Posts
4263
Following
738
Followers
1632
"I'm interested in all kinds of astronomy."
repeated
repeated

Microsoft will pay bug bounties even for 3rd party components:

https://www.theregister.com/2025/12/12/microsoft_more_bug_payouts

1
1
0
repeated

Does anyone have a copy of the following paper:

https://doi.org/10.1016/0167-4048(82)90003-7

Robert H. Courtney, Jr., "A systematic approach to data security", in Computers & Security Volume 1, Issue 2, June 1982 (pgs. 99-112)

I have tried Sci-Hub and Anna's but no luck flan_sad

(it is paywalled at https://www.sciencedirect.com/science/article/abs/pii/0167404882900037 for $30 which seems criminal)

2
1
0
repeated

The World Is Not A Desktop - Mark Weiser

https://dl.acm.org/doi/10.1145/174800.174801

0
4
0
repeated
This is beautiful. I've been looking at this for 5 hours now.
54
636
1038
repeated

absolutely losing it. My mom received a spam call that got picked up by Google call screening on her phone, and it ended up responding with one of the more unhinged Asterisk voice recordings before hanging up LMAO

2
10
2
repeated

Thorsten Leemhuis (acct. 1/4)

Analyzing CVE-2025-2296 [Un-verified bypass mechanism in direct boot mode]

https://www.kraxel.org/blog/2025/12/analyzing-cve-2025-2296/

Gerd Hoffmann aka kraxel writes: ""[…] So, if secure boot is enabled attempts to boot via 'EFI stub' will fail, the firmware rejects the binary due to the signature check failing. OVMF will fallback to the legacy 'EFI handover protocol' loader. The legacy loader does not do secure boot verification, which is the core of CVE-2025-2296. And this was essentially unfixable (in the firmware alone) because there simply is no valid secure boot signature due to the patching qemu is doing. Nevertheless there are some use cases which expect direct kernel boot with secure boot enabled to work. Catch 22. […]

Secure boot bypass sounds scary, but is it really? […] So, the actual impact is quite limited. […]""

0
3
0
I'm a huge fan of writing and trying to type on a fucking TV remote got me thinking how much touch-screen keyboards may constrain our thinking...

#ShowerThought
0
0
3
repeated
Weird #DIY question:

I'd like to have easy to switch paper disks on an axis. An "obvious" solution would be to cut pices of a spiral where the beginning and the end just overlap, so they only get off when turned to the direction of the axis.

But how do I cut/produce such pieces so that they remain flat when on the axis?!

#topology
0
0
0
repeated

Decomp2dbg:

"decomp2dbg aims to shorten the gap of context switching between decompiler and debugger by introducing a generic API for decompiler-to-debugger symbol syncing."

https://github.com/mahaloz/decomp2dbg

0
3
0
repeated
repeated

Day 13 of Advent of Compiler Optimisations!

You're calling a function inside a loop, but its result never changes between iterations. Does the compiler spot this and hoist it out? Turns out the answer depends on which compiler you use! Clang pulls off the optimisation beautifully, but gcc stumbles—even with explicit hints. What's going on?

Read more: https://xania.org/202512/13-licking-licm
Watch: https://youtu.be/dIwaqJG0WDo

1
5
0
repeated
Edited 7 months ago

Can anyone test my *SMALLEST* SSHD backdoor?

- Survives updates.
- Does not use ~/.ssh/authorized_keys or PAM modules.
- Does not create any new file.

Just SSHD trickery.

Source at https://thc.org/tips

3
9
0
I published an #IDA importer for the REShare #ReverseEngineering exchange format:

https://github.com/v-p-b/reshare-ida

I also wrote up my development experiences, incl. tips for IDA's type info API:

REshare Ramblings - Bad Vibes with IDA
https://scrapco.de/blog/reshare-ramblings-bad-vibes-with-ida.html

I'm still looking for contributors, esp. on the #radare2 and #BinaryNinja side!
2
5
11
Show older