[-] wicked@programming.dev 12 points 2 days ago

Earlier today, a publish-access account was compromised for @solana/web3.js, a JavaScript library that is commonly used by Solana dapps. This allowed an attacker to publish unauthorized and malicious packages that were modified, allowing them to steal private key material and drain funds from dapps, like bots, that handle private keys directly. This issue should not affect non-custodial wallets, as they generally do not expose private keys during transactions. This is not an issue with the Solana protocol itself, but with a specific JavaScript client library and only appears to affect projects that directly handle private keys and that updated within the window of 3:20pm UTC and 8:25pm UTC on Tuesday, December 2, 2024.

These two unauthorized versions (1.95.6 and 1.95.7) were caught within hours and have since been unpublished.

We are asking all Solana app developers to upgrade to version 1.95.8. Developers pinned to latest should also upgrade to 1.95.8.

Developers that suspect they might be compromised should rotate any suspect authority keys, including multisigs, program authorities, server keypairs, and so on.

https://github.com/solana-labs/solana-web3.js/releases/tag/v1.95.8

[-] wicked@programming.dev 12 points 1 month ago

The US started using mailboxes 14 years after the UK

In 1849, the Royal Mail first encouraged people to install letterboxes to facilitate the delivery of mail. Before then, letterboxes of a similar design had been installed in the doors and walls of post offices for people to drop off outgoing mail.

In 1863, with the creation of Free City Delivery, the US Post Office Department began delivering mail to home addresses.

[-] wicked@programming.dev 39 points 2 months ago

Do you even know what regex is? Your neural network needs more training.

[-] wicked@programming.dev 35 points 2 months ago

"Latin music superstar Nicky Jam. You know Nicky? She's HOT!"

https://www.youtube.com/watch?v=7qK4PfqIHAk

[-] wicked@programming.dev 19 points 4 months ago

The 5GB free space of my OneDrive is filled with game saves in the documents folder. You can't exclude directories there from being backed up. Good job.

[-] wicked@programming.dev 5 points 6 months ago

What if they write a GUI interface in Visual Basic to track your IP address?

[-] wicked@programming.dev 7 points 9 months ago

Putting Ctrl in the home row by replacing the useless Caps-Lock is sufficient for me .

Alt is easily reached with the thumbs and shift is already close enough to the home row, with shift-ctrl using both pinkies.

[-] wicked@programming.dev 20 points 10 months ago

Don't worry, the good bible has the answer.

28 If a man happens to meet a virgin who is not pledged to be married and rapes her and they are discovered,
29 he shall pay her father fifty shekels of silver. He must marry the young woman, for he has violated her. He can never divorce her as long as he lives.

[-] wicked@programming.dev 8 points 11 months ago

Your understanding is that in one of the countries with the least difference between rich and poor only the rich can afford cars?

[-] wicked@programming.dev 13 points 1 year ago

Some developers seem to enjoy making their code obscenely difficult to understand, either because it actually makes sense to them that way, or because it makes them feel smarter.

Be wary about this mindset. This type of explanation sets you up for conflicts with existing developers. Several times I've seen developers coming into a team and complain about the code, creating conflicts that can last the entire working relationship for no good reason.

Much of the time the people who constantly work with code are already aware of the problems and may not be happy with it, but there's no time or big benefit in improving working code. Or it's complicated for good reasons which may not be immediately apparent. (ie. inherent complexity).

Here are a couple of benign reasons which probably will serve you much better.

  1. It's much more difficult and time consuming to make code that is easy to understand. Even in open source, there's a limited amount of time to spend on any particular thing. This explanation is like a variation of Twain's "I didn't have time to write a short letter, so I wrote a long one instead.", or more abrasively Hanlon's razor "Never attribute to malice that which is adequately explained by ~~stupidity~~ time pressure".

  2. When writing the code, the developer has the entire context of his thought process available. You don't have that, and that's also the reason why your own code can make no sense a while later. Also it's just much harder to read code than to write it.

[-] wicked@programming.dev 22 points 1 year ago

Yeah. Everything depends on the complexity of the product, but it's just as likely that it's the new CTO and his team that gets canned when they get bogged down in the details and the costs start racking up.

view more: next ›

wicked

joined 1 year ago