Dmitry Vyukov

@dvyukov

I tweet about fuzzing, bugs, sanitizers, security, hardening, kernels, Go, performance, concurrency, lock-free algorithms.

Munich, Germany
1024cores.net
Beigetreten April 2009
60 Fotos und Videos Fotos und Videos

Tweets

Du hast @dvyukov blockiert

Bist du sicher, dass du diese Tweets sehen willst? Das Ansehen von Tweets wird @dvyukov nicht entblocken.

  1. vor 15 Stunden

    The fun thing I see other people say "Corba (not Cobra)" while for me it's the other way around: CORBA is just "CORBA", while Cobra is "Cobra (not Corba)". I guess it's an age meter: Are you CORBA-old?

    2 Antworten
    Rückgängig machen
  2. vor 15 Stunden

    Yikes, I added a poll here. Does twitter fail to show poll if I reference another tweet?..

    Diesen Thread anzeigen
    Diesen Thread anzeigen
    Rückgängig machen
  3. vor 15 Stunden

    Re last post about Cobra/CORBA: The fun thing I see other people say "Corba (not Cobra)" while for me it's the other way around: CORBA is just "CORBA", while Cobra is "Cobra (not Corba)". I guess it's an age meter: Are you CORBA-old?

    1 Antwort 2 Gefällt mir
    Diesen Thread anzeigen
    Diesen Thread anzeigen
    Rückgängig machen
  4. vor 16 Stunden

    Reading github CLI release notes [1]: ... - Upgrade to Cobra 1.0 #916 Wait, WAT?... ... ... oh, ok, this is not Corba [2] [1] [2]

    1 Antwort 4 Gefällt mir
    Rückgängig machen
  5. vor 17 Stunden

    Indeed exciting! acquires both continuous fuzzing solution and structured fuzzing solution : If GitLab integrates both, it will be dreams come true. Jealous it's not b/c syzkaller is hosted there.

    Exciting News! is acquired by . Read the full story at
    7 Retweets 21 Gefällt mir
    Rückgängig machen
  6. hat retweetet
    9. Juni

    Introducing (), the first cross-core attack which can leak stale data from an offcore staging buffer shared across cores. See where we also show how to leak enclave private keys across cores in 1s with just 1 signature:

    63 Retweets 130 Gefällt mir
    Rückgängig machen
  7. 10. Juni

    No more "you forgot to run check_patch", mangled patches without base, improperly formatted code, people struggling to setup mail client, forgotten contributions, etc. Some prior art:

    2 Antworten 6 Gefällt mir
    Diesen Thread anzeigen
    Diesen Thread anzeigen
    Rückgängig machen
  8. 10. Juni

    The new CLI is very cool! $ gh pr checkout 1809 $ gh pr create $ gh issue list/create Idea is not new but bringing it to masses is invaluable. kernel and absolutely need this type of interface too!

    3 Antworten 16 Retweets 53 Gefällt mir
    Diesen Thread anzeigen
    Diesen Thread anzeigen
    Rückgängig machen
  9. hat retweetet
    10. Juni

    Took over 6 months for the below memory leak to be rediscovered after this tweet: Trivial PoC which eventually panics a system with unpriv userns and CONFIG_AFS_FS enabled here:

    5 Retweets 18 Gefällt mir
    Rückgängig machen
  10. 5. Juni

    I enjoyed the talk a lot. The accent is on Durable. Compares different approaches to removing classes of vulnerabilities wrt Completeness/Enforcability/Verifiability/Dev friction. Touches on supply chain and "how end user be sure what static analysis were done on this systems SW"

    The slides and recordings for my SSTIC 2020 presentation on Pursuing Durable Safety for Systems Software have been posted. I'd love to hear other voices and perspectives on this topic. A big thank you to the organizers for inviting me to speak :)
    Diesen Thread anzeigen
    1 Retweet 10 Gefällt mir
    Rückgängig machen
  11. hat retweetet
    4. Juni

    Now it's official: longterm 4.19 and 5.4 instead of two years will be supported for six years in total, as just raised the projected EOL on by four years:

    4 Antworten 42 Retweets 78 Gefällt mir
    Diesen Thread anzeigen
    Diesen Thread anzeigen
    Rückgängig machen
  12. hat retweetet
    4. Juni

    I reengineered the idea from this article and submitted that work for the Linux kernel mainline. Central patch of the series:

    New blog post from on his first two weeks at : "Resolving an Unfortunate STACKLEAK Interaction"
    1 Antwort 5 Retweets 23 Gefällt mir
    Rückgängig machen
  13. hat retweetet
    3. Juni

    I wonder how it feels to have been working on surveillance technology thinking that it would only be used against foreign adversaries and now learning that it’s being deployed domestically against peaceful protesters here in the US.

    13 Antworten 54 Retweets 173 Gefällt mir
    Rückgängig machen
  14. hat retweetet
    25. Apr. 2019

    So happy and excited to be featured as the most active kernel developer for Linux 5.1 🐧

    [$] Some 5.1 development statistics
    3 Antworten 2 Retweets 30 Gefällt mir
    Diesen Thread anzeigen
    Diesen Thread anzeigen
    Rückgängig machen
  15. hat retweetet
    2. Juni

    We would really appreciate if you had a spare minute to fill the KernelCI Community Survey form and help us understand the CI needs of the kernel community: This is for your own good!

    23 Retweets 19 Gefällt mir
    Rückgängig machen
  16. hat retweetet
    31. Mai

    Nice benchmarking! tl;dr: 4% performance hit with nearly all kernel hardening options enabled for a build server workload. Do not enable CONFIG_SLUB_DEBUG_ON unless you really want the kernel doing massive amounts of heap allocation sanity-checking; it added an additional 10% hit

    I wanted to know about the basic performance impact when applying suggestions from 's "kconfig-hardened-check" So I ran some tests using the 5.4 lts linux kernel. You can read it all here:
    15 Retweets 35 Gefällt mir
    Rückgängig machen
  17. hat retweetet
    29. Mai

    Neat little bug-finder I realized today: 48 B8 ?? ?? 00 00 00 FC FF DF 80 38 00 will know :)

    1 Antwort 1 Retweet 11 Gefällt mir
    Diesen Thread anzeigen
    Diesen Thread anzeigen
    Rückgängig machen
  18. 28. Mai

    Want easy money? Take a use-after-free from syzbot dashboard: Fix & submit to VRP program. Let's fix security!

    We just announced a new bug bounty on a hardened kubernetes cluster. The fun part: 1days are explicitly in scope! Want to exploit a public bug that hasn't been patched in our cluster yet? That's fair game. More info here:
    2 Antworten 35 Retweets 89 Gefällt mir
    Rückgängig machen
  19. hat retweetet
    18. Mai

    We now have a blog! Check out our first post to see what we've achieved since we joined the and what's coming next: tl;dr Now is a really, really good time to start contributing ;)

    1 Antwort 10 Retweets 20 Gefällt mir
    Rückgängig machen
  20. hat retweetet
    14. Mai

    Heads up - will start showing functional test results instead of boots on Monday! Detailed timeline on GitHub: Email thread:

    2 Retweets 7 Gefällt mir
    Rückgängig machen

@dvyukov hat noch nichts getwittert.

Das Laden scheint etwas zu dauern.

Twitter ist möglicherweise überlastet oder hat einen vorübergehenden Schluckauf. Probiere es erneut oder besuche Twitter Status für weitere Informationen.

    Vielleicht gefällt dir auch

    ·