[RSS] Time Travel Analysis for fuzzing crash analysis

https://eshard.com/posts/back-to-the-crash

Accidental timing: this one from eShard is different from my previous #TimeTravelDebugging post!

Time Travel Analysis with a full-system android emulator gives you the full picture.

But if you're just looking at one part of an app, a lighter method can be enough.

Here’s how we used Frida to do it: https://eshard.com/posts/frida-tracer-lightweight-time-travel-analysis

#mobilesecurity #android #androidsecurity #reverseengineering

Sorry, I blogged:

Debugging loadlibrary Through Space and Time

https://scrapco.de/blog/debugging-loadlibrary-through-space-and-time.html

#ReverseEngineering #TimeTravelDebugging #rr #ASAN

I wanted to quickly explain why, school kids should learn markdown instead of MS Office, and ended up writing a major Epos on Markdown vs obsolete writing formats:

https://ia.net/topics/markdown-and-the-slow-fade-of-the-formatting-fetish

This is, I kid you not, about 1/6th of what I wrote. I'll publish the rest later.

We're pleased to announce that folks can now contribute financially to the project through GitHub Sponsors! 🎉

https://github.com/sponsors/AsahiLinux

Intel VT-rp
https://community.intel.com/t5/Blogs/Tech-Innovation/Client/Intel-Virtualization-Technology-Redirect-Protection-Intel-VT-rp/post/1672593

"Then CSS came along, it was a fucking miracle." — https://eev.ee/blog/2020/02/01/old-css-new-css/

learned at least 7 different things about the web from this post

Hello friends. The dreaded and long awaiting blog on WHAT THE FUCK HAPPENED TO THE CYBERSECURITY JOBS MARKET has arrived.

https://tisiphone.net/2025/04/01/lesley-what-happened-to-the-cybersecurity-skills-shortage/

I'm sorry.

I enjoyed this idea that authoritarian states are more like the movie Brazil than the book 1984 - because authoritarianism breeds incompetence.

https://observer.com/2025/02/terry-gilliams-brazil-at-40-more-prescient-than-orwell/

oh fuck, val kilmer is dead

This follow-up to CVE-2024-57882 by Solar Designer also worth reading:

https://seclists.org/oss-sec/2025/q2/3

"A reason CVE-2024-57882 may have stayed unpatched in a distro is it could have been wrongly believed to be a NULL pointer dereference only due to a specific crash reported by Syzbot."

"net.mptcp.enabled can be set from inside an unprivileged net namespace"

"bribing a senator with a 9-letter name will alter the last letter in their name on their subsequent appearances"

https://banyaszvonat.github.io/breaking-videogames/2025/03/30/off-by-one-or-is-it-two.html

#gamehacking #Disgaea

who could have seen *this* coming

https://futurism.com/neoscope/23andme-selling-data

Computer Chronicles - Windows 98
https://archive.org/details/Windows9_2

Linux kernel: CVE-2024-57882 fix did not prevent data stream corruption in the MPTCP protocol

https://seclists.org/oss-sec/2025/q2/0

"The analyze(sic!) of the patch (https://web.git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=cbb26f7d8451fe56ccac802c6db48d16240feebd) reveals that the root cause of the bug has been partially fixed."

[RSS] Plan 9 finally comes to the POWER9

https://www.talospace.com/2025/04/plan-9-finally-comes-to-power9.html

turns out Qualcomm dropped the sources for talking to their Embedded USB Debug (EUD) peripheral, and it works on the OnePlus 6!

This means we get JTAG access directly via the USB port, yes seriously! There is also a UART peripheral which we can hook up (so far untested).

Basically you write 1 to a magic register (typically from the Linux driver but i have been testing from U-Boot) and all of a sudden a 7-port USB hub appears on your PC (in addition to whatever USB gadget you had set up) with a single device which is the EUD control interface.

Now that the code to talk to it is public (and functional with this openocd fork https://github.com/linux-msm/openocd) you can get JTAG access to the device for easier debugging of the kernel or U-Boot!

It seems like this works "by accident" on the OnePlus 6, likely the same debug policy misconfiguration that causes the device to go to crashdump instead of just rebooting (so it's unlikely to work on say, the PocoPhone F1, but maybe worth a try!).

There seem to be protections in place so you can't escalate to EL2 or EL3, when in EL2 all registers read as 0

Wanna earn up to $100,000 a month? Perhaps doing crime? For obscure reasons? This is your opportunity.

Don't miss out on this bizarre hacking campaign, which is currently looking for recruits on Twitter.

🤔 🤔 🤔

https://techcrunch.com/2025/04/01/someone-is-trying-to-recruit-security-researchers-in-bizarre-hacking-campaign/

Don't. Make. Me.

Me: The 90's were great

Also me: *casually downloading a 6 GiB ISO at 30 MiB/sec in 3.5 minutes*

Some things are definitely better than they were, and download speeds is one of them