Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @solardiz
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @solardiz
-
Solar Designer proslijedio/la je Tweet
Implemented a PoC for disabling kernel lockdown on Ubuntu via a keyboard emulated through USB/IP, CC
@mjg59https://github.com/xairy/unlockdown …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Solar Designer proslijedio/la je Tweet
Qualys Security Advisory: LPE and RCE (CVE-2020-7247) in OpenSMTPD, OpenBSD's mail server. Erroneous logic in smtp_mailaddr() which validates user and domain. More details and PoC at: https://www.openwall.com/lists/oss-security/2020/01/28/3 … PS: "Did you ever play tic-tac-toe?"
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Solar Designer proslijedio/la je Tweet
Qualys Security Advisory Team: Local Privilege Escalation in OpenBSD's loader (http://ld.so , CVE-2019-19726). Getting root on default install (i386/amd64), by tweaking the environment variables. Exploit and more details at: https://openwall.com/lists/oss-security/2019/12/11/9 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Disclosure/write-up on Linux kernel user-triggerable read-after-free crash or 1-bit infoleak oracle in a userspace security hardening feature of open(2) found/analyzed/fixed by Al Viro (thus effectively by "the vendor"), which I share responsibility for: https://www.openwall.com/lists/oss-security/2020/01/28/2 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Solar Designer proslijedio/la je Tweet
Finally, the disclosure is over! We present CacheOut, a new speculative execution attack to leak data on Intel CPUs via cache eviction despite current mitigations: https://cacheoutattack.com
#intel#cacheout#l1des@MarinaMinkin, Andrew Kwong, Daniel Genkin and@yuvalyaromHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Solar Designer proslijedio/la je Tweet
Another day, another
#RIDL embargo and addendum! “New” (not really!) variants of the day: L1D evictions (Fig 6, RIDL paper) or#L1DES and vector registers or#VRS. See http://mdsattacks.com . As a bonus: a faster RIDL exploit that leaks a root hash in 4s:https://www.youtube.com/watch?v=4DQAcCfg3b8 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Solar Designer proslijedio/la je Tweet
The claim in the FTI forensics report on Bezos’ iPhone that, “due to end-to-end encryption employed by WhatsApp, it is virtually impossible to decrypt the contents of the downloader [.enc file]...” bugged me so much that I coded up how to do it:https://github.com/ddz/whatsapp-media-decrypt …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Do proper NTLM hashes (effectively defined by implementation in Windows) pass UCS-2LE or UTF-16LE as input to MD4? It must have been UCS-2 in NT, but maybe it's UTF-16 in 2K+? Can you have "𝓮𝔁𝓪𝓶𝓹𝓵𝓮" as your Windows password? (Doesn't exist in UCS-2, is 28 bytes in UTF-16.)
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Both the SHA-1 and the NTLM list have exactly one entry with 13466 hits. This is probably "пароль" in both. However, so far I am unable to figure out how that NTLM hash was computed, nor crack it with other inputs. Here it is: 9F1C359ED3BAF5DD499599EACB29CFEB. Anyone? 3/3
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
"пароль" has a SHA-1 of its UTF-8 representation with 13466 hits, yet no MD4 of the same UTF-8 with NULs inserted. That's inconsistent with the previous case. There's also no MD4 of the UTF-8 converted to UCS-2, which IIUC is how an NTLM hash would be properly computed. 2/3
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Solar Designer proslijedio/la je Tweet
Xor Filters: Faster and Smaller Than Bloom Filtershttps://lemire.me/blog/2019/12/19/xor-filters-faster-and-smaller-than-bloom-filters/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Looks like MPlayer source release tarballs had detached signatures in 2006 to 2013, but newer ones no longer do and snapshots were never signed. Also, latest ffmpeg is git-cloned without authenticity check during MPlayer build. I guess this is difficult to fix without downsides.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Solar Designer proslijedio/la je Tweet
Announcing BLAKE3!
* Faster than MD5, SHA-1, SHA-2, SHA-3, and BLAKE2
* Merkle tree: unlimited parallelism, verified streaming
* Builtin MAC, KDF, XOF
* One algorithm, no variants
* Rust crate: https://crates.io/crates/blake3
Try it: cargo install b3sum
http://blake3.io pic.twitter.com/QJWIwi44go
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Solar Designer proslijedio/la je Tweet
BLAKE3 can be seen two ways. From one point of view, it's the fastest, cheapest, most parallelizable secure hash function. From another, it's a general-purpose Merkle Tree. Reach for BLAKE3 whenever you need either a secure hash function or a Merkle Tree.https://blake3.io
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Solar Designer proslijedio/la je Tweet
Announcing BLAKE3! My last 1.5 years of work :) * Faster than MD5, SHA-1, SHA-2, SHA-3, and BLAKE2 * Merkle tree: unlimited parallelism, verified streaming * Builtin MAC, KDF, XOF * One algorithm, no variants * Rust crate: https://crates.io/crates/blake3 Try it: cargo install b3sumpic.twitter.com/mSnl8SFfUy
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Just got a Hantek 2D72 handheld 2-channel oscilloscope (250 MSPS, 70 MHz) + arbitrary waveform generator (up to 5 or 25 MHz) + multimeter. Quite nice for the ~$160. Official: http://www.hantek.com/en/ProductDetail_1_13174.html … Firmware hacks: https://www.eediscuss.com/forum.php?mod=viewthread&tid=13676&extra= … Hardware mods:https://github.com/circuit-specialists/Hantek-2D72 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Solar Designer proslijedio/la je Tweet
Linux Kernel Runtime Guard (LKRG) bypass collection by Ilya Matveychikov, CC
@Adam_pi3https://github.com/milabs/lkrg-bypass …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Solar Designer proslijedio/la je Tweet
passwdqc 1.4.0, a new version of our password/passphrase strength checking and enforcement tool set, is out. This version adds optional non-English messages, Linux-PAM audit support, and includes portability and documentation fixes: https://www.openwall.com/lists/announce/2019/12/25/1 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Solar Designer proslijedio/la je Tweet
By the way.. ;) http://david.g3ns.de/voltpwn/paper.pdf …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.