@cyanautik @schrotthaufen @Viss What, no! :D

Thrilled to share that Kagi has reached 40,000 members! 🚀

Thank you to each and every one of you for believing in a better, more private, and ad-free search experience. Your support fuels our mission every day. Here's to the next milestone! 🙌

#Kagi #AdFree #Search

@schrotthaufen @Viss Be my guest: https://www.youtube.com/watch?v=uPYyrS7fc7g

Have you heard about https://citationhunt.toolforge.org ?

@Viss ...and cause that weird noise in the nearby HiFi systems?

Inside imessage-exporter: Reverse Engineering Apple's typedstream Format by @rxcs

https://chrissardegna.com/blog/reverse-engineering-apples-typedstream-format/

Everyday Ghidra: How Platform Choice Influences Ghidra’s Binary Analysis https://medium.com/@clearbluejar/everyday-ghidra-how-platform-choice-influences-ghidras-binary-analysis-76c40db0e407

I should just share all of Trails of Bits new posts, right? It's the best cryptography blog I know of.

This time they're discussing key derivatives (as in, how to get a private key? How to generate more keys out of it?).

https://blog.trailofbits.com/2025/01/28/best-practices-for-key-derivation/

If you haven’t noticed malicious emails abusing Microsoft Library Description files (.library-ms), watch out and block them.

From Microsoft “Library description files are XML files that define libraries. Libraries aggregate items from local and remote storage locations into a single view in Windows Explorer.”

Threat actors, in an effort to evade detection, use them as a way of connecting their target to a remote share directly via File Explorer.

https://learn.microsoft.com/en-us/windows/win32/shell/library-schema-entry

#ThreatIntel

[RSS] Microsoft Edge Developer VM Remote Code Execution

https://infosec.rm-it.de/2025/02/17/microsoft-edge-developer-vm-remote-code-execution/

This is fun: take DNS name, pwn researchers :)

We are thrilled to announce the winners of the 2024 Hex-Rays Plugin Contest!

🥇1st Place: hrtng
🥈2nd Place: aiDAPal
🥉3rd Place: idalib Rust bindings

Check out our reviews of the winners and other notable submissions here: https://hex-rays.com/blog/2024-plugin-contest-winners

Huge thank you to all participants for their innovative contributions. Your creativity continues to enhance the IDA community.

Added AMD support to hvext, the windbg extension for reversing Hyper-V!
https://github.com/tandasat/hvext

You can check what SVM features are enabled, which MSRs and IO ports are accessible, and how nested page table looks like, for NT, SK and regular VMs.

@pancake This reminds me of that guy who tried to use an LLM to decode base64...

I am Ed Zitron's increased blood pressure.

Project: mpengine-x64-pdb 1.1.24090.11
File: mpengine.dll
Address: 75a190110

Read

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75a190110.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75a190110.json&colors=light

Here's some nice empirical evidence to support what we all feel: insecure configuration and insecure defaults drive compromises more than software vulnerabilities. This paper argues that the Secure-By-Design initiative would be better served by focusing on the former.

https://www.documentcloud.org/documents/25524680-sbd-feb-2025-seymourwoods/

X appears to be blocking Signal's "Signal.me" links in DMs, posts, and profile pages, giving error messages and showing a warning page for users clicking them (Matt Binder/disruptionist)

https://www.disruptionist.com/p/elon-musks-x-blocks-links-to-signal
http://www.techmeme.com/250217/p8#a250217p8

Reviewing the Cryptography Used by Signal

Last year, I urged furries to stop using Telegram because it doesn't actually provide them with any of the privacy guarantees they think it gives them. Instead of improving Telegram's cryptography to be actually secure, the CEO started spreading misleading bullshit about Signal®. Since then, I've been flooded with people asking me about various other encrypted messaging apps…

http://soatok.blog/2025/02/18/reviewing-the-cryptography-used-by-signal/

@tmr232 @veronica "Writing is nature's way of letting you know how sloppy your thinking is." - Dick Guindon

(Edit: "Programming is nature's way of letting you know how sloppy your writing is.")

I have been introduced to the obscure Linux failure condition called “unbalanced btrfs filesystem.” That’s when you have more than 100 GiB free on your hard drive, yet the file system will refuse operations like renaming a file, claiming that you have no space left. Which comes out of the blue, without any kind of prior warning. And you first have to search past all the unhelpful articles explaining how to remove unused files, until you find that the issue is specific to the btrfs filesystem and with some luck can be cured by running some obscure commands (yet these commands also tend to refuse working because … 🥁🥁🥁 … you have no space left).

It’s 2025 and Linux still does that to people…