Martin Schmiedecker

Automotive security by day, online privacy by night. Digital forensics & teaching it in between.

Martin Schmiedecker boosted:
2025-07-05

Landgericht Leipzig spricht Facebook-Nutzer eine Entschädigung von 5.000 Euro wegen Datenschutzverstößen durch die Business Tools von Meta zu

LG Leipzig, Urteil vom 04.07.2025, 05 O 2351/23

medienservice.sachsen.de/medie

Martin Schmiedecker boosted:
2025-07-04

From 7 July to 18 July 2025, CIRCL will host a two-week online training event featuring hands-on sessions on various tools developed and maintained by CIRCL, as well as training in digital forensics and incident response (DFIR) techniques.

All time slots are in local Luxembourg time. The sessions are open to everyone: just connect using the provided Zoom link.

#training #cybersecurity #threatintel

🔗 circl.lu/pub/vss-2025/

Martin Schmiedecker boosted:
cR0w :cascadia:cR0w@infosec.exchange
2025-07-03
Four panel comic from Cyanide and Happiness, slightly modified.

Panel 1: Green says "Hey, check out my butt"

Panel 2: Orange looks at Green's butt. The left cheek has a "." and the right cheek has a "/".

Panel 3: Orange says "You misspelled ../"

Panel 4: Green spreads their butt cheeks apart, slightly horrifying Orange.
Martin Schmiedecker boosted:
2025-07-03

roses are red,
hackers are leet,
https://arxiv.org/abs/1904.09828

Martin Schmiedecker boosted:
2025-07-03

When your salad ingredients see what you just did to their mates.

A terrified pepper
Martin Schmiedecker boosted:
Tactical Tech ✅info_activism@mastodon.cc
2025-07-03

🎥New video series! Discover how OSINT, storytelling, mapping & teamwork enhance investigations during global crises. Experts unpack tech myths, mapping, & more. By Jürgen Geuter, Riccardo Pravettoni, Kaamil Ahmed, Jasmine Erkan & Wael Eskander. Watch now👉 exposingtheinvisible.org/en/fi

Martin Schmiedecker boosted:
BornHackbornhack
2025-07-03

We are thrilled to announce that the program for 2025 is now available on our website! We still have more slots available, so participants are more than welcome to continue submitting content via the content submission system.

For more information, please check out our news post at bornhack.dk/news/2025-07-03-bo or go directly to the program at bornhack.dk/bornhack-2025/prog

Tesla coil demonstration and presentation from BornHack a few years back with a very exciting speaker pointing out an unknown detail on the screen.
Martin Schmiedecker boosted:
Security Research Labssrlabs@infosec.exchange
2025-07-03

Unveiled at #TROOPERS25 - Hexagon fuzzing unlocked

Hexagon is the architecture in Qualcomm basebands - they power most of the world's leading smartphones.

Until now, this baseband was out of reach.

We released the first open-source toolchain for system-mode Hexagon fuzzing, presented by Luca Glockow (@luglo), Rachna Shriwas, and Bruno Produit (@bruno) at @WEareTROOPERS

Full post: srlabs.de/blog-post/hexagon-fu

How we opened up mobile firmware in 3 steps:
1. Boot real iPhone basebands with a custom QEMU fork
2. Rust-powered fuzzer controls execution via JSON configs
3. Ghidra integration maps coverage across threads

This brings full visibility to Qualcomm’s 4G/5G/GPS stacks.

Reproducible. Extendable. Open source.

Hexagon’s no longer off-limits - mobile security just got a lot more transparent.


🔗 Try it yourself: github.com/srlabs/hexagon_fuzz
📚 Docs: github.com/srlabs/hexagon_fuzz
🖥️ Slides from Troopers25: github.com/srlabs/hexagon_fuzz
🛠️ Issues, ideas, or contributions? PRs welcome.

Martin Schmiedecker boosted:
2025-07-03

I am pretty thrilled that @Elastic open-sourced DevFiler, a Desktop interface to continuous profiling, originally written by @athre0z. It's cool stuff, give it a try! And thanks to the Elastic folks that made it happen!!!

github.com/elastic/devfiler

Martin Schmiedecker boosted:
Pass the SALT Conferencepassthesaltcon@infosec.exchange
2025-07-03

LIVESTREAM
🎦 As a reminder, our great speakers and their talk can be watched live at:

live.pass-the-salt.org/ 🔥

Powered by the great work of our friends from ubicast.eu/ 🙏

Martin Schmiedecker boosted:
cR0w :cascadia:cR0w@infosec.exchange
2025-07-02

New CVSS perfect 10 logo.

The tired face emoji mixed with the party emoji.
Martin Schmiedecker boosted:
Zack Whittakerzackwhittaker
2025-07-02

Catwatchful is now, by our count at TechCrunch, the 26th stalkerware operation to have been hacked, breached, or otherwise lost or exposed its users' or victims' data since 2017.

That's 26 reasons alone why you should never use a stalkerware app.

Here's more from @lorenzofb on the dangers of stalkerware.

techcrunch.com/2025/07/02/hack

Martin Schmiedecker boosted:
2025-07-02

Massive MicroSD card testing database exposes fakes, charts performance and endurance — 200 cards tested, 51 to destruction; 8 machines running 70 card readers wrote 18 petabytes for testing
tomshardware.com/pc-components

Posted into SSDs: News, benchmarks, reviews and more @ssds-news-benchmarks-reviews-and-more-TomsHardware

Martin Schmiedecker boosted:
2025-07-01

GrapheneOS version 2025063000 released:

grapheneos.org/releases#202506

See the linked release notes for a summary of the improvements over the previous release.

Forum discussion thread:

discuss.grapheneos.org/d/23564

#GrapheneOS #privacy #security

Martin Schmiedecker boosted:
2025-07-01

TIL in Firefox about:config:

widget.gtk.overlay-scrollbars.enabled = false
widget.non-native-theme.gtk.scrollbar.thumb-size = 1
widget.non-native-theme.scrollbar.style = 4
widget.non-native-theme.scrollbar.size.override = 16

Gets you scrollbars that are actually visible and clickable with the mouse.

Martin Schmiedecker boosted:

👋 Hello, Fediverse! Your favorite dynamic instrumentation toolkit is here! 🧪

Martin SchmiedeckerFr333k@infosec.exchange
2025-06-30

This menu on the #sec25 conference website confuses me - did @usenixassociation build a timetable with only half the papers, or did the conference co-hosting usable security forgot the submenu listing the second half of the papers? usenix.org/conference/usenixse

Screenshot of the menus for the usenix security timetable
Martin Schmiedecker boosted:
2025-06-30

Really interesting paper by Sharad Agarwal and Marie Vasek of UCL just presented at WEIS:

Examining Newly Registered Phishing Domains at Scale

Shows differences in trends and behavior between compromised websites used for phishing, mixed datasets, and newly registered phishing domains, with a focus on the latter.

#infosec #cybersecurity #threatintel

PDF link: kmlabcw.iis.u-tokyo.ac.jp/weis

Martin Schmiedecker boosted:
peter purgathoferpeterpur@hci.social
2025-06-30

as promised: a less misogynist version of the meme.

left half: man standing in a meadow, enjoying the rain; text: »People who trust chatGPT«. right half: guy peeing against a high wooden fence, with the urin spraying over the fence; text: »chatGPT«.
Martin Schmiedecker boosted:
2025-06-30

Today we installed the first fibre on the field (1km of single mode fibre)… thanks to everyone who helped out today! :)

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst