Readit News logoReadit News
lauriewired commented on Let's Learn x86-64 Assembly (2020)   gpfault.net/posts/asm-tut... · Posted by u/90s_dev
Razengan · 5 months ago
I wish there were more articles and resources about modern ARM assembly. Not that I ever will or have programmed in Asm, but I like learning about it and imagining I will, and Intelisms feel so archaic and crusty in comparison.
lauriewired · 5 months ago
This is my own channel, but I made a 10+ part series on modern ARM assembly you may find interesting. I used CPUlator for the demonstrations, which is a nice way to inspect the memory as well as the individual registers as you are running a program.

All runs in the browser:

https://youtube.com/playlist?list=PLn_It163He32Ujm-l_czgEBhb...

lauriewired commented on What if humanity forgot how to make CPUs?   twitter.com/lauriewired/s... · Posted by u/Tabular-Iceberg
palmotea · 7 months ago
This has a ton of holes:

> Z-Day + 15Yrs

> The “Internet” no longer exists as a single fabric. The privileged fall back to private peering or Sat links.

If you can't make CPUs and you can't keep the internet up, where are you going to get the equipment for enough "private peering or Sat links" for the privileged?

> Z-Day + 30Yrs

> Long-term storage has shifted completely to optical media. Only vintage compute survives at the consumer level.

You need CPUs to build optical media drives! If you can't build CPUs you're not using optical media in 30 years.

> The large node sizes of old hardware make them extremely resistant to electromigration, Motorola 68000s have modeled gate wear beyond 10k years! Gameboys, Macintosh SEs, Commodore 64s resist the no new silicon future the best.

Some quick Googling shows the first IC was created in 1960 and the 68000 was released in 1979. That's 19 years. The first transistor was created in 1947, that's a 32 year span to the 68k. If people have the capacity and need to jump through hoops to keep old computers running to maintain a semblance of current-day technology, they're definitely f-ing going to have been able to repeat all the R&D to build a 68k CPU in 30 years (and that's assuming you've destroy all the literature and mind-wiped everyone with any knowledge of semiconductor manufacturing).

lauriewired · 7 months ago
> If you can't make CPUs and you can't keep the internet up, where are you going to get the equipment for enough "private peering or Sat links" for the privileged?

Storage. You only need a few hundred working systems to keep a backbone alive. Electron migration doesn’t kill transistors if they are off and in a closet.

> You need CPUs to build optical media drives! If you can't build CPUs you're not using optical media in 30 years.

You don’t need to make new drives; there are already millions of DVD/Bluray devices available. The small microcontrollers on optical drives are on wide node sizes, which also make them more resilient to degradation.

> they're definitely f-ing going to have been able to repeat all the R&D to build a 68k CPU in 30 years (and that's assuming you've destroy all the literature and mind-wiped everyone with any knowledge of semiconductor manufacturing).

If you read the post, the scenario clearly states “no further silicon designs ever get manufactured”. It’s a thought experiment, nothing more.

lauriewired commented on Ask HN: Where are people sharing their blogs these days?    · Posted by u/leonheld
lauriewired · 8 months ago
It takes a bit of curation, but I find substack's algorithm to be quite good at recommending other bloggers I'd be interested in.

It's also pretty trivial to find what writers other bloggers enjoy based on the "reads" list tab. My algorithm is:

-> Find blogger you like -> Check their substack "reads" for other writers -> Repeat

lauriewired commented on Fundamental flaws of SIMD ISAs (2021)   bitsnbites.eu/three-funda... · Posted by u/fanf2
lauriewired · 8 months ago
The three “flaws” that this post lists are exactly what the industry has been moving away from for the last decade.

Arm’s SVE, and RISC-V’s vector extension are all vector-length-agnostic. RISC-V’s implementation is particularly nice, you only have to compile for one code path (unlike avx with the need for fat-binary else/if trees).

lauriewired commented on MCP server for Ghidra   github.com/LaurieWired/Gh... · Posted by u/tanelpoder
qwertox · 9 months ago
Which tools can currently invoke MCP? I have read only a little about MCP and got to know that Claude's desktop application is capable of using MCP locally.

Are there any chat interfaces which allow using MCP remotely?

I would like to be able to specify MCP endpoints and the functions they offer in ChatGPT's, Claude's and Gemini's web interfaces so that I can have them call my servers remotely. A bit like "GPTs" and "Gems".

lauriewired · 9 months ago
I touch on this briefly in the video, beside Claude Desktop, 5ire is a fairly model-agnostic local MCP client, I'm sure there are others.

sama also recently mentioned ChatGPT Desktop is getting MCP client functionality "soon".

As for remote clients, Cloudflare has some really useful tooling, look at their "AI Playground".

lauriewired commented on Malimite – iOS and macOS Decompiler   github.com/LaurieWired/Ma... · Posted by u/tW4r
kkarakk · a year ago
wow, is that a voice filter? or is she really doing a baby voice?
lauriewired · a year ago
That's just my natural speaking voice. I'm a small person, and everyone sounds different.

I'd be happy to focus on the tool, or the content of the channel, rather than how I sound.

lauriewired commented on Malimite – iOS and macOS Decompiler   github.com/LaurieWired/Ma... · Posted by u/tW4r
ghostpepper · a year ago
What parts of ghidra do you find most limiting? I thought it was supposed to be "almost as good" as IDA in terms of features, if not UX polish.
lauriewired · a year ago
Ghidra is very feature-rich for code decompilation, however it doesn't handle dropping in an entire application bundle; only single executables.

Apple application files are special, bundling up resources and (potentially multiple) executables into the same package.

Many of these resource files are important for analysis, but have custom encodings by Apple. Malimite "digests" this information into a logical way.

lauriewired commented on Malimite – iOS and macOS Decompiler   github.com/LaurieWired/Ma... · Posted by u/tW4r
saagarjha · a year ago
(This is LLM-powered and based on Ghidra, fwiw)
lauriewired · a year ago
It’s more like LLM-optional.

Malimite is first and foremost intended to be a tool to help Reverse Engineer iOS/Mac binaries, much like JADX for Android.

As it turns out, LLMs are quite good at “converting” C-Pseudocode into an approximation of the original Swift or Objective-C code. Therefore, you can optionally use the LLM extension to help analysis.

Of course, it’s not 100% accurate, but significantly easier to read, and I find it to save hours of manual research.

lauriewired commented on Malimite – iOS and macOS Decompiler   github.com/LaurieWired/Ma... · Posted by u/tW4r
adeon · a year ago
Starting this year I started learning bunch of security topics and Ghidra is something I started learning. I decompiled some games and getting comfortable how to work a project, teach Ghidra structures etc.

Am I right in looking at Malimite here and reading "Built on top of Ghidra decompilation to offer direct support for Swift, Objective-C, and Apple resources." that this is not a Ghidra extension but rather it is using a piece of Ghidra (the decompilation) like a backend? Malimite here is presented as its own piece of software.

Asking as a Ghidra noob who doesn't know all the ways Ghidra can be used: Would it make sense for something like this to be a Ghidra extension instead? I.e. give Ghidra some tooling/plugin to understand iOS apps or their languages better, instead of a new app that just uses parts of Ghidra. Also the Malimite screenshot in the page looks similar to Ghidra CodeBrowser tool.

Asking because it feels like it could be: from the little I've used Ghidra so far, looks like it is designed to be extendable, scriptable, usable by a team collaborating, etc. And Ghidra seems more holistic than just focusing on decompiling code.

lauriewired · a year ago
It might be better to think of Malimite as "JADX but for iOS/Mac".

(JADX is a very popular Android decompiler)

Ghidra is quite limiting, and the workflow makes iOS reverse engineering quite cumbersome.

Malimite is intended to have a swappable back-end, so theoretically compilers other than Ghidra can be used in the future.

lauriewired commented on Malimite – iOS and macOS Decompiler   github.com/LaurieWired/Ma... · Posted by u/tW4r
lauriewired · a year ago
Hi everyone, I'm the creator of Malimite. I actually released this as part of a conference talk at Objective By the Sea, which you can see here:

https://youtu.be/vWdKjVCZtTI

It gives a good overview of the development process as well as my motivations for creating it. The tool will also be on homebrew shortly :)

l

u/lauriewired

KarmaCake day215January 11, 2023
About
Reverse engineer specializing in cross-platform malware analysis with a focus on mobile threats.

youtube.com/@lauriewired

View Original