We misunderstood the concept of afterlife. What the religious texts meant to say is that the essence of your online life will be preserved as the weights of an LLM that handles airline customer support and prescribes Viagra in a telehealth app.

TIL: https://ladybird.org a truely independent browser built by engineers not motivated by data driven revenue. DNSSEC, DANE, no shady CA list, etc. Theyvare always looking for help. #Browser

I'm happy to share that LIEF (extended)
is now providing an API to disassemble code (backed by the LLVM MC layer).

This disassembler is integrated with other functionalities
like dyld shared cache support or DWARF debug info.

You can checkout https://lief.re/doc/latest/extended/disassembler/index.html for the details.

And Transmission64 is live. Head on over to https://t64.to/watch .

#c64 #demoparty #demoscene

Moooooommmmm!!

I wrote some cool scripts that I want to share with the world but I do not want to start being in the business of maintaining another open source project. I guess I will just describe it in my blog and tell the world that it's cool and they can use it?

Anyway, I now have an #indieweb #POSSE python script for my homepage.
Whenever I build my blog, it also generates an XML Atom feed (many static site generators do that). After adding an article and building, I can loop ... 1/2

Handling Cookies is a Minefield:

inconsistencies in the HTTP cookie specification and its implementations have caused a situation where countless websites (including Facebook, Netflix, Okta, WhatsApp, Apple, etc.) are one small mistake away from locking their users out.

https://grayduck.mn/2024/11/21/handling-cookies-is-a-minefield/

David Schinazi mentioned @april's cookie blog post and I'm sorry but I had to do a "I told you so".

On the httpbis list.

https://lists.w3.org/Archives/Public/ietf-http-wg/2024OctDec/0231.html

Code ligatures suck ass.

How to debug Windows service processes in the most old-school possible way...

https://www.hexacorn.com/blog/2024/11/23/how-to-debug-windows-service-processes-in-the-most-old-school-possible-way/

We found our first #Y2K38 bug today, in #Keycloak‘s Client credential rotation feature. https://github.com/keycloak/keycloak/issues/35104

Will probably not be the last one - the runup to 2038 will be interesting.

HOPE XV videos just dropped on YouTube! https://www.youtube.com/channel2600

Trellix: When Guardians Become Predators: How Malware Corrupts the Protectors
A malware campaign drops a legitimate Avast Anti-Rootkit driver (BYOVD) to terminate security processes, disable protective software, and seize control of the infected system. Indicators of compromise provided.

#byovd #avast #ioc #threatintel #infosec #cybersecurity #cyberthreatintelligence #cti

Oh hooooo: Advent of Radare2

https://www.radare.org/advent/

#me-all-ears #radare2 cc: @radareorg

In an ideal world for reverse engineering, every function would have a name, and every variable would be correctly typed. Take a step towards that world, learn to build your own custom Ghidra Data Types in my latest post: https://medium.com/@clearbluejar/everyday-ghidra-ghidra-data-types-creating-custom-gdts-from-windows-headers-part-2-39b8121e1d82