Unrestrict the restricted mode for USB on iPhone. A first analysis @citizenlab #CVE-2025-24200 👉 https://blog.quarkslab.com/first-analysis-of-apples-usb-restricted-mode-bypass-cve-2025-24200.html

Happy #nakeddiefriday folks!

Today's specimen is p/n SC13890P23A by Motorola/Freescale. This came from an embedded cellular modem I tore out of [redacted]. The die is marked ATLAS-UL.

It is the most colourful die I have ever imaged.

SiPron page: https://siliconpr0n.org/archive/doku.php?id=infosecdj:motorola:sc13890p23a

Preparing a talk on #programming an #AnalogComputer - using the wonderful #THAT from anabrid and my #Vectrex that has been modified to provide an additional #oscilloscope mode.

Really cool blog post about permissions in browsers and how they work. https://albertofdr.github.io/web-security-class/browser/browser.permissions

Better than watching live coding on Twitch I guess?

[RSS] Bent // Broken 2025 Worldwide Virtual Circuit Bending Festival

https://blog.adafruit.com/2025/02/13/bent-broken-2025-worldwide-virtual-circuit-bending-festival/

Today's @kagihq changelog is honestly kind of a massive deal for privacy stuff:
- Human readable privacy policy page
- Privacy pass (an open source, cryptographic verifiable way of doing searches through Kagi without them being able to see who you are)
- Official tor service

https://kagi.com/changelog#6172 #kagi

[RSS] On the Original Punched Cards

https://hackaday.com/2025/02/12/on-the-original-punched-cards/

[RSS] [Vulnerability] Unauthenticated Remote Code Execution via Known View State Secret in FieldPie

https://code-white.com/public-vulnerability-list/#unauthenticated-remote-code-execution-via-known-view-state-secret-in-fieldpie

This may be one of those leaked secrets MS warned about? No details unfortunately...

[RSS] Patch-Gapping the Google Container-Optimized OS for $0

https://h0mbre.github.io/Patch_Gapping_Google_COS/

@algernon You weren't rude, I actually hesitated to ask about GitHub given your timeline :) Bitrise is good though, and founders are Hungarian!

@algernon I dared to ask because you mentioned your GitHub Sponsors account, but you do you :)

@algernon Bitrise.io may also worth checking out, they have a free plan too.

@algernon Can't you build arm64 with GitHub Actions?

Scoop: The databases powering doge. gov are insecure, and people outside the government have already pushed their own updates to the site to prove it:

https://www.404media.co/anyone-can-push-updates-to-the-doge-gov-website-2/

@404mediaco The description is pretty vague and I don't have a supscription so I looked at the traffic: it seems the /api/offices/[id] endpoint is serving the "extra" messages. My educated guess is they forgot to restrict POST/PUT (which is actually pretty lame)...

Not sure why Google's kCTF isn't more widely known (other than by all the researchers making money from it). 44 unique successful exploits in a year against Linux kernels even running Google's out-of-tree "hardening" is a big story I'd say...

@aparrish Every single time I hear the sentiment "like it or not, ______ is here to stay", I like to take a moment to reflect on the overwhelming majority of "things we were told would be permanent" that now, *shockingly*, no longer exist.😮🫢🤗🙄

@caspicat @ryanc No, the other way around: the proxy would generate a token based on a secret, so the value passed back to the app server can't be forged by the attacker.

But again: this would be in all likelihood a **BAD SOLUTION** because authn decision still would be made by a component that has incomplete information about exactly what should be authn'd and how! If you think about previous examples the rev proxy would generate a valid JWT just as it generated a True value because it interpreted the URL's differently than the app server.

CVE-2025-26519: musl libc: input-controlled out-of-bounds write primitive in iconv()

https://seclists.org/oss-sec/2025/q1/127