Thái | Hacker | Kỹ sư tin tặc

Thái | Hacker | Kỹ sư tin tặc is a Substack focused on cybersecurity, technological innovation, and the personal experiences of a Vietnamese engineer navigating the tech industry. It covers online security challenges in Vietnam, ethical hacking, personal journeys within the tech sector, and insights on living a balanced life amidst tech advancements.

Cybersecurity Technological Innovation Personal Development Vietnamese Technology Scene Ethical Hacking Career Growth Cultural Insights Online Privacy

The hottest Substack posts of Thái | Hacker | Kỹ sư tin tặc

And their main takeaways

Động đất ở VN

0 implied HN points 04 Jun 08
🌍 World Politics Social Dynamics International relations Conflict resolution Human Rights Diplomacy
  1. Online discussions can often devolve into personal attacks and arguments rather than focusing on the main topic.
  2. Herd mentality can influence group behavior, leading individuals to conform to the majority opinion even if it may not be rational.
  3. Preconceived biases and historical events can significantly impact how individuals perceive and interact with people from different backgrounds.

ignorance

0 implied HN points 29 May 08
📖 Philosophy Knowledge Learning Wisdom Self-awareness
  1. Nassim Taleb's theory of the Black Swan explores unforeseen events and risks, reminding us to consider different levels of business risk.
  2. We must constantly seek knowledge to reduce our ignorance levels and progress from not knowing what we don't know to recognizing gaps in our understanding.
  3. Having more knowledge can sometimes lead to overconfidence, as demonstrated in examples involving stock trading and sports betting, highlighting the importance of humility and adaptability in decision-making.

Watch your ass - Adobe Flash zero-day attack in the wild

0 implied HN points 28 May 08
🕹 Technology Cybersecurity Software Browsers Web Security
  1. There is a new Adobe Flash zero-day attack happening, exploiting a vulnerability that is being injected into third-party websites to redirect users to malware-laden servers.
  2. Consider using NoScript with Mozilla Firefox to block potentially vulnerable plugins like Flash, Java, Silverlight, and QuickTime, preventing exploitation of security vulnerabilities.
  3. A whitelist-based pre-emptive script blocking approach can be more effective in preventing security issues than traditional methods.

post hoc ergo propter hoc

0 implied HN points 17 May 08
📖 Philosophy Logic Reasoning Ethics Metaphysics
  1. Post hoc ergo propter hoc is a logical fallacy that assumes because event A happened before event B, then A caused B. It's important to provide clear evidence to support conclusions rather than relying on chronological order.
  2. Critically analyzing the logical errors in arguments, such as post hoc ergo propter hoc, is crucial for effective reasoning and debate. It helps avoid making unfounded assumptions and faulty conclusions.
  3. Blaming external factors like the field of study, educational programs, or instructors for personal failures is a common mistake. Taking responsibility for one's actions and attitude towards learning is essential for success.

ha~nh tie^'n

0 implied HN points 15 May 08
🎭️ Culture Social norms Self-Improvement
  1. Be mindful of the questions you ask others, certain inquiries can be seen as offensive or intrusive
  2. The concept of 'ha~nh tie^'n' involves portraying oneself as highly accomplished to persuade others of their success
  3. It's often better to remain silent and observe, as those who talk less tend to be more competent than those who speak a lot
Get a weekly roundup of the best Substack posts, by hacker news affinity:

matrix card - super cheap yet secure T-FA solution

0 implied HN points 01 Apr 08
🕹 Technology Security Authentication Development Phishing
  1. Two-factor authentication (T-FA) utilizes two different methods for higher security. Commonly, it involves something a person knows and something they have or are.
  2. Using a matrix card as the second authentication factor is a cost-effective solution compared to other options like RSA SecurID, making it easy to implement and inexpensive for service providers and customers.
  3. While T-FA with a matrix card is helpful, it does not fully protect against certain attacks like man-in-the-middle phishing. Authentication of transactions and vigilance for abnormal behavior are crucial for enhanced security.

Cac cau hoi thuong gap ve ban quyen - Copyright FAQ

0 implied HN points 30 Mar 08
🚌 Education Copyright Law Intellectual Property
  1. There is a lack of understanding about copyright law among many people in Vietnam due to limited accessible and clear resources in Vietnamese.
  2. Increased knowledge of copyright law can bring various benefits, prompting the importance of educating oneself about legal matters.
  3. The author plans to write a series of Q&A posts on copyright to help clarify common concerns and enhance their own understanding of the subject.

baamboo

0 implied HN points 29 Mar 08
🕹 Technology Search Engine Database Programming Open Source
  1. Baamboo, a popular music search engine, surprisingly uses SQL full text search instead of Lucene, a common choice for search engines.
  2. Lucene offers fast indexing and storage performance, making it a preferred option for companies looking for scalable solutions beyond traditional relational databases.
  3. Implementing Lucene and its sub-projects like Nutch and Solr can provide powerful search capabilities, but requires expertise and effort in customization and operation.

please help testing my application

0 implied HN points 27 Mar 08
🕹 Technology Database Web Development
  1. The author is testing a new document-oriented database service called thrudb using a large dataset and requesting help to test its performance by doing random searches on an application.
  2. The author is comparing the performance of different backends like thrudoc and thrudex in their application, highlighting that thrudoc takes longer due to using a disk backend for a large dataset.
  3. The author plans to load the same dataset to other backends such as mysql or bdb to see how they perform and intends to share the results in a future blog post.

Scary attacks

0 implied HN points 26 Mar 08
🕹 Technology Cybersecurity Data Breaches Malware Vulnerabilities Phishing
  1. Highly targeted and technically advanced attacks can be carried out by well-funded and motivated individuals or groups.
  2. In practice, these attacks may involve the use of forged email headers, exploits within documents, keyloggers, and DNS-bouncer systems.
  3. The attackers may craft their exploits to evade detection by antivirus products, making the attacks harder to detect and defend against.

Thrudb on Ubuntu - installation guide

0 implied HN points 19 Mar 08
🕹 Technology Installation Dependencies Tutorials
  1. Thrudb is a set of services built on Thrift for indexing and document storage, providing flexibility and speed to web developers.
  2. Installing Thrudb on Ubuntu involves setting up dependencies like thrift, client libraries for different languages, and specific dependencies like libmemcached and CLucene.
  3. After successfully installing, building the Thrudb client libraries and running tutorials in Python and Perl helps test and demonstrate functionality.

DDo.c sa'ch

0 implied HN points 16 Mar 08
📖 Philosophy Self-help Success Reality Life lessons Personal Growth
  1. Question everything, especially self-help books. Verify facts and practicality.
  2. Be cautious of 'feel-good' self-help books that offer thrilling but impractical advice.
  3. Success and happiness are not as easily attainable as portrayed in books; real life is more complex and requires more than just following book advice.

Va`i kinh nghie^.m ba'n ha`ng

0 implied HN points 27 Jan 08
💼 Business Sales Marketing Customer Satisfaction Competition
  1. Before having a product, it's important to understand customer needs and be able to meet them in order to start marketing and sales
  2. Focus on satisfying the first customer to create trust and potentially gain referrals and insights for future improvements
  3. Effective marketing, PR, and sales strategies play a crucial role in winning over competitors, highlighting product advantages, and building customer confidence

Công nghiệp open source?

0 implied HN points 26 Jan 08
🕹 Technology Open Source Business Investment Software Licensing
  1. The examples provided do not prove that 'open source can be profitable'.
  2. To demonstrate that 'open source can be profitable', success stories with customers need to be presented, not just instances of investors buying open source products.
  3. Most companies mentioned do not solely operate on open source products, often using them as marketing tools to sell their main closed-source versions.

Ba'o tie^'p tu.c chuo^'i

0 implied HN points 17 Jan 08
🕹 Technology Web Development Tech startups Digital Media Innovation Internet culture
  1. In the early days, some successful projects started with gathering discarded technology and repairing it to make something functional. This resourcefulness can lead to big ideas and accomplishments.
  2. Persistence is key when pursuing ambitious projects. Rejections are part of the journey, and finding the right support can be a game-changer.
  3. Media outlets, especially when covering complex topics, should listen to and include input from experts. Maintaining high standards and credibility is crucial in journalism.

Bu`ng hay..."no^?"?

0 implied HN points 17 Jan 08
🕹 Technology Search Engines Language processing
  1. The dominance of Google and Yahoo in Vietnam is strong due to their products meeting the needs of users. Changing user habits is difficult, especially on a large scale.
  2. Vietnamese search companies highlight their ability to process Vietnamese language as an advantage over Google and Yahoo, but teaching computers to understand Vietnamese is complex and challenging.
  3. For Vietnamese search engines to compete with global giants like Google and Yahoo, they need to leverage local advantages like providing detailed local information and maps.

Báo...chuối

0 implied HN points 07 Jan 08
📰 News Media Journalism PR Fake news Bias
  1. The quality of news in Vietnamese newspapers is declining, with an increase in poorly disguised PR content being passed off as news.
  2. Some newspapers, like Thanh Niên, are notorious for showcasing biased PR articles, lacking valuable insights or analysis.
  3. Journalists sometimes fail to fact-check or conduct in-depth research, leading to the spread of misleading or inaccurate information in news media.

The world is NOT flat

0 implied HN points 07 Jan 08
🌍 World Politics Globalization Inequality Leadership Development
  1. The world is not flat, despite popular beliefs and books like 'The World Is Flat'. In reality, there is growing inequality and a large gap between the rich and the poor.
  2. Globalization isn't as pervasive as some claim. Local connections still dominate most phone calls, web traffic, and investments, revealing the limitations of a truly flat world.
  3. Even within countries like Vietnam, disparities exist, with individuals from different regions facing varying opportunities. The benefits of globalization may not reach those most in need, such as the impoverished.

Viết tiếp về Paypal-made-in-VN

0 implied HN points 10 Oct 07
🕹 Technology Banking Fraud Regulations Government Policies
  1. One of the main challenges for e-payment companies in Vietnam is convincing banks to connect with them, often due to technology and product limitations.
  2. Unlike foreign e-payment companies that focus on credit card payments, Vietnamese e-payment companies prefer transactions through ATM cards linked to bank accounts.
  3. The lack of regulations in Vietnam regarding fraud liability in non-credit card payments creates challenges, leading e-payment companies to explore intermediary solutions like PayPal's model.

Rise And Fall of Paypal-made-in-VN

0 implied HN points 10 Oct 07
🕹 Technology Security Banking Business Model
  1. In the e-payment industry, success hinges on speed to market and convincing banks to connect.
  2. Building an e-payment service in Vietnam faces challenges like outdated banking infrastructure and lack of technical expertise.
  3. The future of e-payment in Vietnam may involve banks establishing subsidiary companies to compete and innovate in the market.

Zombilizing The Web Browsers Via Flash Player 9

0 implied HN points 03 Aug 07
🕹 Technology Web Development Internet Security Tech Events Programming Cybersecurity
  1. Organizing events like VNSECON07 can be challenging, with speakers facing difficulties in engaging the audience due to lack of interpreters for deep technical topics.
  2. Preparing ahead by taking notes and bringing the necessary equipment like a laptop can enhance the learning experience during presentations.
  3. Including clear signage and directions can improve the overall event experience, making it easier for attendees to navigate different sessions and rooms.

See you at VNSECON07!

0 implied HN points 02 Aug 07
🕹 Technology Cybersecurity Mobile Banking Hacking Malware
  1. VNSECON07 aimed to bridge the gap in cybersecurity between Vietnam and the rest of the world by bringing experts to share their latest research and insights.
  2. VNSECON07 stood out from other security conferences by following a rigorous selection process for presentations and hosting a hacking competition called Capture the Flag.
  3. The conference featured hot topics such as next-gen .NET attacks, live malware attacks, using Google for finding malware, cheating in online games, building a GSM interceptor, and banking security challenges in fast-developing countries.

Chương trình làm việc hội thảo VNSECON07

0 implied HN points 01 Aug 07
🕹 Technology Events
  1. The VNSECON07 conference will take place over two days, featuring a total of 20 presentations split between morning and afternoon sessions.
  2. The conference covers topics in both business and technical tracks, with a specific focus on turning web browsers into zombies using Flash Player 9.
  3. Alongside the conference, there will be a Capture the Flag competition for teams to register and participate in.

www.tuoitre.com.vn thay đổi cách thiết kế menu

0 implied HN points 30 Jul 07
🕹 Technology Web Design Usability Security
  1. The menu design change on www.tuoitre.com.vn, making menus unclickable, has caused inconvenience and confusion to users.
  2. The new menu design implies restrictions on readers, limiting access to all news in a topic area and forcing them to navigate through submenus.
  3. There is a connection between usability and security in software and websites, where good usability often correlates with better security measures.

Tấn công DDoS bằng PDF Spam

0 implied HN points 26 Jul 07
🕹 Technology Cybersecurity Networking Email Malware Operating Systems
  1. A client's server faced a DDoS attack through PDF spam, causing FPT Telecom's firewall to freeze due to high traffic.
  2. Investigating the server's services and analyzing log files helped determine the source of the attack - in this case, excessive traffic on SMTP and DNS ports.
  3. Disabling specific troublesome domains temporarily and monitoring traffic helped mitigate the DDoS attack effectively.

VNNIC bán thông tin khách hàng cho spammer?

0 implied HN points 23 Jul 07
🕹 Technology Privacy
  1. Receiving unsolicited emails from companies urging domain transfer can be a form of spamming.
  2. The practice of companies obtaining domain and email information without consent is a common issue.
  3. Questioning whether VNNIC may have sold customer information to spammers sparks concerns about data privacy.

Dùng iptables NAT thay thế cho reverse proxy

0 implied HN points 17 Jul 07
🕹 Technology Network Security Networking
  1. Consider using iptables NAT as a replacement for reverse proxy to simplify setup and avoid potential issues with complex software like Squid.
  2. Iptables commands like DNAT and SNAT can efficiently redirect traffic between servers based on IP addresses and ports.
  3. Understanding the flow of packets in iptables NAT can help troubleshoot and reroute traffic effectively in case of similar network issues.

20 chai/tháng + 5% cổ phiếu dạng cổ đông chiến lược

0 implied HN points 17 Jul 07
💼 Business Career Advice Salary Negotiation Employment
  1. When negotiating salary in a new job, aim for a higher pay than your previous job to account for adjusting to a new environment.
  2. Specify a clear salary amount during negotiations that can sustain your desired lifestyle before discussing other income sources.
  3. Confidence in your self-worth is key when proposing a salary, as it showcases your value to potential employers.

Không phải cứ "hàng khủng" là tốt

0 implied HN points 17 Jul 07
🕹 Technology Database Management Memory management Software Development
  1. Just because something is big and powerful doesn't always mean it's good - as seen with the struggles faced with a high-performance server.
  2. In troubleshooting complex issues, leveraging resources like Oracle Metalink and collaborating with experts can be crucial for finding solutions.
  3. Understanding and correctly utilizing features like HugePages on 64-bit Linux systems can significantly improve memory management and system performance.

Một phương pháp chống DDoS bằng xFlash

0 implied HN points 17 Jul 07
🕹 Technology Security Web Programming Networking
  1. The way browsers handle HTML forms with enctype="multipart/form-data" and enctype="application/x-www-form-urlencoded" is different. This difference is key to detecting POST requests from Flash, which cannot send requests in the "multipart/form-data" format.
  2. By automatically setting all HTML forms to enctype="multipart/form-data" through a reverse proxy with an Apache output filter module, one can detect and protect against DDoS attacks from Flash.
  3. While this method can limit the impact of existing xFlash attacks, it may not be a permanent solution. Avoiding Flash altogether or focusing on overall DDoS defense strategies like infrastructure investment and system optimization is crucial.

Giao diện mới của www.tuoitre.com.vn

0 implied HN points 17 Jul 07
🕹 Technology Design Website User Experience Visuals Navigation
  1. The new design of tuoitre.com.vn's website features a horizontal navigation bar, which is a refreshing change that separates it from other news websites in Vietnam.
  2. The tab design of the navigation bar is simple, easy to understand, and efficient for users, but there are minor design flaws that could be improved, like highlighting the selected tab more visibly.
  3. One major drawback of the new design is the unnecessary inclusion of a video clip on the homepage, which can be intrusive, outdated, and significantly increases the page load time.

WordPress 2.1.1 chứa mã nguy hiểm

0 implied HN points 17 Jul 07
🕹 Technology Security Hacking
  1. A hacker managed to infiltrate WordPress' server and alter the source code of version 2.1.1, adding a backdoor to allow remote execution of PHP code.
  2. WordPress immediately took down the website to investigate the altered code in version 2.1.1.
  3. This incident highlights the importance of regularly updating software to protect against security threats and vulnerabilities.

Ai viết 2.6.20?

0 implied HN points 17 Jul 07
🕹 Technology Coding Linux Development
  1. The majority of code contributions to Linux come from developers working for companies like Red Hat, IBM, Google, and Nokia, not solely from Linus Torvalds.
  2. Nearly 2,000 developers contributed at least one patch to the Linux kernel in the last year, showcasing a diverse and well-supported development community.
  3. Contemporary kernel development for Linux is a collaborative effort involving a wide group of paid developers, rather than being reliant on an individual or a small group of contributors.

Tự làm một distro Linux

0 implied HN points 17 Jul 07
🕹 Technology Linux Operating System
  1. It's possible to create a Linux distribution with tools like rBuilder Online which simplifies the process with just a few clicks.
  2. Software appliances, though like distributions, are optimized to run specific software applications, making the operating system transparent to the user.
  3. Software appliances can be used in various ways like installing them as a normal distribution, converting them into hardware appliances, or transforming them into virtual appliances using tools like VMWare and Xen.

ADSL DoS

0 implied HN points 17 Jul 07
🕹 Technology Cybersecurity Internet Networking
  1. You can launch a DoS attack on someone using ADSL if you know their MAC address and exploit weakness in the PPPoE protocol.
  2. The vulnerability lies in how PPPoE uses the SESSION_ID and MAC address for connection control, making it possible to disrupt someone's PPPoE connection.
  3. Social engineering can be an effective way to obtain the victim's MAC address for carrying out such attacks, highlighting the importance of safeguarding sensitive information.

Hội hay là thảo?

0 implied HN points 17 Jul 07
🕹 Technology Cybersecurity Events Community Hacking Networking
  1. Attending security conferences can provide valuable insights and networking opportunities.
  2. Understanding security concepts like the perimeter of a system and directory harvest attacks is crucial in the field.
  3. Organizing small, focused, and serious security conferences can help local communities connect with the global cybersecurity landscape.

Cái giá của spam

0 implied HN points 17 Jul 07
💼 Business Technology Marketing Economics Finance Security
  1. Spam not only causes annoyance but also economic damage to businesses.
  2. Businesses often underestimate the financial impact of spam and focus more on implementing anti-spam solutions for the nuisance it causes.
  3. Calculating the cost of spam can reveal significant financial losses for a company, including factors like employee time spent dealing with spam emails.

Đòn hi sinh của đám spammer

0 implied HN points 17 Jul 07
🕹 Technology Spam Software Cybersecurity Debugging Email
  1. Spammers can go to extreme lengths to disrupt anti-spam systems, such as overwhelming them with strange spam emails.
  2. Technical challenges in dealing with spam, like a spam email causing a crucial software component to crash, require thorough investigation and debugging techniques.
  3. In the ongoing battle against spam, spammers may resort to sacrificial tactics, like using spam emails to specifically target and disable anti-spam software.

Virtual Appliance

0 implied HN points 17 Jul 07
🕹 Technology Virtualization Software Hardware Information Technology
  1. Virtual appliances help save time and resources by allowing quick setup of servers for development and testing purposes.
  2. Using virtual appliances eliminates the need for extra physical infrastructure such as racks and data centers, reducing costs significantly.
  3. Virtual appliances offer benefits like isolated applications, simplified management, and easy distribution of software, making them a trend for IT systems worldwide.