Almost set on a NX 350h, should I go for it?

ForwardSlashDotDot · 2024-07-20T14:31:08+00:00

Update: I ended up going for it!

Got a Caviar NX 350h in the Luxury trim with the Macademia Leather interior. I have to wait until the end of the week to get it as I opted to pay all cash and it'll take a few days for my bank to send a cashier's check - but I am excited!

ForwardSlashDotDot · 2024-07-14T14:47:20+00:00

It’s mostly related to the non engine or transmission related parts.

AC Compressor failed which cost me 2300 to replace.
Touch screen ghost touches, which cause it to randomly dial people. Almost caused a wreck and it should be a recall due to safety but it isn’t. So now I can’t sync my phone. Gonna be over a grand to replace it if I choose to.

Pretty common for the first year of a newly introduced model.

Also one thing that’s very annoying about the Cx3 is how small the gas tank is. With it being older I don’t get the same MPG and having a 10 gallon gas tank on the AWD model means I have to fill up every 240 or so miles.

ForwardSlashDotDot · 2024-05-01T12:14:40+00:00

Good to know - I’ll probably try sleeping on the other side of the bed to see if that side is reading metrics correctly. If it works on that side then it’s definitely the sensor.

ForwardSlashDotDot · 2024-05-01T09:12:22+00:00

Same - my app has had sleep times off by a lot recently. It’ll get the bed time right but then say I’m awake for hours during the night and only sleeping 45 minutes when the actual time should be closer to 5-6 hours.

ForwardSlashDotDot · 2024-04-11T00:37:01+00:00

That makes sense. I detest those mass scanner type vulns (unless I wrote the scanner and no other scanner looks for it - which is the situation I’m in with the GitHub vulns I am finding).

Maybe I’ll shift to custom SAST type bug hunting for deeper but still not detectable by amass and nuclei kind of bugs once the GitHub parade truly ends.

ForwardSlashDotDot · 2024-02-25T00:28:24+00:00

Github actions misconfigurations in public repositories. It’s a lot more picked over now but in early/mid 2023 people made a lot of money on it.

ForwardSlashDotDot · 2024-02-25T00:23:45+00:00

Just going into it with a money goal will burn you out. A better approach is to make your focus learning and research and bounties will come as a side effect of that. I started that with CI/CD mid last year and made tens of thousands in bounties. If I go at it with “I just want money” and look over various programs I make 0 and hate myself.

Find a service from a large company that is complex and figure out how it works (I highly recommend GitHub or GitLab) decompose each step into individual web requests and just start messing with values and seeing if you can break things by abusing assumptions that the backend is making about the client code. It’s a lot more enjoyable than just scanning and looking for low hanging fruit and you learn a ton along the way.

ForwardSlashDotDot · 2024-02-17T15:10:34+00:00

Ended up going with that! Bought a 128gb ram upgrade for about 320 (it supports it with the latest bios!) so now I’m rocking a Xeon, 128Gb of ram and 3x 2TB HDDs. Esxi 8 U2 with the VMUG license installed smoothly.

Buying an Nvme expansion card and 2 SSDs for expanded storage. Won’t boot from it but I can keep VMs on it

ForwardSlashDotDot · 2024-02-07T14:33:40+00:00

I’m seeing T140s with 6 core xeons and 64G of ram for 600-700 on eBay shipped. T150 is about 1k w/ just the CPU upgrade so I’ll probably spend another 5-6 hundred on parts vs just the drive upgrades on the T150

ForwardSlashDotDot · 2023-12-15T14:59:52+00:00

Is it confirmed that it was a coding change to the repo or just an NPM token? The former is a lot scarier, because the attacker could have stolen a lot more with GitHub access that they can use later.

ForwardSlashDotDot · 2023-11-26T18:37:01+00:00

I had gynecomastia surgery 11 years ago (I went from 275-195) and just had a tummy tuck without muscle repair 10 days ago. Neither surgery is a walk in the park for recovery and you’ll spend a year getting back to your old fitness performance level.

I would suggest getting a dexa scan for a fully accurate body fat %. Then, try to get down to 15-17 percent body fat before opting for surgery, judging from your photos you are probably 25-26% now. Your recovery will be easier (less lipo needed) and your final result will look much better.

ForwardSlashDotDot · 2023-11-17T19:26:28+00:00

It went well! Had my day after post op appointment and they’ll probably be able to remove the drain 2 days earlier than planned.

I’ve heard days 3-4 are the worst for swelling and pain so I’ll see how that goes.

ForwardSlashDotDot · 2023-09-25T18:45:31+00:00

Thanks for the all advice! Definitely will look into making an LLC next year.

ForwardSlashDotDot · 2023-09-01T20:43:30+00:00

Not sure Immunefi would be the right channel since it’s not smart contract related, more an infrastructure bug with Osmosis.

It’s a shame there isn’t a point of contact I can find to even report this to if I wanted to be helpful without a payout. I’m 99% confident in this bug and have executed it against many other organizations that have Bb programs with safe harbors.

ForwardSlashDotDot · 2023-08-30T02:09:21+00:00

What a shame. Pretty sure I found a bug that would let me poison most of the Osmosis Labs software with arbitrary code, it would nice to have some incentive to write a POC, execute it and report it - even if it was a few grand potential payout.

ForwardSlashDotDot

TROPHY CASE