First, solve the problem. Then, write the code.

— John Johnson

Neat, someone used JRuby to add Ruby scripting support to Ghidra.
https://github.com/goatshriek/ruby-dragon#readme

#ghidra #jruby #ruby

What would be interesting in a book about file formats ? Or streaming myself exploring file formats ?
Just come tell me - I have stickers #38C3.

The hardest part about refuting Y2K disinfo is how many problems were fixed quietly, in part to mitigate risk of ligitation (negligence, etc.). People have stories they can't tell.

At this point, I think enough years have passed that a formal amnesty - to encourage companies to disclose just how bad some of the problems were - would be in our historical best interest.

The easiest way to succeed is to measure success wrong.

"OpenAI expects about $5 billion in losses on $3.7 billion in revenue this year, CNBC confirmed in September. Those numbers are increasing rapidly."

So… The business model is to train models on everyones' data without paying them, then lose a billion dollars.
https://www.cnbc.com/2024/12/27/openai-needs-more-capital-than-wed-imagined-moves-to-for-profit.html

NIST is proposing a 256-bit block variant of AES with a static 256-bit key size. Public comments are open until January 25, 2025.

#crypto #cryptography

https://www.nist.gov/news-events/news/2024/12/nist-proposes-standardize-wider-variant-aes

"Invariant inversion" in memory-unsafe languages

https://pacibsp.github.io/2024/invariant-inversion-in-memory-unsafe-languages.html

The CCC 38 Saal1 Presentation - BlinkenCity: Radio-Controlling Street Lamps and Power Plants by Fabian Bräunlein and Luca Melette

...on reversing streetlamps, ripple controls, Versacom and Semagyr, power gear, smart meters, controlling FREs with flashlights and flipper zero's(!), was a tour de force in reverse engineering, critical infrastructure risk analysis, and hacking excellence. If you use electricity or streets, you should watch it.

https://fahrplan.events.ccc.de/congress/2024/fahrplan/talk/HSNZGR/

Cartoon Network website officially shuts down after 32 years 💔🥹😩😩😩😩😩

To use the Montreal subway, you tap a paper ticket against the turnstile and it opens. But how does it work? And how can the ticket be so cheap that it's disposable? I opened up the tiny NFC chip inside to find out more... 1/15

This year, we worked swiftly to save legacy media sites like https://Vice.com and MTVNews before decades worth of valuable journalism could be erased. These sites are searchable on the Wayback Machine. 📰📺

Help us in saving these resources: https://archive.org/donate/?origin=mstdn-eoy2024

Oh! @raspberry_pi RP2350 gotcha detailed at @ccc. Does he win the prize?? https://events.ccc.de/congress/2024/hub/en/event/hacking-the-rp2350/

VulnCheck: Four-Faith Industrial Router CVE-2024-12856 Exploited in the Wild
CVE-2024-12856 (7.2 high) Four-Faith Industrial Router post-auth command injection is a reported exploited zero-day. Suricata rule available, no IOC though.

@todb there are still 2 more weekdays left in 2024, cram it all into the KEV!

#vulnerability #fourfaith #cve #eitw #activeexploitation #CVE_2024_12856 #infosec #cybersecurity

After 6 months and about 333 commits I proudly present:

Faircamp 1.0 – A static site generator for audio producers
https://simonrepp.com/faircamp/

To recap the highlights of the past months and learn what's new in the final 1.0 release, check out the blog post: https://simonrepp.com/posts/faircamp-1.0/

Development of version 1.0 was made possible through the amazing support, funding and expertise of the @NGIZero programme and coalition, led by the @nlnet foundation and financed by the European Commission's @EC_NGI initiative – thank you so much for giving me and everyone benefitting from a better Faircamp this incredible opportunity!

Also, many thanks to all faircampers, contributors, testers, translators, bloggers, podcasters and encouraging voices for supporting this journey - for the final 1.0 release specifically to @branpos for release candidate testing, @n00q for bugreporting/testing, @limebar for the external artist page feature inspiration and @Vac for their diligent translation work.

Along with this release I've published multiple new documentation resources - from an official Linux/macOS/Windows tutorial to a 1.0 migration guide, from an overhauled reference manual to a beginner's guide to publishing faircamp (or any!) static sites - check out the website and recent posts in the #faircamp hashtag to discover them!

That's all!