I love the fact in Linux that you can put fortune | cowsay every time you start a new terminal session

I "Git Pushed" my friend to "git commit" with a girl he likes for long time

But now my other friend wants to "git rebase" on top of her ....WTF

Now need to resolve this merge conflict 😂😂😂

"Pre-Installed Malware Found On 5 Million Popular Android Phones"
"added somewhere along the supply chain"

See below how to check if it's installed

Sources:

- (new) https://thehackernews.com/2018/03/...
- (new) https://research.checkpoint.com/rot...
- (old relevant news) https://thehackernews.com/2017/03/...

---

"Rottensys" a malware which covers devices from: Honor, Huawei, Xiaomi, OPPO, Vivo, Samsung and GIONEE

---

"According to our findings, the RottenSys malware began propagating in September 2016. By March 12, 2018, 4,964,460 devices were infected by RottenSys," researchers said.

"At this moment, the massive malware campaign pushes an adware component to all infected devices that aggressively displays advertisements on the device’s home screen, as pop-up windows or full-screen ads to generate fraudulent ad-revenues."

---

If you have one of the affected devices, here's how I checked mine:

1. Install ADB (Windows: https://forum.xda-developers.com/sh...)
2. Connect your device in USB-debugging mode
3. execute "adb shell 'pm list packages -f' > output.txt" (On windows navigate to C:\adb and replace "adb" with ".\adb.exe")
4. open the now created output.txt
5. search for any of those:

com.android.yellowcalendarz (每日黄历)
com.changmi.launcher (畅米桌面)
com.android.services.securewifi (系统WIFI服务)
com.system.service.zdsgt

If no one has seen this yet, this online read is worth it.

https://sourcemaking.com/

I had a secondary Gmail account with a really nice short nickname (from the early invite/alpha days), forwarded to another of my mailboxes. It had a weak password, leaked as part of one of the many database leaks.

Eventually I noticed some dude in Brazil started using my Gmail, and he changed the password — but I still got a copy of everything he did through the forwarding rule. I caught him bragging to a friend on how he cracked hashes and stole and sold email accounts and user details in bulk.

He used my account as his main email account. Over the years I saw more and more personal details getting through. Eventually I received a mail with a plaintext password... which he also used for a PayPal account, coupled to a Mastercard.

I used a local website to send him a giant expensive bouquet of flowers with a box of chocolates, using his own PayPal and the default shipping address.

I included a card:

"Congratulations on acquiring my Gmail account, even if I'm 7 years late. Thanks for letting me be such an integral part of your life, for letting me know who you are, what you buy, how much you earn, who your family and friends are and where you live. I've surprised your mother with a cruise ticket as you mentioned on Facebook how sorry you were that you forgot her birthday and couldn't buy her a nice present. She seems like a lovely woman. I've also made a $1000 donation in your name to the EFF, to celebrate our distant friendship"

I once brought my Kali Linux laptop to school. (Because normal had dead battery, waiting for shipping)

MFW someone from the IT department is called in to fix teachers projector and he sees I still have the default dragon wallpaper on it.
MFW when recognises it it's Kali.
MFW he calls the police and my laptop gets taken away because 'its dangerous' and I get questioned in school.

The police came back a week later to check my laptop again. 'uhh we gotta check the logs'.

IF I WANTED IT TO BE DANGEROUS YOU'D BE FIXING A LOT MORE THAN JUST THE FUCKING PROJECTOR!

Also, wuddup devrant!

Got called anti-social because I don't use social networks and rather talk to people.

I am not sure how to feel about this.

Turns out our backend is doing calls to frontend endpoints ... great!

Another one, teach secure programming for fucks sake! This always happened at my study:

Me: so you're teaching the students doing mysql queries with php, why not teach them PDO/prepared statements by default? Then they'll know how to securely run queries from the start!
Teachers: nah, we just want to go with the basics for now!

Me: why not teach the students hashing through secure algorithms instead of always using md5?
Teacher: nah, we just want to make sure they know the basics :)

For fucks fucking sake, take your fucking responsibilities.

No. More. Writing. Code. On. A. Fucking. Piece. Of. Paper.

 (╯°□°)╯︵ ┻━┻