Tweetovi

Blokirali ste korisnika/cu @Thibaut_S

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @Thibaut_S

  1. proslijedio/la je Tweet
    30. sij

    Say hello to OpenSK: a fully open-source security key implementation -

    Poništi
  2. proslijedio/la je Tweet
    28. sij

    My patch to disable PCI device DMA in early boot to avoid gaps in IOMMU coverage just got merged to mainline, so here's a writeup of it:

    Poništi
  3. proslijedio/la je Tweet
    27. sij

    We sent this PoC to Intel on May 16, just hours after we got access to the patches. The paper from last year already describes the issue. Media already reported about it in November: Where's the news?

    Poništi
  4. proslijedio/la je Tweet
    Poništi
  5. proslijedio/la je Tweet
    10. pro 2019.

    What's interesting here: full code exec exploit based on bug in context of _kernel_ thread (much less control over things). I don't know how general the technique is, but potentially opens doors for code execution via USB cable etc. (the bug found with syzkaller obviously)

    Poništi
  6. 10. pro 2019.

    "This issue is a nice reminder that mixing trusted and untrusted data is a recipe for implementation vulnerabilities."

    Poništi
  7. proslijedio/la je Tweet
    10. pro 2019.

    by : Building trusted USB devices and Today @ Meet up the team at booth C16

    Poništi
  8. proslijedio/la je Tweet
    2. pro 2019.

    I wrote a patch to disable busmastering on PCI bridges before ExitBootServices() is called, because PCI is a technology from a more civilised age.

    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet

    this is literally the plot of The Matrix

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    21. stu 2019.

    Blog post on CVE-2019-2215, the Android binder bug that was exploited in-the-wild and affected most Android devices manufactured prior to Fall 2018.

    Poništi
  11. proslijedio/la je Tweet
    14. stu 2019.

    The brilliant sentence from that excellent write-up: "It’s not that I think Intel are malicious, but that doesn’t mean I trust them implicitly either"

    Poništi
  12. proslijedio/la je Tweet
    14. stu 2019.

    You may already be running Linux v5.3! I'm excited about heap auto-initialization, pidfd_open(), global -Wimplicit-fallthrough, x86 CR4 & CR0 pinning, more kfree() sanity checks, arm64 default KASLR, and hardware security embargo documentation:

    Poništi
  13. proslijedio/la je Tweet
    14. stu 2019.

    This is what responsible disclosure looks like when you take its makeup off

    Poništi
  14. proslijedio/la je Tweet
    12. stu 2019.

    timing attack against a TPM, and since that's not hard enough already, they do it over a network connection, too?

    Poništi
  15. proslijedio/la je Tweet

    I am starting a new thing named Research Notes, which is the open source fraction of my research notebook on systems internals, vulnerability discovery and exploit development: And the first Research Note: “iBoot address space”

    Poništi
  16. proslijedio/la je Tweet
    9. stu 2019.

    I've published a write-up on the Android Binder use-after-free kernel bug that p0 discovered recently affected the Pixel 2 and Galaxy S7/S8/S9. It goes into technical details of how an arbitrary read/write is established :)

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet
    8. stu 2019.

    What I found interesting 1/3: Deep Analysis of Exploitable Linux Kernel Vulnerabilities 2017-2019 With some overview and deep dive into several real exploits. Including , SMAP, exploiting races. 1/3

    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet

    Tl;dr: we need exploit write-ups that analyze the whole chain so platform security engineers can secure the whole platform and kill the fragile bits of the exploit chains, not just whack-a-mole fixing each individual heap overflow and hoping that this one will be the last.

    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet

    This — from the the absolutely amazing in 2014 — so goddamn prescient; it's also basically every thought I've had this year since the checkm8 iPhone vuln and the WhatsApp vuln: "Everything Is Broken" - The Message - Medium

    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet
    31. lis 2019.

    Except that it doesn't in any kind of RAP sense. Keywords here are "doesn't require error handling" (you can corrupt local vars without detection now) and the "shadow stack" is not like one in a CET sense, it's just another allocation that can be found easily and attacked

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·