$60 million well spent

https://www.404media.co/google-is-paying-reddit-60-million-for-fucksmith-to-tell-its-users-to-eat-glue/

New from 404 Media: a hacker targeted a scam call center, broke in, then emailed the scam victims to warn them they’d been scammed. Also stole source code of the scammer’s tools. Here is the email: https://www.404media.co/hacker-breaches-scam-call-center-emails-its-scam-victims/

We must protect privacy, even in the face of cryptocurrency crime. As governments crack down on one of the most notorious tools for criminal money laundering in the cryptocurrency world, I’m worried about the ramifications.

https://www.citationneeded.news/tornado-cash/

#crypto #cryptocurrency #privacy #TornadoCash #newsletter #CitationNeeded

The kind of professor I’m trying to be at university:

EDIT: just to clarify, this is a screenshot found offline, not from one of my student. I’m more direct as I tell my students that "piracy is sharing knowledge and sharing knowledge is ethical and what I’m paid to do so please use libgen.rs and sci-hub"

The Google AI isn’t hallucinating about glue in pizza, it’s just over indexing an 11 year old Reddit post by a dude named fucksmith.

Finally got around to publishing the slides of my OffensiveCon talk from ~two weeks ago. Sorry for the delay!

The V8 Heap Sandbox: https://saelo.github.io/presentations/offensivecon_24_the_v8_heap_sandbox.pdf

Fantastic conference, as usual! :)

We should start using phrases such as "AI infested" in regards to software.

The USB Cart of Death: Plug and Pray - Interview with Raymond Chen

https://www.youtube.com/watch?v=6_hm3NzLeO8

This is basically a HW USB fuzzer :D

More details with photo: https://devblogs.microsoft.com/oldnewthing/20240521-00/?p=109786

[RSS] Chaining N-days to Compromise All: Part 6 — Windows Kernel LPE: Get SYSTEM

https://medium.com/@vr-blog/chaining-n-days-to-compromise-all-part-6-windows-kernel-lpe-get-system-83cd756ce90a?source=rss-4b564abdafa3------2

I'm currently downloading books from Library Genesis I legally own physically *and* digitally because the quality is just that good.

Also download availability/speed really brings back memories of working through a week in DC++ to find and download half of an album in MP3 (and two trojans).

Sam Altman Is Full Of Shit

https://www.wheresyoured.at/sam-altman-is-full-of-shit/?ref=ed-zitrons-wheres-your-ed-at-newsletter

Here are the top three things to teach everyone (including yourself).

1. Empathy.
2. The scientific method of thinking.
3. Knowing when you’re not qualified to have an opinion, and who is.

Those, in that order, before any other topic.

1. Will guide everyone to positive action and avoid dehumanising behaviour.
2. Will guide you *how to learn* and how to identify bad conclusions. It will help you understand the world and avoid being made a dupe.
3. Will stop your ignorance from hurting others.

Track of the day: Metodi Hristov - Modern Dystopia

https://soundcloud.com/metodihristov/metodi-hristov-modern-dystopia-original-mix-set-about

Fuck
These
Algorithms

#techno #AI

back in my day we called this spyware

#AI #privacy #Microsoft

This SnapAttack writeup on CVE-2024-30051 is pretty neat: https://blog.snapattack.com/hunting-cve-2024-30051-8de021f0cf77

But don't let the mention of the UAC and even T1548.002 suggest that it's merely a UAC bypass. This allows going from non-admin to SYSTEM.

This is in no way a UAC bypass. The UAC's consent.exe is merely a mule to get the user-provided payload DLL to execute with SYSTEM privileges (by way of dwm.exe).

[RSS] Abusing url handling in iTerm2 and Hyper for code execution

https://vin01.github.io/piptagole/escape-sequences/iterm2/hyper/url-handlers/code-execution/2024/05/21/arbitrary-url-schemes-terminal-emulators.html

#OffensiveCon24 - Claudia d'Antoine - Opening Remarks in Memory of Our Friend Sophia

https://www.youtube.com/watch?v=a7zCs25M8Y8

TOCTOU||GTFO - The State of Sandboxing in Linux

https://git.sr.ht/~alip/syd/tree/main/item/doc/toctou-or-gtfo.md

Revolutionary idea:

An electronic toothbrush that doesn't tip over when you look at it.