|
Ditmar Wendt
@
DitmarWendt
Seattle, WA
|
|
not infosec twitter.
hackucf.org 🗝keybase.io/dwn
|
|
|
1.512
Tweetovi
|
1.516
Pratim
|
887
Osobe koje vas prate
|
| Tweetovi |
|
Ditmar Wendt
@DitmarWendt
|
13 h |
|
does it repro in safe mode / on-boot stuff disabled? if not, maybe a trace will show what's causing it to call into the GPU so often video.ch9.ms/sessions/build…
|
||
|
|
||
|
Ditmar Wendt
@DitmarWendt
|
4. velj |
|
they probably feel like they addressed this, considering there's a paragraph specifically about how they could've snooped all they wanted to from usermode.
|
||
|
|
||
|
Ditmar Wendt
@DitmarWendt
|
24. sij |
|
@f1yYY__ hey, do you have an archive of the e1000e challenge from rwctf finals? I dunno where I put the file
|
||
|
|
||
|
Ditmar Wendt
@DitmarWendt
|
23. sij |
|
whoops yes it, "version-to-version diffs" like you said are exactly that. cool!
linux-review.googlesource.com/c/virt/kvm/kvm…
|
||
|
|
||
|
Ditmar Wendt
@DitmarWendt
|
23. sij |
|
also, quick q - say there's patch v1, and patch v2, can gerritt show the difference between these two patches (or is it still a case of apply both to two clones of the original, diff those)
|
||
|
|
||
|
Ditmar Wendt
@DitmarWendt
|
23. sij |
|
is this automatic on new lkml patchsets, or manual and the community needs to adopt it? a better process like this would be so nice.
|
||
|
|
||
|
Ditmar Wendt
@DitmarWendt
|
23. sij |
|
readelf can have a little file, as a treat
|
||
|
|
||
|
Ditmar Wendt
@DitmarWendt
|
22. sij |
|
do you think NSO has a sticker pack
|
||
|
|
||
|
Ditmar Wendt
@DitmarWendt
|
16. sij |
|
nah, windows update isn't affected, and keep in mind important/crit has a criteria for each, it's not just language semantics. they need something to differentiate between that and say, 0-click RCE like CVE-2020-0609
|
||
|
|
||
|
Ditmar Wendt
@DitmarWendt
|
16. sij |
|
or maybe it'll be a renaissance, they're adding a whoooole lot of extra stuff to it leucosite.com/Edge-Chromium-…
|
||
|
|
||
|
Ditmar Wendt
@DitmarWendt
|
15. pro |
|
someone must've already thought of a standard for authenticated peripherals, yeah? some burned in keypair on the HID, challenge+response at connection time, and then the OS deciding (or not) to permit it through to the USB layer
|
||
|
|
||
|
Ditmar Wendt
@DitmarWendt
|
15. pro |
|
|
||
|
Ditmar Wendt
@DitmarWendt
|
9. pro |
|
have you played noita? it's awesome, inspired by fsg
|
||
|
|
||
|
Ditmar Wendt
@DitmarWendt
|
8. pro |
|
rwctf gave us a doorhandle, an STM st-linkv2, and some wires. I should have asked for the hidden multimeter option before trying to follow these traces for a few hr
concealing glue removed with a quarter, yes, swd/swclk are in bottom left & via'd 2layer
i.imgur.com/malLlWd.jpg
|
||
|
|
||
|
Ditmar Wendt
@DitmarWendt
|
8. pro |
|
ah yeah I see. things needing flashing was sorta a trend, I had brute forced the correct pin combo for swd at least twice before going from ST's tool to pystlink and being told that the stlink's firmware was out of date, resolving things immediately on my next brute
|
||
|
|
||
|
Ditmar Wendt
@DitmarWendt
|
8. pro |
|
yeah uhhh I think I still need to dump the firmware from my first transceiver to flash it onto the second one provided, it appears as a serial port but doesn't respond?
never want to touch stm* again
|
||
|
|
||
|
Ditmar Wendt
@DitmarWendt
|
7. pro |
|
the organizers put a lot of work into making cool designs! pic.twitter.com/PfVvvX2wf4
|
||
|
|
||
|
Ditmar Wendt
@DitmarWendt
|
2. pro |
|
w.r.t test signing, you should mention that it's unneeded to get arbitrary code executing in the kernel. github.com/z175/kdmapper/…
it all boils down to the classic load order problem. load first to win. need ELAM anticheats that run on boot with hardware-backed system attestation!
|
||
|
|
||
|
Ditmar Wendt
@DitmarWendt
|
27. stu |
|
gamer, golang, or big C++ dwarf symbols?
|
||
|
|
||
|
Ditmar Wendt
@DitmarWendt
|
18. stu |
|
got a camera, I'll create another acct for cat pictures and not flood this one :p pic.twitter.com/gjxT3VOmcH
|
||
|
|
||