When I was young, I was an active user of what would now be called social media. vBulletin and phpBB boards, IRC channels, LiveJournal... I made lifelong friends this way, when I get married in a few months time, two friends I met on IRC and still switch between thinking of them as their handles or "real" names will be my bridesmen.

I know modern social media is not the same as it was then, but a lot of that is down to less active moderation than you had in these smaller communities as a result of centralisation by Silicon Valley tech firms combined with algorithms and incentives that intentionally or not resemble the same rush as gambling. This does not just affect children, and a ban is the wrong answer to this problem.

Wir freuen uns auf euch am Fest für Alle!

https://sigma-star.at/blog/2026/06/trustzone-intermezzo/

Tell me you are in Austria without telling me.

just saying...

@manut Great idea! Let me check my calendar 😅

https://sigma-star.at/blog/2026/05/you-probably-dont-need-yocto-and-thats-fine/

I'm so disheartened about my job. We had a training about AI, and the person presenting just sounded so in love with it. Not as in appreciating a good tool to use, not like loving a new tool. She was actually in love with it, and even admitted to the need to stop thinking of AI as if it's a real person.

She excitedly talked about human-like responses to her prompts, as if someone she has a crush on gave her attention.

When I talk about my dislike for AI, how it can't be used ethically, how flawed it can be, I'm telling people that their crush is evil. They are reacting in a predictable way: with anger and hurt. It's an emotional topic.

Talking about a set of code shouldn't be this emotional. The data centers that are the beating hearts of their love interests get a pass from them; they would destroy the whole planet to maintain this dopamine high and in fact they are gladly doing so.

#NoAI #AISlop

hi everyone

given one #bitlocker #0day is already out there, here's my own bitlocker 0day, I added it to my repo listing bitlocker attacks.

Introducing "ram leak": https://github.com/Wack0/bitlocker-attacks#ram-leak

As we all know, the boot environment allows booting from a ramdisk. This involves loading a file from disk into RAM, as expected.

However, "file" and "disk" can be arbitrarily chosen, and "disk" being a BitLocker encrypted partition is a supported scenario. Using another trick (same one used with bitpixie earlier) it's possible to get the keys derived without going through the legacy integrity validation checks too if relevant.

You can see where this is going. It's possible to leak any file from a bitlocker encrypted OS partition into RAM as long as you can get the keys derived (ie, TPM-only scenario).

The catch is that booting into the NT kernel marks that memory area as free so it could get overwritten there, but there are other ways to dump the memory area, and a PoC is included with my preferred method (it's only a PoC so just displays a hexdump of the first sector of the file)

The video shows successful exploitation in my test VM, it has secure boot enabled (you can tell because VMware shows an efi shell option on the boot menu when secure boot is disabled).

#infosec #windows

In the 15+ years people have been promoting blockchains, this flowchart remains undefeated.

Morgen (Samstag) ist Roller Derby!

https://fearlessbruisers.at/events

#Innsbruck #FearlessBruisers #RollerDerby

Adding a new module to a dracut-based initramfs which simply loop mounts a squashfs file is apparently nothing you can achieve within one evening. It's amazing and sad to see what a complex beast this has become.
P.S: Yes, yes, I know about dmsquash-live.

https://www.freewear.org/C

Today's Low Quality Ad is for this Myth of Syphilis Pin. I love Greek Mythology. Keep trying pal, you'll get it some day.
https://collabs.shop/yh04rj

@xahteiwi vim? 🤪

💥Over 20 years ago, back when I was a rookie, students in D.J. Bernstein's UNIX security course disclosed 44 vulnerabilities all at once. It was a big deal in the infosec world.
Fast forward to today? 271 AI assisted vulnerabilities were just patched in Firefox 150, and nobody is even surprised. 🤖
It's wild to see how much the scale of cybersecurity has changed. ⏳

Want to keep up with the latest #Artemis chatter? Come visit our toilet!

#Artemis2 #ArtemisII #space #hackerspace

Just one week to go!

Grab massive community discounts on paper-based Linux Professional Institute (LPI) exams to be held during @linuxtage, Apr 10–11, in Austria! 🎉

€70 for Essentials / €110 for all other exams. (limited seats)

This offer is sponsored by our partners OSC - LPI Channel Partner and Linux Training @wefinet. 🙌 💛

Learn more: https://lpi.org/d9ng

#GLT26 #Linux #opensource #FOSS #SysAdmin #DevOps #LPIC #LinuxEssentials #WebEssentials #SecurityEssentials #LinuxDay #linuxtage

There's a lot about the whole "AI topic" where I don't know what I should think. But I am quite worried what the flood of low-quality "AI" code will do to the free and open source ecosystems.
I found this mail from Michał Górny, one of the most active developers at Gentoo Linux (full disclosure: I'm also a Gentoo developer, but not one of the most active ones 🙂 ), about the issues the ecosystem is facing, quite insightful:
https://www.mail-archive.com/gentoo-dev@lists.gentoo.org/msg102518.html

Was für eine coole Idee ist das?!
Kafka ist drei Dauereien