Ryan Castellucci

@ryancdotorg

Security researcher, cypherpunk, hardware hacker, ex-sysadmin, geek, queer, human, etc. I hunt bots at (but don't speak for them).

Vrijeme pridruživanja: svibanj 2012.

Tweetovi

Blokirali ste korisnika/cu @ryancdotorg

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @ryancdotorg

  1. Prikvačeni tweet
    4. kol 2018.

    Much of hacking is about understanding systems better than those who built them, and using that knowledge to do what is supposed to be "impossible".

    Poništi
  2. 27. sij

    Don't have good pictures, but I also have a second USB battery, ultra slim 3m HDMI cable, a few usb cables, HDMI adapters & usb hubs for both laptops, and a travel router.

    Prikaži ovu nit
    Poništi
  3. 27. sij

    It all fits nicely in the charging cable compartment of my new laptop backpack. It's much smaller than the previous ones I've had, which has required a bit more thoughtfulness about what I'm carrying.

    Prikaži ovu nit
    Poništi
  4. 27. sij

    New international travel kit for my device charging needs. The key here is IEC C7/C8 cables and adapters, with a splitter to connect both the charger for my surface pro and the Anker USB-C (pixelbook) + 4x USB-A "desktop" charger to a single outlet.

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    23. sij

    Calling all 60% keyboard users in the Seattle area. Send an email to media@kinesis.com if you'd like to test out our prototype at Kinesis HQ next week and provide feedback.

    Poništi
  6. proslijedio/la je Tweet
    21. sij
    Odgovor korisniku/ci

    You can buy a feed of all number ports happening in close to real time. [PortData Validate] is the magic phase to Google.

    Poništi
  7. 21. sij

    I know you can do a "location routing number" lookup to see what carrier is associated with a phone number, but running that regularly seems ridiculous. Note also that the LRN won't change in the case of a SIM swap, only a port.

    Prikaži ovu nit
    Poništi
  8. 21. sij

    I recently ported my cell number. None of the services that use it for auth seem to care, but within hours I got a text from CVS pharmacy saying "A recent change in your mobile service requires you to reply YES to continue receiving text alerts". I'm curious how that works.

    Prikaži ovu nit
    Poništi
  9. 20. sij

    I am also getting spam attempts at an email address created with you in 2017. Pretty sure you've been breached.

    Prikaži ovu nit
    Poništi
  10. 19. sij

    Oh, and a huge unexpected side benefit: this exercise is forcing me to learn to use gdb because "printf() debugging" isn't feasible.

    Poništi
  11. 19. sij

    The algorithms I'm using for this are not fast, but they're plenty fast enough to be run once in order to write a table to memory for future use.

    Prikaži ovu nit
    Poništi
  12. 19. sij

    I think maybe I can consolidate the code to do both the square and cube roots by binary search, but the FPU code is small enough it may not reduce overall size.

    Prikaži ovu nit
    Poništi
  13. 19. sij

    General approach: 1) Generate the first 64 primes by starting with 2, then increment and do trial division. 2) Calculate square root of P and multiply by 2^40 in the FPU, then extract the needed bits. 3) Binary search for largest values N where N^3 < P*2^96

    Prikaži ovu nit
    Poništi
  14. 19. sij

    For SHA256, there are 288 bytes of constants - the first 32 bits of the fractional parts of the square roots of the first 8 primes, and the first 32 bits of the fractional parts of the cube roots of the first 64 primes. So far, am able to generate that in 176 bytes.

    Prikaži ovu nit
    Poništi
  15. 19. sij

    I'm learning x86 assembly by implementing cryptographic algorithms using as few bytes of machine code as I can. Tweeted my SipHash code about a week ago, then got a fixed parameter finite field Diffie-Hellman done a few days ago. Working on SHA256 now.

    Prikaži ovu nit
    Poništi
  16. 18. sij

    I miss the days when "expertsexhange" was the search engine problem folks complained about.

    Prikaži ovu nit
    Poništi
  17. 18. sij

    I would be thrilled to pay like $50/mo for access to a good search engine. The combination of over optimizing for ad revenue, emphasizing "do what I mean" over control for power users and the war with SEO spammers is just awful.

    Prikaži ovu nit
    Poništi
  18. 17. sij

    Attacks only get better. Sometimes quickly.

    Poništi
  19. 17. sij

    WTF is going on here? Also, , your customer data appears to have leaked.

    Prikaži ovu nit
    Poništi
  20. 15. sij
    Prikaži ovu nit
    Poništi
  21. proslijedio/la je Tweet
    14. sij

    "By exploiting this vuln, an attacker may be able to spoof a valid X.509 certificate chain on a vulnerable Windows system. This may allow various actions including, but not limited to, interception/modification of TLS-encrypted communications or spoofing an Authenticode signature

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·