Twitter | Search | |
Tavis Ormandy
Vulnerability researcher at Google. This is a personal stream, opinions expressed are mine.
5,577
Tweets
521
Following
108,610
Followers
Tweets
Tavis Ormandy Jan 30
Replying to @mikko
😬
Reply Retweet Like
Tavis Ormandy Jan 30
Replying to @jeremiahg
Hah, I think it would be hard, it was clear what Avast were doing for years, but nobody really cared until the mainstream media picked up on it, and that seems hard to influence...
Reply Retweet Like
Tavis Ormandy Jan 30
wow, avast are actually winding down jumpshot.
Reply Retweet Like
Tavis Ormandy Jan 30
Sorry, just another computer nerd! 🤓
Reply Retweet Like
Tavis Ormandy Jan 29
Replying to @mdowd
I can live with "bad actor", I hate "miscreant", sounds like mischievous little scamps more than criminals!
Reply Retweet Like
Tavis Ormandy Jan 29
Hah, we had a bbc, just not fancy enough for any adapters 😛
Reply Retweet Like
Tavis Ormandy Jan 29
You mean like Bamboozle, or was there really some software transmitted somehow?
Reply Retweet Like
Tavis Ormandy retweeted
Saul Procterm Jan 28
Qualys Security Advisory: LPE and RCE (CVE-2020-7247) in OpenSMTPD, OpenBSD's mail server. Erroneous logic in smtp_mailaddr() which validates user and domain. More details and PoC at: PS: "Did you ever play tic-tac-toe?"
Reply Retweet Like
Tavis Ormandy Jan 28
I dunno, but I never really liked it. I proposed an alternative, "constant pooling" - indirectly load constants from a non-executable table. I had stats that showed performance impact was negligible, more loads but better icache perf. Blinding was trivial to implement though.
Reply Retweet Like
Tavis Ormandy Jan 26
Replying to @fmc_sea
I don't want to have this discussion.
Reply Retweet Like
Tavis Ormandy Jan 26
Dunno, never have to listen to people whining about "responsible" if you just sell exploits privately. That must be nice.
Reply Retweet Like
Tavis Ormandy Jan 26
We do have evidence they're bought and sold by exploit brokers though, and I'm guessing they're not printing them out to use as wallpaper.
Reply Retweet Like
Tavis Ormandy retweeted
joernchen Jan 26
AV stands for: Additional Vulnerabilities
Reply Retweet Like
Tavis Ormandy Jan 22
Congrats everyone, really nice work.
Reply Retweet Like
Tavis Ormandy retweeted
Artur Janc Jan 22
Earlier today we published the details of a set of vulnerabilities in Safari's Intelligent Tracking Prevention privacy mechanism: . They are... interesting. [1/9]
Reply Retweet Like
Tavis Ormandy retweeted
Justin Schuh 🤬 Jan 22
Replying to @jamiebishop123
No, I can assure you that they still haven't fixed these issues, which is what made that blog post last year so weird. Apple didn't disclose the vulnerabilities or appropriately credit the researchers, but put out a post implying they fixed "something".
Reply Retweet Like
Tavis Ormandy Jan 22
This. It's hard to imagine how Apple are going to resolve this, it took a long time to accept that the auditor problems were fundamental, and it's hard to see how itp is any different here. Prediction: after a few failed attempts to rework it, they'll come to the same conclusion.
Reply Retweet Like
Tavis Ormandy retweeted
lcamtuf Jan 22
This is a pretty good reminder that any invasive heuristics in the browser - be it XSS filters or privacy protections - often cause more problems than they address:
Reply Retweet Like
Tavis Ormandy Jan 20
Replying to @BoyerTimTweets
That's the one, definitely worth watching if you're a back to the future nerd. 🤓
Reply Retweet Like
Tavis Ormandy Jan 20
If you're a Back to the Future fan and haven't seen "Go to the Head of the Class", it's a real treat. It's like the band getting back together, Zemeckis, Gale, Spielberg, Lloyd, etc.
Reply Retweet Like