ShareSec
@ShareSec
21 subscribers
56 photos
2 videos
12 files
234 links
Accept both Chinese & English submissions.
分享一些安全相关的东西
群和投稿机器人即将上线,敬请期待。
Download Telegram
About
Blog
Apps
Platform
Join
ShareSec
21 subscribers
ShareSec
个人意见:有些人就是翻墙界的塔利班
100 views
ShareSec
https://www.cncf.io/wp-content/uploads/2020/08/CNCF-Webinar-Navigating-the-Sea-of-Local-Clusters-.pdf
85 views
ShareSec
Forwarded from Programmer Jokes
57 views
ShareSec
one more victim
53 views
ShareSec
Forwarded from /var/log/DMIT-NOC.log
Our team recently found the Intel 85299 NIC, and its' driver is unreliable for the long term running virtualization environment. Our new architecture has already switched to Mellanox CX3/4/5.
This caused many problems, including the incident happening at the LAX site today.

One NIC driver dead will leads to a heavy load on other nodes for Ceph rebalance.
Then due to heavy load, the drivers of 85299 on other nodes probably dump again which links to a chain reaction.

We gave up Hyper-converged infrastructure design, the new architecture will have a dedicated Ceph cluster network with dual 100G link over ConnectX-5.
62 views
ShareSec
Forwarded from 每日消费电子观察 (无羽の翼 (「 • ̀ω•́ )「)
研究人員揭露重大的 BLE 漏洞,舉凡支援接近解鎖功能的汽車、門鎖或筆電都可能遭駭
https://www.ithome.com.tw/news/150975

大致内容是:
一部分支持蓝牙解锁的汽车、门锁为了方便用户,只要用户带着注册过的手机或其他蓝牙钥匙接近,就自动解锁。
但是攻击者可以在受害者和设备之间设置中继站,让设备以为用户就在附近。从而在用户未接近设备的情况下远距离解锁。
NCC Group 认为这不是 蓝牙 的缺陷,错的是厂商把BLE接近身份验证用于解锁重要设备。
iThome
研究人員揭露重大的BLE漏洞,舉凡支援接近解鎖功能的汽車、門鎖或筆電都可能遭駭
NCC Group公布一項低功耗藍牙(BLE)安全漏洞,能攻陷所有以BLE作為接近身分認證的裝置,包括Tesla Model 3以及Kwikset/Weiser旗下Kevo系列的智慧門鎖
103 views
ShareSec
差不多行了,还tm没完了,逆不出来漏洞也别强行找茬吧
70 views
ShareSec
妈的真酷
70 views
ShareSec
https://twitter.com/borrello_pietro/status/1527541578797142016?s=12&t=ybA0GfDOC3AYo0zaRUHQJQ
Twitter
Pietro Borrello
My mind is blown 🤯 I am thrilled to announce that I have TWO talks accepted at #BHUSA. I cannot wait to share some of the coolest research we have ever done on CPU internals! @BlackHatEvents 🧵1/4
85 views
ShareSec
https://rosenzweig.io/blog/asahi-gpu-part-5.html
rosenzweig.io
The Apple GPU and the Impossible Bug
98 views
ShareSec
https://fredericb.info/2022/06/breaking-secure-boot-on-google-nest-hub-2nd-gen-to-run-ubuntu.html
fred's notes
Breaking Secure Boot on Google Nest Hub (2nd Gen) to run Ubuntu
In this post, we attack the Nest Hub (2nd Gen), an always-connected smart home display from Google, in order to boot a custom OS. First, we explore both hardware and software attack surface in search of security vulnerabilities that could permit arbitrary…
104 views
ShareSec
如果你想看看最近的那个新洞,或许也想顺便看看这个:https://www.youtube.com/watch?v=lY5kucyhKFc
YouTube
34C3 - Everything you want to know about x86 microcode, but might have been afraid to ask
https://media.ccc.de/v/34c3-9058-everything_you_want_to_know_about_x86_microcode_but_might_have_been_afraid_to_ask

An introduction into reverse-engineering x86 microcode and writing it yourself

Microcode is an abstraction layer on top of the physical components…
122 views
ShareSec
https://github.com/google/silifuzz
GitHub
GitHub - google/silifuzz
Contribute to google/silifuzz development by creating an account on GitHub.
131 views
ShareSec
https://www.youtube.com/watch?v=7hwS4rkmvA0
https://www.youtube.com/watch?v=paxErRRsrTU
YouTube
Wibbly Wobbly, Timey Wimey – What's Really Inside Apple's U1 Chip
Apple introduced an Ultra Wideband (UWB) chip in the iPhone 11. Its cryptographically secured spatial measurement capabilities are accessible via the Nearby Interaction framework since iOS 14. As of now, it only supports interaction with other Apple devices…
163 views
ShareSec
https://pdf.dfcfw.com/pdf/H2_AN202204291562378643_1.pdf
194 views
ShareSec
🕯️
213 views
ShareSec
Channel photo removed
ShareSec
Channel photo updated
ShareSec
好 差不多得了
242 views
ShareSec
https://research.nccgroup.com/2023/02/06/rustproofing-linux-part-1-4-leaking-addresses/
212 views