#so it serves all of simon's nefarious purposes:
Explore tagged Tumblr posts
Visit Tumblr Blog
Explore Tumblr blogs with no restrictions, modern design and the best experience.
Last Seen Tumblr Blogs
Fun Fact
Premium Tumblr themes are available from anywhere between $9 to $49.
Text
2Jul24
Mr. Cowell, in need of attention, Implanted an H. Styles mention; He says he was rung And praises were sung, Which, much like his face, is invention.
#larry#harry#harry styles#simon cowell#fin from STONE (one of louis' openers) publicized a message sent on simon's behalf#trying to recruit him to audition for simon's hunt for the next 1D#fin responded with a 'go fuck yourself' for simon#and a sweet little 'team1D' to boot#simon's butthurt so he manufactured some clickbait#a story of harry calling him 3 weeks ago to talk about the good times#and the articles make a point to mention louis and niall unfollowing simon#so it serves all of simon's nefarious purposes:#exploit harry's name for attention and promotion and good favour#and push the idea that the boys aren't a united albeit latent front#feel like i might go to hell for this one#but at least i can read the limerick to simon in person#limerick-hs#july 2#2024
115 notes
·
View notes
Text
So I'm actually in the process of writing my dragon rider AU, and I wanted to go ahead and include Farah in my little headcanons/fun facts series. As always, dragon art credit goes to Kenny Kwan arts on Instagram. Check it out his art is amazing ^^
Also yes I'm aware I added an extra r in her name in the pic, but as I made this months ago I really don't wanna go back and correct it. I'm so sorry guys :(
Farah and Zaircai
Farah
1. Farah is a dragon rider from another country, Keshye, which is across the sea from Athana.
2. Unlike Edren and Athana, the people of Keshye view dragons as creatures worthy of great reverence. While it's an honor to become a rider, becoming one for Keshyan dragon is harder.
3. Farah was ten when she first approached Zaircai, a dragon who had been feeding off of local livestock for ages and was becoming a tad problematic. Three years of training, bonding, and hard work on both sides earned a strong partnership.
4. Farah is an expert with a longbow, both in the air and on the ground.
5. She rides Zaircai mostly bareback, as saddles and reins are considered taboo when claiming a dragon in Keshye.
6. It takes a lot of balance and a LOT of trust, but she can even stand on Zaircai when in the air, knowing her Winged Shadow will not let her fall.
7. She wants to see the whole world from the back of her dragon, and make records and maps from her findings.
8. Doesn't agree with how Athanians "lock away" their dragons in Dragon's Keep. It's only after talking with Simon and Nova that Farah gets why Dragon's Keep was truly built.
9. Her people also view Wildfyre, the first dragon, as a sort of god-like figure. For Edren and Athana, Wildfyre was a tyrant to be feared and deposed. But to the Keshyen people he was a symbol of freedom and the wild that made up their homeland.
10. She and her brother once served as egg couriers as they sought out new riders. When it was revealed he was stealing and selling the eggs to those who wanted to use the hatchlings inside for other, more nefarious purposes, Farah and Zaircai had no choice but to stop him by any means necessary...
Zaircai
1. A rather young dragon, maybe in his 70s at this point. He doesn't really keep track of his age.
2. Farah calls him her Winged Shadow because he's always there even when she's not on his back.
3. Zaircai tends to overheat easily due to the black of his scales. Because of this, he's often found swimming in any nearby body of water to keep cool.
4. He claimed Farah just as much as she claimed him. They chose each other if anyone asks them.
5. Farah is his first rider, and he's not sure if he'll want another once she's gone.
6. Breathes flames of black with veins of silver.
7. His head and neck are lined with sharp spikes, similar to another dragon I might write about later. It's believed the two may be related but its never entirely addressed, as it's one he REALLY doesn't want to be associated with.
8. At first, Zaircai only lets Farah touch him, until they meet Alex the Wanderer and his dragon, Visha.
9. Is a bit spoiled admittedly, a trait that all Keshyen dragons share.
10. Farah was not the first to try and claim him, just the only successful one to. Many tried only to be burned for their efforts.
And that's Farah and Zaircai! I feel like they're gonna be a fun pair to write, and even more so when Alex is thrown into the mix. Not sure who I'll do next, maybe Graves and his dragon, Vera. Anyway, let me know what you guys think! As I said I'm actually working on turning this into a full fledged fic. So keep an eye out for that! Don't forget to be awesome ^^
#dragons#dragon rider au#fantasy#cod fanfic#farah karim#farah cod#cod headcanons#fantasy au#fantasy headcanons
10 notes
·
View notes
Photo
For the week of 3 September 2018
Quick Bits:
Ant Man & The Wasp #5 concludes what has been a fun series from Mark Waid, Javier Garrón, Israel Silva, and Joe Caramagna. The artwork from Garrón and Silva has been excellent and this final issue allows them to show off some more incredible and strange ideas.
| Published by Marvel
Asgardians of the Galaxy #1 adds another fun little wrinkle to the current expansion and exploration of Marvel’s Asgardian characters, spinning out of the current Thor series, the Infinity Wars crossover, and other reclaimed threads from the past few years. You needn’t have read any of that, though, as this still serves as a good introduction on its own, the rest just adds flavour. Cullen Bunn adds some nice touches of humour to the story, while a large part of this story rests in the action depicted by Matteo Lolli and Federico Blee. This is off to a good start.
| Published by Marvel
Avengers #7 is a single issue story expanding upon the first Ghost Rider from Jason Aaron, Sara Pichelli, Elisabetta D’Amico, Justin Ponsor, and Cory Petit. I like the 1 Million BC Avengers, so this is a welcome exploration, especially when coupled with this beautiful art.
| Published by Marvel
Black Science #38 gives a very interesting perspective on the book’s reality, and the purpose of all of the different realities, as we reach the prime reality. Phenomenal art as always from Matteo Scalera and Moreno Dinisio.
| Published by Image / Giant Generator
Bully Wars #1 isn’t a bad debut, filling in a similar-but not quite as extreme-humour place as Skottie Young’s recently concluded I Hate Fairyland. Nice art from Aaron Conley and Jean-Francois Beaulieu.
| Published by Image
Call of Duty: Zombies 2 #1 serves as a prequel to the forthcoming co-op portion of Activision/Treyarch’s Black Ops 4 video game, introducing some of the characters who will be featured in that story. It’s very much a kind of Indiana Jones pseudoarchaeology type story so far, but it’s good. Nice work from Justin Jordan, Andres Ponce, Mauro Vargas, Dan Jackson, and Nate Piekos.
| Published by Dark Horse
Captain America #3 teases out a bit more of the conspiracy of a group behind the Nuke terrorists and an attempt to take control of America in the void left by Hydra’s demise. It continues to be a slowburn, with Ta-Nehisi Coates leaving a lot of the moral and ethical decisions up to the readers themselves as to whether or not what’s occurring is a “good” thing, even if being a byproduct of potentially nefarious ends.
| Published by Marvel
Clankillers #3 is more gorgeous artwork from Antonio Fuso and Stefano Simeone as they bring the darker aspects of Irish mythology to life. I quite enjoy how Sean Lewis is constructing how incredibly messed up this family has become.
| Published by AfterShock
Cloak & Dagger #4 starts pushing us closer towards the endgame as Ty goes on the offensive to find and rescue Tandy. Marvel’s digital originals have really been delivering some high quality stories lately and this one from Dennis Hopeless, David Messina, Elisabetta D’Amico, Giada Marchisio, and Travis Lanham has helped lead the charge. I know this one’s only supposed to be a limited series, with a couple more issue left, but the story and art have been top notch and I’d really like to see more.
| Published by Marvel
Cosmic Ghost Rider #3 brings the ultraviolence as Donny Cates, Dylan Burnett, Antonio Fabela, and Clayton Cowles give us what amounts to an issue long battle between our time-spun, deranged Frank Castle and a seemingly infinite army of Guardians of the Galaxy led by Cable. It’s fun.
| Published by Marvel
Dark Ark #10 concludes this arc in fairly spectacular fashion, including a very impressive double-page spread from Juan Doe of the confrontation with Echidna.
| Published by AfterShock
The Dead Hand #6 is the conclusion to the first arc in this series and it is rather good. It ties up the events throughout the series so far and gives us a very interesting change to what happens next. I can’t say it’s unexpected because pretty much every issue has given us a surprise revelation or twist in the story, but it’s very well done. Kyle Higgins, Stephen Mooney, Jordie Bellaire, and Clayton Cowles have told a very compelling story of intrigue and spycraft here.
| Published by Image
Deadpool #4 is a fun single issue story dropping Deadpool into Weirdworld and just kind of running wild with it. It allows Scott Hepburn (with colours by Ian Herring) to really cut loose with some of the designs and layouts, and taps into the zany, bizarre humour and fantasy that Skottie Young has become known for.
| Published by Marvel
Death of the Inhumans #3 continues the slow, surgical excision of the Inhumans and much of their supporting cast from the cosmic Marvel scene. There’s some fight left in them, but I wonder if Donny Cates is setting us up for disappointment. I really quite like what he’s carving out for himself with this, Cosmic Ghost Rider, and Thanos Legacy. Also, beautiful artwork from Ariel Olivetti and Jordie Bellaire.
| Published by Marvel
Eclipse #10 makes me really quite appreciate Giovanni Timpano’s artwork more, especially finding out that he’s developing the layouts and panel progressions himself. Not only are they visually interesting, but it elevates the level of collaborative storytelling that he and Zack Kaplan are accomplishing here.
| Published by Image / Top Cow
Giant Days #42 complicates things a bit between Ed and Esther, continuing to navigate the tricky relationships between the characters. The humour and heart are at an all time high this issue.
| Published by Boom Entertainment / Boom! Box
Immortal Hulk #5 gets pretty heavy as the issue drops a few bombs in regards to Sasquatch and on whatever it is that keeps bringing the Hulk back to life. Five issues in and this is already on part to me with much of Peter David’s run, particularly the Dale Keown, Liam Sharp, and Gary Frank eras that I greatly cherish. Al Ewing, Joe Bennett, Ruy José, Paul Mounts, and Cory Petit are crafting an enthralling horror story, while greatly developing and embellishing upon Banner’s history. This is damn good.
| Published by Marvel
James Bond: Origin #1 is quite good, spotlighting a young James Bond, still in school, set during World War 2. It’s pretty straightforward in its action, but the artwork from Bob Q is quite a draw. He’s got a style that reminds me a bit of Peter Gross and Patrick Olliffe and it works really well for this kind of story.
| Published by Dynamite
The Last Siege #4 attempts to shift fates again this issue as Lady Cathryn and the stranger try to free themselves from Feist. The intrigue and shifting tension to the story are palpable, with Landry Q. Walker and Justin Greenwood keeping us on the edge of our seat with the action.
| Published by Image
Leviathan #2 is not quite as over-the-top insane as the first issue, as it starts to fill in the details of what’s going on, but it still tries really hard to throw as many crazy ideas at you at once. Especially Hollow Earth dinosaurs in addition to the rest of the madness going on. Another satisfying outing from John Layman, Nick Pitarra, and Michael Garland.
| Published by Image
Old Man Logan Annual #1 introduces us to the Punisher of the wastelands, with two stories centring around Old Man Frank. The lead from Ed Brisson, Simone Di Meo, Dono Sánchez-Almara, and Cory Petit is an interesting story about legacy, actions and consequences, as interpreted through the lens of this destroyed and crumbling world. After the start of the new Hillbilly mini, it’s nice to see Di Meo’s art again here.
The back-up goes further in to developing Old Man Frank himself with a “Punisher Wastelands Journal” story from Ryan Cady, Hayden Sherman, Dono Sánchez-Almara, and Cory Petit. I want more of this story.
| Published by Marvel
Optimus Prime #23 is a bit scattered, delivering overlapping narrative points of view, while a larger conflict erupts on Earth between two factions of Cybertronians and a contingent of GI Joe operatives. It’s chaotic, which is part of the point, but it’s made more so in that you’re probably going to need to read it a couple of times to get the most out of who’s presenting what at any given time.
| Published by IDW
Outpost Zero #3 really starts to turn things up as interpersonal conflicts start coming to the fore and the colonists being politicking amongst themselves in the face of oncoming doom. I quite like it. Sean McKeever has really fleshed out the characters’ motivations and voices, engaging you to see how the pieces fit into the overall narrative.
| Published Image / Skybound
Paradiso #7 gives more insight into the dwellers underground, Jack, and the city itself, but as it does so more and more questions are raised. It’s very interesting how this story is being constructed and embellished, the world-building doesn’t ever seem to stop in favour of just following a singular narrative path.
| Published by Image
Pestilence: A Story of Satan #4 delivers a few revelations and some more nasty twists for our valiant knights. As usual, the artwork from Oleg Okunev (with colours this issue by Guy Major) really makes the series shine. The designs for the advanced stages of the plague are very impressive.
| Published by AfterShock
Predator: Hunters II #2 has some really nice artwork from Agustin Padilla and Neeraj Menon. It’s interesting how Chris Warner is weaving some of the geopolitical strife in Afghanistan into the story and how it colours the Hunters’ hunt.
| Published by Dark Horse
Project Superpowers #2 is good. I’m sure that if I had read more than the original Alex Ross/Jim Krueger series, I’d get more depth out of this, but Rob Williams is making this story enjoyable for those of us that haven’t been following the broader story all along. Great art from Sergio Davila and Felideus.
| Published by Dynamite
Quicksilver: No Surrender #5 leaves us a fairly interesting place after this character study, and quasi-redemption arc, of Pietro. While I’m really interested to see where this goes next, this has been an excellent series from Saladin Ahmed, Eric Nguyen, Rico Renzi, and Clayton Cowles. I’ve really enjoyed how this series has used colour to enhance the storytelling and this issue is no different.
| Published by Marvel
Relay #3 gets weirder. I’m getting even more David Cronenberg and Philip K. Dick vibes off of the story now, as it shifts even further into the mystery of the nature of the Relay and what exactly is going on with reality. There are some very interesting sci-fi ideas being played with here.
| Published by AfterShock
Shadow Roads #3 is another wonderful issue, giving us a bit of Henry’s history, and a lot of action. AC & Carlos Zamudio are really doing a great job with the artwork.
| Published by Oni Press
Silver Surfer Annual #1 is a pretty straightforward morality tale about the conflict the Surfer has with fulfilling his role as Galactus’ herald and the hidden beauty and value of worlds that he’s serving up to his master. It’s a decent story, but what really elevates it is the beautiful artwork from André Lima Araújo and Chris O’Halloran. It’s unsurprising that this issue was dedicated to Moebius, because that who I immediately thought of when I saw this book.
| Published by Marvel
Spawn #289 lays out some of the steps in Spawn’s plans to stop the shadowy evil elements seeking to control humanity, incorporating some old characters and plot ideas back into the overall story. It’s kind of what you’d expect from a Todd McFarlane-penned story and it is fairly entertaining, especially for longtime readers, even if a bit stilted at times. What takes it a peg above the norm, though, is still the artwork from Jason Shawn Alexander (with colours from McFarlane, Brian Haberlin, and Lee Loughridge).
| Published by Image
Star Wars: Doctor Aphra Annual #2 is easily one of the best Star Wars stories I’ve read this year, telling a humorous and exciting archaeological adventure story of Winloss and Nokk attempting to capture a legendary beast. Si Spurrier is great at humour, subtle winks to deadpan black humour, and it comes off in spades throughout the dialogue here. Winloss and Nokk’s banter is just perfect. To add to that, we’ve got Caspar Wijngaard’s first interiors for Marvel and he just knocks it out of the park. His creator owned work is phenomenal, beautiful, atmospheric art and he brings all that care, attention, and wonder to Star Wars. This is a great comic.
| Published by Marvel
Thanos Legacy #1 serves as a capstone to the recent Thanos series from Donny Cates and Geoff Shaw, while also being a companion piece to Cosmic Ghost Rider and being enmeshed in the current goings-on with Infinity Wars. The lead story written by Cates, with great art from Brian Level and Jordan Boyd gives Thanos’ perspective for the Infinity Wars events and is fairly essential in what looks like is coming next in Marvel’s cosmic realm. Like his work on the recent Avengers: Back to Basics digital original series, Level’s panel compositions, transitions, and page layouts are phenomenal. The craft that goes into his storytelling is impeccable.
There’s also a silent back-up from Gerry Duggan, Cory Smith, and Ruth Redmond of Thanos training Gamora that highlights his sadism.
| Published by Marvel
Transformers: Lost Light #23 continues to tie up threads and drop huge revelations as we approach the end. James Roberts, Jack Lawrence, Joana Lafuente, and Tom B. Long are going out on a high note.
| Published by IDW
Transformers: Unicron #4 continues the systematic destruction of IDW’s Hasbroverse. It’s never looked so good with stunning art from Alex Milne, Sebastian Cheng, and David Garcia Cruz.
| Published by IDW
War Bears #1 is an interesting comic from Margaret Atwood and Ken Steacy, blending World War 2 working conditions, Canadian comics history, and propaganda comics into this tale. Great art from Steacy, especially as he incorporates the in-story comics pages into the work. I love when comics do that.
| Published by Dark Horse
Other Highlights: Aphrodite IX: Ares #1, Astonishing X-Men #15, Breathless #4, Come Into Me #3, Ghostbusters: Crossing Over #6, Invader Zim #34, The Long Con #2, Noble #11, Paper Girls #24, Secret Agent Deadpool #1, Spider-Man/Deadpool #38, Star Wars #53, Thief of Thieves #40, TMNT: Urban Legends #5, Unnatural #3, Vampironica #3, Venom: First Host #2, Weapon X #23
Recommended Collections: Brigands - Volume 2: Ruin of Thieves, Fear Agent - Volume 3, The Fix - Volume 3, The Further Adventures of Nick Wilson - Volume 1, Monstress - Volume 3, Monstro Mechanica - Volume 1, Old Man Logan - Volume 8: To Kill For, Prism Stalker, TMNT - Volume 20: Kingdom of Rats, Twisted Romance, X-Men Red - Volume 1: Hate Machine
d. emerson eddy does not have a brain slug attached to his skull. Why do you ask?
0 notes
Text
Web security on MICROTRANSACTION.ZONE, pt. I
Hi! Simon here. I’m one of the co-founders of MICROTRANSACTION.ZONE. I’m also the one who insisted on branding it “MICROTRANSACTION.ZONE” in all caps, so if you think that’s annoying, you now have someone to point at and go “what a tosspot”.
One of the things I’ve wanted to do with this project for as long as it has existed, is using it as a springboard to talk a bit about various web security technologies and how they’re implemented on the site. This isn’t going to be another site update post—if you don’t think internet security is very interesting, you have my blessing to close this tab and look at some cat videos instead.
This blog post will be the first of several, divided up into sections detailing various kinds of vulnerabilities, and what specifically I’ve done to prevent those vulnerabilities from impacting our site. It’ll probably be easiest to understand if you have some grasp of basic web technologies, but I’ll try not to get too bogged down in irrelevant technical details. All that said, let’s just dive right in.
Man-in-the-middle (MITM)
If you’re on an unencrypted connection (e.g. if you’re visiting a website over HTTP instead of HTTPS), then the data that’s being sent back and forth between you and that website is fully visible to anyone on the same local network as you, to your ISP, and to any number of other machines on the way between you and the server that hosts the website. Not only can they see it, but there are a number of nefarious tactics available that will let them alter the content of the pages you visit - letting a sneaky attacker who’s on the same wi-fi network as you insert a cryptocurrency miner into any unencrypted website you visit, or letting your ISP insert giant notices about copyright infringement on any site you visit that isn’t protected by HTTPS.
HTTPS prevents this by encrypting all traffic travelling between you and the machine where the website is hosted in such a way that it’s useless garbage to anyone except you and them - all the people i mentioned before can still intercept it if they want, but it’s completely worthless to them. However, it’s not enough for a site to simply support HTTPS - it’s equally important to make sure that it actually gets used. By default, any webserver that serves content over HTTPS will still quite happily let visitors browse the site over HTTP unless they manually type “https://...” into their address bar - obviously, we’d rather that didn’t happen. The solution to this is two-pronged - the first part is to automatically redirect everyone to HTTPS if they try to access the site via unencrypted HTTP. The second part is a technology called “HTTP Strict Transport Security”, or “HSTS”.
Even when we automatically redirect a user to HTTPS, there’s still an unencrypted HTTP connection happening while the redirect is taking place. HSTS fixes that. It’s an HTTP header that gets sent to your browser on every page you load over HTTPS, and it basically tells your browser “stay on HTTPS whenever you visit this site for the next little while”. This means that, once you’ve visited our site over HTTPS even once, your browser will automatically redirect itself to HTTPS any time you visit our site for the next month, before it ever even tries to load the page.
We’re going to get the site added to the HSTS preload list in the near future - once that’s done, this automatic redirection will happen even the very first time you visit our site, on every major browser.
Cross Site Scripting (XSS)
XSS (see here for a basic primer) is one of the most dangerous website vulnerabilities out there, in terms of the damage it can do to a user’s own device - a site with an unchecked XSS vulnerability lets an attacker run any JavaScript they want on a visitor’s machine, letting them do anything from using your computer to mine cryptocurrencies, stealing your website cookies, displaying malicious advertisements, replacing the entire page with whatever content an attacker desires, or even (gasp) letting them lie about what tags a game has on our site.
Unfortunately, there is no magic cure-all for XSS. You have to put up a layered defense; even if one of your defensives measures is defeated, you still have several others rendering the attack useless. A short list of some of the things we do on MICROTRANSACTION.ZONE to prevent XSS attacks:
ASP.NET, which our site is built on, has built-in defences against XSS in form input. Unless you manually disable it (we haven’t), it will error out if it detects something that even smells like HTML tags.
We never reflect the user’s input back at them directly. For example, on our search page, we do not write “Your search for [query] returned these results”. That would involve reflecting user input, which is a bad idea wherever you can avoid it.
This is also one of many reason we do not have a comments-section for each game’s page, as well as one of the reasons we manually vet each submission.
All cookies on the site are marked as “HTTP Only”, meaning that they are not accessible to JavaScript (please do not be alarmed over the word “cookies” - the only cookies we give our normal visitors are “RequestVerificationToken” cookies which are used to help prevent CSRF attacks - more on that specific vulnerability later...)
We have a very restrictive Content Security Policy (CSP). Like HSTS, this is another header - one with the purpose of instructing your browser which places it is allowed to load which types of content from. One of the most important features of our CSP is that it blocks inline JavaScript completely - only JavaScript loaded as external files from a specifically whitelisted range of domains may be run. This means that, even if an attacker should find an XSS vulnerability in our site, they would be powerless to exploit it unless they also managed to upload actual JavaScript files to our web host, or to Google or Twitter. In which case, we’d have bigger problems. CSP is supported by basically every major browser, so as long as you’re not running Internet Explorer or Opera Mini, you’re protected by this additional layer of defense.
0 notes