Twitter | Pretraživanje | |
Bas Alberts
Recreational strangler & Parentheses enthusiast. Keeping exploit chains out of supply chains . Personal account.
73
Tweetovi
367
Pratim
1.067
Osobe koje vas prate
Tweetovi
Bas Alberts 2. velj
Code is a moving target and audits are never complete ... even though the initial audit bootstrap may be annoying for a large or complicated surface .. and you may come up empty that first pass, it pays dividends to your time to keep up with that surface continuously
Reply Retweet Označi sa "sviđa mi se"
Bas Alberts 31. sij
Odgovor korisniku/ci @shuffle2
Hahaha awesome
Reply Retweet Označi sa "sviđa mi se"
Bas Alberts 31. sij
Odgovor korisniku/ci @PeteMarkowsky
I believe it was an internal run, I got it at HQ from the design team lead
Reply Retweet Označi sa "sviđa mi se"
Bas Alberts 31. sij
Odgovor korisniku/ci @halvarflake
Space-to-space manned combat is wide open though!
Reply Retweet Označi sa "sviđa mi se"
Bas Alberts 31. sij
This sticker situation is escalating rapidly
Reply Retweet Označi sa "sviđa mi se"
Bas Alberts 31. sij
Odgovor korisniku/ci @attritionorg @xorlgr
I think all of it is interesting, but specifically interested in backdoor commits that were being snuck in with hijacked commit access or seemingly legitimate bugs that were almost too good to be true (i.e. the exploitation stars lined up suspiciously well)
Reply Retweet Označi sa "sviđa mi se"
Bas Alberts 31. sij
Odgovor korisniku/ci @eugeneteo @grsecurity
ah yeah I remember had some fun with that one
Reply Retweet Označi sa "sviđa mi se"
Bas Alberts 30. sij
Odgovor korisniku/ci @xorlgr
Nope mostly looking for breadth of examples, thanks!
Reply Retweet Označi sa "sviđa mi se"
Bas Alberts 30. sij
Does anyone remember any explicit (or highly suspected/suspicious) bugdoor attempts in OSS history besides the = vs == uid thing in the Linux kernel?
Reply Retweet Označi sa "sviđa mi se"
Bas Alberts 30. sij
TIL that the laf-intel comparison splitting strategy is eerily similar to how you used to bruteforce a static cookie with a repeatable 1-byte granular memory corruption primitive ... which makes perfect sense I suppose
Reply Retweet Označi sa "sviđa mi se"
Bas Alberts 30. sij
Odgovor korisniku/ci @0xbade5dee
Reply Retweet Označi sa "sviđa mi se"
Bas Alberts 30. sij
Odgovor korisniku/ci @iggyf @nicowaisman i 3 ostali
Haha it’s more a product of me going from gung ho to hobby status I think
Reply Retweet Označi sa "sviđa mi se"
Bas Alberts 30. sij
Odgovor korisniku/ci @iggyf @nicowaisman i 3 ostali
I used to but it dissipated around mid-brown :) Now I’ll ponder my rolls on the drive home but by the time I arrive my brain is mostly all “food?”
Reply Retweet Označi sa "sviđa mi se"
Bas Alberts 30. sij
Odgovor korisniku/ci @mdowd
Affleck was the bomb in Phantoms yo
Reply Retweet Označi sa "sviđa mi se"
Bas Alberts proslijedio/la je tweet
Sean Heelan 29. sij
Here's the bibliography for an automatic exploit generation talk I'm giving tomorrow. If you're looking for a reading list on the topic, this should have almost everything for historical context and state of the art
Reply Retweet Označi sa "sviđa mi se"
Bas Alberts 29. sij
Can any of my friends at Apple go check the warehouse and guesstimate when they’re gonna run out of touchbars?
Reply Retweet Označi sa "sviđa mi se"
Bas Alberts proslijedio/la je tweet
grsecurity 29. sij
Hugely impressive amount of work in a very short amount of time. The github looks like a great resource for people to learn from:
Reply Retweet Označi sa "sviđa mi se"
Bas Alberts 29. sij
Odgovor korisniku/ci @tb00bz
The whole thing
Reply Retweet Označi sa "sviđa mi se"
Bas Alberts 29. sij
Confused xdev sitting in SCIF: “but it said you offered remote work in the ad!” ... “correct, now get to it”
Reply Retweet Označi sa "sviđa mi se"
Bas Alberts 29. sij
Odgovor korisniku/ci @dyn___ @adhsec
I am assuming it is a certain very skilled french person but since they decided to not put their name on the work I think they prefer to remain anonymous :) As far as process, “90ies UNIX hacking” sums it up nicely I suppose?
Reply Retweet Označi sa "sviđa mi se"