Wow that offer from Putin is poisened...it certainly does give the impression that Trump is not the one in control, and that's the purpose I guess..

@fj It is surprisingly refreshing and inspiring here, especially everytime I'm getting annoyed but pointless hypes and castrated (length-wise) discussions on Twitter. Less traffic here yet better..

So I'm writing a tutorial on abusing the MAC framework in to create rootkits. Here's the repo that'll contain the PoC code used in the tutorial: github.com/SoldierX/freebsd_ma

Hey guys and any interested reversers/others,

I made my own version of GP0's "mpscript" tool for exploration of the engine.

Here it is, along with an almost year-old MpEngine.dll (obviously vulnerable to the bug that GP0 found, in case anybody wants to investigate that further).

Private symbols are included for both binaries. (~Year-old Windows private symbols sets leaked somewhat recently.)

Mirror far and wide. rol.im/mpscript.rar

The most powerful duck in recent history is laming himself. Because he needs all his power to cover up the dirt...

@HalvarFlake As for finding bugs in code I know that situation. Sometimes you are so concentrated on a certain hard problem that you overlook obvious simple ones....that's why reviewing alone is not desirable IMHO.

@HalvarFlake I think this has more dimensions. For example it depends on what is being attacked. You can certainly attack targets that others can't. Yet probably there is some 16 year old out there who is better at social engineering than you are.

Also reminder to self: remmber, never try to argue with people that basically only rely on straw man arguments.

Wow discussions on Twitter are so broken...no wonder they degrade into a shouting contest so quickly..

Constant time #AES is in #OpenBSD! T-tables are gone from #IPsec and other places where it matters. Matters for everything that doesn't have AES-NI. Time to upgrade your sparc64 VPN gateways and enjoy the slowdown!

Nothing about that here (in my timeline at least), seems like the mastodon hype worn off a bit, and people are back at twitter.. ;/

I decided to do a detailed explanation of the message replay attack that was presented together with @veorq at HITB, Infiltrate, and Troopers17:

pwnaccelerator.github.io/2017/

Thinkpad's are not considered consumer PC's I guess since my x220 would be vulnerable if I had ran stock bios + AMT. Since it supports intel vPro on the chipset/cpu.

Better disable AMT while you still can...

Voice recognition seems to work better if you talk like a robot. Who is training who here?!

Show more
Mastodon

Server run by the main developers of the project ๐Ÿ˜ It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!