How I made $64k from deleted files — a bug bounty story
TL;DR — I built an automation that cloned and scanned tens of thousands of public GitHub repos for leaked secrets. For each repository I…
Hasnain says:
Neat little tricks here. Secret management is hard
"Most of the leaked secrets were found in binary files that had been committed to the repository and later deleted. These files are typically generated by compilers or automated processes. A common example is .pyc files, which are Python byte-code files created when some Python interpreters compile source code. These often end up being committed unintentionally. Other examples include compiler-generated debug files, such as .pdb files, which are also occasionally committed by mistake."
Posted on 2025-04-23T04:15:07+0000
Columbia student suspended over interview cheating tool raises $5.3M to 'cheat on everything' | TechCrunch
On Sunday, 21-year-old Chungin "Roy" Lee announced he’s raised $5.3 million in seed funding from Abstract Ventures and Susa Ventures for his startup,
Hasnain says:
… yeah not sure how I feel about this one
“Cluely has published a manifesto comparing itself to inventions like the calculator and spellcheck, which were originally derided as “cheating.””
Posted on 2025-04-22T00:45:38+0000
Cozy video games can quell stress and anxiety.
Explore a charming town, meet quirky villagers, and take in the cozy vibes!
How To Build An Agent | Amp
Building a fully functional, code-editing agent in less than 400 lines.
Hasnain says:
This was pretty motivational.
“These models are incredibly powerful now. 300 lines of code and three tools and now you’re to be able to talk to an alien intelligence that edits your code. If you think “well, but we didn’t really…” — go and try it! Go and see how far you can get with this. I bet it’s a lot farther than you think.
That’s why we think everything’s changing.”
Posted on 2025-04-16T05:54:31+0000
Are People Bad At Their Jobs....or Are The Jobs Just Bad?
A Bed Assembly Drama
Hasnain says:
I felt this in my bones.
"Even if you don’t personally hold these values, the vast majority of us are members of societies that do. But resistance is very possible. If everyone’s good at their job, shop there. If you need help with something, find a local company or self-employed person to pay directly — and tip them. If something feels like a massive deal, someone or some part of the earth is paying steeply for it, and chances are high you will pay more for it (in replacement costs, in labor, in time) later. And if you’re forced to use a company with bad services and bad products, the fault is very rarely the worker themselves, but the organization that makes it so difficult for them to be good at their job.
I’m not saying we should all spend more money on everything. Or that we should collectively lower our standards and accept shoddy work. I keenly understand that part of the reason we rely on these exploitative services is because we, ourselves, are subject to the demands of the same economy: one that tells us our time is always better spent working or recovering from work, instead of helping others with their bedframe assembly or, say, shopping in person.
But I do think it’s worth wondering: what would happen, how might the paradigm shift, if we continue normalizing paying far more for far less?"
Posted on 2025-04-13T03:41:04+0000
Rebuilding Prime Video UI with Rust and WebAssembly
Alexandru Ene features details of a new UI SDK in Rust for Prime Video that targets living room devices.
Hasnain says:
"The reason why I think this is true is because we did a lot of work in developer experience with those macros that maybe look a bit shocking if you don't know UI programming, but actually they felt very familiar to UI engineers. They could work with it right off the bat, they don't have to deal with much complexity in the borrow checker. Usually, in the UI code, you can clone things if necessary, or even use a Rc and things like that. You all know, this is not super optimal. Yes, we came from JavaScript, so this is fine, I promise. The gnarly bits are down in the engine, and there we take a lot of care about data management and memory and so on. In the UI code, we can afford it easy. Even on the lowest level hardware, I have some slides that you'll see the impact of this."
Posted on 2025-04-13T03:37:30+0000
‘Paraparticles’ Would Be a Third Kingdom of Quantum Particle | Quanta Magazine
A new proposal makes the case that paraparticles — a new category of quantum particle — could be created in exotic materials.
Hasnain says:
“If paraparticles exist, they’ll most likely be emergent particles, called quasiparticles, that show up as energetic vibrations in certain quantum materials.
“We might get new models of exotic phases, which were difficult to understand before, that you can now solve easily using paraparticles,” said Meng Cheng (opens a new tab), a physicist at Yale University who was not involved in the research.”
Posted on 2025-04-13T00:55:51+0000
There’s a Nuclear Option to Fight Trump’s War Against Colleges. You Aren’t Going to Like It.
Like watching NCAA basketball? What if you couldn’t, because schools went on strike?
Hasnain says:
“But the American higher-education sector is much more than a supplicant kneeling at the foot of the federal government. For better or for worse, it is absolutely central to the nation’s economy and society. And a big part of that centrality—one that some of us in academia try hard to ignore—is the spectacle of college sports. College and university sports teams are proudly represented on bumper stickers, billboards, hoodies, and barroom TVs in every city and every state.
All that a small group of university presidents has to do is hit pause on that spectacle for one season. In doing so, they’ll save millions of dollars and also broadcast to the nation that a cherished and essential American institution is under attack from its own government.”
Posted on 2025-04-06T04:48:33+0000
You can stop asking where the mass opposition is. It's everywhere.
People poured out to protest not only what Trump has done—but what they fear he will do next.
Hasnain says:
“This was just one protest in one place—albeit one very large protest in one very big place. Perhaps the vibes were different in Marshfield, Mass. or Salt Lake City or Bolivia, N.C. (Hopefully the weather was.) Ultimately the big story is not what the signs said, but the deep groundswell of anger and unrest that brought so many people in so many places out into the streets and other public spaces of their communities. The message is: crowd large. A lot of politicians and administrators and business leaders, in bowing to Trump, have drawn confidence and comfort from the perceived vibe shift. Events like this puncture that delusion. They are an unavoidable illustration of outrage. Trump may have gotten a lot undone in the last three months, but the opposition never went away, and it may finally be emboldened.
On Saturday, it showed that it is everywhere.”
Posted on 2025-04-06T01:29:42+0000
FBI raids home of prominent computer scientist who has gone incommunicado
Indiana University quietly removes profile of tenured professor and refuses to say why.
Hasnain says:
“"None of this is in any way normal," Matthew Green, a professor specializing in cryptography at Johns Hopkins University, wrote on Mastodon. He continued: "Has anyone been in contact? I hear he’s been missing for two weeks and his students can’t reach him. How does this not get noticed for two weeks???"
In the same thread, Matt Blaze, a McDevitt professor of computer science and law at Georgetown University, said: "It's hard to imagine what reason there could be for the university to scrub its website as if he never worked there. And while there's a process for removing tenured faculty, it takes more than an afternoon to do it”
Posted on 2025-03-31T07:03:07+0000