@bh @404mediaco yeah ik. It's a platform, the user provides implementation. You don't blame your cpu for executing malware.

@bh @404mediaco frankly I don't see why CF is relevant, this looks like an app-specific endpoint, but I may be missing some detail

Better late than never, I just published a blogpost about my experience at @blackhoodie training, hexacon 2024. Again, big thanks to the organizers for putting together this training, it was really good! 😊

https://p0pcycle.com/2025/02/14/blackhoodie-my-experience/

FBI files on Kevin Mitnick released thx to a FOIA request by hexadecim8.com

https://vault.fbi.gov/kevin-mitnick/kevin-mitnick-part-01-final/view

#frombsky

Super scummy for microsoft to auto upgrade (at the added cost of an extra £30 a year) people to a AI plan, and not offer a "actually I don't use any of that stuff" can I not pay that £30 a year?

And then only when you are at the cancel page, it's like "🥺 oh sorry do you want the old deal back? 🥺"

For anyone else, you don't even have to get that far into the cancel page for this. So it's easy to save £30 a year with this.

Perfection is achieved, not when there is nothing more to add, but when there is nothing left to take away.

— Antoine de Saint Exupry

#complexity

Unrestrict the restricted mode for USB on iPhone. A first analysis @citizenlab #CVE-2025-24200 👉 https://blog.quarkslab.com/first-analysis-of-apples-usb-restricted-mode-bypass-cve-2025-24200.html

Happy #nakeddiefriday folks!

Today's specimen is p/n SC13890P23A by Motorola/Freescale. This came from an embedded cellular modem I tore out of [redacted]. The die is marked ATLAS-UL.

It is the most colourful die I have ever imaged.

SiPron page: https://siliconpr0n.org/archive/doku.php?id=infosecdj:motorola:sc13890p23a

Preparing a talk on #programming an #AnalogComputer - using the wonderful #THAT from anabrid and my #Vectrex that has been modified to provide an additional #oscilloscope mode.

Really cool blog post about permissions in browsers and how they work. https://albertofdr.github.io/web-security-class/browser/browser.permissions

Better than watching live coding on Twitch I guess?

[RSS] Bent // Broken 2025 Worldwide Virtual Circuit Bending Festival

https://blog.adafruit.com/2025/02/13/bent-broken-2025-worldwide-virtual-circuit-bending-festival/

Today's @kagihq changelog is honestly kind of a massive deal for privacy stuff:
- Human readable privacy policy page
- Privacy pass (an open source, cryptographic verifiable way of doing searches through Kagi without them being able to see who you are)
- Official tor service

https://kagi.com/changelog#6172 #kagi

[RSS] On the Original Punched Cards

https://hackaday.com/2025/02/12/on-the-original-punched-cards/

[RSS] [Vulnerability] Unauthenticated Remote Code Execution via Known View State Secret in FieldPie

https://code-white.com/public-vulnerability-list/#unauthenticated-remote-code-execution-via-known-view-state-secret-in-fieldpie

This may be one of those leaked secrets MS warned about? No details unfortunately...

[RSS] Patch-Gapping the Google Container-Optimized OS for $0

https://h0mbre.github.io/Patch_Gapping_Google_COS/

@algernon You weren't rude, I actually hesitated to ask about GitHub given your timeline :) Bitrise is good though, and founders are Hungarian!

@algernon I dared to ask because you mentioned your GitHub Sponsors account, but you do you :)

@algernon Bitrise.io may also worth checking out, they have a free plan too.

@algernon Can't you build arm64 with GitHub Actions?