That's right, this is more a description of how speculative execution works within modern processors (a quite familiar topic lately thanks to Meltdown, Spectre & co.).
Except the author was assuming manual scheduling where today speculative execution is mostly done transparently in hardware (barring failed general purpose VLIW attempts).
... as it was said, the first brainfuck program prints xor-with-key. The second program doesn't output anything but it sets the memory "array" with 12 non-zero values. By XORing these values with the phrase present in the image (12 characters too) you get "35.205.32.11" which can be an IP (something in Google's ranges), geographical coordinates (interpreted as x,y they point somewhere in Israel, in fact) or I don't know whatever else.
This link leads to page with the first challenge: "Your help is needed once again to solve an urgent matter. Our digital forensics division is trying to track the source of a phishing attack on one of our government officials..."
I think it's more a joke from the fake 'anonymous' hacker in context to the tech-news. After some testing I think the solution could be within this so called 'pass-through' attack which is described in the tech-news.
There is an 'admin' account, with whom I think you can access the /administration site. For now I think the solution could be with modifying cookies, maybe the session cookie (after you create an account and log in) to get access to the admin account
I think the exploit would have something to do with the PNG
profile picture upload feature,
I've figured out how to upload my own files but not sure what I can do with this.
I manage ads in several mobile apps and I've chosen to disable full screen video ads. Still Google's AdMob mail hints keep recommending to activate them as well in order to get more revenue. More revenue for me and more revenue for the ad provider, that's the only reason.
I'm on a war path with these video ads, but advertising networks don't give us enough (or any) tools to disable serving them. Most of the time, it's either all or nothing. Some let you disable certain types of ads, including AdSense (it has a VPAID checkbox now that I think about it), but when I reached out to AdX people about it, they were not helpful so far (their recommendation was to turn off anything that says "video" in the OptIn tab, except that does not get rid of these VPAID ads).
sovrn was a network I dropped for this very reason - they kept serving VPAID ads and didn't give me a way to turn them off.
That Schneier article [1] is very technical and reveals quite a lot of interesting information. It was immediately flagged off HN front page by the flagging brigade [2]. It's highly recommended reading, though.
Being one of those that have no clue about tyres' sizes, I found the 205/45 17 combination after a few tries. It would be nice if the "tyres size choosing page" would retain your choices, after you get a "Size not found, please try again" or a "Please select Width, Profile and Size".
In the results page you may want to hide the table header's sorting buttons from the "Purchase column" and call the "back" button something like "New search" (this last point is quite debatable of course).
About the UI, it looks good overall (caveat: I have a bias toward non-distracting UIs). I don't really see the need for images.
It would probably be helpful to have a little section telling you how to figure out what size tyres you have. You'd probably need an image, though. See, e.g., http://www.blackcircles.com/tyres.
