Jann Horn

@tehjh

works at Google Project Zero. personal account.

Joined August 2011

Tweets

You blocked @tehjh

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @tehjh

  1. Retweeted

    The Power Of : 🧼Teacher asked several kids with various levels of hand to touch 5 pieces of white bread that were taken from the same loaf, at the same time 🧼Then, they put the bread in individual plastic bags to observe what would happen over 1 month

    Undo
  2. Retweeted
    Feb 1

    99 smartphones are transported in a handcart to generate virtual traffic jam in Google Maps. Through this activity, it is possible to turn a green street red which has an impact in the physical world by navigating cars on another route!

    Show this thread
    Undo
  3. Retweeted
    Jan 30

    Disabling the loading of unsigned drivers may be the most jarring "only ever stops the good guys" security measure.

    Undo
  4. Retweeted

    We got one little step closer to support in the : The rework of the printk() subsystem, which afaik is the last big change needed for proper PREEMPT_RT support, left the RFC state and was sent to for review recently:

    Show this thread
    Undo
  5. Retweeted
    Jan 28

    At the very last minute, the Halo Wars 1 (Xbox 360) developers changed the custom std::vector container equivalent (likely used in thousands of places in the code) to do range checking on *all* operator[]'s. This shipped.

    Show this thread
    Undo
  6. Retweeted
    Jan 17

    good news: the upstream fixed the crash very promptly bad news: turns out the crash was hiding a bug in the temperature calculation code, so I got to witness a soldering iron tip glowing bright cherry red

    Show this thread
    Undo
  7. Retweeted
    Jan 14
    Undo
  8. Retweeted
    Jan 6

    You've got to be shitting me... One of our office chairs turns off monitors... we couldn't believe it, but we have it on tape. Surprisingly, there even is a known issue for it:

    This media may contain sensitive material. Learn more
    Show this thread
    Undo
  9. Retweeted
    Jan 7

    Another nail in the coffin for SHA-1 ...

    Undo
  10. Retweeted
    Jan 4
    Undo
  11. Retweeted
    Jan 2

    TIL you can leak the device name with attempted pw reset of a Gmail account.

    Undo
  12. Retweeted

    Watch now: EPISODE 7 of SPACE OFFICE. Follow a new logistics officer as she settles in to life on a First Order Star Destroyer. Critics are calling this new series "unforgettable" and "definitely not filmed in the children's section of a library."

    Undo
  13. Retweeted

    "[…] The apparent cause of at least some of the 5.5 slowdowns after bisecting turned out to be […] it explains why the likes of Red Hat's upstream developers and others weren't affected and thus not quickly jumping on the problem […]"

    Show this thread
    Undo
  14. Retweeted
    29 Dec 2019

    My site was flagged again. Therefore, all downloads have been removed until this can be resolved. I've written an article about this here: . I would appreciate any retweets to bring attention to this; it affects all free and open source software developers.

    Show this thread
    Undo
  15. Retweeted

    I want to watch a Star Wars film that's just a logistics officer trying to wrangle 40k people onto a giant ship. Storm troopers getting lost in the hallways. Officers complaining about the lack of enough vegan options. Like Office Space but actually in space

    Show this thread
    Undo
  16. Retweeted
    19 Dec 2019

    My team ran a similar analysis years ago and found it was specific teams within a larger product group which introduced most security bugs.

    Undo
  17. Retweeted

    I guess this is what advisories are going to look like in 2020?

    Undo
  18. Retweeted
    17 Dec 2019

    Security firm CheckPoint discovered a WhatsApp issue that meant an attacker could send a specific group message and crash the app. Okay, fair enough. But the framing was... just a little bit over the top. We didn't cover. Accurately informing users clearly not the motivation.

    Show this thread
    Undo
  19. Retweeted
    This Retweet/Quote Tweet from @Waterstones has been withheld in response to a report from the copyright holder. Learn more
    Undo
  20. Retweeted
    11 Dec 2019

    New guidance on Linux-stable Merges for Android: -- looks positive, reducing the patch gap for upstream kernel security bugs is really important. The window of exposure for publicly known issues is too long at the moment.

    Undo

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·