i also find, with the arrival of catawiki (more a european market?), nice products for regular/normal prices seems hard to come by nowadays. Our "local" online market (marktplaats.nl) is therefore losing its value, local (town/neighborhood) (whats)app groups seem to somewhat take over this roll within the digital space.
OP's writing is nice, but he is de facto a scalper looking for the maximum amount of arbitrage. There's enough of them, like mentioned in the article, that they'll pick any flea market or secondhand store clean off diamonds in the rough before you as a regular guy really get a chance to find any.
What they're doing isn't illegal or forbidden, but it has completely destroyed the spirit of flea markets and secondhand stores as quaint places. And in response to becoming as hypercapitalist as the rest of society, a large contingent of people on flea markets has started to offer whole tables stuffed with cheap AliExpress / Temu crap. Or AI art being sold as "handmade".
The enthusiast offering artisanal coffee or lemonade or cinnamon rolls from his stall or food truck has quadrupled his prices, because if everyone else is gouging the visitor, why shouldn't he?
The same goes for secondhand clothing stores. They're wise to the scalpers looking to flip stuff on Vinted or whatever, so they have also doubled or even tripled their prices. It's an open secret that a lot of stores let the girls working there have a first lookover of whatever comes in.
Is this really scalping? He’s getting up early, using hours of his time and knowledge to select good knives, cleaning, repairing, sharpening then providing a selection of good knives for others to buy.
If you just want a decent knife I’d say he offers a good service that is cheaper and less risky than spending a day or more doing it yourself.
He reuses (or rather, rehomes) too by finding buyers for cleaned and sharpened knifes of good quality. That's a plus from an environmental viewpoint.
I dislike scalping where no real value is added to the service provided beyond getting there first, but this guy uses his skills to pick out good knifes, does quality assurance and presumably sharpening, and sells them with the ability to inform buyers about the type of knife and its intended use.
Is it really scalping? I have more interest than knowledge of what makes a good cookung knife. I could pay him for his knowledge and get a good and useful knife, or I could guess my way through half a dozen trips to the flea market with weeks of trial and error usage. Yes, one is a solution and the other is a journey, but if I'm committed to this particular journey, surf's up at 5:30 a.m.
In general, if you want to do something you more often than not have to compete nation or even worldwide. It makes markets more efficient in the minds of some economists, but makes creating or finding valuable things fucking exhausting.
You can find those things on eBay now. Yes, they’re expensive, but that’s because the exhausting work of combing flea markets and estate sales has been done for you, so that value has been priced in.
What people are really complaining about is that the hobbies of thrifting and collecting have been overrun by professionals. That’s going to suck for any hobby that involves buying and selling.
My local area used to be great to find old used woodworking tools for cheap. I stocked my shop and would occasionally restore and resell a tool or two when I needed to buy something bigger for my shop.
Then somebody posted about it on fucking Facebook. Now ragged out used tools sell for more than new price, and the buyers are always from cities 5+ hours away here to take advantage of the low prices since us country bumpkins don't know any better.
Used tools were a nice way for young people to get started in the hobby. Now they're too expensive for that to be realistic.
> There's enough of them, like mentioned in the article, that they'll pick any flea market or secondhand store clean off diamonds in the rough before you as a regular guy
Usually the flea markets is open to everyone, it’s just that the ‘regular guy’ is not motivated enough to come early. There is nothing you find you cannot if you show up at the same time.
No normal person is getting up at 05:30 to go to a flea market.
Like I said, they're not doing anything forbidden, but they've completely demolished the vibe of something formerly quaint.
Imagine if I went to a hippie festival, bought trays and trays of cake from the food truck, then walked them two blocks over to the fancy neighborhood and started flipping them for triple the price. Word gets out, and a few years later the food truck has raised its prices significantly and then the rest of the festival follows.
As a seller, I would rather sell to a reseller than not at all.The reseller does provide me a kind of service in return by finding me a buyer.
If I'm selling at below market prices I'm effectively giving money to the buyer and perhaps I'm upset that this money goes a professional rather than someone "in need"? Even so I'm not sure the reseller isn't also in need. Presumably this is their livelihood. They probably aren't super wealthy if they are scanning flea markets at 5:30am.
I don't know about your festival example. Sounds like the festival realised that they could charge more and did that. I think this happens all the time without any need for cake reselling.
> No normal person is getting up at 05:30 to go to a flea market.
Of course there are, just go at that time and check. I know because I am one of them. 05:30 is not particularly early, and if you have a specific niche or quality standard and not just only a bystander, you know that is the only way.
I am also not sure why you believe this trend is new. The diamonds as far as I know have always been found very early.
5:30 is particularly early, especially when it involves normal people's hobbies.
> and if you have a specific niche or quality standard and not just only a bystander,
This is what the OP was saying, that this space has been been invaded by scalpers, people who do tend to have higher "quality standards" because it's in the nature of their "job", they've become aware that the higher quality stuff sells for more so that they're actively chasing it.
You're either delusional or just being a contrarian if you think being out the door at 05:30 is "not particularly early". McDonalds is still serving the dinner menu at that point.
And you used to be able to find diamonds in the rough on flea markets, secondhand stores and even on online places like eBay, until 2013ish. That's when the professional reseller became more and more pervasive.
Since you seem to think that flipping and scalping is a valuable addition to society, we have nothing to discuss.
> You're either delusional or just being a contrarian
As kgwgk points out [*1], the proposition wasn't "5:30AM isn't particularly early", but rather "5:30AM isn't particularly early to visit a flea market".
Despite being US-centric, this is also an international forum, values may differ. I initially assumed the market was French/European when they mentioned looking for vintage culinary knifes.
> Since you seem to think that flipping and scalping is a valuable addition to society, we have nothing to discuss.
Not interested in good-faith discussions of differing viewpoints?
I'm not going to downvote you, but I think this is pretty narrow-minded for a discussion forum like this.
> You're either delusional or just being a contrarian if you think being out the door at 05:30 is "not particularly early"
Have you never fished at the dawn, hiked for a sunrise, spent the night watching the stars? I think you may try to expand your horizon about other people hobbies.
Apparently not. If I want to take nice (or naughty) pictures in a beautiful location (nature, urbex, or whatever) without anyone else around, getting up early is key. Going out at 4:30 to catch the first bus and hike an hour, or ride a bicycle somewhere just to get there by sunrise: no problem coffee won't fix. It's worth it too.
They've effectively outsourced the work - they are paying this guy to get up at 5:30AM on their behalf. You go shopping for yourself, he goes on behalf of his customers.
> they've completely demolished the vibe of something formerly quaint.
I think you mean overlooked. Well, it's in the spotlight now, and gotten popular.
More busy, less calm, less 'quaint'. The market exists for (as a result of) the sellers, of they are happy, consider that the target demographic has just shifted, and you are no longer it.
> Imagine if I went to a hippie festival..
What is a 'hippy-festival', does it imply some kind of values shared by the seller, or is that just a description of the usual buyer?
Feels a bit like the glass-makers fallacy.
Why can't the food truck do the same? Why do they need to go to the 'fancy neighbourhood' if the food truck can raise their prices in their current location (festival)? Do you think the food truck sellers believe this is a bad thing? Should the food sellers be prevented from earning more so that you can pay less - and surely the food truck sellers could continue charging less if they wished? Unless the festival organisers started charging them higher fees.
> The enthusiast offering ... because if everyone else is gouging the visitor, why shouldn't he?
Or because the fee they pay (food truck licence, parking/market fee, tax, etc) is already priced as such so they have little choice. In my country, rent is very high, that's why coffee is so expensive (and coffee places struggle to stay afloat) - the stores compete heavily, but the landlord extracts most of the value.
> The same goes for second-hand clothing stores.
Isn't giving "the girls" first look / priority morally the same? The 2nd-hand stores wise to this could just as easily advertise on vinted, no?
Describing all of this as 'hypercapitalist' seems hyperbolic to me.
The booth fee at the sf flea market is $50. However you have to have a business license with the city (used to be around $35/yr) and register with the market in advance
so, is there already somebody that wrote the exploit for it? are there any special things to consider exploiting such architecture back in the day or do the same basic principles apply?
perhaps the downvoters can tell me why they are downvoting? i'm curious to hear whether if this would work on unix v4 or whether there are special things to consider. I thought i would ask claude for a basic example so people could perhaps provide feedback. i guess people consider it low effort reply? anyway, thanks for your input.
Your response is a non-sequitur that does not answer the question you yourself posed, and you are responding to yourself with a chatbot. Given that it is a non-sequitur, presumably it is also the case that no work was done to verify whether the output of the LLM was hallucinated or not, so it is probably also wrong in some way. LLMs are token predictors, not fact databases; the idea that it would be reproducing a “historical exploit” is nonsensical. Do you believe what it says because it says so in a code comment? Please remember what LLMs are actually doing and set your expectations accordingly.
More generally, people don’t participate in communities to have conversations with someone else’s chatbot, and especially not to have to vicariously read someone else’s own conversation with their own chatbot.
The explanation it gives at the start appears to be on the right track but then the post has two separate incomplete/flawed attempts at coding it. (The first one doesn't actually put the expected crypt() output in the payload, and the second one puts null bytes in the password section of the payload where they can't go.)
> perhaps the downvoters can tell me why they are downvoting?
Not one of the actual downvoters, but:
Lack of proper indenting means your code as posted doesn't even compile. e.g. I presume there was a `char* p;` that had `*` removed as markdown.
Untested AI slop code is gross. You've got two snippets doing more or less the same thing in two different styles...
First one hand-copies strings character by character, has an incoherent explaination about what `pwbuf` actually is (comment says "root::", code actually has "root:k.:\n", but neither empty nor "k." are likely to be the hash that actually matches a password of 100 spaces plus `pwbuf` itself, which is presumably what `crypt(password)` would try to hash.)
Second one is a little less gross, but the hardcoded `known_hash` is again almost certainly incorrect... and if by some miracle it was accurate, the random unicode embedded would cause source file encoding to suddenly become critical to compiling as intended, plus the `\0`s written to `*p` mean su.c would hit the `return;` here before even attempting to check the hash, assuming you're piping the output of these programs to su:
A preferrable alternative to random nonsensical system specific hardcoded hashes would be to simply call `crypt` yourself, although you might need a brute force loop as e.g. `crypt(password);` in the original would presumably overflow and need to self-referentially include the `pwbuf` and thus the hash. That gets messy...
crypt is defined in assembly at s3 crypt.s and it would appear to use the same family of "cryptographic machine" as V6's crypt.c but it is even shorter and I can't tell if it has bounds checks or not — V6 limits output size to 512.
edit: if hash output length is variable it may be impossible to find a solution and then a side channel timing attack is probably the best option.
we are working on Aye Chat: an AI development tool for the terminal. It will make changes directly and let you revert changes through our snapshot feature, all while you can stay in the terminal to execute your favorite (terminal) editor and what not.
If allows the use of different models, no need to sign-up at the moment and at no cost. We released our beta just last week.
We were getting annoyed by all the additional confirmation questions by other AI assistants, and having to switch between consoles to use a editor and/or revert changes.
