Pwn All The ThingsVerified account

@pwnallthethings

Mostly interested in natsec, infosec, and platform security. Views are my own. 🦊🦊 matt.tait/at/gmail

The sky, mostly
Joined December 2013
197 Photos and videos Photos and videos

Tweets

You blocked @pwnallthethings

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @pwnallthethings

  1. Pinned Tweet
    Jul 9

    👀👀👀

    Matt Tait () will present the Day 1 Keynote at Black Hat USA, Wednesday, August 4 at 9am Pacific time - In-person in Vegas and streaming live for all pass holders. Details here:
    15 replies 13 retweets 231 likes
    Undo
  2. Retweeted
    12 hours ago

    More on 's collab to secure the software supply chain. "Instead of being reactive to vulnerabilities, we should eliminate them proactively with secure languages, platforms, and frameworks that stop entire classes of bugs."

    1 reply 8 retweets 34 likes
    Undo
  3. Retweeted
    Aug 24

    NEW REPORT From Pearl to Pegasus: Bahraini Government Hacks Activists with NSO Group Zero-Click iPhone Exploits

    1 reply 134 retweets 203 likes
    Show this thread
    Show this thread
    Undo
  4. Retweeted
    Aug 22

    56 retweets 308 likes
    Undo
  5. Aug 22

    Typical. Rain starts 2 minutes after I go out, stops 2 minutes after I come back in.

    23 replies 1 retweet 121 likes
    Undo
  6. Aug 21

    Extremely niche tweet but my God it delivers

    clang proving the collatz conjecture
    Pack it in, mathematicians, someone owes LLVM a million bucks
    Show this thread
    9 replies 19 retweets 139 likes
    Show this thread
    Show this thread
    Undo
  7. Retweeted
    Aug 19

    Bloody hell is this good

    38 replies 644 retweets 1,984 likes
    Undo
  8. Retweeted
    Aug 18

    The Dan Kaminsky Fellowship is now accepting applications

    3 replies 39 retweets 53 likes
    Undo
  9. Retweeted
    Aug 16

    The Dan Kaminsky Fellowship

    2 replies 191 retweets 355 likes
    Undo
  10. Aug 13

    Does Apple ask other auditors for free labor after setting them up to fail? "Hi accountants, our calculation on this napkin is correct and the warehouse of receipts is subject to inspection by accountants who wish to verify it'? Of course not. Only this industry gets screwed.

    1 reply 10 retweets 80 likes
    Show this thread
    Show this thread
    Undo
  11. Aug 13

    And notice the implicit assumption here in the first place. Security researchers *will* do the review, fighting over all of the obstacles intended to make actually doing the review simple. For free. Why? Why is this considered acceptable?

    5 replies 14 retweets 69 likes
    Show this thread
    Show this thread
    Undo
  12. Aug 13

    Perhaps one way would be to write your own app to find unusual ways to compute the master hash and validate that it is valid, without relying on static graphical elements that hackers or Apple could surgically manipulate. But you think that app would get past AppStore review?

    1 reply 1 retweet 32 likes
    Show this thread
    Show this thread
    Undo
  13. Aug 13

    That's even before we get into the various encrypted firmwares where you can't even see the binary, or the apps on the device that are partially or fully encrypted.

    2 replies 1 retweet 33 likes
    Show this thread
    Show this thread
    Undo
  14. Aug 13

    Analysis of the binary itself is not even sufficient if Apple itself is in your threat model; the kernel sits underneath it, and is enormous and, you guessed it, also symbol stripped to frustrate reverse-engineering.

    1 reply 4 retweets 43 likes
    Show this thread
    Show this thread
    Undo
  15. Aug 13

    How about dynamic analysis? Unless Apple is planning on giving the iCloud app the get-task-allow permission so you can attach a debugger, that would be out of the question on an vanilla iPhone. You'd need to resort to jailbreaks, or, heaven forbid, a Corellium device

    2 replies 5 retweets 55 likes
    Show this thread
    Show this thread
    Undo
  16. Aug 13

    Are they going to do static analysis of the binary? Ok. But iOS binaries are intentionally stripped of non-essential symbols precisely to make this kind of analysis harder.

    1 reply 5 retweets 52 likes
    Show this thread
    Show this thread
    Undo
  17. Aug 13

    Might be a slightly self-indulgent thread, but how exactly does Apple suppose that security researchers will do this without running across anti-research minefields that Apple has intentionally laid down to block exactly this kind of research?

    4 replies 55 retweets 223 likes
    Show this thread
    Show this thread
    Undo
  18. Retweeted
    Aug 11

    I spoke to about journalism security, the opportunity to support incredibly important work, and the need for more focus on attacks against media orgs.

    15 retweets 49 likes
    Undo
  19. Aug 10

    If the evidence were real, it would be both easy, and in their interests, to show it plainly and widely. And instead we have layers of intentionally stripping context and obfuscation. Because it's fraud.

    9 replies 74 retweets 498 likes
    Show this thread
    Show this thread
    Undo
  20. Aug 10

    Someone took probably an http log or wireshark, stripped it of context to obfuscate where it came from, put it in an RTF document, and then to further hide what it means, intentionally encoded it into hex to make it look scary and technical.

    7 replies 44 retweets 293 likes
    Show this thread
    Show this thread
    Undo
  21. Aug 10

    In case you're wondering, the IP addresses are a filtered list of normal web-crawlers that just continuously scan the entire internet, (and you'll see similar logs on literally every website on the internet).

    2 replies 32 retweets 242 likes
    Show this thread
    Show this thread
    Undo

@pwnallthethings hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·