Opens profile photo
Follow
Tarjei Mandt
@kernelpool
Senior Security Researcher
Sydney, Australiamista.nu/researchJoined August 2009

Tarjei Mandt’s Tweets

Pulling this one from the vault… I’ll be presenting about my first ever project I worked on at Azimuth! I’m excited to share it, come check it out!
Quote Tweet
🌠🦊*Starfox* A Case Study in Exploiting Impractical Bugs @mncoppola will walk through his first project at @TrenchantARC at the @MidnightSunCTF Conference. Turning terrible primitives into a crazy Rube Goldberg exploit with reliable #iOS persistence as a side-effect. 📲😎
Image
2
27
For the past 10 years, I have been honored to be part of a team with some of the best vulnerability researchers on the planet. Trenchant (formerly Azimuth) is always looking for elite research talent. DM me if you would like to join us.
2
45
DAWs such as Ableton Live and Logic Pro need an out-of-process plugin model. Third party plugins randomly crashing on a daily basis is pretty disruptive to your workflow.
4
6
I purposely designed a mechanism so that M1 Macs would retain the capability to boot completely arbitrary code instead of XNU if users wanted. But you have to 1) reboot to recoveryOS with a physical power button press and 2) put in your SEP-backed credentials.
Quote Tweet
Some more context to this: while a customKC (which is basically "something resembling Mach-O kernel file to transfer control to instead of the original kernel") payload is indeed unsigned, it's hash is still signed by machine-specific key, so chain of trust is preserved. twitter.com/never_released…
Show this thread
3
383
Show this thread
We are hiring! If you live for vuln research or low level systems engineering challenges, come join us :) Particularly looking in London and DC but remote work also available. email (md@azimuthsecurity.com)
3
174
Just pushed a major update to Psychic Paper. People have informed me that platform-application is no longer enough to use platform task ports. But there's some tricks you can use with exception ports. I built a full message proxy on top of it: github.com/Siguza/psychic
Image
Quote Tweet
New blog post: "Psychic Paper" The story of the best. Sandbox escape. Ever. siguza.github.io/psychicpaper/
Show this thread
3
179
Show this thread