40629
The largest collection of malware source, samples, and papers on the internet. Password: infected https://vx-underground.org/
The idea behind KOSA is that vendors need to add safeguards to protect children from sexual predators online and cyber bullies. KOSA states vendors must provide parental controls to protect children. Furthermore, vendors must disclose (at a high level) how their age verification works.
In fairness, KOSA never explicitly states OS vendors must perform this, KOSA applies specifically to online social media platforms. However, as is tradition, KOSA does not provide any framework on how accomplish this task and places it on "vendors" (ambiguous)
My favorite comments were those who wrote "you're brown" and informed me they'd be unfollowing me and/or blocking me.
I couldn't believe it.
I thought to myself, "that random person on the internet, who I have never met, seen, interacted with, or even knew existed, has expressed dissatisfaction with my post to such an extent they had to inform me of their departure".
Consequences have never been the same.
Meanwhile on the internet (a very real and serious place), Amazon is beefing with the Financial Times. The Financial Times did a report that an AWS outage was caused by an AI programming tool (see image one).
As expected, nerds on the internet went schizo, proclaiming the end of the world. However, Amazon has made a rebuttal.
Amazon did a write-up today explaining the outage Financial Time's discussed was not related to AI, and had minimal impact.
Furthermore, Amazon writes the error was the result of misconfigured access controls, it was not related to AI or AI "deleting and recreating an environment" (image two).
Is Amazon telling the truth? What does "deleting and recreating an environment" actually mean? FT sources were "four people familiar with the matter", were they familiar? Why does Amazon need AI coding stuff for server stuff?
Find out next time on Dragon Ball Z
Meanwhile on Xitter, games are extremely mad about this new Xbox CEO being a woman and also being Indian. I know absolutely nothing about her, but I decided to make a post praising her for her success. As expected, gamers are MAD. Conspiracy theories are floating around that I am actually an Indian living in INDIA. Some have speculated I am a SIMP and Microsoft CUCK.
I am sick, but enjoying reading comments from GAMERS about this DEI INDIAN WOMAN and how she is RUINING GAMING
tldr bored, sick, made silly post, gamers mad.
https://x.com/vxunderground/status/2025416657024266362
>be me
>have influenza type a, like 3 weeks ago
>recover
>omg thank god
>fast forward
>visit family
>they have a bunch of kids
>running around
>coughing
>smearing boogers everywhere
>haha im immune
>fast forward to thursdays
>cough
>hehe throat tickles
>saturday
>coughing up mystery goop
>ears popping (???)
>fatigue
>body aches
I'm gonna say something no one has the balls to say. We need to BAN children. Children need to be CRIMINALIZED. They're disgusting creatures and create plagues (except my son, he's perfect in every way imaginable)
United States Colorado Sen. Matt Ball and Rep. Amy Paschal have authored bill SB26-051.
SB26-051 would require Operating System, such as Windows or Linux, to perform age verification on users which then third party apps can leverage via API to ensure someone's age.
"Because of Claude, a practicing physician was able to vibe code an app to work with his patients. With AI, anyone can be a software engineer!"
Correct. Likewise, anyone can be a Doctor now. Claude, diagnosis my patient, make no mistakes.
My computer hard drive sounds like a bunch of loose change bouncing around inside a dryer.
No idea what that means
Hello,
I've receive your messages loud and clear. You want more cat pictures. I have 12 "cat blocks" on VXUG already. Each "cat block" is 2,000 pictures. I'll add like, 37 more blocks.
I will work on uploading tonight
https://vx-underground.org/Archive
I've seen nerds say, "how does the malware guy who doesnt go outside have a family and i dont?"
Well, it's very shrimple.
1. I don't talk about what I do, ever. They don't understand malware and if I tried to explain it they'd be scared.
2. I don't tell anyone what I do on the internet, ever. If I told people I unironically talk to cyber terrorists and send the FBI pictures of cats they'd be scared.
3. I don't talk about computers or anything technology adjacent, ever. Computers are for nerds and normal people don't understand it. If I explained anything they'd be scared.
4. I dress normal. I wear generic middle class jeans from generic middle class stores. I wear generic shoes like Nikes. I don't wear cybersecurity shirts. All my shirts are cheap $8 shirts that are blank with no logo on it.
Basically, be a normal person. Talk about dumb shit, like the weather or food, or something. Ask people about themselves (they love talking about themselves). You have to segregate internet person from IRL person.
tl;dr malware is illegal and for nerds
Hello,
I added more malware and more malware papers to the website most of you don't even realize this page is about (I collect malware source code, samples, and papers).
Big updates:
https://vx-underground.org/Updates
Babies have no concept of danger. All they know right now is "I can go places" and "I want to go places". He probably think it's funny Mommy and Daddy gave him a bunch of attention and thought falling was like a fun little ride.
tl;dr on constant suicide watch
tldr if you're missing an email, or forgot to read an email, just blame it on Microsoft. Ez GG
Читать полностью…
Earlier today X employees bragged X only has 30 employees. Guess which website is down again?
Читать полностью…
full write up: https://vmfunc.re/blog/persona
Читать полностью…
Chat, I've got excellent news you're going to love. I'll break this down into two parts. I'll provide the mega tl;dr because most of you are lazy. Then I'll do the actual explanation.
tl;dr Mark Zuckerberg is proposing age verification should be handled at the Operating System, at least on mobile devices.
Non-tl;dr
Meta is being sued because a bunch of people said Meta intentionally made platforms such as Instagram addictive to kids. The people suing Meta assert Meta didn't provide any safeguards to protect kids from Instagram addiction.
One person suing Meta claims Meta messed her up, fried her brain (I'm super paraphrasing, she didn't literally say that). She sued TikTok and Snapchat. They settled for an undisclosed amount. Google and Meta are fighting this lady.
The court case is getting funky. Meta and Google first questioned the validity of the term addiction, because addiction in the legal and/or medical sense would indicate a medical or life threatening emergency.
Additionally, Meta and Google assert they're shielded from liability because of some old ass laws about stuff, blah blah blah, and they have no control over what people post. Hence, her addiction to Instagram is not a real addiction and it is her own fault because she chooses to view the content. No one forced her to view the content and she knowingly violated Meta ToS when she made an Instagram account (or her parents allowed her, whatever).
The people suing cite statistics that over 4,000,000 users on Meta platforms are under the age of 13. Meta (or Zuckerberg, rather) retorted that it is virtually impossible to accurately determine someone's age online.
Mark Zuckerberg has proposed some sort of digital national ID in the United States which is handled at the Operating System level. This shifts liability away from 3rd party platforms. Mark Zuckerberg's proposal coincides with the United States KOSA (Kids Online Safety Act) which (in extreme summary) would place age verification stuff at the Operating System level.
While KOSA was successfully introduced to the United States Congress, it is currently under evaluation by a bunch of different committees. If the committees agree this bill sounds good, it will then proceed to the House and Senate for approval. Of course, there is no guarantee it would pass. Furthermore, the bill has been in limbo for almost one year.
Anyway, basically Zuckerberg is endorsing KOSA because it shifts liability away from Meta and onto Operating System vendors. Zuckerberg did not state how he believes KOSA could be implemented on Linux (it's literally impossible).
I made that post about that Xbox CEO lady intentionally inflammatory. I knew gamers would go schizo and start screaming at their computer monitors.
It made me giggle. I said, "hehe gamers are gonna be so rustled".
I subsequently went to nappy noo noo city (my favorite city)
I woke up this morning to an absolute slobberknocker in the comment section. New conspiracy theories have surfaced that I have been larping as an American for 6.5 years, and am actually a man located in India.
Others have speculated I am actually a homosexual, "a simp", and some other mean stuff.
It's all very silly shenanigans.
I have no idea who this woman is, I don't give a fuck about Xbox, or gaming, or that she is doing to "put AI in gaming", but gamers (for reasons I don't understand) get extremely upset about culture war stuff. This is a good 3 cat pictures out of 3 cat pictures.
Читать полностью…
I've never gotten this sick until my son was born and we started spending more time around other family members and their children.
WHY ARE THEY SO DISGUSTING? WHY DO THEY MAKE DISEASE? This kid ran up, said "Uncle Smelly, can I have a hug?". I said, "Haha, of course kiddo".
HE COUGHS IN MY FUCKING FACE. WHY WOULD HE DO THAT? IS HE INSANE
/me flips desk
You can read more about it in the link below. As is tradition, this is a proposed bill and is not officially law. It is just a proposal. There is no guarantee it would pass into law.
https://www.biometricupdate.com/202602/colorado-moves-age-checks-from-websites-to-operating-systems
You don't need to visit a Doctor. Visit M.D. Smelly Smellington's AI healthcare facility (The M.D. stands for Madeup Doctor).
Читать полностью…
It suddenly stopped. Now it sounds like a bunch of fish gurgling under water.
Читать полностью…
I make them smaller "blocks" because last time I bundled them all together it was over 162GB and several thousand people tried it download it at once.
It resulted in 100TB of data attempting to be pulled and our infrastructure imploded.
tl;dr ddos via cats
This probably makes me sound like a sociopath, or something, but I very seriously don't talk about vx-underground or anything I do online with people IRL.
Nobody would understand it, I don't feel like explaining it, and truthfully I don't feel like discussing it. I don't need to bond with people over dumb computer nerd stuff.
Online I am "smelly smellington", I collect malware, development malware, reverse engineer malware, and do silly things which are playfully unethical.
IRL I'm a Father, a son, an Uncle, I go to family birthday parties, go do stuff like trick-or-treating, Christmas stuff, family cook-outs, sometimes go to church (I'm not religious, but whatever), etc. I like to watch UFC, weird cartoons on YouTube like MeatCanyon, and enjoy stuff like watching Netflix with my family
smelly smellington != IRL me
tl;dr just be a normal person, nerd
Non-core audience when they realize this social media account is actually the social media moniker for a website which collects malware and interacting with this account almost certainty got you put on a watchlist
Читать полностью…
I guess Persona saw my post, or other adjacent posts on social media, because Persona sent out an email addressing the findings to their customers.
They wrote the following (although I'm paraphrasing):
1. Persona does not share your customers data outside of scope. They said all contracts are solidified and compliance is important
2. Persona does not work with the Department of Homeland Security, or the United States government in general, however they assert they admit they are seeking potential contracts
3. Persona is not involved with Peter Thiel, although he is an investor. Persona asserts they have no relationship with Palantir
4. Company employees, including investors, do not have access to customer data.
5. They don't plan on saying anything else about this posts on social media because it amplifies stuff. They politely and gently call social media people schizo conspiracy theorists and state they are privately engaging with accredited journalists behind the scenes.
> be me
> working
> wife and baby sleeping
> hear blood-curdling scream
> "HELP"
> run fast af
> blast through door
> 11 month old climbed over baby barricade
> wife holding him by foot
> dangling off bed
> wife terrified
> grab baby
> he looks at me
> smiles
> starts laughing
> wife crying from pure terror
> baby sees her crying
> laughs
mfw baby almost killed himself, thinks its hilarious
Meanwhile at Microsoft: Microsoft deployed botched security rules and Exchange Online accidentally flagged legitimate emails as malicious.
From February 5th to February 12th, "thousands" of safe emails were flagged as phishing emails
https://www.bleepingcomputer.com/news/microsoft/microsoft-anti-phishing-rules-mistakenly-blocked-emails-teams-messages/
1. i didnt discover this, vmfunc and friends did. im regurgitating their stuff
2. ive been informed discord stopped using persona. they use something else now. persona is still used in lots of places (like apparently roblox)
3. vmfunc and friends are still doing a write up about it and trying to talk to persona about it.
https://x.com/vmfunc/status/2024100827510517891
> be nerds
> look into persona (used by discord)
> kyc (know your customer) service
> used for age verification
> search on internet (shodan)
> find weird server
> image 1
> openai-watchlistdb.withpersona
> openai-watchlistdb-testing.withpersona
> lolwtf
> look inside
> supposed to be behind cloudflare to hide ip
> openai messed up
> not behind cloudflare
> real ip shown
> using google cloud
> lookup cert history
> 2023-11-16 created
> 2024-02-28 gets cert
> 2024-03-04 prod goes live
> google stuff
> openai and persona partners
> partner around timeline of certs
> back to searching stuff
> find withpersona-gov
> look inside
> okta (image 2)
> lolwtf
> look inside
> website accidentally leaking stuff
> fedramp-private-backend-api
> look inside
> api .js accidentally exposed
> look inside
> wtf "SARInstructionsCard"
> wtf "app.onyx.withpersona-gov"
> wtf "FINTRAC"
> wtf "PrivatePartnershipProjectNameCodes"
> image 3
> wtf "AsyncSelfie"
> look inside
> openai, persona, send data to us gov
> feds map face to financial records
> map face using AI
> map face to ICE stuff
> api stores data for lots of stuff
> image 4
tl;dr persona kyc and openai are frens, using your selfie for verification and sending to ICE (or USGOV in general), using AI to tie to your financial records. see subsequent post for full write-up. its long and not mobile friendly