Alexandre Keledjian @dervishe@mastodon.sdf.org
Entropy factor / Lurker at the threshold / ? = +
Interest: bsd /linux /infosec /retrocomputing /spycraft /coldwarhist
https://keybase.io/dervishe/pgp_keys.asc
New iOS security feature can be defeated by a $39 adapter… sold by Apple https://hotforsecurity.bitdefender.com/blog/new-ios-security-feature-can-be-defeated-by-a-39-adapter-sold-by-apple-20090.html
Hold my beer, when i bring back this very strong and aggressive bacteria from space after several month of cosmic rays exposure...
Seriously, what possibly could go wrong ???
This is the Shodan of open Amazon S3 buckets, you can expect anything and everything 👌 https://buckets.grayhatwarfare.com/ #OSINT #redteam https://t.co/ylIPDrnMD1
"A volt out of the blue: Phone batteries reveal what you typed and read
Power trace sniffing, a badly-designed API and some cloudy AI spell potential trouble": https://www.theregister.co.uk/2018/06/25/the_battery_is_the_smartphones_ibesti_snitch_boffins/
"Meet TLBleed: A crypto-key-leaking CPU attack that Intel reckons we shouldn't worry about":
"How to extract 256-bit signing keys with 99.8% success"
https://www.theregister.co.uk/2018/06/22/intel_tlbleed_key_data_leak/
"The $5 Million Surveillance Car That Hacks iPhones From 500 Meters" https://www.forbes.com/sites/thomasbrewster/2018/06/25/iphone-hacking-truck-sold-by-israeli-surveillance-company/#723561bf7690
Docker Considered Harmful: http://catern.com/posts/docker.html
""Reflected XSS thro ugh AngularJS sandbox bypass causes password exposure of McDonald users."": https://finnwea.com/blog/stealing-passwords-from-mcdonalds-users/
"Meet TLBleed: A crypto-key-leaking CPU attack that Intel reckons we shouldn't worry about": https://www.theregister.co.uk/2018/06/22/intel_tlbleed_key_data_leak/
Neil #Gaiman: We must help refugees because, 'simply, it could be you'
https://news.sky.com/story/we-must-help-refugees-because-simply-it-could-be-you-11410452
Whaou, this is awesome ! :-) Genetic algorithms to construct assembler
https://binary.ninja/2018/06/19/fast-track-to-assembler-writing.html
"Chaining three [...] vulnerabilities together, allows an unauthenticated remote attacker that has access to the camera login page through the network [...] to fully control the affected camera. An attacker with such control could do the following:
* Access to camera’s video stream
* Control the camera
* Turn motion detection on/off
* Add the camera to a botnet
* Use the camera as an infiltration point for network (performing lateral movement)
..."
https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/
GnuPG Flaw in Encryption Tools Lets Attackers Spoof Anyone's Signature
https://thehackernews.com/2018/06/gnupg-encryption-signature.html
An awesome series of blog post about coding a network stack :-) http://www.saminiir.com/lets-code-tcp-ip-stack-1-ethernet-arp/
http://www.saminiir.com/lets-code-tcp-ip-stack-2-ipv4-icmpv4/
http://www.saminiir.com/lets-code-tcp-ip-stack-3-tcp-handshake/
Classified Israeli report raises doubts over Trump-Kim summit:
https://www.axios.com/israel-casts-doubt-on-success-of-north-korea-summit-8a15d92d-6f4b-41a1-8bba-a8a68377f4b1.html
This video made my day: https://twitter.com/YourAnonNews/status/1007293742288695302
The First Woman PhD in Computer Science Was a Nun (and she helped develop BASIC):
http://mentalfloss.com/article/53178/first-woman-earn-phd-computer-science-was-nun
#computer #history
Apple confirms it’s closing security loophole that police were using to crack iPhones:
https://www.tripwire.com/state-of-security/featured/apple-confirms-its-closing-security-loophole-that-police-were-using-to-crack-iphones/
Bastamag compile une base de données concernant les morts dûes aux forces de l'ordre: https://bastamag.net/webdocs/police/ (Bonne #dataviz)
The patch for #freeBSD against SpectrePrime and MeltdownPrime: https://svnweb.freebsd.org/base?view=revision&revision=335072
