[RSS] From UART to Root: Breaking Into the Xiaomi C200 via U-Boot

https://github.com/h3xDum/Xiaomi-C200-Firmware-Analysis

Pretty cool - it turns out that the way I write my blog posts is called 'BLUF': Bottom Line up Front, and it was standardized by the US Army in their information management guidelines: https://en.wikipedia.org/wiki/BLUF_(communication)

@swapgs Maybe LLM assisted? The vuln is pretty funny and IMO the "philosophical" question it discusses is valid.

CVE-2025-29970 Microsoft Brokering File System Elevation of Privilege Vulnerability writeup

https://www.pixiepointsecurity.com/blog/nday-cve-2025-29970/

[RSS] When OAuth Becomes a Weapon: Lessons from CVE-2025-6514

https://amlalabs.com/blog/oauth-cve-2025-6514/

[RSS] CVE-2025-38352 - In-the-wild Android Kernel Vulnerability Analysis + PoC

https://faith2dxy.xyz/2025-12-22/cve_2025_38352_analysis/

as promised, here is a repository that lets you quickly turn any random VPS into a Forgejo Actions runner in under 30 minutes, for use with Codeberg or your private forge! https://codeberg.org/whitequark/nixos-forgejo-actions-runner

it uses NixOS internally, but Nix knowledge is neither required nor assumed, and the README walks you through the entire process.

More good news for the shortest day

In July Helsinki marked an entire year without a single traffic death. The Finnish capital, which has a population of 690,000, achieved the feat through lower speed limits, improved street design and investing in pedestrian and cycling infrastructure. More than half of Helsinki’s streets have a speed limit of 30km/h (18-19mph) and roads have been narrowed with trees.

#RoadSafety #Helsinki #Finland #GoodNews

After several years of refusing to communicate on Meta's platforms I just managed to get my high school friends on Signal for an Xmas chat.

Can I now get my attaboy from @pluralistic?

@bert_hubert My similar rule is that I don’t get to say “just” unless I’m the person who has to “just” do it.

Vulnhalla: Picking the true vulnerabilities from the CodeQL haystack https://www.cyberark.com/resources/threat-research-blog/vulnhalla-picking-the-true-vulnerabilities-from-the-codeql-haystack

I discovered a wonderful hack that likely would allow me to run Windows 2 on my vintage Apricot PC Xi before the New Year.

Quick recap: Apricot PC is a British computer from 1983, not compatible with the IBM PC. It had a Windows 1 port, but not Windows 2, and thus couldn't run Word, Excel, or Illustrator. With a bit of driver-writing, I managed to start Windows 2 on it, but my video driver is rudimentary and cannot be used for practical purposes. Windows video drivers are super-complicated, so I was fully expecting to spend over a month writing one (at least there are docs for everything!)

But I just discovered a way to run Windows 2 with Windows 1 video drivers. So if I had a Windows 1 driver for Apricot, I could use it in Windows 2. Of course, it's never that simple...

Find the difference between Windows 2 with Win1 driver and Windows 2 with the real Win2 driver - both are EGA 640x350!

🧵 thread with a few more screenshots and pointers

Picard management tip: Think.

New vulnerability report from Talos:

Foxit Reader Text Widget Format Use-After-Free Vulnerability

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2278

CVE-2025-59488

New vulnerability report from Talos:

Foxit Reader Barcode Calculate CPDF_FormField Use-After-Free Vulnerability

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2277

CVE-2025-58085

New vulnerability report from Talos:

Foxit PDF Editor Installation Uncontrolled Search Path Privilege Escalation Vulnerability

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2275

CVE-2025-57779

[RSS] TP-Link Tapo C200: Hardcoded Keys, Buffer Overflows and Privacy in the Era of AI Assisted Reverse Engineering

https://www.evilsocket.net/2025/12/18/TP-Link-Tapo-C200-Hardcoded-Keys-Buffer-Overflows-and-Privacy-in-the-Era-of-AI-Assisted-Reverse-Engineering/

Anna's Archive backed up Spotify. They got 99.9% of metadata, and 300TB of music representing 86 million tracks - original 160kbps OGG for tracks with popularity>0, and re-encoded 75kbps for popularity=0. absolutely wild project.

the metadata in particular is a hugely useful data source. MusicBrainz catalogues 5 million unique ISRCs (like ISBNs but for music releases), whereas this archive has a whopping 186 million.

https://annas-archive.li/blog/backing-up-spotify.html

Here's the document release you were waiting for today!

The UNIX V4 tape!

https://archive.org/details/utah_unix_v4_raw

#retrocomputing

the UNIX v4 tape reminded me of this story by Ali Akurgal about Turkish bureaucracy:

Do you know what the unit of software is? A meter! Do you know why? In 1992, we did our first software export at Netaş. We wrote the software, pressed a button, and via the satellite dish on the roof, at the incredible speed of 128 kb/s, we sent it to England. We sent the invoice by postal mail. $2M arrived at the bank. 3-4 months passed, and tax inspectors came. They said, “You sent an invoice for $2M?” “Yes,” we said. “This money has been paid?” they asked. “Yes,” we said. “But there is no goods export; this is fictitious export,” they said! So we took the tax inspectors to R&D and sat them in front of a computer. “Would you press this ‘Enter’ key?” we asked. One of them pressed it, then asked, “What happened?” “You just made a $300k export, and we’ll send its invoice too, and that will be paid as well,” we said. The man felt terrible because he had become an accomplice! Then we explained how software is written, what a satellite connection is, and how much this is worth. They said, “We understand, but there has to be a physical goods export; that’s what the regulations require.” So we said: “Let’s record this software onto tape (there were no CDs back then—nor cassettes; we used ½-inch tapes) and send that.” Happy to have found a solution, they said, “Okay, record it and send it.” The software filled two reels, which were handed to a customs broker, who took them to customs and started the export procedure. The customs officer processed things and at one point asked, “Where are the trucks?” The broker said, “There are no trucks—this is all there is,” and pointed to the tape reels on the desk. The customs officer said, “These two envelopes can’t be worth $2M; I can’t process this.” We went to court, an expert committee examined whether the two reels were worth $2M. Fortunately, they ruled that they were, and we were saved from the charge of fictitious export. The same broker took the same two reels to the same customs officer, with the court ruling, and restarted the procedure. However, during the process, the unit price, quantity, and total price of the exported goods had to be entered—as per the regulations. To avoid dragging things out further, they looked at the envelope, saw that it contained tape, estimated how many meters of tape there are on one reel, and concluded that we had exported 1k to 2k meters of software. So the unit of software became the meter.