A short video I made to explain the "so what" of taproot in 10 minutes. If you like it, please subscribe to my new youtube channel :)
Nothing to tell.
Have you seen such an image before? It explains an XSS polyglot.
The creation of these payloads is a hard, time-consuming problem that some associate with witchcraft as it is very hard to reason about how a certain payload is working.
So I've seen this article that teaches a computer to fund polyglot payloads: "Finding superhuman XSS polyglot payloads with Genetic Algorithms"
If you've created a group here before, have you ever wondered what's actually unlocked at tier 2?
I have because none of my groups is tier 2 yet... but I found out!
Recently I dug around in the ZapRead source again and found "ChangeShortDesc(int groupId, string newDesc)" in the GroupController.
This seems to edit be the text after the - , not the group name but some additional text. I always wondered if that is special to the Community group.
Looking through the source code I didn't find a check for tier 2... so 5 seconds later I tried to set my own with a simple requets in burp, something like like:
POST /Group/ChangeShortDesc HTTP/1.1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
groupId=209&newDesc=Today I Learned
Easy, now my tier 0 group has a description!
So I was playing with a bot that protects against spam.
Cuz, you know, I'm tired of seeing CPR ads here.
The idea was the following:
- join all groups to get notified about every post
- for each post make a spam check (this will be described later)
- comment that it is spam
- if group owner has added the bot as moderator: mark NSFW so users don't see the spam
This all sounds simple, if it wasn't for the spam checking part.
I did not find a free API, but even the paid ones I could try for free aren't really good.
The spam does get detected 100%, but there are many false positives.
Much crypto content I'd say is good content would be flagged.
Some APIs allow training, that would reduce the false positives after a while, but it is tedious, potentially a long term thing and not a great UX.
I wouldn't want my bot to mark (too many) things as spam and hide them behind a nswf wall. That wouldn't be worth it.
The next best thing I could do is a bot that NSFW's posts with negative rep or a report like commenting @antispambot or something similar.
I could also automatically flag them if they contain CPR, but then the next topic is spammed, so I'd ditch that.
And negative rep isn't a good criteria either, posts about alt coins would get blocked rather often ;)
Sadly, there's no simple solution for this. I think I only have 2 options: find, buy and train an API, or ditch this idea.
For now, I'll ditch this idea. I might find a good API one day or have a new idea, maybe not.
But 1 thing stuck with me this whole time: a bot that is added as moderator.
The only thing a mod can do is setting NSFW and Group Sticky.
My only idea for NSFW tags was spam and since I ditched that I'm currently exploring a bot that changes the group sticky daily.
Not extremely motivated for that though... but it's the second best idea yet. (Btw, third is an XKCD bot.)
How to be successful? Of course, all you need to do is get up earlier, purr more often and carry more weight. However, there are people who decide to take a different path - that of fraud. Today I will tell a short story about how Microsoft finished off its competitor, Digital Research.
I think that each of you has heard about MS-DOS, which is commonly called DOS. However, as much as this system was popular in Poland, it was not the only system from this family. We also had PC-DOS (which was actually MS-DOS, but developed by IBM) or the above-mentioned DR-DOS (FreeDOS appeared later, but it's also in this family of systems).
DR-DOS is an operating system created by Digital Research. It was created as a successor to another system - CP / M. IBM could not get along with DR, so they signed a contract to supply software from Microsoft. Microsoft decided to buy another operating system - 86-DOS and develop it for IBM's hardware. The similarities of MS and IBM's system to CP/M were so huge that DR wanted to sue these companies for copying their product. As compensation, IBM allowed Digital Research to sell the system alongside PC-DOS (IBM had the right not to use the MS-DOS name). However, IBM's and Microsoft's operating system was much cheaper than its counterpart which meant that CP/M began to be squeezed out of the market.
Digital Research's product was not fully compatible with IBM's, an initial plus began to turn into a minus as PC-DOS began to rule the personal computer market. Even later attempts to improve CP/M could not tip the balance. Simply put, DR systems were too expensive and IBM and Microsoft began to set the trends.
However, DR rolled up their sleeves and went into battle. The first thing they did, besides achieving compatibility with Microsoft's product, was to significantly lower the price and start introducing newer and newer features to the system - such as HMA support, allowing the system to handle more RAM than 640KB, and file compression. From now on, it was up to Microsoft to make newer and newer changes to keep up with DR-DOS, and they had to cut prices. Customers (and especially computer makers) were so interested in DR's product that they started offering DR's products widely.
When a user ran Windows 3.1 Beta on his computer using DR-DOS he was horrified when the system informed him of a "non-fatal error". Every run of Windows or certain programs reported the problem.
This is a feature added at the request of Bill Gates. The message you see here is not a "real" error. Code was added in various parts of the operating system that detected what system it was running on and displayed the message. Of course, DR-DOS handled these programs without a problem and everything worked perfectly despite the error message. However, users of the system seeing such messages, according to the vice president of Microsoft - "(...) to do is feel uncomfortable, and when he has bugs, suspect that the problem is DR-DOS and then go out to buy MS-DOS".
In the final version of Windows 3.1, the code was disabled, but you could easily enable it by changing 1 byte, and rumours of DR-DOS malfunctioning spread around the world. Not even a patch to pass the "sieve" of AARD
DR-DOS was sold to Novell and eventually went to Calder. The first thing the company did when it bought DR-DOS (later Novell DOS) was to file a monopoly case against Microsoft for, among other things, AARD code and "bundling" Windows 95 with MS-DOS (Win95 was a DOS overlay, but installed Microsoft DOS by default, even though DR-DOS could very well have acted as a "shim"). We know from leaks in 2009 that Microsoft paid Caldera $280 million for his practices.
- CP/M image Wikipedia, from Digital Research website under PD license.
- Photo Novell DOS, Wikipedia, Ghettoblaster
- Photo of AARD from Wikipedia, from Betawiki under CC-BY-SA 4.0 license
- History of MS-DOS (Coleslav) [PL]
- Windows' Hidden Self Destruct Code (Nostalgia Nerd)
Lately I've been putting some work in gozapread again.
I tried to make it easier to create bots.
- I added some documentation to everything that's public.
- I've just commited changes for the error handling. I try to always return the error that occured, or decorate it with an educated guess on what happened.
- There are tests, finally. That should make it easier to find & fix bugs in gozapread in the future.
. Some bugs were fixed (some found by the tests, whoop) & I refactored the code
- I've created a logo ;)
There's still alot to do. I really want to integrate the websockets soon, but I have had troubles with it.
Realtime bots would really be awesome, so I'll explore it again soon I guess.
I should also improve everything I already did. Tests, errors and documentation is still very minimal.
Whatever, next time I want to use gozapread it's way more fun, which brings me to the next thing: bot ideas.
I've been thinking about automatically sharing some specific youtube channels videos here... but that's still kinda lame.
Lately we have had lots of spam, I might explore a bot that could detect that.
They look weird enough that maybe some free scanners can detect them, then I could automatically downvote them and comment the certainty of it being spam.
Any other ideas?