnerabilities

Text to CAD Public Alpha

We need to take satellite ground station security seriously

Measuring the Persuasiveness of Language Models

2024 Verizon Data Breach Investigation Report [pdf]

New comment by cws in "Ask HN: Job Titles Solutions Architect vs. Architect"

National Renewable Energy Lab Releases First Clean Energy Cybersecurity Report

New comment by cws in "Which word begins with "y" and looks like an axe in this picture? (2017)"

New comment by cws in "A Technical Analysis of How Spring4Shell (CVE-2022-22965) Works"

New comment by cws in "A Technical Analysis of How Spring4Shell (CVE-2022-22965) Works"

A Technical Analysis of How Spring4Shell (CVE-2022-22965) Works

Analyzing SolarWinds Orion Sunburst DNS Traffic for Threat Intelligence