Intel AMT drama: Show more
1. Details by the original discoverer: https://www.embedi.com/files/white-papers/Silent-Bob-is-Silent.pdf
2. Independent rediscovery: https://t.co/l0rDyFlb0N
TLDR: trivial auth bug in the AMT web server...
What consequences should face those, who build web servers into our CPUs?
Remember Intel's been keen on mocking OSS for its lack of security & liability. Here's a fragment from the 2014 book by Intel ME architect:
VM escape - QEMU Case Study (April 28, 2017)
by Mehdi Talbi & Paul Fariello
In this paper, we provide a in-depth analysis of CVE-2015-5165 and CVE-2015-7504. We discuss the technical details to exploit the vulnerabilities on QEMU's network card device emulation, and provide generic techniques that could be re-used to exploit future bugs in QEMU.
Chrome OS exploit: one byte overflow and symlinks
detailed writeup: https://bugs.chromium.org/p/chromium/issues/attachment?aid=251646 (pdf)
Good news, rclone is not backdoored! Why reproducible builds matter, and how easy they are in Go
Equation Group Dump Analysis and Full RCE on Win7 Fully Patched with Cobalt Strike
Shadow Brokers leaked additional tools reportedly from the Equation Group
EVENTSTART IS isec.pl's do_brk masterpiece (hatorihanzo.c).
Disclosing "cellphone contacts and social-media passwords" goes beyond having "nothing to hide". It jeopardises other people that trust you.
I can tolerate the TSA pat-downs, but you can't ask me to make decisions with the rights of others.
The GCC Internals guide: https://gcc.gnu.org/onlinedocs/gccint/ - very useful reference for looking up, but not a good tutorial starting point
Essential abstractions in GCC course slides, exercises, notes: https://www.cse.iitb.ac.in/grc/gcc-workshop-13/ - a little dated now but still excellent starting point for understanding GCC
RISC-V LLVM patches: https://github.com/lowRISC/riscv-llvm - nice series of patches for understanding how to add a backend to LLVM
It's exciting and reassuring to see Justin Schuh proselytizing on the fact that users should *not* make security decisions in an application. It's the app's job to work on behalf of the user. If a user is given the opportunity to make a poor security decision, they will. They shouldn't have the choice.