Deleted tweet detection is currently running at reduced
capacity due to changes to the Twitter API. Some tweets that have been
deleted by the tweet author may not be labeled as deleted in the PolitiTweet
interface.
Showing page 68 of 151.
Joanna Rutkowska @rootkovska
RT @robertswiecki: nsjail offers the most expressive runtime-evalutated seccomp-bpf cfg lang among all Linux namespace/seccomp tools: https… — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @lcamtuf: And if you're feeding user input to ImageMagick, ffmpeg, Ghostscript, etc w/o sandboxing, you're gonna get hurt. https://t.co/… — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @natashenka: If a tweet is causing panic or confusion in your organization, the problem isn't the tweet, the problem is your organization — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @taviso: .@natashenka Attack works against a default install, don't need to be on the same LAN, and it's wormable. 🔥 — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @taviso: I think @natashenka and I just discovered the worst Windows remote code exec in recent memory. This is crazy bad. Report on the… — PolitiTweet.org
Joanna Rutkowska @rootkovska
Thx @Intel for this EULA-protected, UNSIGNED zip w/ a bunch of UNSIGNED (PE) executables, so we can see if vulnerab… https://t.co/fXah1fqnVR — PolitiTweet.org
Yanai Moyal @yanaimoyal
Intel Discovery Tool to determine whether a system is vulnerable to INTEL-SA-00075. https://t.co/aWSPbay7OX
Joanna Rutkowska @rootkovska
RT @rossjanderson: No point doing a security startup in Britain then, or a fintech one either. Once you have 10,000 customers, you have to… — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @bcrypt: gonna buy a bunch and put them in the drawer at random motels https://t.co/iTPKdr2BW4 — PolitiTweet.org
Joanna Rutkowska @rootkovska
@cbrocas @redbull Thx :) — PolitiTweet.org
Joanna Rutkowska @rootkovska
@gsuberland Also, it'd be interesting to check if this allowed to write other flash partitions, not just belonging to ME? — PolitiTweet.org
Joanna Rutkowska @rootkovska
@gsuberland Ok, good point. Have anybody checked if that really works via a docking connector? — PolitiTweet.org
Joanna Rutkowska @rootkovska
@gsuberland Sure, but you can do the same by connecting an EEPROM reader to the SPI flash anyway. — PolitiTweet.org
Joanna Rutkowska @rootkovska
@cbrocas @redbull I'm a reasonably boring pilot ;) — PolitiTweet.org
Joanna Rutkowska @rootkovska
Not debug mode _for_ ME, but merely _asking_ the ME to stop its operations, so we can debug the host CPU (e.g. BIOS… https://t.co/EvSNsOG4oL — PolitiTweet.org
Graham Sutherland [Polynomial^DSS] @gsuberland
Wait, what? "Intel ME Debug Mode" can be enabled with a pull-up resistor... on the HD audio data line? O_o https://t.co/NpXiNElQJQ
Joanna Rutkowska @rootkovska
@cbrocas @redbull Heh, not me this time ;) — PolitiTweet.org
Joanna Rutkowska @rootkovska
Meanwhile in Warsaw... :) via @redbull: https://t.co/8rc42JjWjh https://t.co/2pT1SW2nWV — PolitiTweet.org
Joanna Rutkowska @rootkovska
BTW, in Qubes when user pipes untrusted VM output to terminals (qvm-run -p), we filter out control chars by default… https://t.co/g8pz0N2ukf — PolitiTweet.org
Solar Designer @solardiz
Bugs in terminal emulators' escapes https://t.co/erALy91FVb including rxvt integer overflow analysis by @zx2c4 https://t.co/AtP12DO1TV
Joanna Rutkowska @rootkovska
RT @solardiz: Bugs in terminal emulators' escapes https://t.co/erALy91FVb including rxvt integer overflow analysis by @zx2c4 https://t.co/A… — PolitiTweet.org
Joanna Rutkowska @rootkovska
@solardiz @tehjh ..which BTW you can now run in "paranoid restore mode", which might make sense after the recently… https://t.co/g95RQKDNc8 — PolitiTweet.org
Joanna Rutkowska @rootkovska
@solardiz @tehjh Fair enough. But at least we try to make the process reasonably smooth with Qubes backup/restore: https://t.co/fDC6CEjZlY — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @tehjh: Kudos to the Xen security team. XSA-21[2345] were all publicly fixed within a month, and for XSA-214, they discovered the full i… — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @evacide: Pro Tip: the one thing I will not come to your conference to speak about is what it's like to be a woman in tech. — PolitiTweet.org
Joanna Rutkowska @rootkovska
@solardiz @tehjh Do you think there is any reason to stick with 3.1 instead of using 3.2? — PolitiTweet.org
Joanna Rutkowska @rootkovska
@solardiz @tehjh Probably not, because 1) EOL for 3.1 was over a month ago, and 2) we'd like to encourage users to… https://t.co/snUvMyrcd4 — PolitiTweet.org
Joanna Rutkowska @rootkovska
FWIW, it seems Jann agrees with the approach we've embraced in Qubes 4.x to tackle the problem of Xen bugs :) https://t.co/5PbC2B1BwA — PolitiTweet.org
Jann Horn @tehjh
@csirac2 @tirath @ttaskett @QubesOS I'm optimistic about PVH as attack surface reduction.
Joanna Rutkowska @rootkovska
RT @BenLaurie: More @intel fun - want to know how to fix INTEL-SA-00075? First you must agree not to figure out how the fix works: https://… — PolitiTweet.org
Joanna Rutkowska @rootkovska
Once again, congrats to @tehjh! https://t.co/Tpa9cI6kqM — PolitiTweet.org
Qubes OS @QubesOS
Qubes Security Bulletin #30: Critical Xen bugs related to PV memory virtualization (XSA-213, XSA-214) https://t.co/hwPpccThCq
Joanna Rutkowska @rootkovska
RT @QubesOS: Qubes Security Bulletin #30: Critical Xen bugs related to PV memory virtualization (XSA-213, XSA-214) https://t.co/hwPpccThCq — PolitiTweet.org
Joanna Rutkowska @rootkovska
@MikaelThalen @whispersystems @QubesOS Nice. BTW, once you convert to trusted, there is no need to keep opening in… https://t.co/US6zJnPqOU — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @scarybeasts: @halvarflake The lack of inspectability something so core to computation should in and of itself be considered a vulnerabi… — PolitiTweet.org
