Archives

A Better Zip Bomb

a-better-zip-bomb

David [email protected] 2019-07-02 updated 2019-07-03, 2019-07-05, 2019-07-06, 2019-07-08, 2019-07-18, 2019-07-20, 2019-07-22, 2019-07-24, 2019-08-05, 2019-08-19, 2019-08-22, 2019-10-14, 2019-10-18, 2019-10-30, 2019-11-28, 2020-07-28, 2021-01-21, 2021-02-02, 2021-05-03, 2021-07-29, 2023-05-18 Summary This article shows how to construct a non-recursive zip bomb that achieves a high compression ratio by overlapping files inside the zip container. “Non-recursive” means that it does not […]

The Coffee Warehouse

the-coffee-warehouse

I have a bit of a love hate relationship with Starbucks. It feels expensive. The lines are long. And I resent the fact that I give them an interest-free loan every time I use their mobile app. But my go-to Pike and banana nut loaf are delicious, and the baristas at my preferred location are […]

Astrophotography Target Planner: Discover Hidden Nebulas

astrophotography-target-planner:-discover-hidden-nebulas

Have you ever gone out on a clear night, fired up Stellarium, scrolled through endless objects… and still ended up shooting Andromeda for the seventh time? That was me, over and over. I love M31, but at some point I realised I wasn’t really exploring the sky anymore – I was just defaulting to the […]

TP-Link Tapo C200: Hardcoded Keys, Buffer Overflows and Privacy

tp-link-tapo-c200:-hardcoded-keys,-buffer-overflows-and-privacy

Hi friends and welcome to the last post for this year! Whenever someone asks me how to get started with reverse engineering, I always give the same advice: buy the cheapest IP camera you can find. These devices are self-contained little ecosystems – they have firmware you can extract, network protocols you can sniff, and […]

Reverse Engineering Major US Airline’s PNR System and Accessing All Reservations

reverse-engineering-major-us-airline’s-pnr-system-and-accessing-all-reservations

Timeline & Responsible Disclosure Initial Contact: Upon discovering this vulnerability on October 15, 2025, I immediately reached out to security contacts at Avelo Airlines via email. October 16, 2025: The Avelo cybersecurity team responded quickly and professionally. We had productive email exchanges where I detailed the vulnerability, including the lack of last name verification and […]

Performance Hints (2023)

Jeff Dean, Sanjay Ghemawat Original version: 2023/07/27, last updated: 2025/12/16 Expand all details Collapse all details Over the years, we (Jeff & Sanjay) have done a fair bit of diving into performance tuning of various pieces of code, and improving the performance of our software has been important from the very earliest days of Google, […]

Show HN: I Made Loom for Mobile

Streamers & Live Content Stream mobile web games, react to content, or share your browsing live. Face cam, touch indicators, direct to your audience. Mobile web gaming streams Live reactions to web content Tutorial streams Multi-platform streaming

I have to give Fortnite my passport to use Bluesky

i-have-to-give-fortnite-my-passport-to-use-bluesky

Before we get started, just a reminder that Spitfire News is currently having its first-ever SALE to celebrate hitting 10,000 subscribers! Get $10 off an annual subscription for a limited time! Or subscribe for free to get unpaywalled editions like this one. I’m from Ohio, which means around this time every year I’m there for […]

TikTok Deal Is the Shittiest Possible Outcome, Making Everything Worse

tiktok-deal-is-the-shittiest-possible-outcome,-making-everything-worse

from the mission-accomplished! dept There were rumblings about this for a while, but it looks like the Trump TikTok deal is done, and it’s somehow the worst of all possible outcomes, amazingly making all of the biggest criticisms about TikTok significantly worse. Quite an accomplishment. The Chinese government has signed off on the deal, which […]