Comments

andrew, 1 year ago to selfhosted in 13 Feet Ladder

Unless they are permanently only using specific addresses or blocks and will never change that up, I’d consider it a moving target.

andrew, 1 year ago to selfhosted in PSA: The Docker Snap package on Ubuntu sucks.

A flatpak of the snap, running in a docker container inside a vm for maximum security.

andrew, 1 year ago to selfhosted in 13 Feet Ladder

Checking ip ownership is a moving target more likely to result in outcomes these sites don’t want (accidentally blocking google bots and preventing results from appearing on google).

Checking useragent is cheap, easier, unlikely to break (for this purpose, anyway) and the percentage of folks who know how to bypass this check is relatively slim, with a pretty small financial impact.

andrew, 1 year ago to piracy in Beeper Mini

Looks like beeper got their stuff working again.

Can’t imagine this working out very well long term though

andrew, 1 year ago to piracy in How to check a direct downloaded mkv file

It’s feasible and has been used in various 0day exploits in the last few years. It’s getting significantly rarer nowadays but media player exploits leading to RCE has been a staple of malware distribution for a long while.

It’s just much easier to make a malicious word macro and hope the user isn’t careful than to research/identify an exploitable bug in a media player.

andrew, 1 year ago to piracy in How to crack a (non App Store) MacOS app?

Generally you can’t reverse it into exactly what was written, but most of the time you can disassemble or decompile just about any program as long as the binary format is known. The legibility of the resulting unraveling may vary depending on language and any methods used to obfuscate the end binary.