You’ll be happy when they can’t spy on you. ? ? ?‍?‍?‍? ? ? ? ? ? Schadnfreude is a new end-to-end encrypted, anonymous ID and IP-hiding, decentralized, audio/video/file sharing/offline messaging multi-device platform built for both communications and application security and performance. What does all that mean? Well what if you didn’t just hope your […]

Record numbers of people have been in the market for a house this past year. Now working at home, I also bought a house, with an office. Finding one in this market was frenzied, but I spent as much time trying to figure out the best financing arrangement as picking the house. Every mortgage calculator […]

Not long ago, a well-known games developer posted the following horror story: I have used and been burned by a number of Google services over the years but certainly didn’t think that attitude would extend to GMail. Yet it apparently has, and even to high profile users, which I am not. I’m also a bit […]

While stuck at home I wrote a simple Linux tunnel (“VPN” but not encrypted/authenticated) in 100 lines of Rust. This is a PoC, not an OpenVPN replacement; just sending the IP layers and above over UDP. Specifically, it creates a tun device, enables the device, sets the device’s IP and netmask, and forwards packets in […]

Recently at the 36th CCC, Moxie Marlinspike gave a talk claiming decentralized systems are unable to adapt and succeed and that centralized systems can meet the same goals better. Here’s why he’s wrong.

This is a text outline of the interactive version available here 1.1. No. Authors of such software should decide for themselves what the best release policy should be 1.1.1. Pro: Authors of security tools are in the best position to make judgements on whether to share and how much, and routinely do 1.1.2. Pro: Pissing […]

Interface Identifiers (IID’s) are used to obtain function tables to call most methods of COM objects. In source code, a name like IID_Column will be used, but when this is compiled, the binary will only have the corresponding GUID like {FD1C5F63-2B16-4D06-9AB3-F45350B940AB} embedded in the binary. When reverse engineering it is often unclear what IID a […]

I recently saw a quote on Twitter along the lines of “I couldn’t be in threat intel because I’d get too carried away, go too far, and end up calling some hacker’s mom.” I had to laugh since I can relate. It is easy to get carried away and you can find a lot of […]