Joseph Bialek @[email protected] @JosephBialek
No longer using Twitter, find me on Mastodon: @[email protected] Security engineer @ Microsoft. I speak on my own behalf, not my employers. Joined January 2012-
Tweets2K
-
Followers5K
-
Following350
-
Likes108
MORSE is hiring! We're looking for multiple security researchers to join our Windows-focused team. DMs are open if you have questions, or apply directly: jobs.careers.microsoft.com/global/en/job/…
Wherein I propose that C++ initialize all stack variables to zero, preventing ~10% of CVEs. Cost: none. 🔗 wg21.link/P2723R0 🔗
x.com/elonmusk/statu… "I bought a new house for 40 billion and lit it on fire, the streets are packed with people watching. I must be doing something right!" 🤣.. The only reason I'm logging in to Twitter at this point is for more news about how Elon is destroying it.
x.com/elonmusk/statu… "I bought a new house for 40 billion and lit it on fire, the streets are packed with people watching. I must be doing something right!" 🤣.. The only reason I'm logging in to Twitter at this point is for more news about how Elon is destroying it.
x.com/lee_holmes/sta… I am actively working on CFG performance improvements right now. If folks can repro this reliably we can look at optimizing it. The current stuff I'm working on is unrelated (because we cannot repro this issue).
x.com/lee_holmes/sta… I am actively working on CFG performance improvements right now. If folks can repro this reliably we can look at optimizing it. The current stuff I'm working on is unrelated (because we cannot repro this issue).
If you are running into this and have a reliable repro, the teams behind these features would LOVE to talk. Here's how to take traces, and also feel free to let me know below or via DM. aka.ms/gameperffeedba…
If you are running into this and have a reliable repro, the teams behind these features would LOVE to talk. Here's how to take traces, and also feel free to let me know below or via DM. aka.ms/gameperffeedba…
Arm64 Visual Studio 2022 is out of preview starting with v17.4. Go get it. windowscentral.com/software-apps/…
Yet another v8 JIT bug mitigated by enhanced security mode in Edge
Yet another v8 JIT bug mitigated by enhanced security mode in Edge
LIVE: Apple Security Research, our new blog and website at security.apple.com! We launch with an update on Apple Security Bounty (security.apple.com/blog/apple-sec…), and a deep dive into some fundamental XNU memory safety improvements with kalloc_type (security.apple.com/blog/towards-t…). Enjoy!
🎊 I am pleased to present VMPlex Workstation - A modern, tabbed UI for Hyper-V. The code is open source and the first release is available for download on GitHub. Kudos to @0xf005ba11 for creating this! github.com/0xf005ba11/vmp…
Highlight of social media tonight
@dangoodin001 @ESETresearch I'm the last person to defend Microsoft, but this is just not a big deal. There is a minor feature that doesn't work correctly, that's true! But... does the level of your coverage here really match the impact of the problem on the victims you're talking about?
Excited about KMSAN (uninit-value detector) merged into #Linux kernel: lore.kernel.org/all/2022100813… KMSAN been in works for several years & already found hundreds of bugs in kernel. Incl info-leaks to guest VMs syzkaller.appspot.com/bug?id=34abc06… info-leaks into USB cables syzkaller.appspot.com/bug?id=97bdebb…
Excited about KMSAN (uninit-value detector) merged into #Linux kernel: lore.kernel.org/all/2022100813… KMSAN been in works for several years & already found hundreds of bugs in kernel. Incl info-leaks to guest VMs syzkaller.appspot.com/bug?id=34abc06… info-leaks into USB cables syzkaller.appspot.com/bug?id=97bdebb…
Let me show you a random slide from my presentation tomorrow... =)
MUST READ: The speech by EU top diplomat @JosepBorrellF yesterday about the challenges ahead, saying it as it is (or was): "Our prosperity has been based on cheap energy coming from Russia." Full speech: eeas.europa.eu/eeas/eu-ambass… #EnergyCrisis #OOTT #EnergyTwitter
I’ll be speaking this Thursday Oct 13th at the TPM.dev mini-conference about how OpenSecurityTraining2 will help spread TPM and trusted computing knowledge to help improve architectural security. #OST2 developers.tpm.dev/events/tpmdev-…
As I’ve said before, no one should be in jail just for using or possessing marijuana. Today, I’m taking steps to end our failed approach. Allow me to lay them out.
community.arm.com/arm-community-… coming to ARM: shadow stacks, MTE improvements, permission indirection, 128 bit ptes, and more!
Pack arbitrary shellcode into an executable that always has the same MD5 hash: github.com/DavidBuchanan3…
Join an amazing team working on core virtualization technology at Microsoft! Fully remote! linkedin.com/posts/bruceshe…
Yarden Shafir @yarden_shafir
19K Followers 271 Following A circus artist with a visual studio license
Tim Misiak @timmisiak
7K Followers 281 Following OS/systems engineer, co-founder of @augmendtech. I used to work on WinDbg at Microsoft. On bluesky: @timdbg.com On mastodon/fediverse: @[email protected]
Saar Amar @AmarSaar
18K Followers 362 Following Reversing, exploits, {Windows, Hyper-V, *OS} internals, mitigations. Apple SEAR. Opinions are my own. @[email protected]
David Weston (DWIZZZL.. @dwizzzleMSFT
25K Followers 1K Following Vice President, OS Security and Enterprise @Microsoft || @CISAgov Technical Advisory Committee
Halvar Flake @halvarflake
44K Followers 3K Following I do math. And was once asked by R. Morris Sr. : "For whom?" @[email protected] At the moment, for noone.
Justin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
James Forshaw @tiraniddo
48K Followers 364 Following Security researcher in Google Project Zero. Author of Attacking Network Protocols. Tweets are my own etc. Mastodon: @[email protected]
b33f | 🇺🇦✊ @FuzzySec
32K Followers 844 Following 意志 / Antiquarian @ IBM Adversary Services / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabs
Mike Felch (Stay Read.. @ustayready
15K Followers 2K Following Pentester / Red Team | Hacking since Renegade BBS backdoors | Dev since vb3 | Content since '99-'03 ezines | Prior CrowdStrike / BHIS | In Christ's grip
Haifei Li @HaifeiLi
7K Followers 151 Following For contact in the security community. NOTE: All the tweets are totally my personal opinions, not about any of my current employer stuff.
Maddie Stone @maddiestone
64K Followers 847 Following Security Researcher - Google's Threat Analysis Group | 0days all day. Love all things bytes, assembly, and glitter. she/her.
Steve Syfuhs @SteveSyfuhs
17K Followers 2K Following Windows and Authentication at Microsoft. Developer. Mostly dog pictures. Might actually be two dogs in a trench coat. 🇺🇸 / 🇨🇦 @syfuhs.net on blue sky
Ivan Fratric 💙💛 @ifsecure
17K Followers 192 Following Security researcher at Google Project Zero. Tweets are my own. Backup @[email protected]
Brendan Dolan-Gavitt @moyix
25K Followers 6K Following Associate Professor @ NYU Tandon. Security, RE, ML. PGP https://t.co/3WXr0RfRkv Founder of the MESS Lab: https://t.co/zGycrX3Gmn "an orc smiling into the camera" — CLIP
Ivan Rouzanov @ivanrouzanov
2K Followers 1K Following Debug Engineer. Windows, drivers and all things kernel mode. I express my views, not my employer's.
Richard Johnson @richinseattle
16K Followers 3K Following Computer Security, Reverse Engineering, and Fuzzing; Training & Publications @ https://t.co/mloVP6rPB7; hacking the planet since 1995; Undercurrents BOFH
Greg Linares (Laughin.. @Laughing_Mantis
29K Followers 2K Following 20+ yrs in Infosec. Cybergoth. Musician. Autistic. Art @MalwareArt. 4x Pwnie Nominee. Red Teamer. 𝕍𝕏. Chronic Illness Fighter. I love Smite, Gamedev & Synths
Tavis Ormandy @taviso
127K Followers 645 Following Vulnerability researcher at Google. This is a personal stream, opinions expressed are mine. I'm also @[email protected]
kmkz @kmkz_security
18K Followers 1K Following Offensive Security fanatic, Offsec Team lead... pom-pom girl? Who fuckin' cares ??
G M @followeragent99
116 Followers 2K Following Security enthusiast. Incident analysis. Web App Pentest. Researcher. Student. Educator. Follower of good things.
Jael Koh @_jaelkoh
95 Followers 516 Following OSCE3 | OSED | OSEP | OSWE | OSCP | BSCP | ZDE VR | Corelan Advanced | ctf @seetf_sg
Richard Valentino @RichardVal61911
0 Followers 7 Following
lucky @lucky5502118041
0 Followers 166 Following
Eagle @EmersonJordan10
40 Followers 118 Following
【=◈︿◈=】🦉 @hmm261120
184 Followers 527 Following An empty picnic basket, a lonely playground. Second Year highschool student Don't follow If you expect tech stuff here ty
Long Mai @longmdx_
9 Followers 114 Following
Naman Devnani @naman_devnani
332 Followers 5K Following Security Researcher | Purple Team | Bug Hunter | CTF Player | Science & Tech Enthusiast | R&D | All-Source Intelligence | CAP | DCSP | TTIA | BCDE
tejas krishna @tejaskrshna
59 Followers 930 Following
RistBS @RistBs
261 Followers 184 Following 🇫🇷 maldev enjoyer & windows internals explorer | 🏆 Offshore & APTlabs
0xW43L @GhnimiWael
444 Followers 2K Following An enthusiastic programmer and pentester who loves to explore, automate, break, learn, and hack all things!
Mark Vincent Yason @MarkYason
622 Followers 244 Following Software Reverse Engineer and Vulnerability Researcher | Independent Security Researcher | https://t.co/T8boZUUXJZ
Jonathan Bender @postitpasswd
125 Followers 423 Following
David @David2173245707
41 Followers 114 Following
dd9mohanraj @MAsokan34774
137 Followers 353 Following
xper @InvisibleFr1end
35 Followers 837 Following
James W. @cyberbiz4
195 Followers 3K Following looking for a cyber position in blue team. Metro Vancouver, Canada. Defender, GIAC x 3, M365, Splunk, Azure
luxa3terna @luxa3terna
83 Followers 872 Following
Can Bölük @_can1357
7K Followers 238 Following Security research | Reverse engineering | Static analysis | Deobfuscation | Windows kernel.
USER04725852 @user04725841960
0 Followers 2K Following
Sprinter @0xSpr1nter
44 Followers 587 Following RE, VR , Fuzzing , Windows internals , just another noob
GossipSec @gossipsec
91 Followers 794 Following
xxx @xxx62172582
15 Followers 530 Following
iliboys @iliboyssec
34 Followers 757 Following
Roys @MrStarShip2029
4 Followers 94 Following
Lit3r4lly @Lit3r4lly
173 Followers 254 Following
amarioguy (Arminder S.. @amarioguy
72 Followers 155 Following independent windows researcher that does linux on the side account not terribly active, also on mastodon/bluesky/discord, same username
guyshe @guy_shem
31 Followers 312 Following
Vire @V1R3
16 Followers 96 Following Combating the shortage of qualified infosec professionals through developing an open-source curriculum.
AM @ani9murali
35 Followers 698 Following Old school CR7 fan. Infosec hobbyist. Believer in crypto. oh and GRC.
Fabian-Denis Borz �.. @ThisIsThePolic5
2K Followers 3K Following If you think you are secure, think again! | Penetration Tester | Defender of the Network | Protector of Servers | Former Blue Teamer | ✞
Victor Portal @VictorPortal19
10 Followers 128 Following
RF_ReadOnly @ReadonlyRf
30 Followers 548 Following
0x2Bmy7h @Sm0ug
11 Followers 335 Following
michael yang @MichaelYang58
0 Followers 2 Following
kynehc @kynehc1
8 Followers 219 Following
David Goldman @matrixsurfer128
388 Followers 282 Following I am an #O365 Principal EE @Microsoft, #PowerShell & #opensource enthusiast, Godfather of Offline Address Book and creator of #OabInteg and #PSServicePrincipal
Jaquiez @jaquiez99
17 Followers 65 Following CTF Interested in Web Exploitation, AppSec, and a bit of low level stuff UMass Student
Zander Mackie @ZanderMackie
118 Followers 782 Following AI ⁕ Cyber ⁕ Building ⁕ Breaking ⁕ 60's sci-fi ✒️LLMsec newsletter: https://t.co/vQe3W3WyJ9 📄Datadog, Dragos, Splunk, VMware, Carbon Black, Pivotal
Jason Firch @Jfirch
1K Followers 3K Following CEO @ PurpleSec | Veteran Owned | AI & Cybersecurity Nerd
Yarden Shafir @yarden_shafir
19K Followers 271 Following A circus artist with a visual studio license
Tim Misiak @timmisiak
7K Followers 281 Following OS/systems engineer, co-founder of @augmendtech. I used to work on WinDbg at Microsoft. On bluesky: @timdbg.com On mastodon/fediverse: @[email protected]
Saar Amar @AmarSaar
18K Followers 362 Following Reversing, exploits, {Windows, Hyper-V, *OS} internals, mitigations. Apple SEAR. Opinions are my own. @[email protected]
David Weston (DWIZZZL.. @dwizzzleMSFT
25K Followers 1K Following Vice President, OS Security and Enterprise @Microsoft || @CISAgov Technical Advisory Committee
Halvar Flake @halvarflake
44K Followers 3K Following I do math. And was once asked by R. Morris Sr. : "For whom?" @[email protected] At the moment, for noone.
mdowd @mdowd
32K Followers 744 Following Internet Hacker. Founder of @vigilant_labs. Previously, co-founder of Azimuth Security (now L3Harris Trenchant)
James Forshaw @tiraniddo
48K Followers 364 Following Security researcher in Google Project Zero. Author of Attacking Network Protocols. Tweets are my own etc. Mastodon: @[email protected]
Zero Day Initiative @thezdi
77K Followers 17 Following Trend Micro’s Zero Day Initiative (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.
Haifei Li @HaifeiLi
7K Followers 151 Following For contact in the security community. NOTE: All the tweets are totally my personal opinions, not about any of my current employer stuff.
Maddie Stone @maddiestone
64K Followers 847 Following Security Researcher - Google's Threat Analysis Group | 0days all day. Love all things bytes, assembly, and glitter. she/her.
lcamtuf (@lcamtuf@inf.. @lcamtuf
35K Followers 494 Following Homepage: https://t.co/iFAXZxCO5H Substack: https://t.co/yFvmNisGW3
Ivan Fratric 💙💛 @ifsecure
17K Followers 192 Following Security researcher at Google Project Zero. Tweets are my own. Backup @[email protected]
Greg Linares (Laughin.. @Laughing_Mantis
29K Followers 2K Following 20+ yrs in Infosec. Cybergoth. Musician. Autistic. Art @MalwareArt. 4x Pwnie Nominee. Red Teamer. 𝕍𝕏. Chronic Illness Fighter. I love Smite, Gamedev & Synths
Satoshi Tanda @standa_t
7K Followers 358 Following Engineer & Trainer. My DM is open. https://t.co/hqylaDLtNv
Xeno Kovah @XenoKovah
12K Followers 75 Following Interested in reverse engineering, firmware, bluetooth, trusted computing, and training. Founder of OpenSecurityTraining2 https://t.co/slK2fsMRwU
Mark Russinovich @markrussinovich
156K Followers 402 Following CTO of Microsoft Azure, author of novels Rogue Code, Zero Day and Trojan Horse, Windows Internals, Sysinternals tools. Opinions are my own.
Tavis Ormandy @taviso
127K Followers 645 Following Vulnerability researcher at Google. This is a personal stream, opinions expressed are mine. I'm also @[email protected]
Rodrigo Branco @bsdaemon
12K Followers 3K Following Just an opinionated security researcher. Opinions are my own H2HC (Hackers 2 Hackers Conference)
Samuel Groß @5aelo
24K Followers 499 Following V8 Security technical lead. Previously Project Zero. Personal account. Also @[email protected] and https://t.co/aVitnPjBie
Bruce Dawson @BruceDawson0xB
11K Followers 176 Following On bsky as randomascii. Not here anymore. Come to bsky, or my blog, or https://t.co/38wlfFCH2a Google employee. ETW expert. LGBTQ+ supporter.
Longhorn @never_released
14K Followers 130 Following Kernel/hypervisor engineer @awscloud EC2. Hobby @checkra1n. Mastodon: https://t.co/DsXP8PFgL0 Bluesky: https://t.co/dAOfFSSqY4
Andrew Paverd @ajpaverd
448 Followers 255 Following Principal research manager at the Microsoft Security Response Center (MSRC) and visiting lecturer at University of Oxford.
vx-underground @vxunderground
291K Followers 211 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
ElfMaster @ryan_elfmaster
2K Followers 222 Following Innovative thought leader, #phrack author, reversing, exploitation and kernel hacking. Shiva binary patching technology: https://t.co/MYfyikAJu7
Ben Barnea @nachoskrnl
1K Followers 376 Following Security Researcher @ Akamai. Windows vulnerabilities & internals research. Opinions and tweets are my own
Ivan Krstić @radian
11K Followers 901 Following Head of Security Engineering+Architecture at Apple. I don’t speak for my employer. @[email protected]
Dan Stemkoski @Artosis
117K Followers 2K Following Professional Commentator + Streamer. business email: [email protected]
Gareth Evans @kryc_uk
469 Followers 140 Following Security Researcher. Microsoft Edge Security Lead. Words & Opinions are my own.
Agner Fog @AgnerFog_
437 Followers 0 Following
Edge Security @EdgeSecurity
3K Followers 123 Following Tweets from @zx2c4. Security Research & Consulting. Support WireGuard development via https://t.co/x6Y8S0VFRw https://t.co/dodHzVeb15 . Or hire us.
nedwill @NedWilliamson
16K Followers 499 Following Project Zero Researcher Discovered SockPuppet, Soundhax https://t.co/16vegpfPXc
VictorV @vv474172261
2K Followers 141 Following Binary Security😉VMware Escape at TFCup 2018/21/23. Hyper-V Escape in 2021. Top3 of MSRC 2023 Q3/Q4/2024 Q1. Watchlist is only for security news
Rohit Mothe @rohitwas
740 Followers 155 Following Security Re..(dare i say it?) , struggling janitor. tweets,replies,retweets,likes,DMs entirely my own doing, undoing
Randori Attack Team @RandoriAttack
3K Followers 62 Following Trusted Adversary @RandoriSecurity | Exploit Development | Offensive Operations | #InfoSec tweets only | Managed by @syndrowm @pwnpnw @aaronportnoy
Andrea Allievi @aall86
5K Followers 351 Following Currently Senior Windows Core OS Engineer, Windows Internals Enthusiast and Book author, tennis lover, currently working for MS. Opinions and tweets are my own.
HackSys Team @HackSysTeam
10K Followers 555 Following Vulnerability Research, Kernel Exploitation, Reverse Engineering, Exploit Development, Program Analysis, Malware Research, Web, Machine Learning
Pawel Wieczorkiewicz @wipawel
1K Followers 368 Following Low Level Security: CPUs, Kernels, Hypervisors and the like. I mostly break stuff. Offensive side of things.
Diane Dubois @0xdidu
2K Followers 417 Following Senior Security Engineer @Google (opinions expressed here are my own). Vulnerability research on systems is my favorite playground. Windows enthusiast. She/her
Conflict News @Conflicts
423K Followers 1K Following Breaking news on global Conflicts. Curators: @MJ_Cruickshank @KyleJGlen @lukepierce100 Contact: [email protected]
Status-6 (Military & .. @Archer83Able
138K Followers 1K Following Providing in-depth news coverage about the armed conflicts and crises all around the globe (focus on 🇺🇦 Ukraine). 📨 [email protected]
Nolan Peterson @nolanwpeterson
517K Followers 5K Following Writer, 9+ yrs living/reporting in Ukraine, nonresident senior fellow @AtlanticCouncil, expert w/@IrregularWarCtr, ex-USAF spec ops pilot.
Project Owl @projectowlosint
37K Followers 433 Following Project Owl: The OSINT community hub. Foreign policy, geopolitical events, military, and government focused. RT/Like/Follow ≠ Endorsement.
Aurora Intel @AuroraIntel
277K Followers 967 Following Team of 3. Bringing you world events as they happen, focusing on the Middle East Region | RTs/Links ≠ Endorse | DMs Open
The Intel Crab @IntelCrab
335K Followers 1K Following The internet's most trusted crustacean. Conflict analysis, data visualization, and small amounts of melted butter.
doge @IntelDoge
142K Followers 2K Following I observe world events and help feed the desire to know more. Слава Україні! Героям сл-Animus In Consulendo Liber | he/him
Rob Lee @RALee85
687K Followers 4K Following Senior Fellow @FPRI. Previously @USMC, @ColumbiaSIPA, @CentreAST. Focused on Russian defense policy.
Alex Matrosov @matrosov
18K Followers 2K Following 🔬Founder & CEO @Binarly_io, #codeXplorer, #efiXplorer, @REhints and "Rootkits and Bootkits" book. Previously worked at Nvidia, Cylance, Intel, ESET, Yandex.
Dmitri Alperovitch @DAlperovitch
203K Followers 2K Following Geopolitics, NatSec, Great Power Competition, Cybersecurity. Chairman @SilveradoPolicy; Host @GeopolDecanted; Founder @alperovitch; Co-Founder @CrowdStrike
OSINTtechnical @Osinttechnical
931K Followers 800 Following OSINT guy, PAI enjoyer, journalist @hntrbrkmedia, my views/freezing cold takes are my own. Standard spiel about not endorsing retweets, likes, and comments.
Euromaidan Press @EuromaidanPress
362K Followers 1K Following News and views from Ukraine. We are independent & community-funded. Support us: 💙https://t.co/ml8nih3e94 💛https://t.co/TX1f16kOvH
Jonathan Guerin @kop48
540 Followers 1K Following Security Engineer on the MORSE team at Microsoft. My opinions are my own. 🐘 Mastodon: @[email protected]
WSDOT East @WSDOT_East
43K Followers 328 Following Official WSDOT account for information east of the Cascade Mountains. Monitored 7 am-5 pm Mon-Fri. Please call 911 to report road hazards.
Washington State DOT @wsdot
377K Followers 5K Following Official Washington State Department of Transportation Twitter account. For road hazards and emergencies, please call 911.
Internal Tech Emails @TechEmails
525K Followers 900 Following Internal tech industry emails that surface in public records. 🔍
Stevens Pass Updates @stevensupdates
19K Followers 10 Following Follow for daily operational updates regarding mountain operations for @StevensPass. This account does NOT reply. Questions: [email protected]
Chandler Carruth @chandlerc1024
15K Followers 248 Following Software, performance, optimization, programming languages, security, open source, #CarbonLang lead, #LLVM, #Clang, C++. 🏳️🌈 https://t.co/OJEo6948ae or https://t.co/20dk6962vg
ℵ₁ @aleph_one@inf.. @aleph_one
6K Followers 207 Following
ZeusBox @Zeusb0x
800 Followers 359 Following Playing with Pandora's box. Sometimes it's better not to open it. Sometimes, it's better not to know.
Andrew Ruddick @arudd1ck
491 Followers 214 Following Breaking software. Security Researcher, MSRC @msftsecresponse. Views are my own.
os.phil-opp.com This website is very cool and shows the Rust features needed to develop OS components, which have 0 dependencies. I am really enjoying reading it!
I am so happy to say that I earn roughly 730 USD for the signed copy of Windows Internals to donate to charity organizations. I still do not know if I can publish the name of the bid winner, but Thanks very much!
C++29 feature: You can now dereference pointers multiple levels of indirection at once through a longer "arrow" operator.
@dangoodin001 @ESETresearch I'm the last person to defend Microsoft, but this is just not a big deal. There is a minor feature that doesn't work correctly, that's true! But... does the level of your coverage here really match the impact of the problem on the victims you're talking about?
@dwizzzleMSFT We would be happy to pass along the information, how exactly are the missing patches affecting you? ^MV
Make sure to catch @JosephBialek's amazing talk @BlackHatEvents about CastGuard - it's a fantastic work, with many great insights about the mitigation and the nontrivial problem it addresses blackhat.com/us-22/briefing…
With the newest version of Git 2.37.0, you can run just "git push" to push new branches. No more "--set-upstream origin". Enable with: git config --global --add --bool push.autoSetupRemote true
@mattifestation What about all the people who don’t get to “bear witness” to suffering? Many will suffer and die as a result from this decision. Should they be grateful? Also, not everyone gets pregnant because “someone said yes to them”. What a horrific pov
Warning orgs that vulns appearing in a tool widely used by black hats are rapidly exploited is not the same as "blaming" - unless you've got an axe to grind against your ex employer and a Twitter persona to maintain.
Last year, Apple shared a high-level overview of "Memory safe iBoot implementation". I thought it would be nice to reverse and write about it, hope you will find it interesting :) saaramar.github.io/iBoot_firebloo…
The votes on this poll are madness. The quickest way to turn a big salary into a small salary is to burn a couple thousand dollars to sit in some nicer seats for a few hours.
What is the appropriate income level to feel like you can regularly fly first/business class for your personal flights?
It is live! Just finished publishing the first deep-dive, low-level developer focused Arm64EC ABI manual. docs.microsoft.com/en-us/windows/…
Tore myself away from Elden Ring long enough to finish part 2 of my virtual memory mini-series, where I ramble about the user virtual address space for a bit sam4k.com/linternals-vir…
@halvarflake @yarden_shafir What if you need to kernel debug a real machine instead of QEMU VM? Ooops. Linux KD not so great…
@JosephBialek @epakskape @AmarSaar Oh sure, nothing to do against a fully controlled integer taken as a pointer :) just pointing out stuff that we can do better than dlmalloc to restrict attackers opportunities and narrow the set of attackable scenarios (esp. in conjunction with compiler and other mitigations)
Since few days the felixcloutier.com/x86/ repo is done. So here is the backup shell-storm.org/x86doc/
@jonathandata1 @thegrugq @0xabad1dea I guess It's just my opinion that disassembling dalvik bytecode as x86 code then drawing red lines on it is kinda a weird thing to do? 🤷♂️
@jonathandata1 @thegrugq @0xabad1dea Uhh, this screenshot is the "analysis" you posted. Notice the register names? edx, esp, ebx. Notice the mnemonics and addressing modes? imul, das, insb? Those are x86 instructions, see Intel SDM Vol 2 & 3. Compare to Dalvik VM architecture docs, what more proof is necessary lol?
Trends for United States
You might like
