Attended a darkroom workshop recently. Analog photoshop. Slightly different technique each time to get the desired effect.

Designed slim filters for Fuji GF670 that you can leave on the camera when folded. https://blog.29b.net/dispatches/gf670_filters/

Sigh, a domain hosting a small website for the last 20 years expired. I've forgotten about it for so long that it actually brought up some fun memories. Cheers to all the folks around it, wherever you are!

Attending USENIX Security for the first timehow do academic conferences work? In Seattle till Sunday.

A Borges story about a guy who gets AI to summarize all the world’s information for him, and then summarize the summary, until the AI has the whole world summarized into a single word. He sits alone at his desk, staring at the word, repeating it endlessly, certain he is experiencing everything

Join us for a deep dive into how Cisco Talos uncovered two critical vulnerabilities in the AsIO3.sys driver powering ASUS Armory Crate: blog.talosintelligence.com/decrement-by...

Building a Debugger is now officially released! It guides you through building a whole native x64 debugger from scratch, dispelling all the magic and teaching you a ton about operating systems as it goes. Even if you don't care about building a debugger, you can read it to your cat.

[Blog Post] New high-level API in LIEF that allows the creation of DWARF files. Additionally, I present two plugins designed to export program information from Ghidra and BinaryNinja into a DWARF file. lief.re/blog/2025-05... (Bonus: DWARF file detailing my reverse engineering work on DroidGuard)

Sebastião Salgado died, most amazing photographer among other things. Go find and watch “Salt of the Earth” https://youtu.be/aQ-My45meeo?si=hRPjKaG0zmNO9BUs

Haven't seen this on Bluesky yet: S&P 2027 will take place in Montreal, Canada!

Collaborative reverse engineering is hard not because the tools aren’t right, but because it’s difficult for you to transfer knowledge and insights gained while reverse engineering. Structs and function names are important but connecting the dots is crucial. How do you do this effectively?

Did you know that you can get archived audio lectures from Internet Archive as podcasts in whatever podcatcher you use? Like https://archive.org/details/the-real-world-of-technology

Utterly disappointing, not at all what i expected by the title! Doesn’t even acknowledge prior works of Discordians! It’s all about SRE and making complex chaotic systems more resilient to failure. With a bunch of first-hand experience from big corps who have their shit together!

Digital vs film X-ray . Film offers higher resolution and better dynamic range with the same settings, but slightly longer exposure time (and more tedious image acquisition). Comes in handy when it comes to tiny electronics. Images of an Abbott Lingo continuous glucose monitor.

Not funny in the least , smh

Unrestrict the restricted mode for USB on iPhone. A first analysis @citizenlab.ca #CVE-2025-24200 👉 blog.quarkslab.com/first-analys...

Crazy day at work and I don’t care that I’ve posted this before; I need cheering up. So here’s a mosaic of a rabbit driving a chariot pulled by ducks. Good day to you all.

Almost forgot about this. Found a funny bug in CUPS ecosystem, but we wanted to cut developers some slack after all the drama a couple of months ago https://blog.talosintelligence.com/small-praise-for-modern-compilers-a-case-of-ubuntu-printing-vulnerability-that-wasnt/

I’m RE early boot code of this device. It has a factory testing/debug mode triggered by holding a button combo while powering it on. I see the code, but don’t have an exact memory map to find the correct button sequence! And there's 12 buttons, too much for brute force...

https://youtu.be/A1gxy11d0N0?si=dBt4hjrX5hCG3Y6j my favorite weather man

Finished Watt’s “Echopraxia” and watched Herzog’s “Theater Of Thought “ in the same day and have a hard time distinguishing which theme about consciousness was covered in which. Recommend both.

I’m a bit of a tall ship nerd and got to see this extraordinary one in Hamburg. Peking is a 4 masted barque. The last of the flying P-liners, immortalized in Irving Johnson’s famed “Around the Cape Horn” film (linked). “The main course sail weights 3 tones when dry. “ youtu.be/gYgl6a-XJ8U?...

Cowboy hat unusual for Hamburg? Clearly you haven’t seen Dennis Hopper in Wim Wenders’ “The American Friend”. Say hi if you see me at #38C3 !

Looks like German Port museum is closed these days, but does nobody know if you can at least see Peking from somewhat upclose ? www.shmh.de/ausstellunge...

Slides are up objectivebythesea.org/v7/talks/OBT...

A bit of travel ahead, but it will take me to CCC! It’s been 10 years since I’ve been, excited to see what it looks like this year!

Help a non-native speaker here, um, how else ?

I just wrapped up a talk at #OBTS about ios/macos font renderer vulnerability used in operation triangulation. No PoC was released and I wanted to make one to study the attack surface.

Objectives By The Sea v7.0 live stream www.youtube.com/live/LKzJuEZ... #obts

Hey @binary.ninja , can we do something about this? I like being on dev but storage on macbooks ain't cheap... :D (i last cleaned it in July, before that I had 3 years of updates )

Obfuscated code in Windows kernel? Sounds like a good place to dig for bugs! @phlaul.bsky.social shows how and why: blog.talosintelligence.com/finding-vuln...

Post a picture you took (no description) to bring some zen to the timeline

Hi friends old and new! I’m Aleks and I specialize in obsolete technologies such as typewriters, film cameras and memory corruption exploitation.

In which Ali details his approach to developing a full code execution exploit for Ichitaro Word (office suite popular in Japan and the region), turning a weird OOB index access into a more capable memory corruption primitive: blog.talosintelligence.com/exploiting-l...

I've been afk , manning the lines on a square rigged tall ship. If you've tried to reach me but I haven't responded, I'm catching up slowly.

PoC||GTFO 0x22 is out! I have an article in there about having fun with Microsoft XFG as an aid for reverse engineering.

Wrapped up a talk at Objective by The Sea cornference about augmenting Axel Souchet’s WTF to target macOS kernel components. Hope to get the code out there shortly!

Story of decipherment of linear b reads much like your modern reverse engineering project. Chipping away at the problem until things start to snowball and everything starts to make sense. With magic constants in form of names of towns playing one of the key roles.

Looks like I got a first CVE in MS Edge's new PDF engine https://talosintelligence.com/vulnerability_reports/TALOS-2023-1747… CVE-2023-36887 Not the most fun bug ever, but it's memory corruption :) It was fun digging into the implementation that's a combo of Acrobat and V8.