On the off chance that Peter Bosch and I win a pwnie for our SPI flash TOCTOU research, I hope that the award organizers swap out the prize at the last second before handing it over. https://pwnies.com/nominations-2019/
No flash, only DRAM!
When developing open firmware like coreboot and LinuxBoot, or doing research into early boot security, you end up waiting all the time on the SPI flash chips erase and write cycles. spispy replaces the slow flash with an open source FPGA and DRAM controller for instant updates.
I wrote some ptrace() code so you won't have to:
- trace whole process trees
- attach to running processes
- automatically resolve hardware breakpoints on library load
- inject syscalls
- minimal tracer in <90 LoC
If you run Code42 CrashPlan, you'll want to verify whether your firewall filters unused TCP ports https://blog.radicallyopensecurity.com/CVE-2017-9830.html … #deserialize #RCE
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!