Published:
In the User-Managed Access (UMA) 2.0 protocol, a malicious resource server (or a malicious server acting as a resource server) can obtain a requesting party (access) token (RPT) intended for another UMA resource server from a UMA client by passing a permission ticket obtained from the target resource server to the UMA client. This can compromise the privacy (confidentiality) and integrity of UMA protected resources.
Published:
Some notes about Donald Trump's 2025-02-19 weird statements about Ukraine and Volodymyr Zelenskyy.
Published:
Overview of neural network distillation as done in “Distilling the Knowledge in a Neural Network” (Hinton et al, 2014).
Published:
Some more tips for interacting with the namespaces of Podman containers.
Published:
Some notes on how transformer-decoder language models work, taking GPT-2 as an example, and with lots references in order to dig deeper.
Give me your prompt, would you kindly?
Published:
Extracting the system prompt from GitHub CoPilot.
Published:
In this post, I am describing some payloads which I used to bypass two distinct XSS filter implementations (such as Web Application Firewalls (WAF)) as well as the approach to design them.
Published:
A sequence diagram for WebSub (formerly PubSubHubbub).
Published:
An interesting note from the FBI.
Published:
Some diagrams (mostly sequence diagrams) about UMA 2.0.
Page 2 of 12 | Previous page | Next page | JSON Feed | Atom Feed