I have just discovered that a function's comment added to a MSVC well known runtime function added by IDA's Lumina Server was generated using an AI tool for IDA.

Please don't. I fucking hate it.

BTW: The code for the function that the LLM model is trying to explain *is hallucinated* and does not even correspond to the real function.

I mentioned the other day that I don't really like video content.

Now I realized I'd love to watch a good tutorial video(series) on #IPv6.

Any recommendations?

[RSS] plORMbing your Django ORM

https://www.elttam.com/blog/plormbing-your-django-orm/

fun fact: the landing zone on a hard disk platter has a special surface texture that reduces stiction. the rest of the surface is so smooth the head would get stuck if it landed on it.

The V8 Heap Sandbox by Samuel Gross

https://www.youtube.com/watch?v=5otAw81AHQ0

Finally managed to watch this (h/t @swapgs for the reminder), some things that struck me:

• Browsers are OS’s and now they demand CPU features for security
• We need security boundaries that are testable - so happy to see this concept implemented at such a fundamental component!

Also, make sure to watch the Q&A part :D

#OffensiveCon24

Goodbye Lynn.

As of today, Firefox Nightly ships with "HTTPS First". So, all new tabs, all links will try HTTPS🔒 regardless of the written URL scheme. When HTTPS fails, Firefox will fall back to using http.

This is thanks to the tireless work of our intern @mjurgens 👏👏👏.

[oss-security] Microsoft leak of PlayReady developer / Warbird libs

"On Jun 11, 2024 Microsoft engineer posted on a public forum information about a crash [...] The post had an attachment - a 771MB file (4GB unpacked), which leaked
internal code (260+ files) pertaining to Microsoft PlayReady" 🍿

https://seclists.org/fulldisclosure/2024/Jun/7

Random objects: Intel Edison, or a look at the misadventures of x86 in the IoT space - https://lcamtuf.substack.com/p/random-objects-intel-edison

Me: I have this genius idea to play with memory!
Alignment: Not on my watch!

https://www.youtube.com/watch?v=obHUTehMUMU

If you are still doing this to your customers, you're not understanding what has happened in the world of technology since 2004 and you are part of the problem.

[RSS] Uncovering ChatGPT Usage in Academic Papers Through Excess Vocabulary

https://hackaday.com/2024/06/22/uncovering-chatgpt-usage-in-academic-papers-through-excess-vocabulary/

"massive spikes in excess vocabulary that coincide with the public availability of ChatGPT and similar LLM-based tools" - Also see my previous suggestion: https://infosec.place/objects/a320c6c9-b6b4-4bf8-b685-0fd83b8a27e7

[RSS] Your NVMe Had Been Syz’ed: Fuzzing NVMe-oF/TCP Driver for Linux with Syzkaller (2024.04.25)

https://www.cyberark.com/resources/threat-research-blog/your-nvme-had-been-syzed-fuzzing-nvme-of-tcp-driver-for-linux-with-syzkaller

Urvile, of Legion of Doom, discusses dumpster diving at the Bellsouth phone company on NBC Dateline in 1992.
#hacker #hacking #history

The wonderful world of #OpenSource and #Mastodon! https://tech.lgbt/@nina_kali_nina/112659983582469484 where Nina asks a question, I answer with a partial solution based on a little project by @vadim which is missing a specific feature. Vadim sits down, codes that missing feature, commits it, I pull his updates, build a new container and now we all have an even better way to turn Mastodon threads into copy/pasteable #Markdown.

https://mtr.wildeboer.net

That all happened in less than 5 hours!

I have rebased the #illumos / #solaris port of #Tailscale onto 1.68.1

https://github.com/nshalman/tailscale/releases/tag/v1.68.1-sunos

And here's my occasional Fedi outreach about my dream retrocomputer - does anyone have a Sun Ultra 45 they are willing to part with? I'm just a sad, pathetic person living in Arctic Sweden who has been trying for more than two decades (!!) to get his hands on one.

Boosts are definitely love.

#retrocomputing #unix #sun #solaris

Frankly, I'm appalled by the prospect of LLMs taking offensive security research jobs from honest, hard-working fuzzers

I'm personally still not a fan of vlogs, but Laurie Wired is another creator I wish was around when I went to school:

https://www.youtube.com/watch?v=vc79sJ9VOqk