TechSploits

374 readers
3 users here now

All things relating to breaking tech, tech breaking, OSS, or hacking together software to perform something completely out of the ordinary, on purpose or by accident.

founded 1 year ago
MODERATORS
[email protected]
listing: all - local
1
1
Hacking Millions of Modems (and Investigating Who Hacked My Modem) (samcurry.net)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

Unbelievable...

2
1
Writing a Unix clone in about a month (drewdevault.com)
submitted 5 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

Drew always has a hot take about a problem

3
1
Upgrade your home defense (media.infosec.exchange)
submitted 6 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

@[email protected] 🥳

4
1
I made a new backplane for my Terramaster F2-221 NAS | codedbearder (codedbearder.com)
submitted 6 months ago by [email protected] to c/[email protected]
0 comments fedilink
5
1
Brane Dump: How I Tripped Over the Debian Weak Keys Vulnerability (www.hezmatt.org)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

Recent HN Thread: https://news.ycombinator.com/item?id=39976225

6
1
The xz sshd backdoor rabbithole goes quite a bit deeper (threadreaderapp.com)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

The PoC thickens

7
1
An IRC client in your motherboard (axleos.com)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

UEFI IRC, the perfect companion to asking why your Linux boot partition no longer exists #joke

8
1
xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) (github.com)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
9
1
Hosting a public website on MS-DOS (fsturmat.net)
submitted 7 months ago by [email protected] to c/[email protected]
0 comments fedilink
10
1
Network tunneling with… QEMU? (securelist.com)
submitted 8 months ago by [email protected] to c/[email protected]
0 comments fedilink
11
1
Real gaming router (kittenlabs.de)
submitted 8 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

Now that is a Gaming Router

12
1
Cracking Meta’s Messenger Certificate Pinning on macOS (texts.blog)
submitted 8 months ago by [email protected] to c/[email protected]
0 comments fedilink
13
1
World Server Throwing Championship (www.cloudfest.com)
submitted 8 months ago by [email protected] to c/[email protected]
0 comments fedilink
14
1
Snake on a Switch [Video] (i.imgur.com)
submitted 8 months ago* (last edited 8 months ago) by [email protected] to c/[email protected]
0 comments fedilink
 
 

Video link for those on clients who don't show links when they are videos: https://i.imgur.com/5jtvxPQ.mp4

15
1
Ramrecovery: Simple demo illustrating remanence of data in RAM (see Cold boot attack) using a Raspberry Pi (github.com)
submitted 9 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

Practical attacks with a Raspberry Pi.

16
1
DEF CON 30 - Sam Bent - Tor - Darknet Opsec By a Veteran Darknet Vendor (www.youtube.com)
submitted 9 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

An interesting talk

17
1
Visualizing ext4 (buredoranna.github.io)
submitted 10 months ago by [email protected] to c/[email protected]
0 comments fedilink
18
1
How I forked SteamOS for my living room PC (iliana.fyi)
submitted 10 months ago* (last edited 10 months ago) by [email protected] to c/[email protected]
0 comments fedilink
 
 

[email protected]

19
1
Interesting double-poly latches inside AMD's vintage LANCE Ethernet chip (www.righto.com)
submitted 10 months ago by [email protected] to c/[email protected]
0 comments fedilink
20
1
Operation Triangulation: The last (hardware) mystery (securelist.com)
submitted 10 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

Pretty scary stuff in here

21
1
[37C3] There oughta be a Game Boy capture cartridge. (there.oughta.be)
submitted 10 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

https://github.com/Staacks/gbinterceptor

22
1
[37C3] Emulating an iPod Touch 1G and iPhoneOS 1.0 using QEMU (Part I) | Martijn de Vos (devos50.github.io)
submitted 10 months ago by [email protected] to c/[email protected]
0 comments fedilink
23
1
[37C3] Red Team vs. Blue Team: A Real-World Hardware Trojan Detection Case Study Across Four Modern CMOS Technology Generations (eprint.iacr.org)
submitted 10 months ago by [email protected] to c/[email protected]
0 comments fedilink
24
1
[37C3] Full AACSess: Exposing and exploiting AACSv2 UHD DRM for your viewing pleasure (PDF) (sgx.fail)
submitted 10 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

Abstract

Intel’s Software Guard Extensions (SGX) promises an isolated execution environment, protected from all software running on the machine. As such, numerous works have sought to leverage SGX to provide confidentiality and integrity guarantees for code running in adversarial environments. In the past few years however, SGX has come under heavy fire, threatened by numerous hardware attacks. With Intel repeatedly patching SGX to regain security while consistently launching new (micro)architectures, it is increasingly difficult to track the applicability of various attacks techniques across the SGX design landscape. Thus, in this paper we set out to survey and categorize various SGX attacks, their applicability to different SGX architectures, as well as the information leaked by them. We then set out to explore the effectiveness of SGX’s update mechanisms in preventing attacks on real-world deployments. Here, we study two commercial SGX applications. First, we investigate the SECRET network, an SGX-backed blockchain aiming to provide privacy preserving smart contracts. Next, we also consider PowerDVD, a UHD Blu-Ray Digital Rights Management (DRM) software licensed to play discs on PCs. We show that in both cases vendors are unable to meet security goals originally envisioned for their products, presumably due to SGX’s long update timelines and the complexities of a manual update process. This in turn forces vendors into mak- ing difficult security/usability trade offs, resulting in security compromises.

A worthwhile read for those who don't mind a more technical paper

25
1
[37C3] Malicious ChatGPT Agents: How GPTs Can Quietly Grab Your Data (Demo) · Embrace The Red (embracethered.com)
submitted 10 months ago by [email protected] to c/[email protected]
0 comments fedilink
 
 

Relevant Links:

view more: next ›