Andy White

A rainy day in Brooklyn led to a new project. An AR pinout overlay using the Metro M7 board from Adafruit. This was built in SwiftUI and UIViewRepresentable to merge UIKit views. It tracks well if I say so myself!

Welcome to @Bugcrowd's CTF. New challenges, same spiel as last year. The same team is running it, but now, as the @Bugcrowd Security Innovation Lab. There are some epic challenges ranging in difficulty. bhusa.bugcrowdctf.com PS. Awesome prizes up for grabs

Second time in 2 weeks that someone has flung me a request that's so ... off it isn't even wrong, and it's become apparent that they got an LLM to tell them what questions to ask (and this isn't even difficult stuff) Some of y'all deserve to be replaced by the machines

Farmers get very confused when they hear people talking about "AI", those letters mean something very different in their field.

One of the most interesting things I realized over the years is that the greatness of a #bugbounty program (even at huge companies) is often in the hands of a single passionate employee or at most a few. When they leave, things can quickly become very different

Not nearly enough people are talking about the implications of Klarna rolling back some of their AI bets. Not knowing any of the details, I can guess why: Replacing determinism or humans with probabilistic code is fraught with edge cases and require new ways of software…

Can’t stop wondering why did OpenAI need to buy a code editor… why didn’t they just build one?

Wat

A couple of years ago I co-presented with @wbm312 how sensitive bug bounty hunter accounts can be, especially active hunters with years of file attachments and POC data. Today bugcrowd is mandating 2fa on all accounts: bugcrowd.com/blog/bugcrowd-… Definitely a positive change.

you had me worried as fuck receiving this without any further context lol came onto twitter like uhhh whats happened. i thought you'd been breached or something :|

When people claim that they've been banned from a platform for no reason, they're generally outright lying. In all my time in Bug Bounty I've seen maybe 3 bans that were regrettable. If you don't want to play by the rules, consequences.

The "Ship of Theseus" article has been edited 1792 times since it was created in July of 2003. At present, 0% of the phrases in the original article (seen below) remain.

1/ Recently got access to Google's Illuminate, which AI-generates a ~6min "podcast"-format summary of a research paper. To test it, I gave it 5 of my own recent papers. This thread summarizes the evaluation: ↵

The act of building something - even just knowing something - changes you. Every act of creation is also an act of becoming. To do something well is to grok it and make it part of yourself. If you have an AI do something for you, you do not grok it. You have not become.

Okay real talk: if your only motivation to get into #BugBounty is money, you’re not going to make it as a bug bounty hunter. It’s not enough to get through the time it takes to learn, the hours on a single website to find a single bug. Money AND is okay but money alone is just…