AFAIK the only group to discover Ken’s hack was us in PWB/UNIX. One of the other guys noticed C prepreprocessor had gotten bigger, looked at binary namelist, found symbol not in source code. I got onto Ken’s system, found the code, very clever.

Building Principles:

↓

1/

Value = doing things that other people don't do, won't do or can't do.

"You get paid in direct proportion to the difficulty of problems you solve" — Elon Musk

2/

Service is high-touch result generation (building experience), product is low-touch result generation (scaling experience).

3/

In a world of infinite distraction, focus is the only path to freedom.

4/

Sell time to buy experience, sell experience to buy time.

“If you don't find a way to make money while you sleep, you will work until you die.” — Warren Buffett

#Learn365 Day-4: Unauthenticated & Exploitable JIRA Vulnerabilities

There are multiple security vulnerabilities associated with the various versions of JIRA software which are exploited in wild and is one of my personal favourite 3rd Party apps to hunt.

#BugBountyTips

(1/n)

(2/n)
1. CVE-2020-14179 (Information Disclosure)
a. Navigate to /secure/QueryComponent!Default.jspa
b. It leaks information about custom fields, custom SLA, etc.

2. CVE-2020-14181 (User Enumeration)
a. Navigate to /secure/ViewUserHover.jspa?username=

(3/n)
3. CVE-2020-14178 (Project Key Enumeration)
a. Navigate to /browse.
b. Observe the error message on valid vs. invalid project key. Apart from the Enumeration, you can often get unauthenticated access to the project if the protections are not in place.

(4/n)
4. CVE-2019-3402 (XSS)
a. Navigate to /secure/ConfigurePortalPages!default.jspa?view=search&searchOwnerUserName=%3Cscript%3Ealert(1)%3C/script%3E&Search=Search

5. CVE-2019-11581 (SSTI)
a. Navigate to /secure/ContactAdministrators!default.jspa

(5/n)
6. CVE-2019-3396 (Path Traversal)
7. CVE-2019-8451 (SSRF)
a. Navigate to /plugins/servlet/gadgets/makeRequest?url=https://:[email protected]
8. CVE-2019-8451 (SSRF)
a. Navigate to

One of the big promises of software is composability. You can build rich, powerful experiences out of basic building blocks.

APIs add new things to the toolbox. For example: Treasury, which lets an app/platform store, move, and track a business’

I've been a small business owner and can talk at length about SMB banking, and will later, but let's put on the software developer hat right now.

Lots of software talks about money, keeps records about money, does calculations about money, but can't *touch* money.

This is extremely frustrating when you're building SaaS apps for businesses, because you have total control over your UX right until your app needs to touch money... at which point all data about it lives in a silo you can't access.

So you generally push work to the operator.

For example, suppose you’re writing a business-in-a-box system for electricians, including an invoicing feature.

You need to be able to read bank transactions to reconcile. You probably can't. The owner can. So you ask the owner to do mind-numbing work a computer does better.

It sure would be great if your business customers had bank accounts you could actually introspect and operate on their behalves! You could just get the list of incoming payments and match against the invoices.

There is some software to write but it is not rocket science.

🚨 $PSKY MedTech 🚨

🩺 Provides a healthcare CRM software

📈 Sales are set to grow by 38% YoY from 2020 to 2021

⚡️ Developing a platform for third-parties to commercialise their MedTech apps and integrate these with PatientSky’s software

✅ Becoming a Platform-as-a-Service

PatientSky $PSKY.OL was founded in 2014 in Norway and started as a patient administration tool for clinics

🩺 It serves as a platform for ordering appointments, prescriptions, video consultations and e-consultations

The solution grew rapidly from 100.000 to 1.8m app downloads in less than 4 years

🥼 And it added a myriad of possibilities along the way, starting from a simple EHR management tool to a MedTech platform

1️⃣ By 2016 it counted 100k downloads and had morphed into a SaaS tool offering a task scheduler, internet connectivity and a VOIP module

2️⃣ By 2019, it counted over 1m app downloads and added an insurance module, Electronic Health Records (EHR) and a medication tool

✨ The company also introduced a Platform-as-a-Service tool, enabling its customers to build their own medical apps on top of PatientSky’s platform

3️⃣ By 2020, it expanded into hospitals and counted over 1.8m app downloads

Let's create Phineas using CSS in few simple steps😄

THREAD🧵

STEP 1. Create a head

create a triangle and rotate it so that it looks like a head

STEP 2. Create smile and ear

We have a pseudo elements in CSS, so we can create smile and ear using head::after and head::before

STEP 3. Create eyes

This is the most trickiest part because in order to make an eye we have to create

- One bigger white circle
- then a small black pupil inside white circle
- then a small white reflection in black pupil

Let's create a outer white circle first

STEP 3(I). Create a black pupil

We can create pupil using pseudo element