The man who bought Pine Bluff, Arkansas (2022) https://maxread.substack.com/p/the-man-who-bought-pine-bluff-arkansas
Substack
The man who bought Pine Bluff, Arkansas
A Hackernews comment introduces a new character
New Aztec Codices Discovered: The Codices of San AndrΓ©s Tetepilco https://tlacuilolli.com/2024/03/21/new-aztec-codices-the-codices-of-san-andres-tetepilco/
Tlacuilolli
New Aztec Codices Discovered: The Codices of San AndrΓ©s Tetepilco
The recent announcement of the discovery of three new Aztec codices is covered here for the English-speaking public.
TinySSH is a small SSH server using NaCl, TweetNaCl https://github.com/janmojzis/tinyssh
GitHub
GitHub - janmojzis/tinyssh: TinySSH is small server (less than 100000 words of code)
TinySSH is small server (less than 100000 words of code) - janmojzis/tinyssh
PSChess β A chess engine in PostScript https://seriot.ch/projects/pschess.html
Recent 'MFA Bombing' Attacks Targeting Apple Users https://krebsonsecurity.com/2024/03/recent-mfa-bombing-attacks-targeting-apple-users/
Krebs on Security
Recent βMFA Bombingβ Attacks Targeting Apple Users
Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple's password reset feature. In this scenario, a target's Apple devices are forced to display dozens of system-level promptsβ¦
DBRX: A new open LLM https://www.databricks.com/blog/introducing-dbrx-new-state-art-open-llm
Doom Captcha (2021) https://vivirenremoto.github.io/doomcaptcha/
vivirenremoto.github.io
DOOM Captcha
Backdoor in upstream xz/liblzma leading to SSH server compromise https://www.openwall.com/lists/oss-security/2024/03/29/4
Towards 1-bit Machine Learning Models https://mobiusml.github.io/1bit_blog/
mobiusml.github.io
1-bit Quantization
A support blog for the release of 1-bit Aana model.
Garbage collection for systems programmers (2023) https://bitbashing.io/gc-for-systems-programmers.html
Bit Bashing
Garbage Collection for Systems Programmers
Yet another programming blog. Thoughts on software and related misadventures.
About the Tailscale.com outage on March 7, 2024 https://tailscale.com/blog/tls-outage-20240307
Tailscale
About the Tailscale.com outage on March 7, 2024
On March 7, 2024, tailscale.com was unavailable for approximately 90 minutes due to an expired TLS certificate. We were able to identify and address the issue quickly, and the downtime was mostly limited to our marketing materials and documentation; stillβ¦
XZ backdoor: "It's RCE, not auth bypass, and gated/unreplayable." https://bsky.app/profile/filippo.abyssdomain.expert/post/3kowjkx2njy2b
Bluesky Social
Filippo Valsorda (@filippo.abyssdomain.expert)
I'm watching some folks reverse engineer the xz backdoor, sharing some *preliminary* analysis with permission.
The hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system().
It'sβ¦
The hooked RSA_public_decrypt verifies a signature on the server's host key by a fixed Ed448 key, and then passes a payload to system().
It'sβ¦
An unusual 7400-series chip implemented with a gate array https://www.righto.com/2024/03/idt-gate-array.html
Righto
Inside an unusual 7400-series chip implemented with a gate array
When I look inside a chip from the popular 7400 series, I know what to expect: a fairly simple die, implemented in a straightforward, cost-e...