- Dev Notes
- Posts
- TicketMaster's SafeTix System Cracked Open
TicketMaster's SafeTix System Cracked Open
Good Morning! Suprisingly, a developer has cracked open TicketMaster's SafeTix rotating barcode system, raising questions about the security of the anti-fraud measures. Worldcoin, founded by OpenAI's Sam Altman, has launched its World Chain blockchain for developer testing, promising enhanced scalability and user-centric features. The free Zed code editor has come under scrutiny for automatically downloading and running programs without user consent, sparking concerns about security and transparency in developer tools.
TicketMaster's SafeTix System Cracked Open
A developer has successfully reverse engineered TicketMaster's SafeTix rotating barcode system, exposing potential vulnerabilities in the ticketing giant's anti-fraud measures. The study found that SafeTix barcodes are made up of a fixed code and two changing numbers that update every 15 seconds.
Main discoveries:
Barcodes contain Base64 data, two 6-digit numbers, and a time stamp
The system uses eventKey and customerKey to make the changing numbers
Ticket codes can be easily found in the web browser's message log
While TicketMaster says SafeTix stops ticket fraud and reselling, this breakdown shows that tickets might still be copied or shared outside their system. The researcher even made a simple app called TicketGimp to show SafeTix barcodes using the extracted codes.
This discovery makes people wonder if SafeTix is really as secure as TicketMaster claims it to be.
Read More Here
Worldcoin's World Chain Opens to Developers
Worldcoin, started by Sam Altman from OpenAI, is testing a new blockchain called World Chain. Some developers can now try it out before everyone else gets to use it later this summer.
World Chain is built using tools from Optimism and works with Worldcoin's system. It aims to help more people use the network without slowing things down.
Key Features about World Chain:
Uses Reth, which is fast Ethereum software
Can handle twice as much work as Optimism's main network
Wants to process 1,000 million gas per second someday
Works with over 10 million users in many countries
World Chain is teaming up with companies like Alchemy, Safe, and Elliptic to make it better. It also has extra safety features to keep it secure.
The big idea is to make a blockchain that's fast and puts people first, while still working well with Ethereum. This test run will help make sure everything's ready for the big launch.
Read More Here
Zed Editor automatically downloads binaries and NPM packages from the Internet without user consent
The free Zed code editor is in trouble for quietly getting and running programs without asking users. People found out Zed grabs Node.js, npm packages, language servers, and other tools from the internet when it starts up.
Main worries include:
Safety risks from running unchecked programs
Surprise data use, especially on limited internet plans
Not working well on some Linux systems like NixOS
Maybe breaking GPL license rules
Lots of people are saying this is bad for places that care about security and goes against what users expect. Some have turned off language servers to avoid the problem.
The Zed team says they did this to make things easy for new users. But they're looking at ways to let users control what gets downloaded.
This shows how hard it is to make tools both easy and safe for developers. People are waiting to see how Zed will fix this issue.
Read More Here
🔥 More Notes
Youtube Spotlight
How I made a Pokedex for Real Life with AI / GPT4o
Was this forwarded to you? Sign Up Here
Reply