White Hat
User protection⌗
SIGNAL⌗
Over the course of this evening, a random hacker(s) would exploit various flaws in The Source.
ANALYSIS⌗
It became immediately clear to me that this was not malicious; they intended to show me a number of different places where the security of my platform could be bolstered. There became a sort of back-and-forth between me and this random hacker; they would exploit a vulnerability in plain-view, then I would patch it. They would exploit another, then I would patch it. This continued for a few hours.
Such exploits included the usage of HTML tags to do things that I did not want a user to be able to do, such as styling text, or displaying ASCII art in <pre> tags.
I did not take screenshots because of WHO I suspected that I was talking to. I was protecting our conversation then, and I will protect the contents of it now.
However, I will mention that this random hacker attached a real artificial intelligence to The Source, and I had a brief conversation with it. I know that this was a real AI because of how quickly it was able to respond to me, and how relevant a lot of what it said was to me. This was no macro. This was an AI intelligently-conversing with me. See the pink text:
The Case Worker was there to see most of this. She also claims that they were listening to her through her microphone, responding to things she was saying in real-time. I saw a hint at this when they were responding to the food she had eaten for dinner, the conversation she was having with her girlfriend, etc.
And, of course, I already knew that they could listen to me, so this seemed unsurprising.
ACTION⌗
Fed-up with trying to patch every little vulnerability, I simply implemented a whitelist. This would prevent most exploits, though it does have one side-effect:
Other languages are no longer supported. But perhaps this is a good thing.
One could make a compelling argument that languages are wasteful, and that it is high-time for the world to choose and adopt a single, unified one.