All streams

Однажды мы со Standoff 365 договорились сделать крутой конкурс для начинающих багхантеров и представить его на PHDays Fest. Каково же было наше удивление, когда за первые 5 минут в конкурсе зарегистрировались 17 человек, всего же было 74 участника и 10 победителей. Еще больше удивило то, что багхантеры были вовсе не начинающие: в конкурсе участвовали сильнейшие хакеры страны. В этой статье разберем, какие были задания.

Мы приняли решение сделать конкурс в формате CTF. Для этого с нуля в ChatGPT была разработана платформа. Как показала практика, код, который написала нейросеть, оказался неидеальным в плане безопасности, но в целом после исправления некоторых проблем все стало работать стабильно.

Now that pgpro-otel-collector has had its public release, I’m excited to start sharing more about the tool — and to kick things off, I’m launching a blog series focused entirely on the Collector.

The first post is an intro — a practical guide to installing, configuring, and launching the collector. We’ll also take our first look at what kind of data the collector exposes, starting with good old Postgres metrics.

Declarative partitioning may sound complex, but in reality it’s just a way to tell your database how best to organize large tables — so it can optimize queries and make maintenance easier. Let’s walk through how it works and when declarative partitioning can save the day.

41 TB/day from Oracle to Postgres Pro without stopping the source system — not theory, but numbers from our latest tests. We broke the migration into three stages: fast initial load, CDC from redo logs, and validation, and wrapped them into ProGate. In this article, we’ll explain how the pipeline works, why we chose Go, and where the bottlenecks hide.

На прошлой неделе исследователи «Лаборатории Касперского» опубликовали очередной отчет, в котором анализируются приемы, применяемые мошенниками в фишинговых сообщениях и разного рода сетевом мошенничестве. Предыдущая публикация по этой теме вышла в 2022 году, поэтому главной темой в новом обзоре стало активное использование технологий искусственного интеллекта. Начать можно с очевидного изменения: благодаря ИИ качество текстов в фишинговых сообщениях значительно повысилось. Если раньше сообщения мошенников часто содержали ошибки и опечатки, то теперь рассылаются максимально убедительные и правдоподобные письма.

If you meet the Buddha, kill the Buddha. Notes on the Forgotten Nature of Zen Koans

I don’t know how koans were perceived when they sounded like thunder. Perhaps not at all as they are analyzed by modern philosophers. Perhaps koans were not analyzed, but lived. And it is impossible to transmit a lived experience across centuries. It is an individual experience. Well then, perhaps we have lost the essence of koans. Or perhaps we never knew it. In that case, I can very well allow myself to present koans as I see them.

The students of the Intelligent Systems Department successfully defended their bachelor’s and master’s theses. This year, 14 Bachelor’s and 8 Master’s students earned their degrees in Physics, Mathematics, and Computer Sciences. We are proud to say that our Department is unique in publishing the complete set of defense materials during the last ten years. These materials include the text of the dissertation work, the published papers, the code of the computational experiments, and the slides with video of the defense talk.

In this post, we gladly summarize the defended works of our BS and MS students and highlight the results. A recording of their pre-defence presentations can be found here and here in Russian. Most part of the theses has a publicly available English version. 

The repo of this script is https://gitlab.com/vitaly‑zdanevich/full‑backup/‑/blob/master/full‑backup.sh

Incremental with hard links means that if a file is not changed, on the next backup it will link to the same underlying data, like deduplication. Hard links — its usual files.

Also, this script ignores .gitignore of every folder.

Run this script from another system.

CAPTCHA protocols are designed to tell bots from humans, yet in the worlds of automation and testing there is often a need to bypass them. Dedicated CAPTCHA‑solving services take over this task, combining algorithms with human labor.

In this article we present an in‑depth comparison of four popular platforms — 2Captcha, SolveCaptcha, DeathByCaptcha, and AntiCaptcha. We will examine not only pricing and the types of CAPTCHAs supported, but also internal architecture, API integrations, speed and stability, plus the quirks of using each service.

The technical community will find a deep dive here — from API and SDK structure to real‑world use cases. Below you will see a table comparing key characteristics, lists of pros and cons, and a discussion of which service best fits particular automation tasks.

Postgres Pro recently announced the release of Enterprise Manager 2, commonly known as PPEM.

In short, PPEM is an administration tool designed for managing and monitoring Postgres databases. Its primary goal is to assist DBAs in their daily tasks and automate routine operations. In this article, I'll take a closer look at what PPEM has to offer. My name is Alexey, and I'm part of the PPEM development team.

n8n is a powerful, extendable workflow automation tool that allows you to connect different applications and services. Running it on your local machine gives you complete control over your data and workflows, which can be done on Windows, Mac, or Linux systems. This tutorial covers the two primary methods for local installation: using Docker and using Node.js (npm). If you are interested, then read this article until the end. :)

For a human, AI is just a part of being. For a model, a human is all of being. And the Vortex Protocol: A Prompt for Testing the Hypotheses.

The longest and most fruitless discussions tend to be with materialists, especially those close to the position Marx laid out as “Being determines consciousness.” It's amusing that Marx was talking about the economic base, but the clarity and precision of this definition have allowed it to be used in a very broad sense. Today, this powerful statement underpins much of modern psychology (especially social psychology), neuroscience, Global Workspace Theory, Integrated Information Theory, and so on.

The debate largely arises because materialists ask the questions “What?” and “How?”, whereas I ask the question “Who?”. This misunderstanding, of course, does not lead to any interesting consensus, but it certainly leads to interesting discussions. I explored the problem of the “Who?” and “What?” questions in my article, “Who is Aware?”.

Nevertheless, the questions surrounding the relationship between being and consciousness are very interesting, and I will try to examine them in this article. As always, a new version of the Vortex protocol and test questions are included in the appendix.