@cR0w @christopherkunz
Every PoC on GitHub these days needs to be assumed fake until proven otherwise.
Our Call for Participation will close on 7 June - if you have a talk, workshop, or performance you'd like to give at EMF, there's still time to submit!
An 8TB hard drive that was $129.99 a year ago is now $299.99.
Thanks, AI. You're really making the world a better place.
@christopherkunz
I also tested another PoC and it was even more fake. i.e. it didn't even create a CLDAP structure that made sense.
I get that PoC||GTFO is a thing, but we've clearly entered a phase where it needs to be Verified PoC||GTFO. π€¦ββοΈ
I don't get out much these days but here's a talk I gave at the North American OSS Summit recently: https://www.youtube.com/watch?v=ZquMucBZnaQ
For 19 years, GPS satellites have secretly broadcast a βnumbers stationβ in their public signals. We decoded 12M messages: a 2011 flash where 31 of 32 satellites flipped in hours, βghostβ substrings repeating years apart, and a βTEXTβ prefix spreading now. https://lsc-pagepro.mydigitalpublication.com/publication/?i=865273&p=62&view=issueViewer
ππππ-ππ²-ππ§π ππππ CFP looking for the research that will shape the conversations, techniques and tooling of tomorrow's offensive security community.
CFP closes on 1 July 2026, 18:00 SGT.
The next great OFF-BY-ONE talk might be yours!
https://cfp.offbyone.sg
A friend reported a LPE to Microsoft and in the advisory Microsoft fucked it and wrote a wrong description saying the vuln was in MMC.
Consequence: people wasting hundred of dollars on AI trying to analyze the wrong files just to get a fake PoC because AI brainwashed them πππ
"A working PoC" and the AI released a supposed MotW bypass. The real vuln was a LPE to System.
What a clown circus π€‘
One principle Iβd like to be enshrined in law:
If you create incentives that reward a behaviour, you can (and will) be charged as an accessory in any case where someone is doing something illegal as a result of optimising for that behaviour. An affirmative defence would need to demonstrate that you had safeguards in place to effectively disincentivise that behaviour.
For example, if you are running a delivery company and you set targets that mean people are paid more if they drive or park illegally, you are automatically charged as an accessory to however many counts of dangerous driving your drivers are charged with. If you are a city councillor and vote to close all of the public toilets so that thereβs nowhere for taxi drivers to relieve themselves, you can be charged as an accessory to a few hundred counts of public urination.
Part 2 of the custom PE resources series: how to embed any binary as a resource in Visual Studio and extract it at runtime.
https://trainsec.net/library/windows-internals/how-to-embed-and-extract-custom-pe-resources-in-c-findresource-loadresource-makeintresource/
Windows Kernel Programming, Second Edition by Pavel Yosifovich is on sale on Leanpub! Its suggested price is $37.95; get it for $24.21 with this coupon: https://leanpub.com/windowskernelprogrammingsecondedition/c/LeanPublishingDaily20260601 @zodiacon
So tailoring ads to a broad audience obviously does work. You run ads for gamepads on videogame websites. You run ads for expensive wine in Yacht Owners Monthly.
But the massive surveillance-/ad-tech scheme, which collects ten thousand data points about every device and tries to match them to the perfect product, that basically doesn't do anything. It shows you ads for toilet seats because you've bought a toilet seat. It shows me ads for learning German because my device language is set to English and my IP geolocates to Germany. Neither of these campaigns will result in a sale.
Like. Contrast that with the FurAffinity model. "You pay the people who run this website to display ads. You know what sorts of people will see them because of what our website is like." That's far cheaper, far easier, and far less intrusive than the modern ad-tech approach. And the results it yields are probably *better.*
However, a third of the First World's economy is based on the assumption that this Rube Goldberg machine of espionage and real-time bidding actually does do something, so nobody wants to run the numbers.