Twitter | Search | |
Marc Rogers
Ramblings of a Mad English Hacker: Hacker behind BBC's The Real Hustle & USA's Mr Robot. Head of SecOps for DEF CON. Head of Infosec for CloudFlare.
9,886
Tweets
1,313
Following
9,843
Followers
Tweets
Marc Rogers Feb 20
Replying to @erinruberry @egyp7
Awww I nevwr knew you cared.
Reply Retweet Like
Marc Rogers Feb 16
Replying to @cybergibbons @chronic
so thats the flash on the flash on the main board, no its not encrypted, but parts of it are write protected. When the system hihstates (each time the car starts) it loads the system OS from flash.
Reply Retweet Like
Marc Rogers Feb 16
Replying to @cybergibbons @chronic
when you say external I assume you are referring to the microsd card and SD card? If so, then the answer is no and I doubt they will have now.
Reply Retweet Like
Marc Rogers Feb 16
Replying to @cybergibbons @chronic
they closed that door pretty firmly after we entered through it.
Reply Retweet Like
Marc Rogers Feb 16
Replying to @cybergibbons @chronic
also FYI as I understand it (but have not validated personally) the OTA updates are now encrypted and signed, and code signing has been enabled on the platforms.
Reply Retweet Like
Marc Rogers Feb 16
Replying to @cybergibbons @chronic
the VPN is based on openVPN. Certificate validation is properly managed though we didn’t dig into the trust chain as deep as we could. Seems like that would be a longshot though. Details are in our DEF CON presentation.
Reply Retweet Like
Marc Rogers Feb 4
Butterfly Effect: one messed up drinks order in the east bay, it rains unicorn lattes in Madagascar.
Reply Retweet Like
Marc Rogers Feb 4
but I will sit at home crying bitter tears of disappointment if thats any help.
Reply Retweet Like
Marc Rogers Feb 4
No, I did not. As far as I can tell they left two relatively junior people in charge of the stand on day. I see that as a starbucks management issue not just a personnel issue.
Reply Retweet Like
Marc Rogers Feb 4
Hey you might want to teach your staff in Moraga Safeway the difference between an iced coffee and a frappe. best wishes, Cark
Reply Retweet Like
Marc Rogers Jan 29
*innocent whistle*
Reply Retweet Like
Marc Rogers Jan 27
*facepalm* this is why you don’t roll your own crypto or build security features without proper security design and testing.
Reply Retweet Like
Marc Rogers Jan 27
Replying to @AerendirMobile
sure I’m still interested. Shoot me a DM with RL contact details and lets get a test unit for me to break :)
Reply Retweet Like
Marc Rogers Jan 25
Awww man :( RIP. Too many :(
Reply Retweet Like
Marc Rogers Jan 25
yea, we lost 5 at the start of the year. Sad way to start 2018 :(
Reply Retweet Like
Marc Rogers Jan 23
Replying to @Hacker_Horse
email sent :)
Reply Retweet Like
Marc Rogers Jan 16
Hey why does your OSX firewall appear to be trying to apply state to UDP? TCP packets - near instant. UDP packets - 40ms lag. Turn off inbound service discovery on the FW, no lag.
Reply Retweet Like
Marc Rogers retweeted
TheSAS2018 Jan 16
Don't miss speakers announcements! Stay tuned! More to come!
Reply Retweet Like
Marc Rogers Jan 15
Replying to @synackpse @thegrugq
LOL I could NEVER be the grugq. He’s FAR too handsome.
Reply Retweet Like
Marc Rogers Jan 13
Replying to @hatesec
90% of my time with Jaime was online. She touched so many people online it was only right her memorial be online too.
Reply Retweet Like