smx-smx / XZ Backdoor Analysis
Last active February 26, 2025 01:17
[WIP] XZ Backdoor Analysis and symbol mapping
XZ Backdoor symbol deobfuscation. Updated as i make progress
a8dx / US_State_Bounding_Boxes.csv
Created November 23, 2018 03:20
Bounding boxes for all US states and territories [NAD83]
STATEFP STUSPS NAME xmin ymin xmax ymax
1 01 AL Alabama -88.473227 30.223334 -84.88908 35.008028
2 02 AK Alaska -179.148909 51.214183 179.77847 71.365162
3 60 AS American Samoa -171.089874 -14.548699 -168.1433 -11.046934
4 04 AZ Arizona -114.81651 31.332177 -109.045223 37.00426
5 05 AR Arkansas -94.617919 33.004106 -89.644395 36.4996
6 06 CA California -124.409591 32.534156 -114.131211 42.009518
7 08 CO Colorado -109.060253 36.992426 -102.041524 41.003444
8 69 MP Commonwealth of the Northern Mariana Islands 144.886331 14.110472 146.064818 20.553802
9 09 CT Connecticut -73.727775 40.980144 -71.786994 42.050587
" Transparent editing of gpg encrypted files.
" By Wouter Hanegraaff
augroup encrypted
" First make sure nothing is written to ~/.viminfo while editing
" an encrypted file.
autocmd BufReadPre,FileReadPre *.gpg set viminfo=
" We don't want a various options which write unencrypted data to disk
autocmd BufReadPre,FileReadPre *.gpg set noswapfile noundofile nobackup
jdmaturen /
Last active July 29, 2023 22:39
Who pays when startup employees keep their equity?

Who pays when startup employees keep their equity?

JD Maturen, 2016/07/05, San Francisco, CA

As has been much discussed, stock options as used today are not a practical or reliable way of compensating employees of fast growing startups. With an often high strike price, a large tax burden on execution due to AMT, and a 90 day execution window after leaving the company many share options are left unexecuted.

There have been a variety of proposed modifications to how equity is distributed to address these issues for individual employees. However, there hasn't been much discussion of how these modifications will change overall ownership dynamics of startups. In this post we'll dive into the situation as it stands today where there is very near 100% equity loss when employees leave companies pre-exit and then we'll look at what would happen if there were instead a 0% loss rate.

What we'll see is that employees gain nearly 3-fold, while both founders and investors – particularly early investors – get dilute

andreicristianpetcu /
Created May 30, 2016 19:25
This is an ANSIBLE Cheat Sheet from Jon Warbrick

An Ansible summary

Jon Warbrick, July 2014, V3.2 (for Ansible 1.7)

Configuration file


First one found from of

alias hue_blue='curl -s ""'
alias hue_cyan='curl -s ""'
alias hue_green='curl -s ""'
alias hue_indigo='curl -s ""'
alias hue_lavender='curl -s ""'
alias hue_orange='curl -s ""'
alias hue_pink='curl -s ""'
alias hue_red='curl -s ""'
alias hue_white='curl -s ""'
alias hue_yellow='curl -s "
spaze /
Last active December 22, 2024 15:50
Opera VPN behind the curtains is just a proxy, here's how it works

2023 update

ℹ️ Please note this research is from 2016 when Opera has first added their browser "VPN", even before the "Chinese deal" was closed. They have since introduced some real VPN apps but this below is not about them.

🕵️ Some folks also like to use this article to show a proof that the Opera browser is a spyware or that Opera sells all your data to 3rd parties or something like that. This article here doesn't say anything like that.

When setting up (that's immediately when user enables it in settings) Opera VPN sends few API requests to to obtain credentials and proxy IPs, see below, also see The Oprah Proxy.

The browser then talks to a proxy (when VPN location is set to Germany), it's IP address can only be resolved from within Opera when VPN is on, it's (or similar, see below). It's an HTTP/S proxy which requires auth.

One thing I wanted to ask, given your exprience in DDoS attacks. We are putting in place a DDoS mitigation strategy and finding a wide variability in pricing from different vendors.

Near as I can tell, the difference between the low end like CloudFlare's $200/mth plan and the $5K-$10K/mth vendors like Prolexic is the support offered for a layer 7 attack. Is that a reasonable summary?

It seems like all vendors offer a reasonable level of layer 3-4 filtering but that if there's a layer 7 attack the high end vendors have the sophisticated tools and methodology to help the customer figure out how to mitigate the attack.

If this perspective is reasonable, how susceptible you think a product like XXX is to a layer 7 attack? I'd hate to buy insurance we don't really need.

The difference is a lot in integration. CloudFlare is only really a CDN at the heart of it, so what you're paying for is that with some DDoS stuff built in. If an attacker gets wind of this, and finds out your origin and decides to

abemusic / overstate.sls
Created May 13, 2014 15:39
Overstate file used by salt-run state.overstate
match: G@stack_id:20 and G@roles:qatp.base and G@roles:qatp.ipa and
- qatp.base
- qatp.ipa
match: G@stack_id:20 and G@roles:cdh4.hadoop.namenode
- cdh4.hadoop.namenode