that would be etwittertremely funny

@@capsey_ that would be x.twitteryz funny

That would have been so etwitterciting to see!

Immediately registering TwitterVideos domain then.

setwitter

Why would anyone stop calling it Twitter? Just because one man decided not to call it Twitter that doesn't mean that the name changed, it is the same as if I start calling my car a Ferrari when it's in fact a BMW... No one else will call it Ferrari. The same thing with Facebook, it will always be Facebook because this is how people know it

@@notmyname998 I mean, if the *owner* starts calling it something else, then yeah that does mean that the name changed. The problem is that Elon Musk inexplicably doesn't seem to understand just how valuable a brand can be. You can't buy the name recognition that Twitter has/had, and he just went and tried to flush it down the toilet (or pour it down the sink, perhaps). Ironically, he failed precisely because of how much name recognition Twitter does have -- it has penetrated far too deep into the public psyche for anyone to call the site anything else. The fact that the site URL remained unchanged for so long didn't help either, nor did Elon's antics that made it so most people just refused to acknowledge this dumb vanity project of an "everything app" that he clings to like a security blanket.

​@@notmyname998 it's not even that, it's just that x is a dumb name and Twitter is less dumb

@@notmyname998 I prefer to call it Thefacebook 😎

Also true

Lmao and this bugged version got printed? Coul have been 2 other substitution from fixing it as well.

This is why search-replace functions typically include a "whole word" option.

The iWizard pro max

newest apple devices leaked

A clbuttic mistake.

Yeah because its the ceo reviewing the code 🤡

@@tiagorainho5011 fr lol

@@tiagorainho5011 Elon literally made engineers print out code and present it to him when he bought Twitter 😂. He's a known micromanager

@@tiagorainho5011You’re joking, but that is literally what happened.

@@tiagorainho5011delete this comment buddy

Good job man 🎉

lack of foresight*

and yet old Twitter was definitely worse than new Twitter.

​@@cinex20Lack of any kind of sight* Look at Elon, do you think he's actually smart enough to have hindsight?

​@@fangirlmcIt wasn't. There were less pedos and extremists. Lol

He is a mediocre coder at best, proven back in the day

This is a few standard deviations above average scammer IQ

​@@635574Rather, there's no need to bother. Once you've got their details, you've got their details.

Good to know.

To do so effectively and in a convincing way (not displaying a tab within a tab, not taking 10s+ to load, etc) would require a lot more effort & expertise than the average phisher has at their disposal...

@@EntityVsEntityInteractions wrong, setoolkit is open source and widely available

obviously that 10+ years of experience was _not_ in security for them XD

But in this case it wasnˋt a bug.

Most of the bugs or vulnerabilities that experienced software engineers add in are not intuitive and mistakes get made because it isn't an issue that is often encountered in regular development and require special consideration. Every software engineer is well aware of the limits of search and replace, it's the reason you always use "refactor" in your IDE instead of "find and replace". It's practically one of the first things you learn as a software engineer, when you try to change a variable name and it ends up changing a bunch of other stuff you didn't want it to as well. Extending that intuition to URL replacements is such a small logical leap. I'm a very inexperienced software developer and even I make sure to be extra careful when having to parse strings because there are always a ridiculous number of edge cases to account for (e.g. word extraction can't just look for spaces since punctuation exists and sometimes punctuation like single quotes are considered parts of words and sometimes aren't). It's one thing to leave in a segfault that didn't get caught because it happened to point to allocated memory while testing or even code injection vulnerabilities that weren't accounted for in the test cases and another to not recognize the potential issues with a full search and replace, especially when it apparently wasn't tested on edge cases before deployment (e.g. ensuring "netflitwitter dot twitter" not being replaced with anything since it should only replace second-level domain names and only "twitter" by itself). Even the simplest and smallest set of reasonably made test cases would have caught this bug. I might've accepted an experienced software engineer accidentally replacing top level domains with "X" since ".twitter" isn't really a valid domain, but replacing every instance of "twitter" even when it isn't the full domain name is a bit ridiculous, even for an inexperienced developer, let alone an experienced one.

in fact newer people tend to be more cautious. experience people are often arrogant and refuse to fix their mistakes

I don't use azure, what are they doing? Do you have a TL;DR?

@@sehalessit’s a dev UI straight out of 2004

@@inverlock oof, hey, at least it's fast.. right?

Lmao it does, it looks so old. Theres a lot of little legacy items still kicking around in Azure/365

and Oracle's entire site

Examples of password managers with this functionality?

​@@Z-of1zxpass, pretty much the standard on unix systems, does this.

bitwarden is a pretty good free one

@@Z-of1zx Android Password Store and gopass extension for browsers (uses the pass system)

​@@Z-of1zx lastpass, 1password, keepass (with the browser extension). Honestly I think all of them have that

Tweetdeck*

I remember the Tom Scott video on that one 😂

There are many subdomains of Twitter , where XSS happens

@@dingus2332 dang!

You mean Tweetdeck?

@@dingus2332 Such as ? Any PoC ? Anything to back your claim lol? Do you have any previously documented PoC ?

@@al-ft1ng it's just a known thing ... They launch subdomains ,hunters with tools scan that new vulnerable subdomain and report them immediately

Blatantly false and Twitter has run better than ever with the downsized team once all the bloat and hr department were removed. Elons twitter team has shipped more features than Jack has in the past 10 years.

@@Sammysapphira The company is doing terrible compared to how it used to. I mean imagine becoming the new CEO and the most significant thing you have to show for it a new competitor spawned and took a massive amount of your market share - something unthinkable years prior.

@@Sammysapphira Every post is bots replying with engagement bait not related to the original content.

​@@Sammysapphira Twitter is literally shit now, only bots on every post and the features are shit and get pulled back every 3 months. It's tragic how he fucked it up soo bad.

​@@tapwater424And you think that is caused by Elon? How? Couldn't be just a coincidence?

That's a known issue called the scunthrope problem.

The smart people knew better than to stick around

smart people can get paid the same without the 100 hour weeks, so they've all left by now.

ehh like he said hes not a security expert. there's plenty of experts with full fledged courses out there tho

@@ExecutionMods yes I agree there are plenty of other courses out there, but the way this dude teaches is just 🔥🔥

​@@aka5h_ra0 i agree i like his style of teaching a lot

owasp is a good site to learn about this stuff.

Good. He's right. It's social fucking media

You deleted your account because you foresaw a security vulnerability. right buddy.

Lol, they've had hack bypassing 2fA years before Elon. It was always a mess. You're just unable to moderate your bias here

@@devstuff2576no, they deleted it because they could see that Elon was breaking things. That’s why they reference how 2fa broke on the site

​@@devstuff2576Skill issue

@@devstuff2576 you say that as though no one would do that.

Not a chance. I actually learned a few technical concepts with Neetcode. I usually leave a primeagen's video wanting that hour back

Neetcode is 10x more beginner friendly

​@@climber-fd1wwLMAO. This is actually true. I only watch primeagen when I want to eat something.

@@zweitekonto9654 yeah sooo true 😂

@@climber-fd1ww true, true, primeagen is simply for programmers to chill and have a chat

and even better, make some random people follow some other random people.

@@hypermeero4782 is there no csrf tokens on their requests?

@@hypermeero4782 I'd ask you to do it

@@hypermeero4782 report it and they'll probably reward you

can you use it to make my twitter blow up 😊

Signals

because he's obsessed with it. He always wanted it and he pushes it into everything, even his own children's names.

Is it possible to do that within a tweet under normal circumstances? I'm pretty sure it's not although I'll admit I could be wrong, never used the bird site. That would be the difference, because normally when you see a link within a tweet you're trusting that the user actually typed out that domain name and Twitter is just automatically rendering it as a link.

Bro's been coping all over the comments section, give it up bruh 😭

You usually make sure that markdown wouldnt be abused similar to this, though... This is different