The state of advanced research:

IBM's X-Force blog has a chatbot, but can't correctly render static images:

https://www.ibm.com/think/x-force/patch-tuesday-exploit-wednesday-pwning-windows-ancillary-function-driver-winsock

(could you kick some butt @chompie1337 ? )

This is beautiful. I've been looking at this for 5 hours now.

Weird #DIY question:

I'd like to have easy to switch paper disks on an axis. An "obvious" solution would be to cut pices of a spiral where the beginning and the end just overlap, so they only get off when turned to the direction of the axis.

But how do I cut/produce such pieces so that they remain flat when on the axis?!

#topology

I published an #IDA importer for the REShare #ReverseEngineering exchange format:

https://github.com/v-p-b/reshare-ida

I also wrote up my development experiences, incl. tips for IDA's type info API:

REshare Ramblings - Bad Vibes with IDA
https://scrapco.de/blog/reshare-ramblings-bad-vibes-with-ida.html

I'm still looking for contributors, esp. on the #radare2 and #BinaryNinja side!

@uint8_t @karotte @gsuberland

@robpike

@mttaggart No worries, SpaceX can put your telescopes to space cheaply so you can avoid Starlink satellites!

"You should be able to talk to your PC"[1]

^ This is a fundamental misunderstanding that reminds me (again) of one of my favorite failed experiments of '90s internet: the online 3D shopping center.[2]

C-levels of the time spared no expense to build a complete VRML model of a shoping center in the browser, where you could walk around, take the escalator for a better view on the virtual fountain or even rent a virtual space for your goods.

What the inventors didn't understand is that of course people don't go to the mall to use the escalator, but to buy stuff.

Online banking, shopping, etc. became popular even over phone-based services because people realized that clicking on stuff is more effective than talking (and walking).

Chatbots are the 3D escalators of todays technology.

[1] https://www.theverge.com/report/822443/microsoft-windows-copilot-vision-ai-assistant-pc-voice-controls-impressions
[2] https://web.archive.org/web/20070610120220/https://index.hu/tech/net/plaza0607/

That progress bar...

When giving #infosec advice it's easy to forget that the average person probably only knows about Uniform Resource Locators and the Domain Name System.

And Public Key Infrastructure of course.

VSCode doesn't know the powers I possess!

"Last week the @FFmpeg account began taunting security researchers. Foolish thing to do, as it ignores the asymmetry of their attack surface vs ours.

So as an exercise I found a stack-based buffer overflow on software that he wrote." - @ortegaalfredo

https://threadreaderapp.com/thread/1991974275532636263.html

Normally I'm all for these stunts, but this one...

#select goes brrrr....

Thanks @pancake for the swag!

User-friendly GUI: please provide command line parameters in this text box!

Me, knowing that one of the characters will need escaping:

@david_chisnall @j Wait people refuse to use services if they don't have *stickers*??

@mttaggart I accidentally made this gif this morning before shit went down

https://apnews.com/article/japan-softbank-son-nvidia-ai-chips-d8a10172850628c317a214280a4d94c9

This article highlights how much control endpoint security vendors have over customer machines, and transitively over companies and maybe even nations:

https://www.huntress.com/blog/rare-look-inside-attacker-operation

You only install this stuff, because you trust the vendor (and their government, etc.). Or not, see Kaspersky vs. US.

#AntiVirus #EDR #HackBack

/me after a chill Sunday with #IDAPython

I'm now basically doing this out of spite.