Hey, I recognize Offensi from the Liveoverflow video! [1]
I've been reading some Google VRP writeups [2] in order to inspire me in my bug bounty journey. There are a few by Ezequiel Pereira and Offensi. There's some really cool stuff, that go beyond XSS.
Brazilian government actually wanted to do it recently, require companies such as Facebook to require that you submit your ID and that you link a phone number to your account. [1] It sure makes things easier for the authorities, since they are also dealing with fake news and hate speech. However, it goes against the LGPD (like a Brazilian version of the GDPR). And it is hard to trust a company such as Facebook to keep data such as your ID. How can you be sure if they're keeping this data safe? How can you be sure they won't sell it?
I was able to learn a lot about low level programming. The problems with this book: the examples are in Intel syntax (I find AT&T's syntax better to read and it's more common to use), and not in x86-64.
Also, Hacking: The Art of Exploitation (https://nostarch.com/hacking2.htm) have a nice introduction on Assembly, from the standpoint of a person doing reverse engineering, debugging with GDB or shellcoding.
As a gen-z born in 99, I can tell that many people who were born in 97-2002 might know a lot of songs by Nirvana, Foo Fighters, Guns 'n' Roses, Ramones. Also, at least when I did the quiz, I knew 1 out of 10 songs, and I used to listen to a lot of pop songs when I was a child.
It would also be interesting to see how the location might affect the numbers, since popular local radio and TV stations might have aired different songs, some movies and series were popular in some countries and not in others, etc. Tom Scott did something similar with Jingle Bells [1].
Something else to note: I missed Hey There Delilah and La Bamba, songs that you can recognise easily if the most recognisable part of the song is played.
Not really a Clojure user, but I made a small API with it once and it blew my mind, especially the design patterns involved. An interesting one is the ports-and-adapters (a.k.a. hexagonal architecture) [1][2] . Basically, all the business logic will be kept at a layer, and all of the functions there should be pure (i.e. they will always return the same information according to your input, and these functions won't cause side effects [3]). Then you would have layers where you can plug databases and REST handling.
And Nubank take testing really seriously. REPL and pure functions makes it very easy to use TDD.
Really fun, kind of trains you to when the situation happens IRL, whether you're thinking about how to escape a shell or if you really did it by mistake.
I love showing this screenshot to people: https://imgur.com/a/ziHqJxB. I was having problems trying to create a jailed shell, so I decided to bind mount /bin. That of course was a bad idea. I gave up and rm -rf'd the mountpoint without unmounting it. The screenshot has the serial logs from after that :P.
