Here’s the recording of my Bluehat talk Pointer Problems - Why we’re refactoring the windows kernel https://youtu.be/-3jxVIFGuQw?si=3Q30ziJBBVv4ZbAU

IBM's EGA graphics (Enhanced Graphics Adapter) celebrates it's 40th anniversary this year, so here's some classic EGA games:

One tiny goal: learn to pronounce kurwa fluently before next Warcon

For anyone looking to adjust their media diet, now’s a great time to consider escaping The Algorithms with RSS. Here are some of the blogs, newsletters, and independent news sites I follow: https://www.mollywhite.net/blogroll/

For feed readers,  I use Inoreader, but there are many other good options.

#RSS #IndependentMedia #blogging

welp, I got some good news, and I have some not so good news.

Since misery loves company, we'll start with the bad news first: I got pneumonia, and I'm pretty sure one of my lungs was close to collapsing. Before I went to the doctor this morning.

I got meds, I'm not dead yet, but I won't be making it to Suricon this year. I'm in no condition to fly.

Good news: I plan my talks in advance, and I posted detailed materials up on my github.

https://github.com/da667/Contalks/tree/main/Suricon2024

Everything you could possibly want to know about my talk is in the readme, and the accompanying files.

With that all sorted, I'm going to rest. now that I have meds that wont have me waking up, choking on my own mucus every two hours.

Support the people who make the stuff you like. There's a good chance that without that, the stuff you like won't get made.

The offensive industry loves making shit up: the new rumor making the rounds is that my girlfriend works at NSO. As a matter of fact, my girlfriend is currently unemployed and looking for work as an event manager in Europe, so let me know if you come across interesting openings. Her only experience in the security industry is coming with me to a few conferences over the past year to look for work and learn more about this niche.

Here is another #NameThatWare

Can you deduct or guess which device this is?
As always, hide your answer behind a CW to not spoil others.

Note: when you read an article where the writer says that a feature can be used for "fingerprinting" or a "device profile", and then says that the fingerprint/profile can be used for targeted ads:

That journalist (or their editor) has an incomplete understanding. Targeted ads are a symptom. The main problem is that if you can be targeted with an ad, you can also be identified from within the crowd.

Adtech is a symptom of more pervasive privacy problems.

KASAN is now available for your own Windows Drivers: https://learn.microsoft.com/en-us/windows-hardware/drivers/devtest/kasan

Oh God, yes! When starting a qemu instance, you can pass it an fd on the command line for its listening socket for that chardev.

You can also tell it to listen on a TCP or UNIX socket, but as the starting process, you now need to try and connect multiple times until qemu is finally started and opened its listening socket. It also might never connect in case qemu fails to start. This is really annoying to handle properly in your code.

With the fd-passing, the parent process can create the listening socket, clear CLOEXEC on the socket, pass it to qemu and then connect to it. At that time it will either be open already or if qemu fails to start, the listening socket will be gone and the connect() fails.

I haven't tried it yet, but I need it for work and it sounds like a proper solution to a really annoying problem.

https://patchwork.kernel.org/project/qemu-devel/patch/20180205152455.12088-10-berrange@redhat.com/

Unattended children get an IBM System/370 and a Cobol starter lecture.

Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051) https://www.coresecurity.com/core-labs/articles/windows-dwm-core-library-elevation-privilege-vulnerability-cve-2024-30051