|
Brandon Weeks
@
__weeks__
San Francisco, CA
|
|
Security @ Google. He/him.
|
|
|
14
Tweetovi
|
488
Pratim
|
88
Osobe koje vas prate
|
| Tweetovi |
| Brandon Weeks proslijedio/la je tweet | ||
|
Ian Coldwater
@IanColdwater
|
5. velj |
|
Do people ever refer to technical program managers as trusted platform modules
|
||
|
|
||
| Brandon Weeks proslijedio/la je tweet | ||
|
Eric Chiang
@erchiang
|
31. sij |
|
I clearly need to get this ice machine (via @__weeks__)
kold-draft.com/products/gt350… pic.twitter.com/ynpHuMktBl
|
||
|
|
||
| Brandon Weeks proslijedio/la je tweet | ||
|
Joseph Cox
@josephfcox
|
17. pro |
|
Google fires employee who wrote code for a pop-up notification informing Google works of their labor rights vice.com/en_us/article/… pic.twitter.com/KRYOIEAKNi
|
||
|
|
||
| Brandon Weeks proslijedio/la je tweet | ||
|
Eric Chiang
@erchiang
|
10. pro |
|
My team has been working a lot with TPM hardware lately and found some pretty critical issues with the spec. Here's our 90-day disclosure of a vulnerability report we sent to @TrustedComputin. "Verifying TPM Boot Events and Untrusted Metadata" github.com/google/go-atte…
|
||
|
|
||
| Brandon Weeks proslijedio/la je tweet | ||
|
Matthew Garrett
@mjg59
|
4. pro |
|
If you're running Android 10, do not do this. There's a bug that will probably render your phone unbootable after the next reboot, requiring a factory reset. twitter.com/Tri_Becca90/st…
|
||
|
|
||
| Brandon Weeks proslijedio/la je tweet | ||
|
purplecon
@purpleconNZ
|
17. lis |
|
quick update on the ctf: we don't have one
so if you've been doing it, you've been doing crimes
|
||
|
|
||
| Brandon Weeks proslijedio/la je tweet | ||
|
Eric Chiang
@erchiang
|
9. lis |
|
Shout out to @__weeks__ for fuzzing our #golang project and finding two remote DoS vectors. Always fuzz, even memory safe languages. 😬
github.com/google/go-atte…
github.com/google/go-atte…
|
||
|
|
||
| Brandon Weeks proslijedio/la je tweet | ||
|
Maddie Stone
@maddiestone
|
4. lis |
|
Kernel privilege escalation bug in Android affecting fully patched Pixel 2 & others. Reported under 7 day deadline due to evidence of in-the-wild exploit. @tehjh and I quickly wrote a POC to get arbitrary kernel r/w using this bug, released in tracker. bugs.chromium.org/p/project-zero…
|
||
|
|
||
| Brandon Weeks proslijedio/la je tweet | ||
|
🔎Julia Evans🔍
@b0rk
|
27. kol |
|
certificates pic.twitter.com/qOVuzsHUGF
|
||
|
|
||
| Brandon Weeks proslijedio/la je tweet | ||
|
Eric Chiang
@erchiang
|
21. kol |
|
And to round out the week, @Twitchyliquid64 (with @mjg59) will be speaking on Friday at OSS on TPM backed device identity sched.co/PUO2
|
||
|
|
||
|
Brandon Weeks
@__weeks__
|
21. kol |
|
events.linuxfoundation.org/events/linux-s…
Slides can be found here for the Matthew and I's talk.
|
||
|
|
||
| Brandon Weeks proslijedio/la je tweet | ||
|
Eric Chiang
@erchiang
|
21. kol |
|
First up at 11:25am @__weeks__ and @mjg59 will be speaking on remote attestation for device identity sched.co/RHbI
|
||
|
|
||
| Brandon Weeks proslijedio/la je tweet | ||
|
Matthew Garrett
@mjg59
|
4. pro 2018. |
|
Today's horrifying firmware discovery (courtesy of the coworker I've tasked with parsing TPM event logs and I'm very sorry he's suffering this way) is pl887.pairlitesite.com/misc/config-st…, wherein IBM have a PARTIES partition type that contains a Boot Engineering Extension Record, or BEER
|
||
|
|
||
|
Brandon Weeks
@__weeks__
|
27. lis 2018. |
|
But it is diet! Look at the tag.
|
||
|
|
||