Posts
4217
Following
733
Followers
1628
"I'm interested in all kinds of astronomy."
repeated

Spent my childhood optimizing CONFIG.SYS and AUTOEXEC.BAT to fit everything into 640 KB.

Now one browser tab needs 2 GB of RAM so 17 analytics companies can find out I looked at socks.

6
33
1
repeated

Meta faces $1.4 trillion in damages for hooking kids on purpose. The company's market cap is $1.5 trillion. They're arguing the number is unprecedented in consumer protection history, which is technically true. It's also the first time anyone built a $1 trillion business on deliberately addicting children.

https://gizmodo.com/metas-teen-safety-case-just-became-a-1-4-trillion-existential-threat-2000782306

0
11
0
repeated

If you're just now hearing about GhostLock and looking to fix it, make sure you don't introduce two unpriv-reachable DoSes associated with its fixes. The fix the Linux CNA lists for CVE-2026-43499 introduces a NULL deref, which caused CVE-2026-53166 to be issued. Unfortunately...

1
1
0
repeated

https://kb.cert.org/vuls/id/213560

The web server binary /bin/httpd contains an undocumented backdoor authentication mechanism in the login() function. Initially, the function follows a normal authentication path using MD5-based password verification. However, if authentication fails, the function invokes GetValue("sys.rzadmin.password") to retrieve an alternate password value from the device configuration. It then performs a direct strcmp() comparison in plaintext between the user-supplied password and the configuration-stored value. A successful match grants role=2 admin-level access and creates a valid session.

The associated username is not validated, so any provided username will succeed when paired with the backdoor password. This backdoor authentication mechanism is not documented or visible through any administrative interface.

4
7
0
repeated

@nyanbinary @cR0w
OK, after a little digging, there are indeed some Tenda firmwares that contain the rzadmin backdoor account in httpd. The problem? Out of the firmware versions that CERT lists, none of them contain this backdoor. Oops. 😂

For example if we look at the httpd from a Tenda G300, we can indeed see a login() function with a GetValue("sys.rzadmin.password") and a subsequent strcmp() to compare.

Maybe I'm simply being pedantic, but I think that when an organization publishes about a vulnerability and creates a CVE for it, the affected products should perhaps be accurate? 🤷‍♂️

3
5
0
repeated

Me reading literally any tech news article.

5
6
0
repeated
Operating across 140 million km of space, the control team for ESA’s Hera mission have succeeded in upgrading the software running the spacecraft, leaving it ready to explore the distant Dimorphos and Didymos asteroids this autumn.
Deep space software upgrade for Hera’s asteroid visit
0
2
0
repeated

CFP for Tokyo edition is STILL open.
We're looking for real, original work: cutting-edge security research, novel exploit techniques and deep technical investigations that actually move the field forward.
And yes, AI it's also in the game.

0
2
0
repeated

Shared by my Daughter
"I need privacy, not because my actions are questionable, but because your judgement and intentions are"

In response to "if you have nothing to hide you have nothing to fear"

52
37
2
repeated

“you couldn’t tell it was slop if I lied” said the same fried brain that thinks “Key Takeaways 🚀” is a feature of a readme any fucking human wrote

2
4
0
repeated

IDA 9.4 Beta 1 has been published (with some features of my own on it):

https://docs.hex-rays.com/release-notes/9_4beta

0
3
0
repeated
repeated

Won 80k via kCTF, unpriv userns-reachable vuln: https://lore.kernel.org/linux-cve-announce/2026050859-CVE-2026-43456-ae60@gregkh/ We fixed in March, upstream 6.6 still unfixed 4 months later.

2
3
0
repeated

I heard a very encouraging insight from @j00ru many years ago: either everyone has looked at it because there are always bugs, so there will be more, or no one has looked at it, so there will be bugs. In both cases, there are bugs. I welcome the machines to the playing field.

0
3
0
repeated

Cortex is a long-term, multi-tenant scalable open source storage for Prometheus and OpenTelemetry.
Earlier this year we conducted a security audit sponsored by @ostifofficial

Check our report here:
https://blog.quarkslab.com/cortex-security-audit.html

0
2
0
[RSS] Announcing the Save CTFs Fund

https://osec.io/blog/save-ctfs-fund/
0
0
1
Show older