Twitter | Search | |
Will Dormann
Vulnerability Analyst at the CERT/CC. My thoughts are my own, not my employer's.
3,828
Tweets
463
Following
6,121
Followers
Tweets
Will Dormann retweeted
raptor Feb 2
And here’s a wonderful post by OpenSMTPD’s main developer : Very interesting insight on how a bug enters the code and becomes exploitable over time.
Reply Retweet Like
Will Dormann 23h
It is the CA's duty to revoke certificates issued for private keys that have been compromised (e.g. released to the public). If your social experiment is to see how a CA treats a customer who repeatedly proves that they are unable to control their private key material, go nuts?
Reply Retweet Like
Will Dormann Feb 1
Just out of curiosity, how'd you pick it out? I assume it was DER (or other) encoded in process memory?
Reply Retweet Like
Will Dormann Feb 1
Replying to @cybergibbons
I'm sure that the CAs are fine with this.
Reply Retweet Like
Will Dormann Feb 1
It goes back to 2000, if not earlier. should know better than to claim they were there first without being quite sure about it.
Reply Retweet Like
Will Dormann retweeted
Saul Procterm Jan 28
Qualys Security Advisory: LPE and RCE (CVE-2020-7247) in OpenSMTPD, OpenBSD's mail server. Erroneous logic in smtp_mailaddr() which validates user and domain. More details and PoC at: PS: "Did you ever play tic-tac-toe?"
Reply Retweet Like
Will Dormann Jan 29
I think I'd like to have a word with the folks involved with the creation/distribution of this sign.
Reply Retweet Like
Will Dormann retweeted
patrick wardle Jan 28
macOS 10.15.3 is out, fixing a bunch of nasty (remote) bugs! 🍎🐛 ...go patch! 🛡️
Reply Retweet Like
Will Dormann Jan 27
Huh... I can honestly say that I've never noticed/clicked the "explore" icon until now.
Reply Retweet Like
Will Dormann retweeted
EFF Jan 27
BREAKING: We’ve confirmed that the Ring doorbell app on Android covertly shares personally identifiable information on its users with third-party companies, including Facebook.
Reply Retweet Like
Will Dormann Jan 27
Replying to @ChaseSupport
Are you aware that abuse@chase.com doesn't allow .eml attachments, despite requesting people to "forward this as an attachment"? I feel like I've done all that I can do here. If you folks cannot understand what I'm trying to convey in this thread, I'm afraid I'm at a loss.
Reply Retweet Like
Will Dormann retweeted
Joseph Cox Jan 27
New: leaked documents, data, contracts show how hugely popular antivirus Avast now harvests internet browsing data and sells it for millions of dollars. Clients included Home Depot, Google, Microsoft. Documents show a product called "All Clicks Feed"
Reply Retweet Like
Will Dormann Jan 27
Replying to @GossiTheDog
If it was indeed Citrix (or Pulse), I almost get the impression that companies should care about CVSS-10 vulnerabilities with public exploits exposed to the broad internet.
Reply Retweet Like
Will Dormann Jan 26
Replying to @ChaseSupport
Thanks, but I don't need your help in researching whether or not it's a phishing attempt. I was simply trying to bring to your attention that Chase is sending out emails with an HTTP:// link to your website, rather than HTTPS:// Please do better.
Reply Retweet Like
Will Dormann Jan 26
Replying to @jdgregson
"Occasional"? Best I could find is that NAT is something that you can manually add to Hyper-V via PowerShell. And even then that it doesn't provide DHCP. I'm currently running my VM with a static IP on the NAT network that I manually created. There's an easier way??
Reply Retweet Like
Will Dormann Jan 26
I'll move to Hyper-V for virtualization on my home computer... Smaller attack surface, and enables the ability to use extra exploit mitigations. 1) Broadcom network driver causes BSODs when Hyper-V bridges a VM to that network. 2) Hyper-V NAT doesn't even provide DHCP. Sigh...
Reply Retweet Like
Will Dormann Jan 26
My complaint is not what GIMP does with alpha information. My suggestion is that GIMP is perhaps doing the wrong thing when a user hits the "delete" key on their keyboard. I suspect that I'm not in the minority in thinking that "delete" "deletes" things instead of "sets alpha"
Reply Retweet Like
Will Dormann Jan 26
Replying to @ChaseSupport
I'm not sure that I believe you. 1) The email came from servers 2) The email doesn't link to any site not on the domain. If it is a phishing email, you might have an insider threat problem. And a misguided one at that.
Reply Retweet Like
Will Dormann Jan 26
Hey , Find somebody at your organization that appreciates the difference between HTTP and HTTPS, and listen to them. Thanks.
Reply Retweet Like
Will Dormann Jan 26
Undo is a thing that I could expect people to want. But to implement an anti-erase feature that persists through the act of exporting to a completely new file format... That's unique. As in, can you name a single other photo editing program that does this?
Reply Retweet Like