📢Call for beta testers!📢
The "Architecture 1901: From zero to QEMU - A Gentle introduction to emulators from the ground up!" course by Antonio Nappa @jeppojeps will begin November 28th. Sign up here: https://forms.gle/LUXaThn4YSYSvk5D7

This course explores the fascinating world of emulation, guiding learners from the fundamentals of CPU design to the internals of QEMU and advanced instrumentation techniques.
 You will start by understanding what emulation truly means—how software can imitate hardware—and progressively build your own 8-bit CPU emulator in Python (SimpleProc-8), extend it with interrupts, I/O, and MMIO, and finally instrument real-world emulators like QEMU.
 The course combines hands-on labs, in-browser exercises, and conceptual lectures to bridge theory and practice, preparing students to tackle topics such as system emulation, hardware-assisted execution, and fuzzing of embedded targets.
By the end, you’ll not only understand how emulators work—you’ll be able to build, modify, and analyze them for research, debugging, and vulnerability discovery.

@azonenberg We also did the D&D in bed thing, but arguably less weird versions (maybe because we were friends, not siblings?) :D

/cc @TarkabarkaHolgy may find the topic fun too :)

@th @typeswitch Does it turn into a virus if you play it backwards?

This is AI slop, sorry for posting it earlier (damn thing fooled me)!

https://stack [.] int [.] mov / a-reverse-engineers-anatomy-of-the-macos-boot-chain-security-architecture/

[RSS] How I Debug Driver Verifier Crashes from Kernel Memory Dumps

https://medium.com/@Debugger/how-i-debug-driver-verifier-crashes-from-kernel-memory-dumps-2e03f35b7731?source=rss-3ba65b326b28------2

A year ago, I saw someone open a book lamp in a bar. It was a pretty expensive product. Since I combine electronics and paper crafting, I had to DIY it and develop an easy-to-use circuit template and instructions for it. This educational project is perfect for libraries. Please #retoot :-)
Template and instructions are available on my website: https://www.voltpaperscissors.com/diybooklamp.
Feel free to ask any questions.
#papercircuit #papercraft #diy #MINT #STEM

imagine living in a world where search engines are so reliable that "let me google that for you" is a common reply to someone asking a question

@acsawdey it's complicated... if you squint, pointing out bugs is a form of help, but the P0 disclosure process (designed to incentivize other large corps) doesn't seem to work with highly popular, but underfunded OSS.

I don't know the solution, but shiting on individual developers code is probably not it.

"Last week the @FFmpeg account began taunting security researchers. Foolish thing to do, as it ignores the asymmetry of their attack surface vs ours.

So as an exercise I found a stack-based buffer overflow on software that he wrote." - @ortegaalfredo

https://threadreaderapp.com/thread/1991974275532636263.html

Normally I'm all for these stunts, but this one...

@Viss That memory probably also comes from the mushroom colony that is consuming you right now.

@Viss Wasn't that X-Files and a large underground mushroom colony?

@freddy But seriously, I just added a comment to my query and I swear it got slower...

@freddy Is that even a requirement these days?

on the back of the envelope, counting with an avg. yearly salary of $75k for a teacher in the US, the projected $4.8 trillion AI market by 2033 would equal ~7M years of teacher salary every year.

#weirdunits

@d_olex Yeah I get that. My point is (but I'm unsure about history here) that when Java or first browser JS engines were shipped inefficient solutions were probably necessary, and now we try to reduce that debt, while in case of your modern examples we probably have cheaper solutions that work better, but burning GPUs is sexier.

@d_olex Good question, but I'd argue that bytecode solves existing problems, while in case of LLM/blockchain I mostly don't see that. Also, isn't JIT specifically a thing to improve performance, meaning less resource consumption? A related observation is that many use-cases for LLMs can probably be solved much cheaper, today. E.g.: better IDE features; more QA for web search results; better education so people can write and understand an email.

#select goes brrrr....

EBury SSHD backdoor?? on 400,000 hosts?

Let's fuck around and find out. (Why +s on the .so file???)

Dissect, understand & ridicule. Join the group effort at https://thc.org/ops or SSH straight into the server and check ~/ebury:

ssh -o "SetEnv SECRET=lYQkdQHIuQyTJngVtIskqRLx" root@adm.segfault.net (password is 'segfault')

Calling for the help of the fediverse!
Help spread the word of our browser extension Consent-O-Matic that helps automate answering those ever-present cookie consent pop-ups.

It's developed by researchers at Aarhus University in Denmark and free to use for Chrome/Edge, Firefox and Safari including for iOS.

Also, it's open source, so if you have a bit of technical skill, you can help us improve the rule set for greater coverage.

https://consentomatic.au.dk

🚀 radare2-6.0.6 is out! (codename 'siesso’)

That's the first release after #r2con which comes with tons of awemazing bug fixes and all the new features presented during the conference! #reverseengineering

🔗 https://github.com/radareorg/radare2/releases/tag/6.0.6

See details below 👇