[RSS] What keeps kernel shadow stack effective against kernel exploits?

https://tandasat.github.io/blog/2025/04/02/sss.html

LLM use case: as "github syntax highlighter" doesn't give very good results when I try to find out what GitHub specifically uses, I turned to FastGPT.

Its answer ("Tree-sitter grammars are used for syntax highlighting") was wrong, while pointed to the correct SO answer (pointing to Linguist) as a reference:

https://stackoverflow.com/questions/8886360/what-javascript-syntax-highlighter-does-github-use

It's time to explain Thunderbird's relationship to Mozilla again.

Thunderbird is in its own legal entity - MZLA Technologies and is governed in part by a Community Council elected by and from our open source contributors.

Thunderbird is currently 100% donation-funded. We do not receive any money outside what our donors give us.

This is good for Thunderbird and makes us unique. Our whole structure only works to serve the interests of our users and contributor community.

70 DIY Synths on One Webpage

https://hackaday.com/2025/04/02/70-diy-synths-on-one-webpage/

@cR0w as I understand this is just pw guessing no? The CVE seems shoehorned in as a buzzword...

@cR0w @pup @buherator @cy
FWIW, I did some testing with the eicar string in an AES-encrypted zip (via 7-zip)

• EICAR as eicar.com : Blocked
• EICAR as hello.txt : Allowed
• EICAR with an appended A as eicar.com : Blocked
• CRC32 collision as eicar.com: Blocked
• CRC32 collision as hello.txt: Allowed

So at least as of this specific test, it may be that the Gmail SMTP server is perhaps just using filenames for "blocking" the sending of mail.

And again, I use scare quotes around "blocked" as while the SMTP server does say that the message was blocked "because its content presents a potential security issue." But the email is indeed sent to the recipient., despite the warning.

@wdormann @cR0w @pup @cy Could you do a run with `7z -mhe=on`?

[RSS] Time Travel Analysis for fuzzing crash analysis

https://eshard.com/posts/back-to-the-crash

Accidental timing: this one from eShard is different from my previous #TimeTravelDebugging post!

Time Travel Analysis with a full-system android emulator gives you the full picture.

But if you're just looking at one part of an app, a lighter method can be enough.

Here’s how we used Frida to do it: https://eshard.com/posts/frida-tracer-lightweight-time-travel-analysis

#mobilesecurity #android #androidsecurity #reverseengineering

Sorry, I blogged:

Debugging loadlibrary Through Space and Time

https://scrapco.de/blog/debugging-loadlibrary-through-space-and-time.html

#ReverseEngineering #TimeTravelDebugging #rr #ASAN

I wanted to quickly explain why, school kids should learn markdown instead of MS Office, and ended up writing a major Epos on Markdown vs obsolete writing formats:

https://ia.net/topics/markdown-and-the-slow-fade-of-the-formatting-fetish

This is, I kid you not, about 1/6th of what I wrote. I'll publish the rest later.

We're pleased to announce that folks can now contribute financially to the project through GitHub Sponsors! 🎉

https://github.com/sponsors/AsahiLinux

Intel VT-rp
https://community.intel.com/t5/Blogs/Tech-Innovation/Client/Intel-Virtualization-Technology-Redirect-Protection-Intel-VT-rp/post/1672593

"Then CSS came along, it was a fucking miracle." — https://eev.ee/blog/2020/02/01/old-css-new-css/

learned at least 7 different things about the web from this post

@froge @hacks4pancakes It depends how you define the "market". If you have pentests/a SOC solely because they're regulatory requirements, your perfect provider is one with a gang of amateurs working for peanuts. It's not only cheaper than the alternative, but you won't even have to deal with non-trivial vulnerabilities/alerts!

(Yes, there are is such a market.)

@hacks4pancakes "none of the jobs I just named are the typical entry level tracks of 'junior pen tester' and 'SOC analyst'"

I can only talk about pentesting but my stance has for long been that pentesting shouldn't have been an entry level position in the first place. Inviting people to this path with 0 experience in dev or ops is a scam that has long-term negative effects on the industry as a whole.

Hello friends. The dreaded and long awaiting blog on WHAT THE FUCK HAPPENED TO THE CYBERSECURITY JOBS MARKET has arrived.

https://tisiphone.net/2025/04/01/lesley-what-happened-to-the-cybersecurity-skills-shortage/

I'm sorry.

@wdormann @cy @cR0w I'm not saying pw guessing is not in the picture, but metadata can be a good prefilter (and also something to count with when testing).

I enjoyed this idea that authoritarian states are more like the movie Brazil than the book 1984 - because authoritarianism breeds incompetence.

https://observer.com/2025/02/terry-gilliams-brazil-at-40-more-prescient-than-orwell/

oh fuck, val kilmer is dead