@mttaggart @da_667 @cR0w @Dio9sys Isn't that a SIP thing? https://www.rfc-editor.org/rfc/rfc3265

Binary Ninja 5.2 adds support for custom string formats and constant encodings. Instead of wrestling with odd or obfuscated values, you can teach Binja how they work and let the analysis reveal the real content anywhere it appears. This update lays the groundwork for more language aware features coming soon. https://binary.ninja/2025/11/13/binary-ninja-5.2-io.html#custom-strings--constants

The Passenger Seat Developer

https://svnscha.de/posts/the-passenger-seat-developer/

Great (and balanced!) post about the false sense of success during prototyping with LLMs.

RE: https://mastodon.social/@jack_daniel/115599160952274592

Here's the thing about this, if MS can override or ignore Group Policy settings for Copilot, it can do so for anything else and that seems bad.
It seems bad, because it is bad.
Further proof MS can not be trusted.
I say this as a long time Windows user and admin, going back even before my MCSE+I in NT4.

Shout out to people who love ebooks but hate Amazon:

Bookshop.org has started doing eBooks! They have an app! They have classics for free! They have daily 99p deals!

Much excite!

#books #bookstodon

I've uploaded the slides of my recent talk "JS Engine Security in 2025": https://saelo.github.io/presentations/poc_25_js_engine_security_in_2025.pdf. I think there'll also be a recording available at some point (otherwise I can make one as not everything's in the slides).

Fantastic conference as usual, big thanks to the PoC Crew!

Call for articles & art is open for Paged Out! magazine issue #8 - https://pagedout.institute/! (check out the zine if you don't know it - it's free)

As usual, we're looking for 1-page technical articles on topics related to programming, cybersecurity, retro-computing, demoscene, reverse-engineering, CTFs (incl. CTF challenge write-ups), file formats, network protocols, artificial intelligence, and so on. We're also happy to publish articles previously published e.g. on blogs, etc (though in 1-page form of course).

Think about writing something - it's just 1 page, so it's pretty fast to create :)

More info:

https://pagedout.institute/?page=cfp.php

https://pagedout.institute/?page=writing.php

Do I know someone who is (remotely) involved in running the `.hm` domain registry?

📢Call for beta testers!📢
The "Architecture 1901: From zero to QEMU - A Gentle introduction to emulators from the ground up!" course by Antonio Nappa @jeppojeps will begin November 28th. Sign up here: https://forms.gle/LUXaThn4YSYSvk5D7

This course explores the fascinating world of emulation, guiding learners from the fundamentals of CPU design to the internals of QEMU and advanced instrumentation techniques.
 You will start by understanding what emulation truly means—how software can imitate hardware—and progressively build your own 8-bit CPU emulator in Python (SimpleProc-8), extend it with interrupts, I/O, and MMIO, and finally instrument real-world emulators like QEMU.
 The course combines hands-on labs, in-browser exercises, and conceptual lectures to bridge theory and practice, preparing students to tackle topics such as system emulation, hardware-assisted execution, and fuzzing of embedded targets.
By the end, you’ll not only understand how emulators work—you’ll be able to build, modify, and analyze them for research, debugging, and vulnerability discovery.

@azonenberg We also did the D&D in bed thing, but arguably less weird versions (maybe because we were friends, not siblings?) :D

/cc @TarkabarkaHolgy may find the topic fun too :)

@th @typeswitch Does it turn into a virus if you play it backwards?

This is AI slop, sorry for posting it earlier (damn thing fooled me)!

https://stack [.] int [.] mov / a-reverse-engineers-anatomy-of-the-macos-boot-chain-security-architecture/

[RSS] How I Debug Driver Verifier Crashes from Kernel Memory Dumps

https://medium.com/@Debugger/how-i-debug-driver-verifier-crashes-from-kernel-memory-dumps-2e03f35b7731?source=rss-3ba65b326b28------2

A year ago, I saw someone open a book lamp in a bar. It was a pretty expensive product. Since I combine electronics and paper crafting, I had to DIY it and develop an easy-to-use circuit template and instructions for it. This educational project is perfect for libraries. Please #retoot :-)
Template and instructions are available on my website: https://www.voltpaperscissors.com/diybooklamp.
Feel free to ask any questions.
#papercircuit #papercraft #diy #MINT #STEM

imagine living in a world where search engines are so reliable that "let me google that for you" is a common reply to someone asking a question

@acsawdey it's complicated... if you squint, pointing out bugs is a form of help, but the P0 disclosure process (designed to incentivize other large corps) doesn't seem to work with highly popular, but underfunded OSS.

I don't know the solution, but shiting on individual developers code is probably not it.

"Last week the @FFmpeg account began taunting security researchers. Foolish thing to do, as it ignores the asymmetry of their attack surface vs ours.

So as an exercise I found a stack-based buffer overflow on software that he wrote." - @ortegaalfredo

https://threadreaderapp.com/thread/1991974275532636263.html

Normally I'm all for these stunts, but this one...

@Viss That memory probably also comes from the mushroom colony that is consuming you right now.

@Viss Wasn't that X-Files and a large underground mushroom colony?