🐝 Hive Five 194 - How The Internet You Loved Died

Hi friends,

Greetings from the hive!

Over the weekend, I watched some League of Legends World Championship.

Watching the best teams from around the globe battle it out is an exhilarating experience.

Sunday’s match featuring FlyQuest was especially inspiring, despite their loss. It was remarkable to see Korean and Chinese pros and streamers praising the team's performance.

In an emotional post-game interview, FlyQuest’s Bwipo said:

Even for someone who hasn't played League in years, I believe.

What did you do this weekend?

Let's take this week by swarm!

🐝 The Bee's Knees

1. Monetization & Monopolies: How The Internet You Loved Died. Or Why Tech Monopolies Are Actually Good For Society. MORE

2. The 3 AI Use Cases: Gods, Interns, and Cogs. 1) Gods: Super-intelligent, artificial entities that do things autonomously. 2) Interns: Supervised copilots that collaborate with experts, focusing on grunt work. 3) Cogs: Functions optimized to perform a single task extremely well, usually as part of a pipeline or interface. MORE

3. The Elite College Students Who Can’t Read Books. To read a book in college, it helps to have read a book in high school. MORE

4. Bug bounty is a peculiar game between hunters, clients, and intermediaries. Jason Haddix reveals darker secrets, tips, and tricks to address the unfairness that can arise in this arena. MORE

5. Blaklis, a seasoned bounty hunter, shares his journey from easy wins to epic challenges in the realm of bug bounties. MORE | SLIDES

Table of Contents

• 🐝 The Bee's Knees

• 📰 Updates

• 💼 Work

• 🌎 Community

• 🍄 Level up

• 🛠 Explore

• 📈 Learned something?

📰 Updates

🍯 My work

💼 Work

🚀 Productivity

1. Simon’s Jina Reader tool transforms any website into a Markdown file, allowing for easy reading and sharing of web content. MORE

2. Neovim key combinations people wished they'd learned sooner. MORE

3. Five practical ways professionals can leverage ChatGPT to enhance their work. MORE

4. Danny explores Obsidian beta features: editable page preview and web clipper. MORE

5. The Engineering Leader: Strategies for Scaling Teams and Yourself: Cate Huston in conversation. MORE

🌎 Community

🎉 Celebrate

1. Tarek has joined Bugcrowd as an Application Security Engineer, and is excited to work with the community of bug hunters and triage their findings. MORE

⚡️ Timeline

1. Announcing the Nuclei Templates Community Leaderboard and Rewards. MORE

2. Recon Royale is an exciting competitive platform where participants submit subdomains for a specified target domain. Players accumulate points based on the accuracy of their submissions, striving to achieve the prestigious title of King. MORE

3. Amazon Paid Hackers $2.1M+ in Bounties. Check it out in this H1-0131 vlog by NahamSec. MORE

4. Intigriti is hosting a Capture The Flag (CTF) competition on November 14-15, open to seasoned hackers, bug bounty researchers, and beginners alike. MORE

5. NeovimConf is looking for sponsors. MORE

💛 Follow
Awesome accounts to follow. Randomly selected from my curated Twitter lists.

1. @victoriadotdev | Victoria.dev | Skills for Tech Leaders | Software engineering leadership. Become a better technology leader: Cybersecurity, core @owasp_wstg.

2. @N_C_B | Noah Callahan-Bever | IDEA GENERATION.

3. @bellafusari1 | bells | An ellie waltman fanpage with a knack for breaking software.

4. @proabiral | Abiral | Organising THREAT CON.

5. @PhillipWylie | Phillip Wylie | Offensive Security Expert horizon3ai | Phillip Wylie Show Podcast Host.

🍄 Level up

📰 Read

1. Android app vulnerabilities go beyond SSL pinning and rooting. Going from Notification to WebView XSS. MORE

2. ading2210 discovered vulnerabilities in the Chromium web browser that allowed a sandbox escape from a browser extension. Google paid $20k for the bug report. MORE

3. Alex discusses their efforts to be more deliberate with digital data, including organizing files and keeping only what they'll use. They're using static websites for tiny archives as part of this process. MORE

4. BattleDash breached 700 million Electronic Arts accounts, exposing user data. Also, I learned that EA has no bug bounty program. MORE

5. The 3 AI Use Cases: Gods, Interns, and Cogs. 1) Gods: Super-intelligent, artificial entities that do things autonomously. 2) Interns: Supervised copilots that collaborate with experts, focusing on grunt work. 3) Cogs: Functions optimized to perform a single task extremely well, usually as part of a pipeline or interface. MORE

💡 Tips

1. Peter, while traveling long-term, carefully built up a gear list to track what worked and what needed replacing, using it to refine their equipment over time. MORE

2. Video scraping: extracting JSON data from a 35-second screen capture for less than 1/10th of a cent. MORE

3. Exercises that prevent yourself from living a life with chronic back pain. MORE

4. The "Indian Warren Buffet" on how he built his $100M+ fortune: Shamelessly Cloning. MORE

5. A look into why The McMaster Carr website is so blazing fast. It employs various techniques to achieve exceptional speed, including server-rendered HTML, prefetching, CDN caching, client-side caching with service workers, and more. MORE

🧠 Wisdom

1. What the smartest people do on the weekend is what everyone else will do during the week in ten years. MORE

2. ChatGPT purportedly generates horoscope-like content by leveraging a recently announced memory feature, but this is merely a superficial parlor trick, lacking any genuine depth or insight. MORE

3. Real Phone Calls to the UK's Minister of Loneliness. In 2019, 30% of young people reported feeling lonely some, or all the time. MORE

4. Bill Wear (aka Stormrider), a technical author at Canonical, contemplates the discipline of mastering one's mind. MORE

5. Dr. Julie Gurner: "Stop running away from life. Start shaping it. You can do one thing today that intentionally pulls your work & life in the direction you want it to go. One thing. Start today." MORE

📚 Resources

1. This guide offers practical tips for delivering a captivating pitch or demo at a hackathon, emphasizing the importance of clear storytelling, concise messaging, and engaging visual aids to impress potential investors. MORE

2. Collection of sources from the Deep and Dark web that can be useful in Cyber Threat Intelligence contexts. MORE

3. Critical security vulnerabilities were discovered in Grav CMS, with two reported issues assigned CVE identifiers. MORE

4. CVE-2024-45186 discloses a security vulnerability in the open-source file transfer application FileSender that could expose sensitive MySQL and S3 credentials without authentication. MORE

💭 Quote

🛠 Explore

🧰 Tools

1. x-ray is a Python library for finding bad redactions in PDF documents. MORE

2. A proof-of-concept WordPress plugin fuzzer that led to the discovery of more than 300 vulnerabilities in WordPress plugins installed on almost 30 million sites. MORE

3. Graphinder is a tool that extracts all GraphQL endpoints from a given domain. MORE

4. vulnhuntr is a tool to identify remotely exploitable vulnerabilities using LLMs and static code analysis. World's first autonomous AI-discovered 0day vulnerabilities. MORE

5. AuthzAI is an automated tool that tests and analyzes API endpoints for potential permission model violations using OpenAI's structured outputs. MORE

🎥 Watch

1. XOXO, “the internet’s best festival” according to The Verge, released their 2024 talks. MORE

2. Burnout is a prevalent issue in today's fast-paced world. The video examines the causes and effects of this phenomenon, offering insights on how to address it. MORE

3. Marcus, a security researcher, accidentally created a botnet while scanning the internet for vulnerabilities, leading to an unintentional DDoS attack on their own server. MORE

4. Scott Hanselman and Mark Russinovich discuss the concept of 'shipping the org chart', where teams' outputs reflect the organizational structure rather than a cohesive product. MORE

5. The conversation with Kristoffer Blasiak, Google's Mobile Vulnerability Rewards Program (VRP), suggests that there are many potential targets for Android research, despite a lack of people pursuing it. The scope of Android security is vast, with ample opportunities for those willing to explore it. MORE

🎵 Listen

1. An interview with Dr. Jonathan Bouman, who discusses his unique career path as both a hacker and a healthcare professional, exploring the ethical considerations of hacking in the context of healthcare. MORE

2. CEOs of public companies often discuss new AI initiatives, but few have actually built anything with it. Drew Houston of Dropbox has built a "Silicon Brain" and shares his insights on this endeavor. MORE

3. Harry is a master copywriter — and that’s not hyperbole. With Marketing Examples, he’s taught over 100,000 people how to write copy that rips. And guess what? You’re next. MORE

4. Sam Parr and Shaan Puri talk to Peter Rahal about starting RXBAR with $10K and selling it for $600M, business ideas he would chase today, plus why he’s back with another bar. MORE

🌐 Technology

1. How Meta Movie Gen could usher in a new AI-enabled era for content creators. Movie Gen has four capabilities: video generation, personalized video generation, precise video editing, and audio generation. MORE | PAPER

2. Atomic CSS Devtools is a Chrome extension that presents Atomic CSS rules, think TailwindCSS, in a non-atomic format, making them easier to interpret and adjust. MORE

3. FingerprintJS is a client-side browser fingerprinting library that computes a hashed visitor identifier from queried browser attributes, persisting it across incognito/private mode and purged browser data. MORE

4. Sink is a straightforward, rapid, and secure link shortener with analytics, hosted on Cloudflare. MORE

5. Huly is an All-in-One Project Management Platform. An open-source alternative to Linear, Jira, Slack, Notion, Motion. MORE

👀 Interesting

1. The Deal With It GIF emoji generator allows users to create customized animated GIFs with the iconic "Deal With It" sunglasses. MORE

2. A visual representation of the land use in the Netherlands. MORE

3. YapThread, a new app, is awaiting iOS approval and will be fully released next week. It aims to transform zombie scrolling into meaningful connections by enabling users to save and discuss content. MORE

4. Discover how the High-Performance SQLite course shipped dark and light modes for videos. MORE

5. This is more sad than anything, but the internet has become overly saturated with advertisements, severely impacting the experience for regular users. Tech people (myself included) may not fully grasp the magnitude of this issue, as they often use ad blockers themselves. MORE

📈 Learned something?

Until next week, take care of yourself and each other,

Bee 🐝

^{This newsletter may contain affiliate links that support its costs. These links lead to tools, courses, and resources that I've personally found helpful.}