[RSS] RISC CPU Lives in Excel

https://hackaday.com/2024/11/24/risc-cpu-lives-in-excel/

Hot damn, David from Usagi Electric finally got the Bendix G15—a vacuum tube digital computer from 1958—up and running. He’s been fixing it for the past 18 months, doing everything from repairing frozen bearings to fixing the paper tape reader to testing thousands of germanium diodes. Amazing. https://www.youtube.com/watch?v=Fe1wYwGcjlo

From Guardian to Gateway: The Hidden Risks of EDR Vulnerabilities - Neodyme
https://neodyme.io/en/blog/wazuh_rce/

/via @tekwizz123

CVE-2024-32038, CVE-2023-50260
#frombsky

Page-Oriented Programming: Subverting Control-Flow Integrity of Commodity Operating System Kernels with Non-Writable Code Pages | USENIX
https://www.usenix.org/conference/usenixsecurity24/presentation/han-seunghun

/via @andersonc0d3

Prefer Rust to C? There's no reason your decompilation has to necessarily target C as the output. With our Language Representation UI/API in 4.2 you can see all your decompilation as Rust instead.

A bit annoying thing in #Bsky #ATProto is that you don't post plaintext that is "enriched" remotely, but provide a Rich Text object with links, tags, etc. marked as such. It seems from the servers perspective len(rich_text)!=len(str(rich_text)) and I found no way to find out what the true length of my rich Text object will be resulting in failed posts and bad thread splitting...

https://atp.readthedocs.io/en/latest/atproto_client/utils/text_builder.html

Latest #Ghidra failed to build because some obscure pyOpenSSL error, which can break pip altogether:

> TypeError: deprecated() got an unexpected keyword argument 'name'

Here's what worked for me:
- Delete the failing pyOpenSSL directory from site-packages
- pip install "pyOpenSSL>22.0.0,<23.0"

I really like the idea of Bandcamp Gift Cards! Get your friends and family hooked on supporting independent artists/small labels!

https://bandcamp.com/gift_cards

My son's #biology book represents carnivores as a true subset of animalivores (which is a new word to me).

Which animals are animalivores but not carnivores?

This is another #test

My keynote from @sansoffensive in Hollywood. Attacking Intelligence: Attacking and Defending AI on The Edge

I cover confidential GPUs, Windows Recall architecture, and post-compromise tradecraft with AI and lots more!

https://www.youtube.com/watch?v=1zl1NSwuhAk

Ignite session covering all the Windows Security newness just posted

https://ignite.microsoft.com/en-US/sessions/GS06

In the "Worth Reposting from Twitter" series today:

https://scrapco.de/twitter/buherator/status/1576535053571530752/

This is a thread about technological things I misjudged during my career. Maybe it'll help someone. (Or maybe I misjudge again?)

- I started gera's challenges, but "why bother with client-side?"

https://github.com/gerasdf/InsecureProgramming.git

- During university, seeing Meterpreter's shortcomings I considered to start developing a professional implant. But "no security boundaries, no fun".

Now look at all teh frameworks...

- Gave up on chemistry because of an idiot teacher

Hunting the Mongoose: Discovering 10 Vulnerabilities in the Mongoose Web Server Library
https://www.nozominetworks.com/blog/hunting-the-mongoose-discovering-10-vulnerabilities-in-the-mongoose-web-server-library

"You never pay here... not with money"

OMG I just realized at the end of the episode Needful Things was bought by *Google*

https://rickandmorty.fandom.com/wiki/Needful_Things

I am looking for padlock or similarly visual device that has bluetooth vulnerabilities (i.e. just uses an "unlock" command or so and no decent cryptography). Any tips welcome!

We misunderstood the concept of afterlife. What the religious texts meant to say is that the essence of your online life will be preserved as the weights of an LLM that handles airline customer support and prescribes Viagra in a telehealth app.

TIL: https://ladybird.org a truely independent browser built by engineers not motivated by data driven revenue. DNSSEC, DANE, no shady CA list, etc. Theyvare always looking for help. #Browser

I'm happy to share that LIEF (extended)
is now providing an API to disassemble code (backed by the LLVM MC layer).

This disassembler is integrated with other functionalities
like dyld shared cache support or DWARF debug info.

You can checkout https://lief.re/doc/latest/extended/disassembler/index.html for the details.