Bjoern Kerler

@viperbjk

Analyst and Qc/MTK/Exynos chipset pwner. Tweets are my own and are not affiliated with my employer ZITiS in any way.

Europe
Vrijeme pridruživanja: listopad 2008.

Tweetovi

Blokirali ste korisnika/cu @viperbjk

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @viperbjk

  1. proslijedio/la je Tweet
    prije 11 sati

    ROPs (like any indirect branch) are mitigated using PAC (sign LR with SP as a salt). But PAC isn't enough for stack protection (even setting aside the Qualcomm attack). It doesn't protect on other data on the stack, such as restore regs. So, old stack cookies...:)

    Poništi
  2. proslijedio/la je Tweet
    28. sij

    We are pleased to announce INFILTRATE 2020 speaker Nitay Artenstein () presenting: The Promised Band: Winning Android Fragmentation with a MediaTek Baseband RCE .

    Poništi
  3. proslijedio/la je Tweet
    27. sij

    Neighbors: Grab gifts from the genizah! PoC or GTFO Issue 0x20 is now available for free on my mirror. This issue is chock-full of gems, but you would do yourself particularly well to read my colleague ’s uncensored polemic on RSA (page 68).

    Poništi
  4. proslijedio/la je Tweet
    20. sij
    Poništi
  5. proslijedio/la je Tweet
    20. sij

    RT @charlag@birb.site Holy shit, you can create a disk which is ext2 and FAT at the same time

    Poništi
  6. proslijedio/la je Tweet
    16. sij
    Odgovor korisnicima

    however, the new phones are a different beast:

    Poništi
  7. proslijedio/la je Tweet
    13. sij

    Ich war für euch einen Tag in . Es ist wie ein dystopisches Stilleben und ich weiss gar nicht, wie ich meine Eindrücke in Worte oder Bilder fassen soll, aber ich versuche es mal mit diesem Artikel.

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    11. sij
    Odgovor korisnicima

    Yes, that came relatively early, through Debian on arm64: put a lot(!) of work into optimizing the SIMD code in GR for RPi, I think he might run it on Raspbian,too. (I *think* on Rpi3, use Debian arm64 instead of Rpbian armhf: more registers!)

    Poništi
  9. 10. sij

    And finally succeeded. Hi QC jtag, it's been a while, we met last time in 2001 😂

    Prikaži ovu nit
    Poništi
  10. 10. sij

    The world is full of failures. Cable quality was thicker but quality was bad. Resoldered using cul0,1......... tried 10 different jtag adapters......

    Prikaži ovu nit
    Poništi
  11. 8. sij

    And Frankenphone is alive ;)

    Prikaži ovu nit
    Poništi
  12. 8. sij

    You might be wondering... what is he doing in his holidays.... let me answer that for you... yes, that's a qualcomm based smartphone 😂

    Prikaži ovu nit
    Poništi
  13. 3. sij

    If you think about using gnuradio 3.8 but realized that most plugins don't work anymore, checkout my github page because I already ported some of my favorite ones to gnuradio 3.8 and python 3 ;)

    Poništi
  14. 3. sij

    So... my sideproject has just finished. It turned out to be even worse than expected :) Discussing with other infosec people, we decided not to disclose, as its impact would do more harm than any good. Back on track with writing the next blog post on regular qc stuff :)

    Poništi
  15. 29. pro 2019.

    This is clearly a very bad move just to prevent any custom unbricking or repairs and is even worse if the manufacturer of your smartphone doesn't give any guarantee any more. Sustainability is obviously something different.

    Prikaži ovu nit
    Poništi
  16. 29. pro 2019.

    So I had a look at the new sdm qualcomm edl stuff. Looks like they not only require signed loaders, but also a signed authentification ("vip hash"). In other words ... if your brand new super expensive device is somehow bricked thanks to a bad update, only factory can repair :(

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet

    I implemented AES128 in 69 bytes of x86 assembly. (from challenge 0). Can anyone beat that? :P

    Prikaži ovu nit
    Poništi
  18. 24. pro 2019.

    Merry XMAS to all my friends, twitter followers and reverse engineers :)

    Poništi
  19. proslijedio/la je Tweet
    20. pro 2019.

    Cutter v1.10 now has a DEBUGGER! 🐞🥳 After a lot of work, we are so happy to announce that we finally implemented your most requested feature. The beta version of the debugger is available NOW on our website >> List of features and what's coming next >>

    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet

    Solid secure boot bypass write-up. Particularly keen on the honesty around strings + OS making reverse engineering far quicker.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·