Evan Sultanik

After 6 months and over 5k new lines of 6502 assembly, the Kaizo-style platforming section of the NES game in my résumé is finally done! Yes, among other things, the PDF of my résumé is also an NES ROM. You can download it here for your emulating pleasure: sultanik.com/files/ESultani…

Memory Analysis for #Linux has always been a bit hit-or-miss. @trailofbits has released a tool called #mquire that doesn't require debug symbols for the originating Kernel. #MemoryForensics #IncidentResponse #DFIR #DigitalForensics

@DominicJPino New York already has the largest citywide heating system in the world: en.wikipedia.org/wiki/New_York_…

A hilariously bad metaphor, if you know how collectivist heating worked in the USSR. In Soviet Moscow, they had a centralized heating system for the whole city. Heat was centrally generated and then distributed through a network of pipes to houses and other buildings. The service was very, very cheap to the end users. Hooray! Workers of the world, unite! But people got what they paid for. A thermostat in your house would be too individualist, so they didn't exist. The level of heat was set collectively by government administrators. They had to base their decisions on weather forecasts because it would take about 12 hours for a temperature change to work its way through the system. So when the forecasts were wrong (which was often), the heat level was wrong too. On top of that, every building is different. So no matter what heat level the government chose, some people would be too cold and others would be too warm (except for the times when the heat ran out due to shortages, then everyone was cold). People in buildings that were too hot would open the windows, even in the middle of winter, wasting heat that could have been used by others. And because there were no price signals, they hardly faced any costs when they did so. The heating system didn't even have meters for individuals to measure their usage. Officials in post-Soviet Moscow estimated that the whole system used about as much natural gas per year as all of France. The collectively owned underground pipes that carried the heat suffered from the classic problem: If everyone owns them, then nobody does. The pipes fell into disrepair and would be replaced by above-ground temporary pipes (which could go anywhere since nobody owned the land either). And they would stay that way for years. That is, if you were one of the lucky ones who got temporary pipes in the first place. Others were just left out in the cold. So yeah, if I was trying to promote collectivism, I probably wouldn't use a heat metaphor in winter. There are a lot of people who lived in collectivist countries who would dispute its association with warmth.

@pitdesi In other words: If you live anywhere in the East besides DC or Northern NJ, you'd only ever fly United if you're going to a United hub or one of their codeshares' hubs, like Tokyo.

@pitdesi In 2024, CUN had ~8.5x more US travelers than TYO. The only East Coast airports with direct flights to CUN operated by UA are EWR and IAD, both of which also have direct flights to TYO. If you are traveling from a DL/AA hub like PHL/JFK/MIA/BOS/ATL to CUN, you'd never fly UA.

United airlines top international destinations by state & overall. I would have expected Tokyo to be lower than it is.

This made me mirken until I realized the "i" and "e" were swapped.

#BSidesBerlin Speaker Showcase @kiki_morozova explores Weaponizing Image Scaling Against Production AI Systems. @SecurityBSides #AI #Infosec

Solving the Traveling Salesman Problem for NYC's 474-station subway network, obviously! @ESultanik used Christofides algorithm to find a 20h 42min route through all 474 stations, which would beat the world record by 45 minutes. blog.trailofbits.com/2025/08/25/spe…

New post and tool! Attackers can break production AI systems by using image scaling to hide multi-modal prompt injections from users. 🧵for more info on what broke, how this works, and our new tool to try this out yourself

@fluffypony @VikParuchuri PS is a fully fledged programming language, which makes it even harder than PDF. You can have functions that programmatically render text; you’d have to emulate them. Fonts are often also either rasterized or vectorized, sometimes losing the original strings.

@VikParuchuri This might be a naive thought, this is not my wheelhouse, but is there any value in printing to postscript and extracting the text there?

Parsing PDFs has slowly driven me insane over the last year. Here are 8 weird edge cases to show you why PDF parsing isn't an easy problem. 🧵

@dvyukov @pr0cf51 @TeamAtlanta24 If you ignore unit tests and competition-specific deployment scripts, the code for Trail of Bits' CRS is 22 KLOC using sloccount.

@pr0cf51 @TeamAtlanta24 Thanks for sharing! This is awesome! Can you give estimation of lines of code that the team wrote? I've got ~41 KLOC Python for Trail of bits, 21 KLOC for Theori using sloccount utility. But for yours I have trouble with all third-party code pulled in.

Here’s the source code of our #AIxCC winning team @TeamAtlanta24, enjoy! github.com/Team-Atlanta/a… More things TBA

@dvyukov @theori_io @trailofbits FWIW, Trail of Bits spent the last month divorcing our system from the competition framework so you can run it on your laptop against real codebases. github.com/trailofbits/bu…

@ESultanik @theori_io @trailofbits This would be awesome! I am especially interested in engineering/productionalization aspects. To clarify: my interest is how industry should approach [re]using the results.

With #AIxCC results in, thinking how much it's "this is the best approach to the problem" vs "this is all just hard work, development, engineering, tuning, etc"?... 1st: 392.76 score, 42 ppl team 2nd: 291.35, 10 3rd: 210.68, 8 4th: 153.70, 8 Also: 2nd: 41KLOC Python 3rd: 21KLOC

@dvyukov @theori_io @trailofbits @trailofbits will be analyzing the detailed results as they are released by DARPA over the coming weeks and posting a series of blog posts on our conclusions.

@dvyukov @theori_io @trailofbits The scores roughly correlated with teams’ computation costs. Team Atlanta stated that they used their people power to develop three different systems, ran them in parallel, and then effectively merged the results.

A wild Buttercup appears! Our @DARPA AI Cyber Challenge CRS is in the @BSidesLV Silent Auction. Bid on this encrypted limited edition!

@0xbool @trailofbits Thanks for the kind words! A quick clarification for anyone curious about the implementation: Deptective actually uses syscall tracing (not installation logs) to discover dependencies, and it was built without any LLMs. 100% deterministic. Immaculate implementation, not vibes 😂

Nice use of installation log and llms @trailofbits

Our new whitepaper covers secure-by-design steps that CEXes can take to keep users' accounts (and funds) safe from account takeover (ATO) in 2025. (Read more 👇)

“It came to me in a dream.” Olivier salad roll.

When working on Magika (Google's AI-powered content-type detection), I checked other file formats KBs and detection engines to create filesets to train the model on. I gave a talk at HackLu to share an overview of the existing engines. speakerdeck.com/ange/overview-…

@thenonstopdan @AlexInAir I am fairly certain that I saw some itineraries entirely operated by Lufthansa/SWISS, too. And there were always other options offered by AA, BA, IB, or QR, so it wasn’t as if these were itineraries oneworld doesn’t service 🤔

@ESultanik @AlexInAir Fascinating. We'll have to look into this!

Any idea why AA’s website is offering itineraries with legs operated by Lufthansa Group? 🤯 @thenonstopdan @AlexInAir

@Wysz @thenonstopdan @AlexInAir They also offer some itineraries entirely operated by Lufthansa Group airlines. This would make sense on a flight aggregator like Kayak, but I've never seen a founding member of an airline alliance offer flights from a competing alliance on their website.

@ESultanik @thenonstopdan @AlexInAir Looks like an interline itinerary since the LH-operated flight doesn't show an AA codeshare number, and they're in different alliances. Maybe they'd rather offer this ticket (with at least one AA flight) than have you leave the site and book a completely non-AA ticket elsewhere.