Thank you #LABScon2024 for the great conference and for posting a recording of my talk on 30 years of decompilation!

https://bird.makeup/@sentinelone/1861465678232068495

Yay! The r2k plugin for #radare2 is back! #kernel #reverseengineering

google’s latest fuckery: if you write online, read this

The Google app for iOS now adds THEIR links to YOUR posts from YOUR website unless you opt-out.

Their links lead people away from your site and back to Google. Because that’s definitely what you want, right? That’s why you have a blog or portal or web site or whatever. You want people to leave your site and go back to Google.

Oh, it’s not?

If you don’t like it, you can “Opt out.” Opting out is a pain in the ass. Here’s where you go to do it. You have to enter every variation of each of your domains or it won’t work. It will take up to 30 days, during which time Google will continue to pollute your work and your writing and your website with their modifications and their added links to take people away from your site and back to themselves.

For example, here’s the list of what I need to opt-out just for this one blog:

solarbird.nethttp://solarbird.nethttps://solarbird.netwww.solarbird.nethttp://www.solarbird.nethttps://www.solarbird.netweb.solarbird.nethttp://web.solarbird.nethttps://web.solarbird.net

Yes, you explicitly have to file no prefix, http:, and https: variants separately. They say so.

Making it difficult like this is 100% intentional and entirely designed to make it as annoying as possible, and also, to make sure you slip up if at all possible and forget one or more combinations.

(Tho’ I am just going to depreciate web. as a prefix right now, to bring down the load a little. Still gonna list ’em, though, because spite is why.)

Right now it’s only in the Google app for iOS and it’s probably a test to see whether they can get away with it without complaint, and how much revenue it generates. Let’s make that a combination of no and as close to zero as possible. Because otherwise they’ll roll it out everywhere, and probably derank you if you don’t go along.

Fucking hell, Google. Fuck you. Just… fuck you.

#art #t0000000000bs_ #writing

it is a very strange world when my terminal emulator program is taking up 1.2GB of memory.

Here's the latest #curl hackerone issue I mentioned the other day: https://hackerone.com/reports/2871792 another one of those "we found a function call so therefore your program must be vulnerable".

Disclosed for educational purposes. Don't do this.

Fast conditional breakpoints via eBPF!?! Let's go! https://pernos.co/blog/linux-kernel-additions/

"With the new feature we contributed to 6.10 it's instead possible to filter the breakpoint hits in the kernel without ever trapping to rr or using ptrace. We can install a hardware breakpoint via the perf events subsystem and attach a BPF program to it that checks for matching register values and suppresses signals for those iterations that are not of interest."

ICP-Brasil issued cert for googgle[.]com

https://bugzilla.mozilla.org/show_bug.cgi?id=1934361

Got some negative or unrealistic threat model results that still bring interesting insights? A side channel that requires root to leak something from the kernel? Reproducing prior work? Somewhat related to microarchitecture? Here's your venue: uasc.cc

First edition is happening on February 19 in Bochum, the day before RuhrSec.
We accept submissions (papers, posters, talks) starting today and try to provide reviews within a 2 week time frame of submission.
Last Submission Deadline: January 27, 2025

stalld: unpatched fixed temporary file use and other issues

https://security.opensuse.org/2024/11/29/stalld-fixed-tmp-file.html

Linux: Race can lead to UAF in net/bluetooth/sco.c: sco_sock_connect()

https://seclists.org/oss-sec/2024/q4/130

What a mess:

“the reporter also did not reply to any of linux-distros’ members questions, most notably ‘have you contacted either security () kernel org or the bluetooth maintainers about this issue?’”

“the issue may be the same as CVE-2024-27398”

tuned: local root exploit in D-Bus method instance_create and other issues in tuned >= 2.23 (CVE-2024-52336, CVE-2024-52337)

https://seclists.org/oss-sec/2024/q4/127

⛧ SLEIGHER ⛧

NEW: The phones of the new NATO Secretary General Mark Rutte (including a hotline with the White House):
https://www.electrospaces.net/2024/12/the-phones-of-new-nato-secretary.html

The Archive has definitely hit the phase of "it works unless it doesn't, and then it will suddenly work". This is where the urge to just throw open what's left just to drop bug reports or complaints is high, but you just need to keep tracking things down. This was a quarter century codebase! It's beyond amazing it got this far, this fast. But every time I go back to work at my interfaces, the team has made them run better and better.

This was my tenth(!) year building 25 days of puzzles for #AdventOfCode. You can solve them all for free! Most people write code to solve them, but you can solve them however you like. I hope they help people become better programmers. 🌟

The first puzzle comes out in two hours: https://adventofcode.com/

The 2024 Economist Word of the Year:

“kakistocracy” - Government by the least qualified or most unprincipled citizens.

https://www.economist.com/culture/2024/11/29/the-economists-word-of-the-year-for-2024