Skip to content

Instantly share code, notes, and snippets.

View musalbas's full-sized avatar

Mustafa Al-Bassam musalbas

632 followers · 0 following
View GitHub Profile
@musalbas
musalbas / ssltest.py
Created April 8, 2014 19:17
#!/usr/bin/python
# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford ([email protected])
# The author disclaims copyright to this source code.
import sys
import struct
import socket
import time
import select
@musalbas
musalbas / lauri-mp-letter.markdown
Last active June 2, 2016 13:05

Dear Harriet Harman MP,

My name is Mustafa Al-Bassam and I am a member of your constituency in Southwark. As a teenager I was charged in the UK with computer hacking offences and was sentenced to 320 hours of community service and a suspended sentence of 20 months.

I am now a 21 year old reformed and productive member of society who has just completed a computer science degree at King's College London, and I have recently accepted an offer to do a PhD at University College London funded by the newly government-formed Alan Turing Institute. I also work part time in Canary Wharf as a technology advisor for an international payments processing company.

The focus of this letter however is not about me, but my friend Lauri Love who is a British citizen that is being pursued by the FBI in the United States of America for alleged computer hacking offences, despite not being charged in the UK.

Mr Love is an engineering university student and computer scientist from Stradishall in the UK. He is facing potential ex

@musalbas
musalbas / ba-privacy-complaint.md
Created July 19, 2018 11:47

Dear British Airways,

I am concerned that you have not handled my personal information properly.

Recently, I tried to check-in online on your website, but the interstitial page did not redirect me, and thus I was unable to check-in. I discovered that this was because my adblocker was enabled. After disabling my adblocker, I discovered that your check-in page was leaking my booking reference and surname to countless third parties for advertising purposes, including Twitter, LinkedIn and Google Doubleclick. I've attached for some network logs from Chrome's web developer console for some example evidence.

I do not recall explicitly consenting for my information to be shared in this way, nor do I see any way to opt-out or withdraw my consent. This all appears to be a violation of article 7 of GDPR for conditions of consent, which states "where processing is based on consent, the controller shall be able to demonstrate that the data subject has consented to processing of his or her personal data" and "the data

@musalbas
musalbas / Element_Ecosystem_ZK_Claim_Gist.md
Created April 11, 2022 15:53

0x1bb2c9743390a1ad1118cfb8355020c68ae3401429abafe8c7150266ef76cd62