Deleted tweet detection is currently running at reduced
capacity due to changes to the Twitter API. Some tweets that have been
deleted by the tweet author may not be labeled as deleted in the PolitiTweet
interface.
Showing page 41 of 151.
Joanna Rutkowska @rootkovska
RT @i0n1c: unfortunately the revised Wassenaar Agreement shows what was obvious beforehand: if you have a lobby you get your excemptions wr… — PolitiTweet.org
Joanna Rutkowska @rootkovska
@WeldPond Perhaps we should embrace a different approach: treat every new tech as malicious and think how to keep o… https://t.co/DKHGfdKPos — PolitiTweet.org
Joanna Rutkowska @rootkovska
But no worries, that's "only" in a Windows service, I'm sure they'd never introduce such a bug in a platform firmware. Oh, wait. — PolitiTweet.org
Joanna Rutkowska @rootkovska
"The really bad thing (...) is not only is it intentionally designed to be accessible from even a heavily restricti… https://t.co/6RfmGjT03o — PolitiTweet.org
James Forshaw @tiraniddo
Simple type confusion bug in an Intel GPU COM service which is accessible from Edge LPAC + Chrome GPU. Shows how a… https://t.co/YBafNhsBRi
Joanna Rutkowska @rootkovska
@orionwl @QubesOS :) — PolitiTweet.org
Joanna Rutkowska @rootkovska
@talex5 @OpenMirage @QubesOS Glad to see you're making progress here! Any ETA on supporting the dynamic firewall rules? — PolitiTweet.org
Joanna Rutkowska @rootkovska
So Windows downloads UNTRUSTED JScript over local (and not only!) network, then executes it UNSANBOXED?! I don't e… https://t.co/WAgfgPVvuV — PolitiTweet.org
Ben Hawkes @benhawkes
Project Zero blog: "aPAColypse now: Exploiting Windows 10 in a Local Network with WPAD/PAC and JScript" by… https://t.co/yqUu3v2TfM
Joanna Rutkowska @rootkovska
RT @ifsecure: It's out! New Windows remote (sort of) blog post with an exploit writeup, brought to you together with @halvarflake, @tiranid… — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @dinodaizovi: Neat: setting LD_PRELOAD=/proc/self/fd/0 specified remotely and supplying a library over the remote socket => 100% reliabl… — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @chriseng: This was a fantastic read! Vuln research and exploit dev is so unbelievably complicated these days. https://t.co/7DFllALc7I — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @k8em0: @sergeybratus Here are the changes. 4.d.4 Note clarifies updates/upgrades. 4.e.1 Note 1 & Technical notes clarifies vuln disclos… — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @k8em0: New from me: Important changes to #Wassenaar protects defenders from export control paperwork impeding #vulnerabiltydisclosure &… — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @tiraniddo: My book's finally here, just in time for Xmas. Thanks to @billpollock and @nostarch for all their time and effort as well as… — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @paulvixie: as the originator of the terms, i have to say, "master and slave" describe protocol roles not data model roles ("primary and… — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @rhhackett: Looking for a non-math explanation of “zero knowledge” proofs (and related zk-SNARKs)? Here’s a sample of insights from cryp… — PolitiTweet.org
Joanna Rutkowska @rootkovska
@sweis More importantly: they might be executing in the remote location (but users/client software might trust them, because attestation...) — PolitiTweet.org
Joanna Rutkowska @rootkovska
@matthew_d_green Is there any hard evidence for this? — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @iamcorso: @rootkovska Technically: it can be removed by just publishing the attestation public keys. In practice, Intel would lose the… — PolitiTweet.org
Joanna Rutkowska @rootkovska
@PenfoldDavid @moxie Thanks for the reference, I will take a look. — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @taviso: Everyone wants there to be simple answers in security, but sometimes there are no simple answers. — PolitiTweet.org
Joanna Rutkowska @rootkovska
Admittedly it is hard to design a fully decentralized Remote Attestation scheme, but Intel has introduced another,… https://t.co/FRJ2FExehv — PolitiTweet.org
Joanna Rutkowska @rootkovska
And let's be completely clear about it: Intel SGX _without_ properly functioning and secure Remote Attestation is p… https://t.co/CTVnM0cT3q — PolitiTweet.org
Joanna Rutkowska @rootkovska
We can think of different scenarios of Intel "sharing" their attestation keys (some h/w root keys): official reques… https://t.co/viWxyWQZJh — PolitiTweet.org
Joanna Rutkowska @rootkovska
Technically yes, but there is a huge difference btwn Intel actively injecting back-(bug-)doors into their products… https://t.co/gjTSQlih6u — PolitiTweet.org
Steve Weis @sweis
@matthew_d_green You already do trust Intel with everything.
Joanna Rutkowska @rootkovska
RT @lcamtuf: @tqbf The most honest answer is that being able to get along with people is often more important than being smart,… — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @yawnbox: MINIX Creator Andrew Tanenbaum Sends Open Letter to Intel Over MINIX Drama https://t.co/fAumestFDm #IntelME #1984 @rootkovs… — PolitiTweet.org
Joanna Rutkowska @rootkovska
@Evil_X_ Setting HAP to 1 is like asking: "Dear ME, will you please disable itself, thanks!" :/ Not to mention att… https://t.co/Nu2KtWvXLC — PolitiTweet.org
Joanna Rutkowska @rootkovska
"ME disabled" is the new "military grade encryption"... :/ (I wish OEMs stopped bluffing us they could disable ME… https://t.co/nVyM3WLKIh — PolitiTweet.org
Dave Foose @DaveFoose
Dell, Other Vendors Start Shipping Laptops With Intel ME Firmware Disabled https://t.co/9yIoEnMZnL #security #feedly
Joanna Rutkowska @rootkovska
RT @Fox0x01: Excellent research and presentation on the life and times of zero-day vulnerabilities and their exploits by @LilyAblon. #BHEU… — PolitiTweet.org
Joanna Rutkowska @rootkovska
Note a copy of the Qubes Master Key's fingerprint printed on the right edge of each slide :) https://t.co/DIsp0zC9kl — PolitiTweet.org
Brent Andrew @BAAMMERS
How to operate in a compromised environment. #qubes @rootkovska https://t.co/pgjpI9B5YL
