Hacker News: stsewd

Hacker News: stsewdhttps://news.ycombinator.com/user?id=stsewdHacker News RSShttps://hnrss.org/hnrss v2.1.1Fri, 08 May 2026 14:27:57 +0000<![CDATA[New comment by stsewd in "Dirtyfrag: Universal Linux LPE"]]>I got the same running it inside a container, but got a shell when running it directly in the host. This only shows that the exploit doesn't work inside a container. So, containers aren't vulnerable, or the script needs some adjustments to make it work in containers.

Since copy fail can be used to escape containers (https://github.com/Percivalll/Copy-Fail-CVE-2026-31431-Kuber...), I'm guessing the exploit needs some changes only.

]]>Fri, 08 May 2026 00:15:37 +0000https://news.ycombinator.com/item?id=48056840stsewdhttps://news.ycombinator.com/item?id=48056840https://news.ycombinator.com/item?id=48056840<![CDATA[Finding security-related commits on GitHub]]>Article URL: https://stsewd.dev/posts/github-search-security-commits/

Comments URL: https://news.ycombinator.com/item?id=45923452

Points: 2

# Comments: 0

]]>Fri, 14 Nov 2025 03:16:28 +0000https://stsewd.dev/posts/github-search-security-commits/stsewdhttps://news.ycombinator.com/item?id=45923452https://news.ycombinator.com/item?id=45923452<![CDATA[Django in Government]]>Article URL: https://thib.me/django-in-government

Comments URL: https://news.ycombinator.com/item?id=43059857

Points: 1

# Comments: 0

]]>Sat, 15 Feb 2025 16:40:17 +0000https://thib.me/django-in-governmentstsewdhttps://news.ycombinator.com/item?id=43059857https://news.ycombinator.com/item?id=43059857<![CDATA[Open Collective – closing our virtual card program in Dec 2023]]>Article URL: https://opencollective.com/opensource/updates/closing-our-virtual-card-program

Comments URL: https://news.ycombinator.com/item?id=38589526

Points: 2

# Comments: 0

]]>Sun, 10 Dec 2023 06:04:43 +0000https://opencollective.com/opensource/updates/closing-our-virtual-card-programstsewdhttps://news.ycombinator.com/item?id=38589526https://news.ycombinator.com/item?id=38589526<![CDATA[New comment by stsewd in "CodeCov is now Open Source"]]>Not really open source, they are releasing their code under the BSL (Business Source License https://github.com/codecov/self-hosted/blob/main/LICENSE). But still great, and they use Django :D

It's also interesting that they will no longer offer a commercial self-hosted solution.

> As a part of this shift, we are offering a new self-hosted repo that makes it easy to run Codecov in a minimal docker-compose based setup for proof-of-concept and small volume deployments. We are end-of-lifing our commercial self-hosted offering, but will continue to provide support to existing customers who are running Codecov on-prem.

]]>Wed, 02 Aug 2023 15:21:19 +0000https://news.ycombinator.com/item?id=36972121stsewdhttps://news.ycombinator.com/item?id=36972121https://news.ycombinator.com/item?id=36972121<![CDATA[CSRFing VS Code's Debug Adapter Protocol]]>Article URL: https://www.mcnulty.blog/posts/dap-csrf

Comments URL: https://news.ycombinator.com/item?id=36957995

Points: 1

# Comments: 0

]]>Tue, 01 Aug 2023 16:11:53 +0000https://www.mcnulty.blog/posts/dap-csrfstsewdhttps://news.ycombinator.com/item?id=36957995https://news.ycombinator.com/item?id=36957995<![CDATA[GitHub dataset research reveals millions potentially vulnerable to RepoJacking]]>Article URL: https://blog.aquasec.com/github-dataset-research-reveals-millions-potentially-vulnerable-to-repojacking

Comments URL: https://news.ycombinator.com/item?id=36442198

Points: 3

# Comments: 0

]]>Fri, 23 Jun 2023 02:44:06 +0000https://blog.aquasec.com/github-dataset-research-reveals-millions-potentially-vulnerable-to-repojackingstsewdhttps://news.ycombinator.com/item?id=36442198https://news.ycombinator.com/item?id=36442198<![CDATA[Open Source Collective is disabling contributions in cryptocurrencies]]>Article URL: https://opencollective.com/opensource/updates/open-source-collective-is-disabling-contributions-in-cryptocurrencies

Comments URL: https://news.ycombinator.com/item?id=36004695

Points: 1

# Comments: 0

]]>Fri, 19 May 2023 17:40:07 +0000https://opencollective.com/opensource/updates/open-source-collective-is-disabling-contributions-in-cryptocurrenciesstsewdhttps://news.ycombinator.com/item?id=36004695https://news.ycombinator.com/item?id=36004695<![CDATA[Black 23.1a1 – please help us test the 2023 stable style]]>Article URL: https://ichard26.github.io/blog/2022/12/black-23.1a1/

Comments URL: https://news.ycombinator.com/item?id=34075272

Points: 1

# Comments: 0

]]>Wed, 21 Dec 2022 00:55:14 +0000https://ichard26.github.io/blog/2022/12/black-23.1a1/stsewdhttps://news.ycombinator.com/item?id=34075272https://news.ycombinator.com/item?id=34075272<![CDATA[Why 2022 was a record-breaking year in bug bounty awards]]>Article URL: https://about.gitlab.com/blog/2022/12/19/why-2022-was-a-record-breaking-year-in-bug-bounty-awards/

Comments URL: https://news.ycombinator.com/item?id=34072169

Points: 2

# Comments: 0

]]>Tue, 20 Dec 2022 20:38:19 +0000https://about.gitlab.com/blog/2022/12/19/why-2022-was-a-record-breaking-year-in-bug-bounty-awards/stsewdhttps://news.ycombinator.com/item?id=34072169https://news.ycombinator.com/item?id=34072169<![CDATA[Russia banned to use foreign software for government agencies]]>Article URL: https://twitter.com/nexta_tv/status/1509182129162366986

Comments URL: https://news.ycombinator.com/item?id=30856402

Points: 3

# Comments: 1

]]>Wed, 30 Mar 2022 15:21:35 +0000https://twitter.com/nexta_tv/status/1509182129162366986stsewdhttps://news.ycombinator.com/item?id=30856402https://news.ycombinator.com/item?id=30856402<![CDATA[Suicide hotline shares data with for-profit spinoff, raising ethical questions]]>Article URL: https://www.politico.com/news/2022/01/28/suicide-hotline-silicon-valley-privacy-debates-00002617

Comments URL: https://news.ycombinator.com/item?id=30121581

Points: 248

# Comments: 62

]]>Fri, 28 Jan 2022 22:51:49 +0000https://www.politico.com/news/2022/01/28/suicide-hotline-silicon-valley-privacy-debates-00002617stsewdhttps://news.ycombinator.com/item?id=30121581https://news.ycombinator.com/item?id=30121581<![CDATA[Securing Your Development Environment]]>Article URL: https://stsewd.dev/posts/securing-your-dev-environment/

Comments URL: https://news.ycombinator.com/item?id=27955349

Points: 10

# Comments: 0

]]>Mon, 26 Jul 2021 03:39:14 +0000https://stsewd.dev/posts/securing-your-dev-environment/stsewdhttps://news.ycombinator.com/item?id=27955349https://news.ycombinator.com/item?id=27955349<![CDATA[Telegram Desktop retirement notice from RPM fussion]]>Article URL: https://lists.rpmfusion.org/archives/list/rpmfusion-developers@lists.rpmfusion.org/thread/5A7MRE3BG66PQXSP263FUZ7XS5PMDNUV/

Comments URL: https://news.ycombinator.com/item?id=27874705

Points: 29

# Comments: 8

]]>Sun, 18 Jul 2021 17:28:38 +0000https://lists.rpmfusion.org/archives/list/rpmfusion-developers@lists.rpmfusion.org/thread/5A7MRE3BG66PQXSP263FUZ7XS5PMDNUV/stsewdhttps://news.ycombinator.com/item?id=27874705https://news.ycombinator.com/item?id=27874705<![CDATA[New comment by stsewd in "Bat 0.18.2 released (Windows security fix)"]]>The same bug that affected ripgrep, wonder what other software is affected by this.

]]>Tue, 13 Jul 2021 13:33:09 +0000https://news.ycombinator.com/item?id=27820722stsewdhttps://news.ycombinator.com/item?id=27820722https://news.ycombinator.com/item?id=27820722<![CDATA[Bat 0.18.2 released (Windows security fix)]]>Article URL: https://github.com/sharkdp/bat/releases/tag/v0.18.2

Comments URL: https://news.ycombinator.com/item?id=27820721

Points: 2

# Comments: 1

]]>Tue, 13 Jul 2021 13:33:09 +0000https://github.com/sharkdp/bat/releases/tag/v0.18.2stsewdhttps://news.ycombinator.com/item?id=27820721https://news.ycombinator.com/item?id=27820721<![CDATA[Phantom. The Robotic Chessboard Made of Real Wood]]>Article URL: https://www.kickstarter.com/projects/wondersubstance/phantom-the-most-advanced-chess-board-in-the-world

Comments URL: https://news.ycombinator.com/item?id=27787010

Points: 1

# Comments: 0

]]>Fri, 09 Jul 2021 18:42:53 +0000https://www.kickstarter.com/projects/wondersubstance/phantom-the-most-advanced-chess-board-in-the-worldstsewdhttps://news.ycombinator.com/item?id=27787010https://news.ycombinator.com/item?id=27787010<![CDATA[A tale about security in web apps or how I helped to save a bank from bankruptcy]]>Article URL: https://stsewd.dev/posts/a-tale-about-security-in-web-applications/

Comments URL: https://news.ycombinator.com/item?id=27566004

Points: 5

# Comments: 0

]]>Sun, 20 Jun 2021 00:52:39 +0000https://stsewd.dev/posts/a-tale-about-security-in-web-applications/stsewdhttps://news.ycombinator.com/item?id=27566004https://news.ycombinator.com/item?id=27566004<![CDATA[Encrypted network run by de FBI led to at least 800 arrests]]>Article URL: https://www.nytimes.com/2021/06/08/world/australia/operation-trojan-horse-anom.html

Comments URL: https://news.ycombinator.com/item?id=27434770

Points: 10

# Comments: 0

]]>Tue, 08 Jun 2021 13:20:19 +0000https://www.nytimes.com/2021/06/08/world/australia/operation-trojan-horse-anom.htmlstsewdhttps://news.ycombinator.com/item?id=27434770https://news.ycombinator.com/item?id=27434770<![CDATA[Elastic License Update – Elastic License v2]]>Article URL: https://www.elastic.co/blog/elastic-license-update

Comments URL: https://news.ycombinator.com/item?id=27393650

Points: 2

# Comments: 0

]]>Fri, 04 Jun 2021 13:58:32 +0000https://www.elastic.co/blog/elastic-license-updatestsewdhttps://news.ycombinator.com/item?id=27393650https://news.ycombinator.com/item?id=27393650