How to design a GDPR-compliant cookie banner:

1. Have a 'reject all' button that is as easy to press as the buttons that grant consent.
2. Test your site with no consent for user tracking.
3. Realise that all of the tracking bits are unrelated to site functionality.
4. Remove them.
5. Remove the cookie banner.

@raptor No, but program analysis related :)

When a cookies banner tells you truth 😅

Taken from this page https://vibe-coded.lol

🪟 Calling all Windows experts!

Hack.​lu CTF 2025 (http://flu.xxx) has a great Windows kernel exploitation challenge, sponsored by @binary_gecko. And the best thing about it? Solving it can earn you a ticket for @offensive_con 2026!

🧵⬇️

And hey, since the weather is absolutely abysmal today, I will treat you to another die shot as an extension of #nakeddiefriday.

This is КР1810ВМ86, an otherwise identical clone of Intel 8086 made by Soviets at an unknown plant.

The 8086 was extensively reverse-engineered by @kenshirriff -- give his blog a read!

SiPron page: https://siliconprawn.org/archive/doku.php?id=infosecdj:unknown:kr1810vm86

#electronics #reverseengineering #icre

Something that I love about technology is that it often used in new, unexpected, and delightful ways.

While @mattgodbolt created @compiler_explorer to better understand whether features could be used given his constraints at $work [0], it has since found many new use cases.

Matt used it to teach us what compilers do [1, 2] and @lefticus used it to introduce Stack Usage [3].

[0] https://xania.org/202206/happy-birthday-ce

[1] https://youtu.be/bSkpMdDe4g4

[2] https://youtu.be/nAbCKa0FzjQ

[3] https://youtu.be/kXe-YkJ9nBs

@cyberlyra @malwaretech

“What I had not realized is that extremely short exposures to a relatively simple computer program could induce powerful delusional thinking in quite normal people.”

- Joseph Weizenbaum

@Framasoft it'd be so great if you'd set the default language of FramaForms Drupal to English...

@byteborg Well they do run serious networks and I'm not sure which competitor I could recommend on the FW side either. Packet inspection is hard I guess?

@byteborg Yeah, I was hesitating on that one, but just look at the recent (and not so recent...) ASA pwnage...

Announcing two free #IBMi courses

https://community.ibm.com/community/user/blogs/upendra-rajan/2025/10/16/announcing-two-free-ibm-i-courses

Me: Let's use this well established OSS project again after several years!
Project: We're in Dependency Hell since last month, builds don't work...

Why is it always like this with me?? #fml

Call for Failures @ hack.lu 2025 — Because We All Break Things

At hack.lu, we love stories of brilliance — new tools, cutting-edge exploits, and clever defenses.
But let’s be honest: the best lessons often come from things that went spectacularly wrong.

That’s why we’re bringing back the Call for Failures (CFF) — a mini-conference inside hack.lu dedicated entirely to sharing the things that didn’t go as planned.

🗓️ When: Wednesday, 22 October 2025
🕖 Time: 19:00 – 21:00
📍 Where: At hack.lu, Luxembourg

#conference #unconference #hacklu #cybersecurity

🔗 https://2025.hack.lu/blog/hack.lu-call-for-failures-at-hack-lu/

TIL if you want to change the config of the logging module in PyGhidra you have to reastart #Ghidra for the new config to take effect...

Bonus: There is a predefined `writer` stream object that you can use to log to the GUI console.

@cryptax or Wool.WashAt.40C because based on strings found in the packer

1 hour of sleep, 2 energy drinks in.
I blame UEFI Forum for this

@joxean @wirepair I'd need something permanently online so I can ise then as CI test cases

The official @Defcon recording of HTTP/1.1 Must Die has landed - join me on the mission to help kill HTTP/1.1! https://www.youtube.com/watch?v=PUCyExOr3sE

@reynardsec What really annoys me is that some teams decide to publish a latest tag, yet they have no process for updating is, so the latest tag becomes anything but... It would be much more honest if they called it "favorite" or something that doesn't imply freshness when they don't even attempt to guarantee that.

I'm looking for publicly available reverse engineered program databases (idb, gpr, bndb, ... ), preferably for relatively small programs.

Any tips?

#ReverseEngineering