Tavis OrmandyVerified account

@taviso

Vulnerability researcher at Google. This is a personal stream, opinions expressed are mine.

California
Joined April 2008

Media

  1. Replying to and
  2. Replying to

    I am curious why they're suing Corellium, who seem like small potatoes compared to other people doing similar things (e.g. AFAIK FireEye sell an appliance that virtualizes OSX, and they have $3B market cap). IANAL, maybe there is a good reason. 🤷🏻‍♂️

  3. Replying to

    Strong disagree, I've had to block him. He is just spamming his blog post at this point.

  4. Replying to

    Huh, I had this setting enabled and if I turn it off a ton of new messages show up, most of them are not spam. Not really impressed with that .

  5. I happened to catch a hacking movie from the 60s last night, Hot Millions (1968). Some of the story was prescient, and kinda fun seeing the minicomputers!

  6. This seems very close to "Your computer is broadcasting an IP address". 🤷🏻‍♂️

    Show this thread
  7. Here's an update on my weekend project to automate an old abandonware game with - I've managed to get pathfinding working and can complete simple objectives! Thanks to for some helpful hints.

    Show this thread
  8. Is there a secret to making vbtables look good in Hex-Rays? This is the best I can come up with, and an example decompiled call. I can just about read it (call second vftable entry on SubClass1, __thiscall with one param), but is there a cleaner way?

    Show this thread
  9. If you asked me to build this system, the codes would be randomly generated and inserted into a database with their attributes (reward, expiry date, etc). However, I noticed the codes are clearly not random, some are visually quite similar. Here are two examples. 3/n

    Show this thread
  10. I got nerd sniped this weekend. I was playing the game Borderlands 3, this game has a huge variety of weapons, so part of the fun is finding new weird ones. Anyway, in one of the main areas there's this cool looking chest you can't open. 1/n

    Show this thread
  11. Replying to
  12. Replying to

    Please watch this video from their chief cryptographer.... It's one hell of a ride 😆

  13. Neat, I noticed a typo in a Twitter JavaScript library that broke message origin verification. Unexpectedly, they awarded me a $560 bounty, which I've donated to . Thanks 😀

  14. Replying to
  15. Soo... I just found out you can get custom temporary tattoos printed 😂

  16. Haha, I think the best one is (╯°□°)╯︵ ┻━┻ for SIGQUIT 😂

  17. It's funny, but needs more emojis 😁

  18. Here's a video of the exploit I wrote, I actually had to write a custom rudimentary scripting language 😂

  19. Don't keep loose bitcoin in your checked baggage, apparently the flight crew keeps tripping on them? ¯\_(ツ)_/¯

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·