Readit News logoReadit News
0x0 commented on iOS 18.6.1 0-click RCE POC   github.com/b1n4r1b01/n-da... · Posted by u/akyuu
0x0 · 4 days ago
Surprised to see no patch available for watchOS, which can also receive images via iMessage. Not important enough to patch, or not vulnerable, or just not exploited in the wild yet?
0x0 commented on Microsoft Edit   github.com/microsoft/edit... · Posted by u/ethanpil
0x0 · 2 months ago
I was hoping this would work over ssh in a macOS Terminal.app, but last I tried it was inserting all kinds of weird characters into the edited text files.

Windows ships an official OpenSSH server these days, but so far there haven't been any good official text editors that work over OpenSSH, as far as I know.

I've had to resort to "copy con output.txt" the few times I needed to put things into a text file over windows-opensshd...

0x0 commented on Beating Google's kernelCTF PoW using AVX512   anemato.de/blog/kctf-vdf... · Posted by u/anematode
rfoo · 3 months ago
Boss want a strictly fixed budget for running those cool programs. The rationale behind these programs (at least partially) is about measuring exploits and mitigations dynamics, not buying bugs. And, Linux is just too buggy that if you pay for every 0-day it's basically out of control. Google tried to do so (and to drain people's hoarded bugs) once, ran a limited time promotion with no race, every 0 day counts, got flooded.

And at the same time you don't want to piss the community, so here we go.

0x0 · 3 months ago
If linux kernel security really is so bad that google had to add a proof-of-work to introduce a 4 second race for 0day submissions, I'm surprised they're ok with still using the Linux kernel as the base for Android.
0x0 commented on Mozilla to shut down Pocket and Fakespot   support.mozilla.org/en-US... · Posted by u/phantomathkg
thayne · 3 months ago
Safari only exist on Apple devices, and generally had even less features than Firefox.
0x0 · 3 months ago
> Safari only exist on Apple devices

Webkit, at least, builds on a lot more platforms than you think. Take a look at https://build.webkit.org/#/builders

I'm seeing at least three other MAJOR platforms:

  • GTK-Linux-64-bit-Release-Build
  • PlayStation-Release-Build
  • Windows-64-bit-Release-Build

Deleted Comment

0x0 commented on Ssl.com: DCV bypass and issue fake certificates for any MX hostname   bugzilla.mozilla.org/show... · Posted by u/xPaw
0x0 · 4 months ago
So I guess you couldn't get certificates for any random (MX) domain, only for those where you can obtain an inbox / user account. Still really bad, especially for things like gmail.com, but also larger enterprises. Intense.
0x0 commented on Busy Bar   busy.bar... · Posted by u/jbernardo95
0x0 · 5 months ago
I saw this on twitter a few hours ago on my phone, and misread the price as $25, so I was considering maybe putting in an order or even two, but when I revisited the site on my laptop and discovered it was $250, my curiosity hit a wall. Looks like a super neat product but unfortunately a bit overpriced for a gimmick.
0x0 commented on Rsync replaced with openrsync on macOS Sequoia   derflounder.wordpress.com... · Posted by u/zdw
0x0 · 5 months ago
I recently ran into an issue with this because building an iOS .ipa from the command line with xcodebuild apparently ends up shelling out to call rsync to copy some files between local directories, and because I had homebrew rsync earlier in $PATH, it would end up running homebrew rsync, but xcodebuild passed an openrsync-only command line argument "--extended-attributes" that homebrew rsync doesn't understand and would exit with a failure.

u/0x0

KarmaCake day17974October 27, 2010View Original