buherator
@buherator.bsky.social
"I'm interested in all kinds of astronomy."
https://scrapco.de
Mostly cross-posting from Fediverse: @[email protected]
https://scrapco.de
Mostly cross-posting from Fediverse: @[email protected]
December 11, 2025 at 9:15 PM
[RSS] exploits.club Weekly(ish) Newsletter 93 - Old QEMU Bugs, Android Auto Bluetooth PoCs, BeeStation P20, and More
blog.exploits.club ->
Original->
blog.exploits.club ->
Original->
December 11, 2025 at 9:10 PM
[RSS] exploits.club Weekly(ish) Newsletter 93 - Old QEMU Bugs, Android Auto Bluetooth PoCs, BeeStation P20, and More
blog.exploits.club ->
Original->
blog.exploits.club ->
Original->
[RSS] Introducing mrva, a terminal-first approach to CodeQL multi-repo variant analysis
blog.trailofbits.com ->
vim user doing God's work
Original->
blog.trailofbits.com ->
vim user doing God's work
Original->
December 11, 2025 at 2:29 PM
[RSS] Introducing mrva, a terminal-first approach to CodeQL multi-repo variant analysis
blog.trailofbits.com ->
vim user doing God's work
Original->
blog.trailofbits.com ->
vim user doing God's work
Original->
December 11, 2025 at 9:43 AM
December 11, 2025 at 9:43 AM
I recently posted about looking for an artist and got a bunch of replies.
Problem is 1) there are many obvious bots 2) those who are likely not bots also seem to use LLM/templates to communicate, making them look like bots.
If you don't want to get reported, use your own voice!
1/2
Problem is 1) there are many obvious bots 2) those who are likely not bots also seem to use LLM/templates to communicate, making them look like bots.
If you don't want to get reported, use your own voice!
1/2
December 9, 2025 at 7:59 PM
I recently posted about looking for an artist and got a bunch of replies.
Problem is 1) there are many obvious bots 2) those who are likely not bots also seem to use LLM/templates to communicate, making them look like bots.
If you don't want to get reported, use your own voice!
1/2
Problem is 1) there are many obvious bots 2) those who are likely not bots also seem to use LLM/templates to communicate, making them look like bots.
If you don't want to get reported, use your own voice!
1/2
Reposted by buherator
V8 now has a JS bytecode verifier!
IMO a good example for the benefits of the V8 Sandbox architecture:
- Hard: verify that bytecode is correct (no memory corruption)
- Easier: verify that it is secure (no out-of-sandbox memory corruption)
The sandbox basically separates correctness from security.
IMO a good example for the benefits of the V8 Sandbox architecture:
- Hard: verify that bytecode is correct (no memory corruption)
- Easier: verify that it is secure (no out-of-sandbox memory corruption)
The sandbox basically separates correctness from security.
December 9, 2025 at 10:00 AM
V8 now has a JS bytecode verifier!
IMO a good example for the benefits of the V8 Sandbox architecture:
- Hard: verify that bytecode is correct (no memory corruption)
- Easier: verify that it is secure (no out-of-sandbox memory corruption)
The sandbox basically separates correctness from security.
IMO a good example for the benefits of the V8 Sandbox architecture:
- Hard: verify that bytecode is correct (no memory corruption)
- Easier: verify that it is secure (no out-of-sandbox memory corruption)
The sandbox basically separates correctness from security.
Reposted by buherator
𝙿𝙰𝙶𝙴𝙳 𝙾𝚄𝚃! #𝟾 𝙳𝙴𝙰𝙳𝙻𝙸𝙽𝙴: 𝟺 𝙹𝚊𝚗𝚞𝚊𝚛𝚢 𝟸𝟶𝟸𝟼 𝙴𝚘𝙳 𝙴𝚘𝙰
Save the date if you're planning to write an article or showcase your digital art in the next issue of our magazine.
pagedout.institute
P.S. We're looking for sponsors for issue #8 as well.
Save the date if you're planning to write an article or showcase your digital art in the next issue of our magazine.
pagedout.institute
P.S. We're looking for sponsors for issue #8 as well.
Paged Out!
Deeply technical zine. And it's free.
pagedout.institute
December 9, 2025 at 10:29 AM
𝙿𝙰𝙶𝙴𝙳 𝙾𝚄𝚃! #𝟾 𝙳𝙴𝙰𝙳𝙻𝙸𝙽𝙴: 𝟺 𝙹𝚊𝚗𝚞𝚊𝚛𝚢 𝟸𝟶𝟸𝟼 𝙴𝚘𝙳 𝙴𝚘𝙰
Save the date if you're planning to write an article or showcase your digital art in the next issue of our magazine.
pagedout.institute
P.S. We're looking for sponsors for issue #8 as well.
Save the date if you're planning to write an article or showcase your digital art in the next issue of our magazine.
pagedout.institute
P.S. We're looking for sponsors for issue #8 as well.
I updated the structure of the #Ghidra documentation that I host so now you can access the latest of both version 11.x and 12.x:
scrapco.de ->
I'm still looking for the docs of the new features in 12. If you think something is missing from the web that is
1/2
scrapco.de ->
I'm still looking for the docs of the new features in 12. If you think something is missing from the web that is
1/2
December 9, 2025 at 7:55 AM
I updated the structure of the #Ghidra documentation that I host so now you can access the latest of both version 11.x and 12.x:
scrapco.de ->
I'm still looking for the docs of the new features in 12. If you think something is missing from the web that is
1/2
scrapco.de ->
I'm still looking for the docs of the new features in 12. If you think something is missing from the web that is
1/2
December 9, 2025 at 7:35 AM
"The benefit of having an actual memory space for special function registers is they can be seen, named, references created to them, data types applied at the location, as well as default values supplied for a given binary sample. We plan to do the same for other processors such
1/2
1/2
December 8, 2025 at 6:55 PM
"The benefit of having an actual memory space for special function registers is they can be seen, named, references created to them, data types applied at the location, as well as default values supplied for a given binary sample. We plan to do the same for other processors such
1/2
1/2
December 8, 2025 at 6:50 PM
December 7, 2025 at 3:10 PM
Reposted by buherator
Very sad to hear that anti-virus veteran Vesselin Bontchev has cancer.
He's posted about it up here on LinkedIn: www.linkedin.com/posts/bontch...
Or you can read his blog post where he shares his recent experiences at the hospital:
bontchev.nlcv.bas.bg/bye.html
He's posted about it up here on LinkedIn: www.linkedin.com/posts/bontch...
Or you can read his blog post where he shares his recent experiences at the hospital:
bontchev.nlcv.bas.bg/bye.html
Well, it's one of those good news/bad news moments, folks...
bontchev.nlcv.bas.bg
December 6, 2025 at 9:43 PM
Very sad to hear that anti-virus veteran Vesselin Bontchev has cancer.
He's posted about it up here on LinkedIn: www.linkedin.com/posts/bontch...
Or you can read his blog post where he shares his recent experiences at the hospital:
bontchev.nlcv.bas.bg/bye.html
He's posted about it up here on LinkedIn: www.linkedin.com/posts/bontch...
Or you can read his blog post where he shares his recent experiences at the hospital:
bontchev.nlcv.bas.bg/bye.html
Reposted by buherator
who controls the context window controls the future
December 7, 2025 at 12:37 AM
who controls the context window controls the future
Some weekend updates to my homepage:
Added a little guide to debug recursive #CodeQL predicates:
scrapco.de ->
#Ghidra documentation now reflects the state of 11.4.3:
scrapco.de ->
Original->
Added a little guide to debug recursive #CodeQL predicates:
scrapco.de ->
#Ghidra documentation now reflects the state of 11.4.3:
scrapco.de ->
Original->
December 6, 2025 at 12:48 PM
Some weekend updates to my homepage:
Added a little guide to debug recursive #CodeQL predicates:
scrapco.de ->
#Ghidra documentation now reflects the state of 11.4.3:
scrapco.de ->
Original->
Added a little guide to debug recursive #CodeQL predicates:
scrapco.de ->
#Ghidra documentation now reflects the state of 11.4.3:
scrapco.de ->
Original->
I updated my MC-NBFX serializer (of WCF's NetTcpBinding fame) for comatibility with the latest @kaitai release:
github.com ->
It turned out that the release introduced mandatory consistency `_check()`s for
1/2
github.com ->
It turned out that the release introduced mandatory consistency `_check()`s for
1/2
December 5, 2025 at 8:21 PM
I updated my MC-NBFX serializer (of WCF's NetTcpBinding fame) for comatibility with the latest @kaitai release:
github.com ->
It turned out that the release introduced mandatory consistency `_check()`s for
1/2
github.com ->
It turned out that the release introduced mandatory consistency `_check()`s for
1/2
I'm looking for a graphics person to turn a portrait into a single color vector image (and possibly a few other tweaks) for later open publication.
DM me if you are interested!
#FediHire #Inkscape #Illustrator #Graphics
Original->
DM me if you are interested!
#FediHire #Inkscape #Illustrator #Graphics
Original->
December 5, 2025 at 5:55 PM
I'm looking for a graphics person to turn a portrait into a single color vector image (and possibly a few other tweaks) for later open publication.
DM me if you are interested!
#FediHire #Inkscape #Illustrator #Graphics
Original->
DM me if you are interested!
#FediHire #Inkscape #Illustrator #Graphics
Original->
[RSS] Another AI slop story: ChatGPT vs. Human
joshua.hu ->
This is actually a description of a neat infoleak involving Nginx DNS caching, blue team over-reliance on LLMs is bonus.
Original->
joshua.hu ->
This is actually a description of a neat infoleak involving Nginx DNS caching, blue team over-reliance on LLMs is bonus.
Original->
December 5, 2025 at 9:39 AM
[RSS] Another AI slop story: ChatGPT vs. Human
joshua.hu ->
This is actually a description of a neat infoleak involving Nginx DNS caching, blue team over-reliance on LLMs is bonus.
Original->
joshua.hu ->
This is actually a description of a neat infoleak involving Nginx DNS caching, blue team over-reliance on LLMs is bonus.
Original->
"You should be able to talk to your PC"[1]
^ This is a fundamental misunderstanding that reminds me (again) of one of my favorite failed experiments of '90s internet: the online 3D shopping center.[2]
C-levels of the time spared no expense to build a complete VRML model of a
1/4
^ This is a fundamental misunderstanding that reminds me (again) of one of my favorite failed experiments of '90s internet: the online 3D shopping center.[2]
C-levels of the time spared no expense to build a complete VRML model of a
1/4
December 4, 2025 at 9:36 PM
"You should be able to talk to your PC"[1]
^ This is a fundamental misunderstanding that reminds me (again) of one of my favorite failed experiments of '90s internet: the online 3D shopping center.[2]
C-levels of the time spared no expense to build a complete VRML model of a
1/4
^ This is a fundamental misunderstanding that reminds me (again) of one of my favorite failed experiments of '90s internet: the online 3D shopping center.[2]
C-levels of the time spared no expense to build a complete VRML model of a
1/4
I completely missed that @kaitai v0.11 was finally released with serialization support:
kaitai.io ->
This is huge and it's great to see that @nlnet money goes to the right places!
Original->
kaitai.io ->
This is huge and it's great to see that @nlnet money goes to the right places!
Original->
December 4, 2025 at 7:26 PM
I completely missed that @kaitai v0.11 was finally released with serialization support:
kaitai.io ->
This is huge and it's great to see that @nlnet money goes to the right places!
Original->
kaitai.io ->
This is huge and it's great to see that @nlnet money goes to the right places!
Original->