Deleted tweet detection is currently running at reduced
capacity due to changes to the Twitter API. Some tweets that have been
deleted by the tweet author may not be labeled as deleted in the PolitiTweet
interface.
Showing page 98 of 151.
Joanna Rutkowska @rootkovska
Of course I don't agree. [Software] exploits is only one piece. Others incl.: malware, (sw & hw) backdoors, crypto,… https://t.co/ppLFHRfRcP — PolitiTweet.org
Joanna Rutkowska @rootkovska
"[Exploits are] central to everything that is going on in IT security" ;) https://t.co/HgvErXBUue
Joanna Rutkowska @rootkovska
"[Exploits are] central to everything that is going on in IT security" ;) https://t.co/HgvErXBUue — PolitiTweet.org
halvarflake @halvarflake
@daniel_bilar https://t.co/yrHcco1d8j
Joanna Rutkowska @rootkovska
@h2dden @TopShibe Even if search is over https, you finally visit the target page which involves a DNS lookup, and often also HTTP traffic. — PolitiTweet.org
Joanna Rutkowska @rootkovska
@aral Oh, come on, everyone knows I'm really evil at the bottom ;) — PolitiTweet.org
Joanna Rutkowska @rootkovska
Thx @TMobile for all the troubles of sniffing my traffic when I searched 4 "WestWorld Netflix" & mailing me this un… https://t.co/XVfSyoCN4v — PolitiTweet.org
Joanna Rutkowska @rootkovska
@aral One doesn't need to have Google account to use any of @QubesOS mailing lists: https://t.co/8Hp7VL2kI0 — PolitiTweet.org
Joanna Rutkowska @rootkovska
@aral It's 1) maintenance-free, 2) free (as in bear), and 3) secure (as in DoS resistant). And we don't plan to post any secrets there ;) — PolitiTweet.org
Joanna Rutkowska @rootkovska
@error403dot4 @Petars_093 @learningproxmox @alpinelinux https://t.co/qT42eWG6Qv — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @solardiz: Status on #DirtyCow exploits, mitigations, fixes; 3 exploit development challenges; RHEL5 patches. https://t.co/gJtXVRlV2U — PolitiTweet.org
Joanna Rutkowska @rootkovska
@thorjag @petertoddbtc Thanks, also explained here: https://t.co/QNPru7EaWR TLDR: if the 6 cooperate, they can generate infinite wealth... — PolitiTweet.org
Joanna Rutkowska @rootkovska
@petertoddbtc How many out of that 6 needs to conspire to mount an attack? What could be gained? — PolitiTweet.org
Joanna Rutkowska @rootkovska
@postessive I also hear C compilers are bad, 'cause all the nasty hackers write exploits in C. Shall we make them illegal? ;) @micahflee — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @thegrugq: An excellent argument for why surveillance should be expensive. https://t.co/VZKESyCMXZ — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @esizkur: @halvarflake bypass: use ctrl-j — PolitiTweet.org
Joanna Rutkowska @rootkovska
@_deepfire I assumed Intel did their work well on protecting access to the ME partition :) But external reflash they can't prevent. — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @lsf37: @rootkovska @GenodeLabs To be fair, this sounds like init, which isn't covered in the ARM proof either. — PolitiTweet.org
Joanna Rutkowska @rootkovska
RT @AndreaBarisani: First successful test of @QubesOS Split GPG server integration on the USB armory, more info soon. https://t.co/3vSeWkHs… — PolitiTweet.org
Joanna Rutkowska @rootkovska
@gannimo :) — PolitiTweet.org
Joanna Rutkowska @rootkovska
@orionwl FWIW, this inspired me to create this ticket: https://t.co/A0WchztSMX — PolitiTweet.org
Joanna Rutkowska @rootkovska
@intel /cc — PolitiTweet.org
Joanna Rutkowska @rootkovska
Speaking of which, has anybody got sgx_get_trusted_time() working? And maybe on Linux SDK even? — PolitiTweet.org
Joanna Rutkowska @rootkovska
Of course this would be a physical attack, yet orders of magnitude simpler than other physical attacks against various SGX services, no? — PolitiTweet.org
Joanna Rutkowska @rootkovska
ISTM, IntelSGX Monotonic Counters can be trivially attacked by reverting the SPI flash content back to a saved one? Am I missing smth here? — PolitiTweet.org
Joanna Rutkowska @rootkovska
Yes, I know [1]. But most ppl: "Oh, let's use this formally-verified ukernel, b/c it's *proved* to be secure!" [1]… https://t.co/A5jtCq9imB — PolitiTweet.org
Mathias Payer @gannimo
@rootkovska everything above the kernel is expected to behave like in the specs, any violation (e.g., HW error) may still fail seL4
Joanna Rutkowska @rootkovska
@orionwl @SarahJamieLewis https://t.co/3uYqQlJylW :) — PolitiTweet.org
Joanna Rutkowska @rootkovska
Oh, wait a sec! What about seL4's famous formal proof of implementation correctness? ;) https://t.co/4MdPszbAnZ — PolitiTweet.org
Genode Labs @GenodeLabs
Looking for a nasty surprise? Just miss to switch off USB legacy and scan your PCI devices while moving the mouse https://t.co/lMKr4f2Yg9
Joanna Rutkowska @rootkovska
RT @orionwl: @SarahJamieLewis The sandbox that does JPEG decoding should not be able to do anything but that - maybe @QubesOS the only hope? — PolitiTweet.org
Joanna Rutkowska @rootkovska
We like to think they pay premium 'cause we're so damn l33t... In reality they pay for submission & rejection of our values. Pathetic. — PolitiTweet.org
Joanna Rutkowska @rootkovska
Young security researchers might want to read this: https://t.co/fePceUkdL2 — PolitiTweet.org
Jenna McLaughlin @JennaMC_Laugh
Sources told me about how UAE was hiring to hunt zero days, install stealth malware implants, and more:… https://t.co/SS9PiZEqid
Joanna Rutkowska @rootkovska
@v6ak Perhaps a reasonable time accuracy of local clocks could prevent these in practice? — PolitiTweet.org
