From Silicon to Darude Sand-storm: breaking famous synthesizer DSPs

https://media.ccc.de/v/39c3-from-silicon-to-darude-sand-storm-breaking-famous-synthesizer-dsps

I love CCC talks because you get to hear "pretty easy" and things like "special microscope lenses" in the same sentence :)

@fuzztech I wonder if the name collision with Security Operations Center was intentional...

Demo video of moving types and symbols from #IDA to #Ghidra with REshare:

https://video.infosec.exchange/w/7VRDzwthgrSzeAHwHvkPtt

#ReverseEngineering

Please note: There are currently problems with uploading to YouTube.
You might want to use media.ccc.de instead.

#39c3

^ta

I pushed an early version of REshare IDA exporter:

https://github.com/v-p-b/reshare-ida/blob/main/reshare-ida-export.py

I don't have time to run x-platform tests right now, but if you do I'd appreciate any bug reports!

#ReverseEngineering #IDA #IDAPro

🔔 CFP for #offensivecon26 is still open — don’t miss your chance to take the stage!

We're actively seeking cutting-edge security research, novel exploit techniques, and deep technical investigations that push the industry forward. If you've been sitting on something brilliant, this is your sign to submit.

🗓️ CFP Deadline: 1 March 2026, 6:00 pm UTC
📬 Submit your talk: https://cfp.offensivecon.org/offensivecon26/cfp

Bring your best work. Surprise us. Challenge us.

@bert_hubert Trying to name children "Nintendo" is a running joke/urban legend around here (registering new first names requires gov approval, this one didn't pass)

Instead of storing my data in the cloud, I just store it in the bush. It's the same thing, only palette-swapped. More accessible, too.

“We learn different lessons from finishing projects than we do from starting them. Starting teaches us about ideation and initial implementation. Finishing, on the other hand, teaches us about perseverance, attention to detail, and the art of knowing when to let go. These are invaluable skills that can only be honed through the act of completion.”

https://www.bytedrum.com/posts/art-of-finishing/

@bagder Jesus this made my head hurt...

Why Simple Everyday Objects Are Impossible to Make

https://www.youtube.com/watch?v=pj0ze8GnBKA

there’s a bubble machine labelled nvidia 😭 #39c3

Another fun tidbit:

```
if my_type.is_func():
for _ in my_type.iter_func():
pass
```

...sometimes(!) results in a 'Type is not a function' TypeError

#fml #IDA

@algernon I started to dig into Rocket's documentation, and it looked well thought out, but stopped before I really got into it. May worth a look: https://rocket.rs/

A post-American, enshittification-resistant internet

https://media.ccc.de/v/39c3-a-post-american-enshittification-resistant-internet

Damn this is a good talk! #39c3

Zero day… all those patches seem so far away… #gpgfail #39c3

For those being notified or first learning about the #WIRED #databreach:

On December 25, I broke the story of how I had been contacted in November by "Lovely," who claimed to have discovered a vulnerability. They asked for help getting Condé Nast to respond to them. They claimed they were not seeking any bounty or payment and had only downloaded a few profiles as proof.

They showed me my own data.

Trying to help, I reached out to Condé Nast corporate as well as to a contact at #WIRED.

Condé Nast never responded to me -- or to "Lovely" who eventually showed their true colors as someone trying to extort Condé Nast.

Do they have more data? Yes, it appears they do.

@troyhunt verified the data leak and #HIBP has been notifying its affected subscribers.

Read more details in my blog post at https://databreaches.net/2025/12/25/conde-nast-gets-hacked-and-databreaches-gets-played-christmas-lump-of-coal-edition/

@zackwhittaker @campuscodi @gcluley @euroinfosec @ValeryMarchive

#databreach #dataleak #infosec #cybersecurity #incidentresponse

A smart guy who did something well, and did it freely and without charge, 34 years ago. Pragmatic and sensible.
Happy birthday Linus!

#linustorvalds #linux #opensource #birthday

TIL about Lockheed's System-User-Engineered minicomputer which seems like a pretty cool modular hardware system for purpose-built computers:

http://www.bitsavers.org/pdf/lockheed/sue/SUE_Computer_Handbook_Jul73.pdf

I still don't know what tinfo_t.is_sue() does though.