henfredemars

joined 2 years ago
sorted by: new top controversial old
GOP Sen. Josh Hawley and Democrats vote to advance congressional stock trading ban in c/news@lemmy.world
[–] henfredemars 4 points 3 days ago

That’s how you get to Congress. Unethical, evil, and without morals.

Process Mockingjay: Echoing RWX In Userland To Achieve Code Execution in c/blueteamsec
[–] henfredemars 1 points 4 days ago

Very cute! I'm surprised they were able to find a reasonably modern DLL that had such a section.

Process Injection using Return-Oriented Programming in c/blueteamsec
[–] henfredemars 2 points 4 days ago

On Windows, ROP is often used solely to bypass Data Execution Prevention, rather than realizing its full potential; indeed, the bulk of advanced, malicious functionality is typically invoked through shellcode.

That's because writing ROP chains sucks, especially if you have complex constraints on the chain such as bad bytes or restricted values in the payload. Not having to write as much of it in the weird machine's language is a good thing. It's well-known that any nontrivial binary will be turing-complete in its available gadgets. We can already implement anything in principle, which leaves me feeling slightly confused as to the main contribution of this paper. It's cute though!

Taming the Windows Module Loading for Stealthy Injection in c/blueteamsec
[–] henfredemars 2 points 4 days ago

This technique is surprisingly not entirely new to me. I was messing around with the loader internals and found that DllMain call conditions are quite broader than I originally thought, and we can change it at runtime. I'm most surprised that the loader actually respects this runtime change.

Rooting the TP-Link Tapo C200 Rev.5 in c/blueteamsec
[–] henfredemars 2 points 4 days ago

I simply asked TP-link pretty please may I have a debug build and they just game me one for a router I was reversing.

obfus.h: Macro-header for compile-time C obfuscation (tcc, win x86/x64) in c/blueteamsec
[–] henfredemars 2 points 4 days ago

Very cool project. It's a bit of a shame that it's compiler-dependent and locked to the x86 architecture. Although, I suspect it'd be quite difficult to implement it very well if we can't make assumptions about the underlying instruction set. It seems fragile.

YouTube will start using your view history to guess if you're an adult in c/technology@lemmy.world
[–] henfredemars 6 points 4 days ago (1 children)

Is that the green iPad man?

Was I right about proving many-worlds theory/quantum immortality? in c/askscience@lemmy.world
[–] henfredemars 6 points 5 days ago (1 children)

Anyone can claim anything on the internet. It’s up to the video to substantiate its own claim as to what significant means, or why a particular outcome is special.

I may look at it after work though and improve my response.

Was I right about proving many-worlds theory/quantum immortality? in c/askscience@lemmy.world
[–] henfredemars 3 points 5 days ago (3 children)

Indeed, there is a way, the way where all the coin flips were heads. There is nothing special about the outcome compared to any other exactly specified outcome.

Was I right about proving many-worlds theory/quantum immortality? in c/askscience@lemmy.world
[–] henfredemars 5 points 5 days ago

Why does that matter? If a tree falls in a forest, and you’re not there to see it fall, did it fall?

Your lack of observation doesn’t prevent an outcome.

Was I right about proving many-worlds theory/quantum immortality? in c/askscience@lemmy.world
[–] henfredemars 4 points 5 days ago

There is no meaningful likelihood to speak of. If there are an infinite number of universes, it doesn’t matter how infinitely small the likelihood is.

Was I right about proving many-worlds theory/quantum immortality? in c/askscience@lemmy.world
[–] henfredemars 6 points 5 days ago

I think you may not realize the extent that you have yet to learn. You certainly don’t deserve hate, but I think it comes off as blunt and uninformed.

167
Android Apps Use Bluetooth and WiFi Scanning to Track Users Without GPS (cyberinsider.com)
 

A new study reveals that thousands of Android apps covertly collect location data using Bluetooth and WiFi beacons, allowing continuous tracking and profiling of users without explicit consent.

9
Hoodie (derpibooru.org)
14
How to make sushi (lemmy.world)
 

cross-posted from: https://lemmy.world/post/26586326

6
Trixie in Dress (derpibooru.org)
46
It’s time for Apple, Samsung and Google to solve the eSIM problem (www.digitaltrends.com)
 

Phone makers need to collectively decide how we approach SIM cards going forward. The current state of eSIMs is an absolute mess, so we either need to ditch the idea of the eSIM-only future, or the big companies need to partner to solve this once and for all.

18
Android 16 is on track for its June release, says Google’s Head of Android (www.androidpolice.com)
 
  • Android 16 is on track for its June release, a departure from Google's usual August releases.
  • Google's President of the Android ecosystem confirmed to Android Police it's on track for its target.
  • Google has switched to Trunk Stable development, allowing it to release Android updates earlier.
4
Adorable Pinkie (derpibooru.org)
39
Another Snapdragon 8 Elite handset overheats during our benchmark suite (www.androidauthority.com)
 

Qualcomm’s Snapdragon 8 Elite promises big things for late 2024 and 2025 flagship smartphones. From a new custom CPU to unrivaled graphics performance, photography, and enhanced AI capabilities, it’s the chip that claims to do it all, and, for the most part, it does. However, our initial impressions of the chip have been tainted by exceedingly high temperatures when placed under stress.

40
Exclusive: Google Pixel 9a will come with Free YouTube Premium, Google One & More (www.androidheadlines.com)
 

According to our source, those purchasing the Google Pixel 9a will get Fitbit Premium for 6 months, YouTube Premium for 3 months and Google One 100GB for 3 months. This is similar to the freebies that Google offered for the rest of the Pixel 9 series.

I feel like this isn't all that interesting news though because I thought trials were commonly included with new Android phones.

63
Qualcomm says Arm is no longer threatening to take its chip architecture away. (www.theverge.com)
 

This is merely a small blurb. Here's the (nearly) complete text of the article (no real need to visit the page):

Qualcomm says Arm is no longer threatening to take its chip architecture away.

”Arm recently notified us that it was withdrawing its October 22nd, 2024 notice of breach and indicated that it has no current plan to terminate the Qualcomm Architecture License Agreement,” Qualcomm CEO Cristiano Amon said on today’s Q1 2025 earnings call. (Qualcomm reported record quarterly revenue, and Amon says Snapdragon now has 10 percent share of $800-plus Windows laptops at US retail.)

Sounds like the chip licensing drama is coming to an end, although it's hard to know what agreements went on behind the scenes to call off the giants' battle.

47
Android 16 may give you a heads up when your phone's time zone changes (www.androidauthority.com)
 
  • Android will soon be able to alert you when your device’s time zone has been automatically updated.
  • This alert will come in the form of a notification.
  • The feature isn’t live yet in the latest Android 16 preview, but when it does go live, it’ll be opt-in.

Sounds like a nice QOL mini-feature.

34
Why No Hypervisor-Based Security? (self.linux)
 

Hello Linux Gurus,

I am seeking divine inspiration.

I don’t understand the apparent lack of hypervisor-based kernel protections in desktop Linux. It seems there is a significant opportunity for improvement beyond the basics of KASLR, stack canaries, and shadow stacks. However, I don’t see much work in this area on Linux desktop, and people who are much smarter than me develop for the kernel every day yet have not seen fit to produce some specific advanced protections at this time that I get into below. Where is the gap in my understanding? Is this task so difficult or costly that the open source community cannot afford it?

Windows PCs, recent Macs, iPhones, and a few Android vendors such as Samsung run their kernels atop a hypervisor. This design permits introspection and enforcement of security invariants from outside or underneath the kernel. Common mitigations include protection of critical data structures such as page table entries, function pointers, or SELinux decisions to raise the bar on injecting kernel code. Hypervisor-enforced kernel integrity appears to be a popular and at least somewhat effective mitigation although it doesn't appear to be common on desktop Linux despite its popularity with other OSs.

Meanwhile, in the desktop Linux world, users are lucky if a distribution even implements secure boot and offers signed kernels. Popular software packages often require short-circuiting this mechanism so the user can build and install kernel modules, such as NVidia and VirtualBox drivers. SELinux is uncommon, ergo root access is more or less equivalent to the kernel privileges including introduction of arbitrary code into the kernel on most installations. TPM-based disk encryption is only officially supported experimentally by Ubuntu and is usually linked to secure boot, while users are largely on their own elsewhere. Taken together, this feels like a missed opportunity to implement additional defense-in-depth.

It’s easy to put code in the kernel. I can do it in a couple of minutes for a "hello world" module. It’s really cool that I can do this, but is it a good idea? Shouldn’t somebody try and stop me?

Please insert your unsigned modules into my brain-kernel. What have I failed to understand, or why is this the design of the kernel today? Is it an intentional omission? Is it somehow contrary to the desktop Linux ethos?

view more: ‹ prev next ›