破烂 OxygenOS 13 USB 3.0 内核驱动烂掉了
https://forum.xda-developers.com/t/oxygenos-13-no-connection-with-usb-3-0-cable-under-linux.4537507
https://forum.xda-developers.com/t/oxygenos-13-no-connection-with-usb-3-0-cable-under-linux.4537507
https://github.com/MaximeBeasse/KeyDecoder
太坏了,都带 OpenCV 了也不加点自动化辅助。
太坏了,都带 OpenCV 了也不加点自动化辅助。
GitHub
GitHub - MaximeBeasse/KeyDecoder: KeyDecoder app lets you use your smartphone or tablet to decode your mechanical keys in seconds.
KeyDecoder app lets you use your smartphone or tablet to decode your mechanical keys in seconds. - MaximeBeasse/KeyDecoder
Forwarded from Solidot
三星 Exynos 芯片漏洞影响数十款 Android 设备
2023-03-18 21:32:00 by 神秘世界的人
Google Project Zero 研究人员在广泛使用的三星 Exynos 调制解调器芯片中发现了 18 个漏洞,其中四个漏洞允许攻击者在只知道受害者电话号码的情况下,在基带水平远程入侵手机,不需要发生任何用户交互。受影响的芯片组包括: Exynos Modem 5123、Exynos Modem 5300、Exynos 980、Exynos 1080 和 Exynos Auto T5123,受影响的产品包括:三星 S22, M33、M13、M12、A71、A53、A33、A21、A13、A12 和 A04 系列,Vivo S16、S15、S6、X70、X60 和 X30 系列,Google Pixel 6、6 Pro、Pixel 6a、Pixel 7 和 7 Pro,任何使用 Exynos W920 芯片组的智能手表,任何使用 Exynos Auto T5123 的汽车,等等。研究人员表示,在补丁释出前,受影响设备可通过在设置里关闭 Wi-Fi 呼叫和 Voice-over-LTE (VoLTE)保护自己。
https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html
#安全
2023-03-18 21:32:00 by 神秘世界的人
Google Project Zero 研究人员在广泛使用的三星 Exynos 调制解调器芯片中发现了 18 个漏洞,其中四个漏洞允许攻击者在只知道受害者电话号码的情况下,在基带水平远程入侵手机,不需要发生任何用户交互。受影响的芯片组包括: Exynos Modem 5123、Exynos Modem 5300、Exynos 980、Exynos 1080 和 Exynos Auto T5123,受影响的产品包括:三星 S22, M33、M13、M12、A71、A53、A33、A21、A13、A12 和 A04 系列,Vivo S16、S15、S6、X70、X60 和 X30 系列,Google Pixel 6、6 Pro、Pixel 6a、Pixel 7 和 7 Pro,任何使用 Exynos W920 芯片组的智能手表,任何使用 Exynos Auto T5123 的汽车,等等。研究人员表示,在补丁释出前,受影响设备可通过在设置里关闭 Wi-Fi 呼叫和 Voice-over-LTE (VoLTE)保护自己。
https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html
#安全
https://github.com/eleijonmarck/do-not-compile-this-code
This proof-of-concept demonstrates how Rust macros can be abused to interact with the machine that the compliation happens on.
This proof-of-concept demonstrates how Rust macros can be abused to interact with the machine that the compliation happens on.
GitHub
GitHub - eleijonmarck/do-not-compile-this-code
Contribute to eleijonmarck/do-not-compile-this-code development by creating an account on GitHub.
Forwarded from Hacker News
YouTube
32-bit DOS Applications
In this video we will explore the marvel of 32-bit DOS applications. We will look at their history, and how exactly they work.
Official site of DJGPP: https://www.delorie.com/djgpp/
A very incomplete list of 32-bit DOS games: http://www.classicdosgames.…
Official site of DJGPP: https://www.delorie.com/djgpp/
A very incomplete list of 32-bit DOS games: http://www.classicdosgames.…
https://devblogs.microsoft.com/oldnewthing/20090101-00/?p=19643
https://learn.microsoft.com/en-us/archive/blogs/junfeng/how-to-make-an-application-as-both-gui-and-console-application
https://learn.microsoft.com/en-us/archive/blogs/junfeng/how-to-make-an-application-as-both-gui-and-console-application
Microsoft News
How do I write a program that can be run either as a console or a GUI application?
You can’t, but you can try to fake it. Each PE application contains a field in its header that specifies which subsystem it was designed to run under. You can say IMAGE_SUBSYSTEM_WINDOWS_GUI to mark yourself as a Windows GUI application, or you can say I…
Forwarded from AIM扩散力场 (零件)
This media is not supported in your browser
VIEW IN TELEGRAM
【这是一条来自Bernard小哥的高考祝福,请您查收~】
祝大家高考顺利!学业有成!
祝大家高考顺利!学业有成!
Forwarded from Hacker News
GitHub
acme.sh runs arbitrary commands from a remote server · Issue #4659 · acmesh-official/acme.sh
Hello, You may already be aware of this, but HiCA is injecting arbitrary code/commands into the certificate obtaining process and acme.sh is running them on the client machine. I am not sure if thi...
CVE-2023-34312
In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition.
https://nvd.nist.gov/vuln/detail/CVE-2023-34312
In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition.
https://nvd.nist.gov/vuln/detail/CVE-2023-34312
Forwarded from Hacker News
words.filippo.io
I want XAES-256-GCM/11
I want the extended-nonce 256-bit reduced-rounds XAES-256-GCM/11 AEAD. It has infinitely randomizable nonces, a comfortable margin of multi-user security, and nearly the same performance as AES-128-GCM. Only issue is that it doesn’t exist.