pod2g

I hope @CorelliumHQ and Apple will find an arrangement. Corellium is an awesome piece of software that really ease research. It promotes iOS, its kernel, and development in many ways. It is even included in IDA Pro as a debugger now!

Hey! I’m at the @GrehackConf today. Any iOS security researcher would like to meet? We could share some thoughts! :)

There are processes to help, like code review, unit tests, automatic regression tests, manual ones, internal and public beta tests, etc. But sometimes a bug get through the mesh of the net all the way to @MacRumors.

I absolutely don’t think the last High Sierra bug is a backdoor or intentional (responding to some comments on my previous tweet). It is just a mistake illustrating the complexity of maintaining such a huge software code base. Anytime you change anything you may introduce bugs.

Seriously, the quality of macOS High Sierra is a shame. I really don’t understand how that root login without a password story could happen. Especially when you consider all the good security engineering around (SEP, code signing, sandbox, entitlements). I feel sad.

You know your fuzzer’s right when you keep restarting your box every 5 minutes or so ;-)

Anyone interested in volunteering this Saturday in San Jose CA to support the American Heart <3 Stroke Association? https://www.kintera.org/AutoGen/Register/ECReg.asp?ievent=1161423&en=6fKBILOnH5LKJVNqF4KHIRPAJgJFKTMvGaLJIRMBJgIILUOtF9JGLNNyHhLMK2NMG …

The talk of @_fel1x about FireEye exploitation at @44CON was impressive, fun, and scary. I can't believe it got censored by the vendor >:-(

I have no idea why some people complain about the Apple Keynote. Come on! 3 new products released! Awesomeness.