| Tweetovi |
|
Oliver Chang
@halbecaf
|
5. pro |
|
Awesome talk on Site Isolation in Chrome by @nasko and Charlie Reis at #BHEU ! pic.twitter.com/mrAHvjvuRk
|
||
|
||
| Oliver Chang proslijedio/la je tweet | ||
|
Nasko Oskov
@nasko
|
5. pro |
|
If you want to hear about browser security, Charlie and I are getting ready to talk about Site Isolation in Chrome at @BlackHatEurope. Come over! #BHEU
|
||
|
|
||
| Oliver Chang proslijedio/la je tweet | ||
|
Abhishek Arya
@infernosec
|
24. stu |
|
If you are attending #BHEU, come to our talk about Fuzzing at Google Scale with ClusterFuzz (co-presenting with @halbecaf). We will share our experiences with scaling fuzzing for Chrome, 250+ OSS projects and Google products.
@BlackHatEvents
|
||
|
|
||
|
|
Oliver Chang
@halbecaf
|
25. ruj |
|
Woot! Excited to be presenting our talk on how fuzzing works at Google scale with @infernosec at #BHEU in December!
@BlackHatEvents
|
||
|
|
||
|
|
Oliver Chang
@halbecaf
|
7. velj |
|
ClusterFuzz, the fuzzing infrastructure used by Chrome and OSS-Fuzz, is now open source!
opensource.googleblog.com/2019/02/open-s…
|
||
|
|
||
|
|
Oliver Chang
@halbecaf
|
25. tra 2018. |
|
Yet another bug in JavaScriptCore found by OSS-Fuzz, this time colliding with one of @RZ_fluorescence's .
support.apple.com/en-au/HT208741
|
||
|
|
||
|
|
Oliver Chang
@halbecaf
|
30. sij 2018. |
|
Not many in spidermonkey, but so far there are 70 (public) security + non security bugs across all engines: goo.gl/17LpME
|
||
|
|
||
|
|
Oliver Chang
@halbecaf
|
29. sij 2018. |
|
OSS-Fuzz has started finding bugs in JS engines!
support.apple.com/en-us/HT208475
github.com/Microsoft/Chak…
github.com/Microsoft/Chak…
|
||
|
|
||
| Oliver Chang proslijedio/la je tweet | ||
|
Parisa Tabriz
@laparisa
|
6. pro 2017. |
|
Want to be on the bleeding edge of @googlechrome sandboxing?
Check out Site Isolation: blog.google/topics/connect…
If you run into issues, file bugs to help us fix them. h/t @nasko & team who have been working on this for years!
|
||
|
|
||
| Oliver Chang proslijedio/la je tweet | ||
|
Ben Hawkes
@benhawkes
|
28. ruj 2017. |
|
Project Zero blog: "Over The Air - Vol. 2, Pt. 1: Exploiting The Wi-Fi Stack on Apple Devices" by @laginimaineb - googleprojectzero.blogspot.com/2017/09/over-a…
|
||
|
|
||
|
|
Oliver Chang
@halbecaf
|
29. kol 2017. |
|
A *very* rough estimate would be around 5.6 years of cpu time.
|
||
|
|
||
| Oliver Chang proslijedio/la je tweet | ||
|
Justin Schuh 🤬
@justinschuh
|
25. srp 2017. |
|
W00000000000T!!!!!! blog.chromium.org/2017/07/so-lon…
|
||
|
|
||
|
|
Oliver Chang
@halbecaf
|
24. svi 2017. |
|
Made a short post about a v8 bug and exploit: halbecaf.com/2017/05/24/exp…
|
||
|
|
||
|
|
Oliver Chang
@halbecaf
|
8. svi 2017. |
|
"It's better to not find bugs than to put our users at risk by releasing details of fixes" twitter.com/kayseesee/stat…
|
||
|
|
||
|
|
Oliver Chang
@halbecaf
|
8. svi 2017. |
|
Google is now paying open source to fuzz their projects! opensource.googleblog.com/2017/05/oss-fu…
|
||
|
|
||
| Oliver Chang proslijedio/la je tweet | ||
|
|
Ben Hawkes
@benhawkes
|
4. tra 2017. |
|
Project Zero blog: "Over The Air: Exploiting Broadcom’s Wi-Fi Stack (Part 1)" by @laginimaineb - googleprojectzero.blogspot.com/2017/04/over-a…
|
||
|
|
||
| Oliver Chang proslijedio/la je tweet | ||
|
Tavis Ormandy
@taviso
|
23. velj 2017. |
|
Cloudflare have been leaking customer HTTPS sessions for months. Uber, 1Password, FitBit, OKCupid, etc. bugs.chromium.org/p/project-zero…
|
||
|
|
||
|
|
Oliver Chang
@halbecaf
|
15. velj 2017. |
|
Derestricted a bug in Cisco's ASA: bugs.chromium.org/p/project-zero…. The quality of the code here is surprising.
|
||
|
|
||
| Oliver Chang proslijedio/la je tweet | ||
|
|
Ben Hawkes
@benhawkes
|
14. velj 2017. |
|
Project Zero blog: Attacking the Windows NVIDIA Driver by @halbecaf - googleprojectzero.blogspot.com/2017/02/attack…
|
||
|
|
||
| Oliver Chang proslijedio/la je tweet | ||
|
👼 Ąż 杏
@angealbertini
|
7. pro 2016. |
|
|
||
|
|
||