retrage

Our paper "svc-hook: hooking system calls on ARM64 by binary rewriting" has been accepted at ACM/IFIP International Middleware Conference. #session6" target="_blank" rel="nofollow noopener">middleware-conf.github.io/2025/program/f…

Kernel/VM探検隊＠つくば No3 に参加を申し込みました！ kernelvm.connpass.com/event/381371/?… #kernelvm

カーネルバイパスによる通信高速化の基本 に参加を申し込みました！ iijlab-seminars.connpass.com/event/385113/?…

BitVisor Summit 14 に参加を申し込みました！ bitvisor.connpass.com/event/381423/?…

AI驚き屋おじさんになっちゃった

Daniel is stepping down as a GRUB maintainer GRUBで長いことメンテナやっていたDaniel Kiperさんやめるそうです lists.gnu.org/archive/html/g…

これすき

sushifyしたい

雪の国会議事堂、練馬ナンバーのパトカー一台止まっているだけというのもとても良かった

桜田門の様子でも見に行くか

my talk at fosdem kernel devroom (usermode linux without MMU) speakerdeck.com/thehajime/user…

書いた記事が公開されました。ちゃんと人間が責任持ちましょうねという話です

🛡️勉強会×生成AI×責任ある検証で脆弱性を発見🛡️ 社内のセキュリティ勉強会での学びをきっかけに、生成AIを活用した調査手法でハイパーバイザの脆弱性を発見しました。 調査に生成AIをうまく使いつつ、最後は人が責任を持って検証と報告を行った実践記録をぜひご覧ください。 ricercasecurity.blogspot.com/2026/01/blog-p…

This week’s reporting on the alleged Everest ransomware breach of ASRock Rack should be a wake-up call for anyone relying on modern server, storage, and cloud hardware. When an enterprise vendor’s internal repositories of firmware, BIOS, BMC code, diagnostic tools, and drivers are exposed, supply chain integrity is in jeopardy.  Adversaries gain insight into board layouts, update mechanisms, and secure boot flows, which accelerates vulnerability discovery and makes it easier to craft implants that look “authentic”. Implants come in many shapes and forms,s including repackaged drivers, UEFI images, and recovery media. In the worst case, compromise at this level undermines the hardware root of trust itself: if attackers can subvert firmware signing, update channels, or UEFI components, they can persist below the operating system, survive reimaging, and silently bypass many controls. Incidents like this underscore that supply-chain attacks targeting firmware and UEFI are now strategic targets, not edge cases. Defenders need to assume that detailed knowledge of platform internals is in adversary hands and respond by monitoring below the OS as a first-class requirement.  Measuring firmware integrity at boot, continuously attesting critical components (UEFI, BMC, NICs, RAID controllers), and watching out-of-band management paths for anomalous behavior is important. The trust model for infrastructure is shifting, and security programs that do not include firmware and UEFI telemetry are already behind the curve. Article: cyberdaily.au/security/13120…

まだAI agentに任せるのは怖かったので確定申告は手動でやりました。来年にはできていてほしい

Blog post: On the Coming Industrialisation of Exploit Generation with LLMs sean.heelan.io/2026/01/18/on-… TL;DR: I ran an experiment with GPT-5.2 and Opus 4.5 based agents to generate exploits for a zeroday QuickJS bug. They're pretty good at it. Code: github.com/SeanHeelan/ana…

@orumin 実際良いです(今のところ

UniFi は良いですよ

Meraki Go APが壊れたのでUniFi教に改宗した

Checked out the new website (bootkits.io) for "Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats" by @vxradius , @sergeybratus and me. The new book is in progress, stay tuned!

自宅の作業マシンにNanoKVM導入。ワークステーションとかに付いているBMCよりも取り回しが楽

今年一番成長をかんじたこと: 意識してメタ認知が多少できるようになったこと