Tavis OrmandyVerified account

@taviso

Vulnerability researcher at Google. This is a personal stream, opinions expressed are mine.

California
Joined April 2008

Tweets

You blocked @taviso

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @taviso

  1. Pinned Tweet

    I finally wrote a small tool I've wanted for a long time: A parallel testcase minimizer. It's called halfempty, and I'm already finding it useful as part of my fuzzing workflow. /cc

    Show this thread
    Undo
  2. wow, avast are actually winding down jumpshot.

    Undo
  3. Retweeted
    Jan 28

    Qualys Security Advisory: LPE and RCE (CVE-2020-7247) in OpenSMTPD, OpenBSD's mail server. Erroneous logic in smtp_mailaddr() which validates user and domain. More details and PoC at: PS: "Did you ever play tic-tac-toe?"

    Undo
  4. Retweeted
    Jan 26

    AV stands for: Additional Vulnerabilities

    Undo
  5. Retweeted
    Jan 22

    Earlier today we published the details of a set of vulnerabilities in Safari's Intelligent Tracking Prevention privacy mechanism: . They are... interesting. [1/9]

    Show this thread
    Undo
  6. Retweeted
    Jan 22
    Replying to

    No, I can assure you that they still haven't fixed these issues, which is what made that blog post last year so weird. Apple didn't disclose the vulnerabilities or appropriately credit the researchers, but put out a post implying they fixed "something".

    Undo
  7. This. It's hard to imagine how Apple are going to resolve this, it took a long time to accept that the auditor problems were fundamental, and it's hard to see how itp is any different here. Prediction: after a few failed attempts to rework it, they'll come to the same conclusion.

    Undo
  8. Retweeted
    Jan 22

    This is a pretty good reminder that any invasive heuristics in the browser - be it XSS filters or privacy protections - often cause more problems than they address:

    Undo
  9. If you're a Back to the Future fan and haven't seen "Go to the Head of the Class", it's a real treat. It's like the band getting back together, Zemeckis, Gale, Spielberg, Lloyd, etc.

    Undo
  10. Retweeted

    I don't know why describes this as a rumor. I've seen him perform with my own eyes.

    Undo
  11. Retweeted
    Jan 14
    Replying to

    If vendors had their way, advisories would have less info in them than a fortune cookie.

    Undo
  12. The NSA advisory is much more helpful than Microsoft's.

    Undo
  13. Will confirms all X.509 validation broken, not just code signing. Okay, I'm back on the hype train, that's pretty bad.

    Undo
  14. I'm reliably informed that the washington post don't know what they're talking about, it's not an authenticode issue, and is in fact a big deal.

    This Tweet is unavailable.
    Undo
  15. Retweeted
    Jan 9

    I'm very excited to share my blogpost series (including PoC code) about a remote, interactionless iPhone exploit over iMessage:

    Show this thread
    Undo
  16. The benefit to security of any disclosure policy tends to be inversely proportional to how loudly vendors cheer for it 🤣

    Undo
  17. I'm at , this was such a great moment, he had a prop to explain how he subverted the logic that warps the player back if they fall off through the map to save 40 seconds. It took longer to explain how it worked 😂

    Undo
  18. Interesting question, is this a UAC bypass? My first thought is no, because UIPI means you can't automate the interaction. Therefore, the only way to exploit it is if you could have just clicked OK in the UAC consent anyway.... right? (yes, I know UAC is not a supported boundary)

    Undo
  19. Somebody please make a block list of all these OST people.

    Undo
  20. Retweeted
    24 Dec 2019

    Yeah I think we can definitely get that to 100%

    Undo
  21. Retweeted

    The unscrupulous have the command of much of this kind of knowledge without our aid; and there is moral and commercial justice in placing on their guard those who might possibly suffer therefrom.

    Show this thread
    Undo

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·