Mudge
@dotMudge
Followers
65K
Following
19K
Statuses
5K
Make a dent in the universe. Find something that needs improvement: go there and fix things. If not you, then who? {he/they}
TWTR|Stripe|Google|DARPA|L0pht
Joined September 2011
Today is the anniversary of the testimony I and other members of the l0pht gave to the US Senate in 1998. It was the first time the US Govt. publicly referenced “hackers” in a positive context. The coverage was national and even international. Come behind the scenes. /Thread
94
874
3K
Zero Knowledge Proofs are fascinating. There’s now a SafeDocs PDF reader driven by Formal Methods from DARPA (disclaimer: I work for DARPA): Think about the combination of ZKP and attainable formal methods in software 😃
The world once the government realizes they can regulate entities with verifiable programs instead of arbitrary checkpoints and probing
13
33
131
I bet if everyone pings the author, he might get some of the cDc folk to sign a copy. Possibly with parts of any profit going to a worthy charity. ;) Note: I have zero financial interest, don’t really care for how he presents me, but I respect him as a journalist.
@dotMudge I'm reading the book about @cDc_Pulpit (loving it) and, if it was today, where/how would you start learning hacking and cyber security? Cheers!
7
5
81
That was an interesting one. Source code is no longer ground truth; it merely represents developer’s intent. The binary is ground truth. Compilers have evolved. In that case the org had the “latest” versions but were compiling them on old systems and/or with old compilers. The binaries were thus stripped of many defensive aspects eg ASLR, function fortification, stack guards, etc. Even with those items enabled, you need to know the efficacy - not just that the compiler said “I did what you said to do… when and where I chose to ”. Want to know if some memory was actually zeroed? Or how many of the fortifiable functions were *actually* replaced with more secure versions? Whether the compiler put in guards or if addresses are actually changed? You have to look inside the binary… in detail (it can still be, and has been, automated). Offensive work really hasn’t needed, or cared about, the actual source code for decades. If you have the binary you have ground truth.
0
0
0
@dimitrimckay @ForrestGriffin @jeremiahg @Beaker I’m on your left in the Drysdale white and blue rash guard ;)
0
0
0
@RayRedacted @dildog @medus4_cdc @Jun34u_sec AE as in ASCII Express servers? From the old Apple ][+ days? Which trick?
2
0
5
@studentofthings For clarification: I described LOC as a useful proxy. 100M LOC was a useful contrast to a 1k-100k LOC. LOC for that data chart easily conveyed levels of cost, time, effort, complexity, people, bureaucracy, etc.
1
1
1