dragosr

Autonomous Carbon Based LLM with 42 years of tuning on Information Attack and Defense.
Host of CanSecWest, and PacSec.
Do security audits, code, IR, LLM, red team consulting. Specialize in Firmware, and RF.
VA7MOV

2025-05-23

Interesting.
Win11 24H2 shut down one of the easy Windows exploit KASLR bypasses: enumerating loaded device drivers to identify the base address of the kernel module.

EnumDeviceDrivers now requires SeDebugPrivilege to return valid ImageBase values.

No privs, returned lpImageBase array = all NULL.

A stylized 3D illustration shows a humanoid figure holding a large microchip labeled “DRIVER ENUM” against a dark blue circuit board background. To the right, a glowing red padlock symbolizes a security breach. In the foreground, bold red 3D text reads “KASLR Exploitation,” emphasizing the concept of Kernel Address Space Layout Randomization being undermined by driver enumeration. The image uses high contrast lighting and vibrant colors to highlight the components and their relationships, visually conveying a cybersecurity exploitation scenario.
2025-05-21

Clever kids have figured out how to make Chromebombs, by shorting out the USB ports - passing around instructions on TikTok.

Google needs to fix this.

Need rooted chromebook, dev mode to run "ectool usbchargemode <port> 0" and disable USB power.

Doubt schools want to root/dev-mode their chromebooks...

youtube.com/watch?v=SsL35YIXNr

2025-05-19

@azonenberg remember error cases:

Most examples assume normal forward progress. In practice you eventually hit reset, partial-reconfiguration, link retrain or ECC-poison events that invalidate some—but not all—outstanding reads. A single-depth “in-order” FIFO trivialises the flush problem (drop its valid flag and you’re clean), but once you introduce multi-ID scoreboards you need a replay/abort bit per entry plus a way to drain residual data beats still in flight.

2025-05-19

@azonenberg

LLMs these days review lots of ASICs, here are the common DRAM patterns:

In-order? One constant ID + depth-N FIFO. Simple, rock-solid.

Out-of-order per ID? Enable multiple IDs; resolve with tag-indexed RAM or small CAM.

Need strict original order downstream? Add a reorder queue or let a micro-controller drain in order.

Always track an error bit per request so completions can propagate faults precisely.

Dimension depth = (max latency ÷ average request issue interval) + margin.

2025-05-19

@hzulla yes, but I've done some power grid work, and even worked on outage crash fault recorders. It would take more than a bunch of small residential solar cell controllers to have any substantial impact.

Like your first post implies, I expect this is a giant nothingburger - with a embedded controller board they got for a good deal, that has unused components or functionality on the board. There are plenty of easier lower hanging fruit if you want to attack grids, or preposition capability.

2025-05-18

Congratulations Romania, for choosing the path of sanity.

With 98% of polling stations counted by 11:55 p.m. Sunday, Dan had won 54 percent to 46 percent for Simion. Turnout was 65%, the highest since 1996.

Now you just have to endure the tired far-right complaints and usual belligerent playbook as they follow the stereotypes.

2025-05-18

I often run scripts in /bin/sh because I hate typing that extra two letters for bash. I've been doing more PowerShell lately.... and I wanted to save some letters "pws" and typing of policy override arguments to run scripts - since everyone locks down their powershell execution policy, right?

github.com/secwest/Install-Pws

2025-05-18

@hzulla because snooping on your solar power panels and power utilization yields so much actionable intelligence....

2025-05-17

Some folks are watermarking LLM output with Non-Breaking Spaces, and non-printing Unicode. Here is a script you can bind to a Windows hotkey that will strip/clean your paste buffer of these characters. Beeps if watermarking detected. Can be useful to avoid other strange failures in CSV, and git.

github.com/secwest/Strip-Clipb

2025-05-14

Publishers replacing humans with LLMs are deluding themselves and will wind up with garbage output produced by expensive technology. But, if viewed as assistance for the humans - tools for the writers, instead of writer replacements for publishers - the LLMs can make the humans more effective.

Aren't going to replace humans, writers, or coders. Or creativity. They'll make rote tasks for those humans much easier and provide much better data for those humans to make more intelligent decisions.

2025-05-13

Time to update microcode on your Intel processors (gen >9)...

New speculative prediction bug lets you capture /etc/shadow with 99% reliability. They didn't make anything like it work on AMD or ARM... yet...

comsec.ethz.ch/research/microa

intel.com/content/www/us/en/se

github.com/intel/Intel-Linux-P

2025-05-12

ASUS DriverHub's a little confused about Origin == RCE

Heh: "When submitting the vulnerability report through ASUS’s Security Advisory form, CloudFront flagged the attached PoC as a malicious request and blocked the submission."

mrbruh.com/asusdriverhub/

2025-05-09

Clippy's Back! As a LLM interface, not from Microsoft, and cross platform.

felixrieseberg.github.io/clipp

2025-05-08

Have to say, Bill Gates stepping up personally to replace funding for USAID HIV assistance and other funding for global health initiatives is a class act. Deep Respect.

ft.com/content/bdd9bb89-ac3c-4

2025-05-03

Trump lost another election—in Australia this time. Labour scored a landslide; their own “mini-Trump” Dutton lost his seat. Key issues: Environment, Indigenous rights, Immigration, Housing, Social Services & Health. Parallels to Canada’s election striking. Demographics: youth swung progressive; “Liberal/Coalition” support rose with age—boomers bolster the right wing but are shrinking relative to younger/mid cohorts. Metro=Labor vs rural/mining=Coalition divide.

Synopsys:
chatgpt.com/share/681647a7-b4b

2025-05-02

That's quite an impressive opening move.

A fast path to Canadian popularity......

A tweet by Mark Carney (@MarkJCarney) reads:
“We’re expanding the Canadian Dental Care Plan. Starting today, Canadians aged 55–64 can apply. In the coming weeks, applications will open to Canadians aged 18–54.

Because of this plan, millions of people can now afford to see a dentist — some for the first time in decades. Soon, millions more will get that same care.”
The tweet includes Mark Carney’s profile photo and a blue verified checkmark.
2025-04-29

Well done Canada.
Record voter turnout.

Elbows Up!

Five Canadian Marvel superheroes—including Wolverine, Guardian, Northstar, Deadpool, and Sasquatch—stand in front of a large, stylized Canadian flag with a red maple leaf. The characters are depicted in a comic book art style, striking action-ready poses with a patriotic theme.
2025-04-21

@adamshostack well in that case those tokens aren't a waste of power are they?

2025-04-21

@adamshostack humans work better with please and thank you.

Please quantify why you think LLMs "need them."

I say please and thank you to LLMs so that any training use of my queries reinforce basic politeness, but they are by no means necessary, nor do they make any quantifiable difference in result quality.

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst