Calle Svensson

My @REverseConf talk about reverse engineering #AoE2 is now available on YouTube: youtube.com/watch?v=Dp-Ivq… check it out and hear about some reverse engineering techniques and a code pattern matching tool I released: github.com/ZetaTwo/bnil-m…

@BackEngineerLab @belabs_engineer @belabs_james Such a great presentation! One of my favourites from the conference. Keep up the great work!

Very impressive independent research into modern software obfuscation used by Anti-Cheats, conducted by @belabs_engineer and @belabs_james youtube.com/watch?v=3LtwqJ…

@momo5502 Thank you! Glad you liked it! :D Anytime! I'll hopefully get back to you with both questions and results once I have time to get back to this project later this year.

@ZetaTwo really awesome talk about AOE :D Also thanks for the sogen shoutout 🥳 youtube.com/watch?v=Dp-Ivq…

@OwariDa @HackingForSoju @beist Damn, already 10 years ago. That was a great trip!

10 years ago, time flies! Competing in CodeGate with @HackingForSoju and partying with @beist was always lots of fun 😃

@lauriewired It was such a good con. Nice to see you there and thanks for a great talk!

RE//Verse was genuinely one of the best technical conferences I’ve attended (and I’ve been to a lot!). The caliber of the attendees was super high; one of the most technical audiences I’ve ever spoken to. It was well organized, highly caring staff, not to mention the food was really good! Giving the keynote was fun, and I really enjoyed all the other talks as well.

Check out my new article on obfuscation (and all the other cool articles) in the latest issue of PagedOut!

@ScepticCtf @diff_fusion @SeTcbPrivilege @SinSinology Congratulations! Really cool!

Pretty cool news: We made Master of Pwn in Tokyo! Shoutout to my mates @diff_fusion & @SeTcbPrivilege for some awesome pwning! Picture: @SinSinology

@OnimaruEsports Good

And in the end, neither AoE 2 nor any RTS game will be at EWC 2026. 🙃

Really looking forward to share my work on #AgeofEmpires with you all and to visit the conference.

@MelonMusk75 The concept: highly debatable, I'd lean "no". This particular implementation: ROFLMAO, not even close

LOL. I got emailed by some site building "open source profiles" for hiring, scraping GitHub and adding some things on top. You can opt out in your profile and they'll delete your page. The catch? There's no auth at all. Anyone can go and delete me here: algora.io/profile/ZetaTwo

I'm proud of you all. My page disappeared within an hour of posting this.

@T90Official Love you Tristan but those glasses and that 'stache combo is probably the douchiest look I've seen in quite a while. :'D

My first thought was “i’d rather die than put these things on” but my nephew thought they were cool so I had to 🤣

Happy New Year! Took some pics this holiday. Shoutout to my nephew for the shades. 🤣

Any friends with solid low-level skills (RE, obfuscation, etc.) around to provide feedback on my new @pagedout_zine article?

A few articles from the @pagedout_zine #7 that I found interesting: * Disassembling with LLVM: using LLVM API for disassembling. * Obfuscating Crypto Constants: generating crypto constants in runtime. * Turning a GCC anti-debug trick into a LCE Easy and quick to read :D

@Farenain @LargeCardinal @pagedout_zine Glad you liked my article! ❤️

Seems like there's been a slightly generous interpretation of the numbers but regardless it's really cool to see how well represented Sweden is in gaming.

@XorNinja This is great advice though the "realistic" part is very important to stress. If you assume the attacker has a RCE 0-day for all software in your system it immediately devolves into nihilism. I think this is where experience really shows: the ability to determine this level.

The Principle of Maximum Privilege You've probably heard of the Principle of Least Privilege: give users only the access they need, and no more. However, when designing secure systems, you should also apply the opposite idea: the Principle of Maximum Privilege. This means that when you think about attackers, you assume the strongest realistic attacker, not the weakest one. You don't imagine a clueless script kiddie. You imagine an attacker who knows your code, understands your architecture, and may already have significant access to your network. You deliberately assume the worst case. This sets a high bar for security. If your system still holds up against a highly capable attacker, then less capable attackers are unlikely to succeed. If it only works because attackers are expected to be sloppy, unlucky, or ignorant, it isn't secure. Thinking this way shifts you from hoping attackers don't know much to designing systems that stay safe even when they do. A classic example of this idea is Kerckhoffs's principle in cryptography: a system should remain secure even if everything about it is public, except the secret key. Security should depend on secrets you can control, not on assumptions that attackers won't look closely.

@KenneyNL @anaisenserio I once heard a great principle on user/customer feedback. It went something like: You should almost always listen when they explain their problems but you should very rarely listen when they suggest how to solve it.

@anaisenserio Listen to the community, and ask for constructive feedback. Don't just implement anything that anyone says, but keep a list - if things are requested more often then find out if there's a chance for a good update! (in the update, mention the community help)

Pssst, game devs: What advice would you give someone releasing their first game? (It's for me)

@m40282845 @withzombies It was a separate track

@ZetaTwo @withzombies Was it elevated or closed track?

Is the appeal of trams to public transit people that they're less like a private vehicle than busses? I can't determine why on earth you'd prefer them over a comprehensive fleet of busses.