You don't need an 8-core CPU and 16 gigabytes of RAM just to jot down some notes. An ESP32 and a handwired keyboard will work quite nicely.

You know...in case you don't have a pen.

https://hackaday.com/2024/04/05/esp32-provides-distraction-free-writing-experience/

"The biggest source of conflict was an amendment ... that would prohibit #databrokers from selling consumer data to #lawenforcement and would require a warrant to access Americans’ information... National #security hawks in #Congress and local law enforcement groups joined forces to kill the amendment, with the National Sheriffs’ Association claiming it would “kneecap law enforcement” in a letter to Congress..."

https://www.theverge.com/2024/4/5/24122079/data-brokers-fisa-extension-nsa-section-702-surveillance-lexis-nexis

I've taken to calling the Bitcoin price ticker "ransomware futures".

Babe wake up, new Google Pixel zero-days just dropped: 🔗 https://source.android.com/docs/security/bulletin/pixel/2024-04-01

• CVE-2024-29745 (information disclosure, high severity)
• CVE-2024-29748 (elevation of privilege, high severity)

Note: There are indications that the following may be under limited, targeted exploitation.

EDIT: Reported by security researcher Daniel Micay of GrapheneOS Foundation who reported that the vulnerabilities were exploited in the wild by forensics companies 🔗 https://grapheneos.social/@GrapheneOS/112204428984003954

CVE-2024-29745 refers to a vulnerability in the fastboot firmware used to support unlocking/flashing/locking. Forensic companies are rebooting devices in After First Unlock state into fastboot mode on Pixels and other devices to exploit vulnerabilities there and then dump memory. We proposed zeroing memory in firmware when rebooting to fastboot mode to wipe out the whole class of attacks. They implemented this by zeroing memory when booting fastboot mode. USB is only enabled by fastboot mode after zeroing the memory is completed, blocking these attacks. GrapheneOS already implemented defenses against this attack before we became aware of it. After becoming aware of this attack against Pixels running the stock OS, we improved our existing defenses and added new ones alongside reporting the firmware weaknesses to get those fixed.

CVE-2024-29748 refers to a vulnerability providing the ability to interrupt a factory reset triggered by a device admin app. It appears they've implemented a partial solution in firmware. See https://grapheneos.social/@GrapheneOS/112162304896898942 about ongoing work we spotted on wipe-without-reboot support.

See related Bleeping Computer reporting: 🔗 https://www.bleepingcomputer.com/news/security/google-fixes-two-pixel-zero-day-flaws-exploited-by-forensics-firms/

#zeroday #eitw #activeexploitation #CVE_2024_29745 #CVE_2024_29748 #Google #Pixel #Android

I always forget the CORE SSH story about @4Dgifts and Futo working on the then SSH implementation, finding a bug, sending the report upstream with a patch, upstream botching the patch and… it was a CRC32 checksum backdoor ("No relation"™ to the current stuff).

You might have seen it in a rather famous film where it is shown to enter the utility services from a pretty green phosphors terminal.

​

Any experienced C developers among my followers? #BoostsWelcome.

Expat, arguably the world's most popular #XML parser, is understaffed and without funding. As #xz has shown, situations like this are dangerous.

Last month, maintainer Sebastian Pipping put up a plea for help at https://github.com/libexpat/libexpat/blob/R_2_6_2/expat/Changes

(I would help myself, but my C skills barely surpass "Hello, World".)

Found via @timbray - https://cosocial.ca/@timbray/112203547801373427

#libexpat
#SoftwareSupplyChainSecurity #OpenSource #OpenSourceMaintainer
#C

The #PHP Foundation, alongside other #OpenSource organizations including the #Apache Software Foundation, #Blender Foundation, #OpenSSL Software Foundation, #Python Software Foundation, #Rust Foundation, and #Eclipse Foundation, announced today a collaborative initiative aimed at establishing common cybersecurity standards in alignment with the European Union’s Cyber Resilience Act (#CRA):

https://thephp.foundation/blog/2024/04/02/open-source-community-cra-compliance-initiative/

This is not a late April Fool's joke: After #37C3, we accidentally dumped the keypad codes of almost half of an IBIS hotel's rooms by entering some dashes into a check-in terminal: https://www.pentagrid.ch/en/blog/ibis-hotel-check-in-terminal-keypad-code-leakage/ #itsecurity #infosec #ibis #accor #terminal #hotel

Here's a fun AI story: a security researcher noticed that large companies' AI-authored source-code repeatedly referenced a nonexistent library (an AI "hallucination"), so he created a (defanged) malicious library with that name and uploaded it, and thousands of developers automatically downloaded and incorporated it as they compiled the code:

https://www.theregister.com/2024/03/28/ai_bots_hallucinate_software_packages/

1/

I'm watching some folks reverse engineer the xz backdoor, sharing some *preliminary* analysis with permission.

The hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system().

It's RCE, not auth bypass, and gated/unreplayable.

More details in this thread: https://bsky.app/profile/did:plc:x2nsupeeo52oznrmplwapppl/post/3kowjkx2njy2b

A very niche joke via @leonjza

#MARCHintosh RCE challenge contest: whoever gets code execution on my Macintosh LC 475 running Mac OS 8.1 on the public internet at 185.218.227.18 wins $350 over PayPal

New blog! "BGGP4: A 420 Byte Self-Replicating UEFI App For x64"

I cover UEFI, the UEFI x64 ABI, writing UEFI applications in x86_64 assembly, Tianocore EDK2 image loader internals, QEMU automation, and binary golf strategies for UEFI PEs.

Happy Friday!

https://github.com/netspooky/golfclub/tree/master/uefi/bggp4

For those new to #Mastodon / the #Fediverse or those looking to get more out of this awesome network, here are some tips for getting started, general advice, and links to a ton of related resources. This “Starter Pack" also features a ton of awesome #infosec / #cybersecurity follow recommendations.

https://shellsharks.com/notes/2023/10/20/infosec-mastodon-starter-pack

Let me know your own tips/tricks and please share out / boost if you find these useful!

#tips #mastotips #discoverability #welcome #resources #follow #mondayblogs

Today, we have opened five non-compliance investigations under the Digital Markets Act.

It concerns:
🔹Alphabet’s rules on steering in Google Play
🔹Alphabet’s self-preferencing in Google Search
🔹Apple’s rules on steering in the App Store
🔹Apple's choice screen for Safari
🔹Meta’s ‘pay or consent model’

More info: https://europa.eu/!4NF6bV

#DMA #EU

Me, an idiot: “So, kids, by setting the thermostat a little lower and eating less meat, we’re doing our part to make the world more sustainable”

VCs, very smart: “We just raised $100 billion dollars from the sovereign wealth funds of three petrostates to build the world’s largest AI supercomputer. It uses as much power and water as Guatemala and the primary use case is for management consultants to autogenerate powerpoints for justifying mass layoffs.”

NetHSM – A hardware security module with open hardware and open source code: «Unlike proprietary HSM products, NetHSM is the first HSM available as open source, which enables independent security audits, easy customization and avoids vendor lock-in. Only open source allows to verify the absence of back doors.»
https://www.nitrokey.com/products/nethsm
#HSM #OpenSource #OpenHardware #Security

Hey, I just met you, and this is async
But here's my function, so callback() maybe

Last night, about 21 hours ago, Manfred Paul demonstrated a security exploit targeting Firefox 124 at pwn2own.

In response, we have just published Firefox 124.0.1 (and Firefox ESR 115.9.1) containing the security fix.

Please update your foxes! 🦊

Kudos to all the countless people postponing their sleep and working towards resolving this so quickly! Really impressive teamwork again. Also, kudos to Manfred for pwning Firefox again :)