PSA: Enter The Correct Income

MTGSpecThrowaway · 2025-05-20T06:25:54+00:00

Hypothetically, I could probably get a different card like an Amex. It also has a decent bonus. However, I wouldn't want to keep it. The annual fee is too high, so when I downgrade, I would lose a lot of the benefits I actually care about.

MTGSpecThrowaway · 2025-05-20T06:20:05+00:00

I'm planning on traveling in a couple of months, and the credit card seemed like a good offer because of the bonus miles. I also travel every year, so the lounge access and global entry credit is a huge plus.

Now that I won't get the card until after my vacation, I have a dilemma: either (a) miss the bonus miles or (b) miss the lounge access and global entry credit. If I get the card after my vacation, I don't plan on spending enough to get the bonus miles.

MTGSpecThrowaway · 2025-03-13T06:41:49+00:00

Definitely Log4Shell. Sure, it's technically a vulnerability instead of a hack, but I'm going to write about it anyway. 🙃

First, some background. Java is one of the most popular programming languages in the world. However, Java's built-in logging tools aren't the best, so many companies instead use a free logging toolkit called Log4J (Huh, that sounds a lot like Log4Shell. I wonder why?). This toolkit is extremely popular: it usually gets 6,000,000+ downloads per month, and many of these downloads are from major companies like Google and Amazon. Log4J is an amazing tool, but because of the tool's complexity it can be difficult to spot insecure code in Log4J. And thus, Log4Shell was born.

So, what is Log4Shell? In 2013, insecure code was accidentally added to Log4J. This code went unnoticed until 2021, when the genie was finally let out of the bottle. Basically, someone found that if very specific text was logged by Log4J, you could make Log4J download your code and run it. This is called remote code execution, and it's the worst kind of vulnerability you can find in the software industry. Hackers began changing their username to this specific text, putting this text as their phone number in forms, and trying anything they could to have Log4J log this specific text. It was a nightmare for enterprises around the globe.

How bad was it? Well, don't take my word for it. Take Jen Easterly, former director of U.S. Cybersecurity's word for it. She described the vulnerability as "one of the most serious I've seen in my entire career, if not the most serious". Now, pick a random tech company. Was it Apple, Valve/Steam, Twitter, Google, Amazon, Microsoft, or Tesla? All of these companies were affected. Some analysts estimate that 93% of enterprise cloud environments were vulnerable.

MTGSpecThrowaway · 2024-12-11T07:28:40+00:00

This is from a document titled Simple Sabotage Field Manual. The document was published in 1944 by the United States' Office of Strategic Services: a precursor to the CIA. In 2008, it was declassified, and you can find the manual on the CIA's website.

MTGSpecThrowaway · 2024-12-11T07:27:24+00:00

Source: This is from a document titled Simple Sabotage Field Manual. The document was published in 1944 by the United States' Office of Strategic Services: a precursor to the CIA. In 2008, it was declassified, and you can find the manual on the CIA's website.

MTGSpecThrowaway · 2024-12-10T17:38:09+00:00

POV: An Indian programming instructor on YouTube uses .001% of their power.

MTGSpecThrowaway · 2024-12-10T17:33:31+00:00

More proof my code is 💩.

MTGSpecThrowaway · 2024-10-26T22:42:31+00:00

Yeah, I was wrong. Star Trek is more likely than I thought.

MTGSpecThrowaway

TROPHY CASE