@SecurityWriter This has been my hypothesis for the last few years, but more on the cloud side.

Cloud’s fundamental problem is that compute requirements scale in human terms, maybe growing by 10-20% a year for a successful business. Compute and storage availability doubles every year or two.

This means that, roughly speaking, the dollar value of the cloud requirements for most companies halves every couple of years. For a lot of medium-sized companies, their entire cloud requirements could be met with a £50 Raspberry Pi, a couple of disks for redundancy, and a reliable Internet connection.

Most of the cloud growth was from bringing in new customers, not from existing customers growing.

Worse, the customers whose requirements do grow are starting to realise that they have such economies of scale that outsourcing doesn’t win them much: Microsoft or Amazon’s economies of scale don’t give them much bigger savings and those savings are eaten by profit.

They really need something where the computer requirement is so big that no one really wants to do it on prem. And something where the requirements grow each year.

AI training is perfect. You want infinite GPUs, for as short a time as possible. You don’t do it continuously (you may fine tune, but that’s less compute intensive), so buying the GPUs would involve having them sit idle most of the time. Renting, even with a significant markup, is cheaper. Especially when you factor in the infrastructure required to make thousands of GPUs usable together. And each model wants to be bigger than the last so needs more compute. Yay!

Coincidentally, the biggest AI boosters are the world’s second and third largest cloud providers.

FYI if you’re willing to link with ntdll or dynamically resolve it there’s a ton of APIs that return TEB/PEB or leave them in one of the registers.
(Don’t believe official return values. MSDN is a liar!)

https://bird.makeup/@vxunderground/1920208595808821334

Today 80 years ago Nazi Germany declared its unconditional surrender, ending the World War II.

#VictoryDay

I have improved the cloud overview article with headlines that should make things somewhat clearer. Previously it was a bit of a wall of text. https://berthub.eu/articles/posts/cloud-overview/

Recon training prices go up beginning of May! If Linux binary analysis and malware are down your alley, check out my 4-day training on the topic 🤓
https://recon.cx/2025/trainingLinuxMalwareReverseEngineering.html

@da_667 @NosirrahSec put it this way, if I call in CrowdStrike and they send me Clippy reports, I will no longer call in CrowdStrike.

It makes me super uncomfortable that globbing in Bash can turn into code execution. The fact that the name of a file can change the behavior of ls is scary. This also works for other commands that you tend to glob with, such as rm.

Overview of Map Exploitation in v8 by @nyaaaaa_ovo

https://xia0.sh/blog/visit-the-map/visit-the-map

with offensivecon around the corner, i figured id write another post on linux kernel exploitation techniques - this time i cover the world of page table exploitation! enjoy 🤓

https://sam4k.com/page-table-kernel-exploitation/

While we wait, here's a quick look at the web traffic currently hitting Wikimedia projects — can you perhaps guess when the reports of white smoke from the Vatican first started?

Tariffs just got real: our first $36K bill with 125% + 20% + 25% markup hits hard 💸. These are upfront costs - due before selling a single unit - causing serious cash flow strain, price increases, read more! 📦 http://adafruit.com/tariffbill

#tariffs

Wikipedia @wikimediauk are going to court over the UK Online Safety Act!

Saddling platforms with hefty duties and penalties under the new regime will cause many safe sites to fold.

We can't lose the best of the web due to laws that were meant to tackle the worst of it.

#SaveOurSites

https://www.bbc.co.uk/news/articles/c62j2gr8866o

#OnlineSafetyAct #OSA #NetPlurality #ukpol #ukpolitics #wikipedia #freedomofexpression