Ben Reardon shared an awesome (and funny) post on the Corelight blog about his experience at the Black Hat USA NOC (2024) and his process for detecting runZero's SSHamble.com research scans in real-time. Rob and I had a great time chatting with Ben and getting to the see Black Hat NOC up close: https://corelight.com/blog/black-hat-usa-2024-noc-learnings
Happy Thanksgiving to my fellow US-ians. This is an annual reminder that Base64 can decode different input to the same output. "Secrets" decodes from U2VjcmV0cw==, U2VjcmV0cw=, U2VjcmV0cw, U2VjcmV0cx, U2VjcmV0c9, and sometimes U2V|jcm|V0c|9.
Base64 makes a bad hash or lookup key!
#infosec #hackers #atxHello Austin hackers! Tonight is the November AHA meetup (shifted back a week to avoid holiday overlap). Same place and time as usual (Mister Tramps, talks start at 7:00pm). Haven't been to an AHA before? Check out the meeting info (and bring a ~5-10m lightning talk): https://takeonme.org/ #infosec #hackers #atx
Good morning RowdyCon! I'm excited to share some serious NumberWang[1] with the San Antonio hacker crowd. RowdyCon is open to ALL students in a degree programs based in San Antonio (online or in-person). Registration is available at https://www.rowdycon.org/
#golang #atxAustin Go(phers): it's that time again! Tonight is the November ATX Golang Meetup. Charles Southerland and I will both be speaking. Swing by for pizza, beer, and general nerdiness around Go. Tonight's meetup is at 7:00pm at the Capital Factory on floor 5 (in the "ACL" room):
Secure your IoT devices by (accidentally) encasing them in concrete. Fortunately this is a POE doorbell and doesn't require battery changes. It does prevent someone from easily getting to the reset button under the bottom lip; does this count as embedded security?
If the NSA[1], GrapheneOS[2], and Apple[3] all believe that rebooting your mobile phone regularly is something that protects your data, you might consider doing it more often. Shortcuts on iOS make this super easy to setup.
2. https://grapheneos.social/@GrapheneOS/112204443465440601
3. https://www.404media.co/apple-quietly-introduced-iphone-reboot-code-which-is-locking-out-cops/
Orson Peters' recent post "Breaking CityHash64, MurmurHash2/3, wyhash, and more..." is a fantastic dive into hash collisions in common algorithms: https://orlp.net/blog/breaking-hash-functions/
PS. Want to confuse various network security scanners? MurmurHash3 collide your /favicon.ico file with something arcane. See previous work by Jorian Woltjer at https://jorianwoltjer.com/blog/p/coding/shodan-favicon-preimage
I learned at least four neat things in this post on "Looking into the Nintendo Alarmo": https://garyodernichts.blogspot.com/2024/10/looking-into-nintendo-alarmo.html
1. mmWave sensors are actually shipping in consumer products (not just nerdy things*)
2. "OCTOSPI" region maps to external RAM and includes most of the firmware
3. You can hijack the CRYP interface with enough keystream to decrypt more stuff
4. The CRYP interface places partial keys in 4 x registers and you can brute force the 4×2^32 to recover the original key
* I spent far too long on a Go serial library for Seeed Studio mmWave sensors but gave up after the cross-room heartbeat/respiration detection required too long to lock the signal (and the logic is in the fw, so no raw data to work with to improve it)
Pretty cool to see GPUs with RISC-V co-processors, erm, main CPUs (the size/cost disparity always gets me -- the entire PC feels like an add-on card to GPUs these days): https://www.tomshardware.com/pc-components/cpus/risc-v-cpu-demoed-with-rx-7900-xtx-gpu-in-debian-linux-amd-flagship-gpu-paired-with-milk-v-megrez-board-and-sifive-p550-cores
Copyright 1998-2025 HD Moore