Posts
4195
Following
733
Followers
1627
"I'm interested in all kinds of astronomy."
repeated
I'm a software developer looking for job. I can code in python (good) and java (basic), but i'm an expert at programming in C. You could also say that i can code in C++, though i really prefer doing C over C++.

I'm experienced at software reverse engineering, especially in radare2, to which i've contributed since 2013. In r2 I've co-authored ESIL (evaluable string intermediate language) for instruction emulation and analysis. I've also written most parts of the r_io API as well as a few plugins. At the moment I live in germany, but relocating within the EU for a job after the probationary would be ok for me.

Previously i've worked for an US-american business, for which i've created components of an analysis pipeline for finding potential security vulnerabilities in firmware. One of the things that I've created during that time was a program, that could automatically find code and data sections of a binary of unknown format. You could destroy the elf header of a binary, throw it at the tool, and it would give you almost perfect section boundaries. This was followed by a script that would invoke cpu_rec in order to determine the correct ISA amd create a script to load the target correctly into r2 for further analysis. I was working on an elf-builder tool, which would allow customers to load the binary into any SRE tool, when someone decided the company would go "agentic" and that they no longer need me.

I'd love to analyse malware or develop software for embedded systems, but i'm also open to other jobs, where i can make use of my experience and skills.

#getfedihired
0
7
0
repeated

KERNSEAL makes the linear page cache overflow in https://cyberstan.co.uk/fuse-readdir-oob/ deterministically unexploitable. Serial log below 👇

0
1
0
repeated

1/3 🧑‍⚖️ Today, the Court of Justice of the EU has upheld a € 4.1 billion antitrust fine against Google for abusing the dominant position of its Android mobile operating system to thwart rivals.

💰 The judgment confirms the European Commission's finding that Google abused Android to strengthen the market position of Google Search, the Chrome browser and other Google products.

1
3
0
repeated

klist.exe Revisited: Internals and Further Use Cases https://jakeotte.com/posts/klist-revisited.html

0
2
0
repeated

Small businesses, please stop using corporate social media as your only online presence.

I’d happily visit a website that looks like it was designed in the 1990s if it meant I could actually scroll down and see your address, hours of operation, etc.

It doesn’t have to be pretty, just functional.

It would be really helpful if you also included common allergens for your food and drinks (if relevant) and how accessible your location is for disabled folks.

5
11
0
repeated

Good morning Europe I have written about the bewildering array of mechanisms available to prevent authentication token theft and also explained why we still basically have none of them available and so the authentication tokens are still being stolen and used. It is here: https://www.codon.org.uk/~mjg59/blog/p/preventing-token-theft/

4
4
0
repeated

LOGOS/END.GIF

0
1
0
repeated
Edited 3 days ago

Mastodon has automatic age verification built in, no scanning your face

✅ if you join here you're old
✅ you've seen too much shit
✅ you're tired of said shit

15
30
0
repeated

spy ring targeted officials, Commission investigation finds

🖊️ Max Griera and Mari Eccles

Activities of intelligence officers in Brussels "were initially discreet but gradually became much more overt from 2015 onwards," says Commission probe.

https://www.politico.eu/article/hungary-spy-ring-target-eu-officials-commission-investigation

0
4
0
repeated

Talos Vulnerability Reports

New vulnerability report from Talos:

GeoVision GeoWebPlayer Websocket Server lack of authentication vulnerability

https://talosintelligence.com/vulnerability_reports/TALOS-2026-2370

CVE-2026-13125
0
1
0
[RSS] MAD Bugs: My Cousin Vinyl (CVE-2026-50052)

https://blog.calif.io/p/mad-bugs-my-cousin-vinyl-cve-2026
0
0
0
repeated

Everyone likes some sev:CRIT CVEs in IBM's Langflow OSS, right? Here are ten for you in the past ten days:

https://www.ibm.com/support/pages/bulletin/search?q=Langflow

1
2
0
repeated

RE: https://eupolicy.social/@whvholst/116844640728147355

sweet holy mother of surprise! surely not the same Aura Salla who was chief-lobbyist for facebook before being elected to the European Parliament?

0
4
1
repeated

inspired by CLAUDE.md, I’ve started putting markdown files named after coworkers into work code repos so I can remind them to stop doing shit to the codebase that annoys me

for some reason they’re all mad at me now, which means ill be adding commands to JEREMY.md for an attitude adjustment

4
41
1
repeated

For the N'th time in my ~40 years online I'm watching (mostly: European) digital rights civil society placing moral purity of individuals acting within the law, above the collective impact of capability & outcome. It's like the Monty Python "Suicide Squad" skit.

1
1
0
"Anthropic has agreed to proactively detect and address security risks associated with the models [...and...] alert the government of any malicious activity"

So basically Anthropic will snitch on you?

https://www.bbc.com/news/articles/cdr42623e1do
1
0
1
repeated

cargo-audit flags Rust dependencies with known vulnerabilities. A flagged crate, though, doesn't tell you whether your code calls the vulnerable function.

We added a feature that matches a binary's symbols against the functions named in each advisory. Any matches are labeled "Affected," separating real exposure from advisories that don't apply.

It's live in cargo-audit 0.22.2+. If you're behind, update with `cargo install -f cargo-audit`.

https://crates.io/crates/cargo-audit

0
3
1
Show older