High level diff of iOS 18.3.1 vs. iOS 18.4beta1 🎉

https://github.com/blacktop/ipsw-diffs/blob/main/18_3_1_22D72__vs_18_4_22E5200s/README.md

my colleagues Alexis and Brad at @trailofbits put together a great post on a basic security mistake that we keep making: attacker-controlled recursion. my favorite thing about these is that they're (1) trivial to find and (2) *way* more impactful than normal DoS spam.

the post contains some great examples of these, including real vulnerabilities in Protobuf and ElasticSearch:

https://blog.trailofbits.com/2025/02/21/dont-recurse-on-untrusted-input/

they'll also be presenting their findings at @DistrictCon tomorrow!

https://www.districtcon.org/bios-and-talks-2025/low-effort-dos-with-recursion

I'm trying to find an oldish write-up on how different systems interpret emoji and why using emoji in passwords leads to inconsistent behavior like some never actually matching on a successful password entry. Does this ring any bells? Does anyone have a link?

Rust 1.85.0 has been released! 🌈🦀✨

Not only does this release add *async closures*, it also includes a whole *new Rust Edition*, Rust 2024! 🎆🚀

Check out the blog post for an overview of all the changes and additions: https://blog.rust-lang.org/2025/02/20/Rust-1.85.0.html

Periodic reminder to the fedi EE / embedded systems community: I have a lot of lab capabilities and resources that the average hobbyist can't afford, and am willing to offer them up on reasonable terms (i.e. FREE in many cases) to help people out.

As a general rule if you're not making money on it (i.e. hobbyist/noncommercial/academic project) and it's not a major time commitment or consumable cost for me, all I ask is that you pay return shipping if you want the hardware sent back to you afterwards. For anything large or commercial in nature, I'm still potentially interested but we'd have to discuss compensation first.

Capabilities and equipment available:
* 3D planar EM simulation (Sonnet Pro)
* 5 3/4 digit multimeters (R&S HMC8012)
* Various oscilloscopes to 16 GHz BW (PicoScope 6424E, LeCroy WaveRunner 8404M-MS, LeCroy SDA 816Zi-A) plus power rail, current, and differential probes
* VNA measurements to 8.5 GHz (PicoVNA 106 / 108)
* BERT BER/eye pattern/bathtub curve measurements to 28 Gbps (MultiLane ML4039-BTP)
* Vector signal generation to 6 GHz (Siglent SSG5060X-V)
* Fine pitch soldering and PCB rework, BGA assembly, inner layer circuit edits, etc
* Low magnification stereo microscopy
* High magnification reflected light optical microscopy to ~300nm resolution, including large area automated step-and-repeat scanning and stitching of multi-gigapixel datasets
* Coming soon: Embedding and cross section polishing for failure analysis etc

CALL FOR PAPERS PERIODIC REMINDER

You have an offensive, defensive, audit research or dev mixing Security and FLOSS or open protocol/format?

Go ahead and submit your proposal!

👉 https://cfp.pass-the-salt.org/pts2025/cfp

A question, doubt? Our support team is listening to you: speaker-support@pass-the-salt.org

📅 The deadline is March, 30 2025!
D-40

Boost REALLY appreciated 🙏

Reminder for those using the iOS Patreon app to support their creators: Apple is now taking a 30% cut for new donations through the app, plus whatever Patreon takes. Consider alternate donation methods (including direct to the Patreon website rather than the Apple mobile app).

I’ve found, btw, that ko-fi has the best deal for creators - for a $72 annual fee, they do not take any cut of donations.

libxml2 vulnerabilities https://www.openwall.com/lists/oss-security/2025/02/18/2
Fixed in 2.12.10, 2.13.6 and upcoming 2.14.0.
CVE-2024-56171: Use-after-free in xmlSchemaIDCFillNodeTables
CVE-2025-24928: Stack-buffer-overflow in xmlSnprintfElements
Null-deref in xmlPatMatch

Breaking: Apple pulls end-to-end encrypted storage option from UK after secret order for a back door. https://www.washingtonpost.com/technology/2025/02/21/apple-yanks-encrypted-storage-uk-instead-allowing-backdoor-access/

@Toasterson Seems someone has never seen German C-PASCAL?

So, the story goes back to @q3k and my old reverse engineering project, where we created a keygen for Toshiba Portégé BIOS password backdoor [1]. At one point, q3k was tasked with dumping the Embedded Controller firmware, but he fucked up and mistakenly desoldered a wrong chip, which we then started analyzing thinking it was the EC. It was TLCS-870/C1 (??) and we weren't able to find a disassembler for it, but... there was an open-source assembler! [2]

Written in German C-PASCAL 😬
All thanks to a totally normal #include "pascstyle.h" at the beginning.

[1] https://youtu.be/JyuVFa2X7AU
[2] http://john.ccac.rwth-aachen.de:8000/as/

Microsoft is paywalling features in Notepad and Paint

There’s some bad news for Windows users who want to use all of the built-in features of the operating system and its integrated apps. Going forward, Microsoft is restricting features in two iconic apps, which you’ll need to unlock with a paid subscription.

The two apps in question? Notepad and Paint. [...]

Windows Insiders

https://www.osnews.com/story/141773/microsoft-is-paywalling-features-in-notepad-and-paint/

#Windows

📢Call for beta testers!📢
The beta for "Fuzzing 1001: Introductory Fuzzing" will start ~ March 7th. It will take ~6 hours to complete. If you're interested in participating, please sign up below.
https://forms.gle/fxCM9Y1CprUJgQi59

Lesser known tricks, quirks and features of #C

https://jorenar.com/blog/less-known-c

CP/M-86 for Newbies is a starter kit for CP/M-86 with everything ready to unpack and run. It bundles the PCe PC emulator (Windows only), preconfigured PCe environments for running different CP/M-86 versions including Concurrent CP/M-86 and Concurrent DOS, and other software such as the Pirx Commander file manager.

https://github.com/MarekStarobrat/Pirx.Commander/tree/main/Releases/CPM-86

#cpm #retrocomputing

Our latest issue of ThinkstScapes is now available for download.

For this issue (covering the last quarter of 2024) we tracked over over 1400 talks and scoured content from almost 1100 blog posts.

As always, PDF, ePUB and an audio summary are available free (with no reg-wall) at https://thinkst.com/ts

I hope you're all doing risk assessments and checking the exposure of your business/NGO/public institution to the US weaponizing its tech infrastructure (Google, Microsoft, Apple) and shutting down your operations if they disagree with your mission?

#Security #RiskAssessment #Tech

We've issued our first short-lived (6 day) certificate! https://letsencrypt.org/2025/02/20/first-short-lived-cert-issued/

Come learn Windows Internal with
@yarden_shafir at Recon Montreal on June 23-26 #reverseengineering #cybersecurity https://recon.cx/2025/training.html#trainingWindowsInternals

Updates on Paragon scandal in Italy via Guardian:

-Journalist union filed criminal complaint due to Meloni's government not answering Qs.

• President of 🇮🇹 parliament invoked rule to not respond Qs claiming all unclassified info has been made public.

-Italy's foreign intelligence agency AISE, confirmed it is a customer of Paragon in Parliament, and that the the contract is suspended.

Still lots of unanswered questions.

https://www.theguardian.com/world/2025/feb/19/journalists-launch-legal-action-against-italian-government-over-spyware-claims

thanks "security researchers" !

https://github.com/curl/curl.dev/pull/6