@rootkovska Tweets | PolitiTweet

Joanna Rutkowska @rootkovska

@dotchloe Beware it's often incorrect to partition apps - rather we want to partition data/actions. E.g. "PDF viewer domain" is meaningless. — PolitiTweet.org

Posted May 10, 2016 Deleted after 6 years Hibernated

Joanna Rutkowska @rootkovska

Heh ;) #IfOnlyLifeWasThatSimple https://t.co/eF5n8aRcaP — PolitiTweet.org

@rootkovska dd if=/dev/<whatever> | sha256sum ?

Posted May 10, 2016 Deleted after 6 years Hibernated

Joanna Rutkowska @rootkovska

It doesn't matter what OS is claimed to be on the stick - the core problem is booting unknown code *baremetal*, giving it full access to hw. — PolitiTweet.org

Posted May 10, 2016 Hibernated

Joanna Rutkowska @rootkovska

Cool, but: how can we know it really is Tails? And not some BIOS-infecting fork we're booting baremetal on our hw? https://t.co/ulj3yaEFQr — PolitiTweet.org

Great to see that #eurocrypt2016 proceedings are handed out on an usb stick with @Tails_live! https://t.co/AUBxFctXMT

Posted May 10, 2016 Hibernated

Joanna Rutkowska @rootkovska

FWIW, let me remind that we (@QubesOS core team) maintain a regular warrant canary: https://t.co/4irM1K1Fhd — PolitiTweet.org

Qubes OS Canary #7: https://t.co/QtN7BdgObu

Posted May 9, 2016 Hibernated

Joanna Rutkowska @rootkovska

@yanaimoyal Can you point me to the tech specs of the Intel ME env/cpu? Also where can I get the _real_ ROM (not SPI) images? @laginimaineb — PolitiTweet.org

Posted May 8, 2016 Deleted after 6 years Hibernated

Joanna Rutkowska @rootkovska

No, it is not. People's right to protest is a necessary condition for a democracy, but not a sufficient one. https://t.co/wEPnYUfDYK — PolitiTweet.org

@rootkovska Don't you think that it is the best proof for that the democracy still exist in Poland? ;)

Posted May 8, 2016 Hibernated

Joanna Rutkowska @rootkovska

Yes, maybe they are... Or maybe they aren't? The core problem is we (i.e. outside Intel) can't verify this. #IntelME https://t.co/EwwjCDhPHE — PolitiTweet.org

@rootkovska @laginimaineb maybe ME exploit mitigation mechanism are better than TrustZone....

Posted May 8, 2016 Deleted after 6 years Hibernated

Joanna Rutkowska @rootkovska

@_jmeltzer It sure is. Still think I (and others) could make some good stuff with it, once it's opened... @jduck @dinodaizovi — PolitiTweet.org

Posted May 8, 2016 Deleted after 6 years Hibernated

Joanna Rutkowska @rootkovska

Apparently "a few" Poles might not share the ultra right, xenophobic, anti-liberal-democracy attitude of the gov... https://t.co/oofRTLutgQ — PolitiTweet.org

Head of the march is entering Nowy Swiat street, the end is still at #KPRM #KOD4EU #PLinEU #LoveEurope https://t.co/yGAo9pcHVw

Posted May 7, 2016 Hibernated

Joanna Rutkowska @rootkovska

RT @Exen: Largest demo in Poland since the end of communism in 1989, according to public (!) TV @tvp_info #Marsz7maja https://t.co/9atZrZDo… — PolitiTweet.org

Posted May 7, 2016 Retweet Hibernated

Joanna Rutkowska @rootkovska

RT @Reuters: Huge anti-government protest fills Warsaw's ceremonial boulevard https://t.co/SiWZN7NdPS https://t.co/ZJFUAxWka8 — PolitiTweet.org

Posted May 7, 2016 Retweet Hibernated

Joanna Rutkowska @rootkovska

Est. 240k people protested today in Warsaw against democracy dismantling by the new Polish gov. Photo by me. https://t.co/ULSKRTAqlD — PolitiTweet.org

Posted May 7, 2016 Hibernated

Joanna Rutkowska @rootkovska

@_jmeltzer What is it then? @jduck @dinodaizovi @intel — PolitiTweet.org

Posted May 7, 2016 Deleted after 6 years Hibernated

Joanna Rutkowska @rootkovska

The profile on Solar Designer (@solardiz) is a must read. https://t.co/JrgSIXE88D — PolitiTweet.org

Phrack 69 is out, CFP open for 70. https://t.co/ud8lhZu6On

Posted May 6, 2016 Deleted after 6 years Hibernated

Joanna Rutkowska @rootkovska

Next should be: @intel opening their Protected Audio/Video Path (PAVP) for everybody. #SaferEndpointsForEverybody https://t.co/NZLL9e4rb7 — PolitiTweet.org

Intel opens SGX, allows everyone launch SGX enclaves, not just Intel-blessed vendors. Thank you, @Intel! https://t.co/g5inV3DRyL

Posted May 6, 2016 Deleted after 6 years Hibernated

Joanna Rutkowska @rootkovska

Intel opens SGX, allows everyone launch SGX enclaves, not just Intel-blessed vendors. Thank you, @Intel! https://t.co/g5inV3DRyL — PolitiTweet.org

This change (revelation?) is huge. https://t.co/SqPxadlxsC

Posted May 6, 2016 Hibernated

Joanna Rutkowska @rootkovska

@AviKivity ME's "Dynamically Loaded Applications", Java-based :) — PolitiTweet.org

Posted May 5, 2016 Hibernated

Joanna Rutkowska @rootkovska

RT @isislovecruft: The FBI has harassed me for 6 months and is now threatening to subpoena for reasons unknown. https://t.co/G51MvH9IWB htt… — PolitiTweet.org

Posted May 5, 2016 Retweet Hibernated

Joanna Rutkowska @rootkovska

RT @Snowden: Remember the "I Hunt Sysadmins" presentation by @NSAGov? Make it hard for them. Use @QubesOS. https://t.co/Hmg7I6ggN2 — PolitiTweet.org

Posted May 5, 2016 Retweet Hibernated

Joanna Rutkowska @rootkovska

Although to be fair: Intel says most ME processes (e.g. DALs) should have no direct access to the ME DMA engine (no host mem access). — PolitiTweet.org

Posted May 5, 2016 Hibernated

Joanna Rutkowska @rootkovska

Exploiting bugs in the "Secure World" on ARM TrustZone. Analogies to Intel ME should be pretty straightforward. https://t.co/2WNSIBqyqz — PolitiTweet.org

Just published a new post in the zero-to-TrustZone series: https://t.co/PPdlCpuRr2. QSEE privilege escalation vulnerability and exploit!

Posted May 5, 2016 Hibernated

Joanna Rutkowska @rootkovska

@revskills https://t.co/ESqFUuUzMO @risc_v — PolitiTweet.org

Posted May 4, 2016 Deleted after 6 years Hibernated

Joanna Rutkowska @rootkovska

And the @risc_v specs make it for an especially interesting read thnks to the authors comments left in the docs explaining design decisions. — PolitiTweet.org

Posted May 4, 2016 Deleted after 6 years Hibernated

Joanna Rutkowska @rootkovska

Reading a spec for a new CPU ISA is like learning physics of a new world. Always exciting. — PolitiTweet.org

Posted May 4, 2016 Deleted after 6 years Hibernated

Joanna Rutkowska @rootkovska

RT @dinodaizovi: There are over-hyped bugs and under-hyped bugs: I think ImageTragick will turn out to be the latter. Put that policy.xml o… — PolitiTweet.org

Posted May 4, 2016 Retweet Hibernated

Joanna Rutkowska @rootkovska

Amelia Earhart flew solo from Hawaii to California in 18h. It took Piccard 62h to follow her footsteps without fuel: https://t.co/WWsAkUIOEv — PolitiTweet.org

Posted May 3, 2016 Deleted after 6 years Hibernated

Joanna Rutkowska @rootkovska

RT @ppinternational: TTIP is about to allow foreign investors to sue governments if they feel their investments are unfairly restricted by… — PolitiTweet.org

Posted May 3, 2016 Retweet Hibernated

Joanna Rutkowska @rootkovska

RT @dakami: Satoshi signed a transaction in 2009. Wright copied that specific signature and tried to pass it off as new. OpenSSL bugs inte… — PolitiTweet.org

Posted May 3, 2016 Retweet Hibernated

Joanna Rutkowska @rootkovska

Displaying rainbow in public places apparently still not delegalized in Poland: https://t.co/AMpD872PZX — PolitiTweet.org

Posted May 2, 2016 Hibernated