shuffle2

@bl4sty everyone's days are numbered, even if your number is a littler higher :')

@_gcali @mncoppola Something at top/after stack that gets used when handling a crash, or by different thread?

@mncoppola Not the case either, but good call!

@theflow0 Nice job!

I ported Linux to the PS5 and turned it into a Steam Machine. Running GTA 5 Enhanced with Ray Tracing. 🤯

@carrot_c4k3 russian influence smh

i gotta say tho hats off to districtcon for keeping DEI alive in the fascist police state. they’ve got the diversity pledge on one page and job listings to work with ICE on the next!

the junkyard stuff from districtcon is rly cool and fun but the only way u will get me in a room with that many american feds is if im on the jury for cyber nuremberg

@__sethJenkins Think the footer is a little goofy

We (Project Zero) got a new website! Because the last one was so...2014? projectzero.google

@majordouzie @ross_hewage Friends of mine used this thing and the volume freaked me out but the child seems to be ok (like 6 y/o now). 1/1 test cases is 100% fine

@majordouzie Leaving a metal water bottle in there and drinking the superheated water is a treat

@yo_yo_yo_jbo No, sorry I misunderstood the original question. I thought you were asking for a secure boot implementation which was optionally uefi-compatible.

@shuffle2 But does it support Secure Boot without MOKs?

What is the best bootloader built in #rust ? 🦀 And does it support UEFI Secure boot?

@yo_yo_yo_jbo hm i was thinking vboot doc.coreboot.org/security/vboot… would be rust by now but it's not

@yo_yo_yo_jbo oreboot?

at #38c3 @rdjgr did a pretty good job at explaining the lore of how they scammed me before we ultimately joined forces. make sure to check out the full talk ("Dialing into the Past: RCE via the Fax Machine – Because Why Not?"), great stuff!

while ago I did some quick hax to speedup existing AES DFA project with AES-NI, now the author improved upon my work and merged into main repo! github.com/arusson/dfa-ae… afaik this is only (public) accelerated AES DFA tool?

We've open-sourced GReAT’s plugin for the IDA Pro decompiler - an indispensable set of tools for analyzing malware, shellcodes, etc. Grab our secret ingredient for reverse engineering and check out the GIFs demonstrating its usage - github.com/KasperskyLab/h…

oh my god you can just do that in the binja dev branch??? just fell to my knees this is life changing

@bl4sty Congrats!

x.com/thezdi/status/… how it's going

how it started..

Peter @bl4sty is the only one who owns #Pwn2Own targets remotely while partying at #TheSAS2024

Here's the link to the tool I meant to release at the end: github.com/symbrkrs/ps5-u… It makes fiddling with EMC/EFC/EAP easy, have fun!

Having a great time at #TheSAS2024 ! You find find slides for my talk here: symbrk.rs/presentations/… I didn't get through all slides...😅

@chrisrohlf @NedWilliamson can't we just have a superior model to introduce bugdoors which the superhuman checker can't find

While I love this idea, I can’t help but think this model would only be useful for a very short period of time, essentially long enough to secure all of the existing code that’s ever been written. But shortly after that a model like this would just be used to write/compile bug free software going forward. But I suppose how it would achieve that bug hunting capability very much effects this prediction.

I’ve been thinking for 2 years every day about what the first principles ideal fuzzer would look like and as I get closer to cracking it I can’t help but keep worrying it might just be AGI. I think there’s room for us to do something with a neural net before we get there, but we probably only have a few years left to win the race to solve it. At least that’s what I tell myself to make myself feel the urgency to spend 5 years on it :) I plan to share some thoughts soon as soon as I have something good!

@bl4sty @David3141593 Title reminded me of the ps3 glitch to skip htab updates, wasn’t surprised to see the exploit methodology :p

da.vidbuchanan.co.uk/blog/dram-emfi… love this new blogpost by @David3141593 -- clicky lighter driven DRAM EMFI yielding a reasonably (given the low-tech manual fault trigger) reliable linux LPE on x86_64 🤓