~

@xerub

ARM64 pornstar

Joined August 2011
17 Photos and videos Photos and videos

Tweets

You blocked @xerub

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @xerub

  1. Pinned Tweet
    May 10

    19 replies 161 retweets 444 likes
    Undo
  2. Retweeted
    Jun 13

    You acted unprofessionally taking credits for research and work that isn’t yours. When and me had a private chat with your CSO Jesper Johansson, he was begging us to get the source code of the exploit. We even sent demo videos because the Yubico team COULD NOT REPLICATE

    Following responsible disclosure practices, we recently discovered a WebUSB vulnerability in Chrome that affected the entire ecosystem of FIDO U2F authenticators, now fixed in Chrome 67. The bounty we received was donated to . Details here:
    14 replies 218 retweets 354 likes
    Show this thread
    Show this thread
    Undo
  3. Retweeted
    Jun 3

    WarCon III is over, a blast as usual! Thanks to all the speakers for the great content, and to the lucky hundred who made it here! Meanwhile & will start to prepare WarCon IV... Ave WarCon, morituri te salutant!

    8 replies 24 retweets 101 likes
    Undo
  4. Jun 3

    WarCon III was a blast ;) Mad props to & for . 🤫 🤪 /cc et al.

    1 reply 4 retweets 38 likes
    Undo
  5. Retweeted
    May 23

    All speakers of have been decided. , , , Qixun Zhao, Alec Guertin, Shmarya, . is co-organized by and POC. See you in Shaghai on June 22.

    3 replies 31 retweets 87 likes
    Undo
  6. Retweeted
    May 12

    . "XERUB'S FRIEND"

    This media may contain sensitive material. Learn more
    18 replies 34 retweets 196 likes
    Undo
  7. May 10

    Old iBoot exploit. If you're lucky, you get to 'suck sid' running this one 🤪 If you wanted a newer/better/bigger one, you'd have to suck me 😈

    6 replies 7 retweets 88 likes
    Undo
  8. Retweeted
    May 8
    Replying to

    At Apple HQ: "Is our NTP implementation secure?" "Idk, but that muppet animal guy on Twitter said something about certificates there." "Alright, sounds solid." "I mean, he said it was just a guess..." "Nah, it's probably fine."

    3 replies 7 retweets 37 likes
    Undo
  9. May 8

    I believe apfel designed USB Restricted Mode to work in iOS Betas only. It will be removed in all public releases, only to reappear in the next Beta streak.

    4 replies 2 retweets 43 likes
    Undo
  10. Apr 27

    NTFS crash, disclosed (responsibly) a while ago. Microsoft denied CVD and the reply is fucking retarded: "requires either physical access or social engineering, and as such, does not meet the bar for servicing down-level (issuing a security patch)". Dafuq?

    10 replies 79 retweets 157 likes
    Undo
  11. Apr 24

    does iOS 11.3.1 have USB Restricted Mode?

    3 replies 2 retweets 33 likes
    Undo
  12. Retweeted
    Apr 12

    WarCon 2018 line-up

    1 reply 34 retweets 51 likes
    Undo
  13. Apr 17

    Hey Apple, can we haz alpanumeric passphrase as default when setting up a new iPhone? kthxbai /cc

    1 reply 2 retweets 21 likes
    Undo
  14. Apr 17

    Kids, don't listen to robert g. USE strong passwords! Contrary to what he believes (or wants you to believe he believes), a strong pass is always good advice. Oh, and also never reuse :) It's not like there's a fucking XOR between those. Ah, the stench:

    3 retweets 12 likes
    Undo
  15. Retweeted
    Apr 13

    Get 's presentation slides: - Just a snippet of what he'll be explaining at our special 2-day & " , 8/6-7,right before ! Come join us!

    31 retweets 71 likes
    Undo
  16. Apr 16

    feature request for apple security: fingerprint combos for 6s and up for unlocking the device.

    3 replies 2 retweets 17 likes
    Undo
  17. Apr 16

    a decimal char has ~3.3 bits of entropy, which is shit. lowercase alpha + uppercase alpha + 10 digits gives almost 6 bits of entropy / char. throw in some special chars and you're good to go

    Guide to iOS estimated passcode cracking times (assumes random decimal passcode + an exploit that breaks SEP throttling): 4 digits: ~13min worst (~6.5avg) 6 digits: ~22.2hrs worst (~11.1avg) 8 digits: ~92.5days worst (~46avg) 10 digits: ~9259days worst (~4629avg)
    Show this thread
    2 replies 3 retweets 17 likes
    Undo
  18. Apr 11

    OBEY :) /cc

    22 likes
    Undo
  19. Apr 11

    you know what's better than closing down your facebook account? not having one to start with! ha ha

    5 replies 6 retweets 51 likes
    Undo
  20. Apr 9

    TIL: Android has achieved "11-bugs-chain grade security". That has been interpreted as being the *minimum* number of bugs in a chain, because of a particular chain! What The Fuck? Nice PR milking, but no cigar!

    3 replies 3 retweets 33 likes
    Undo

@xerub hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·