duck
Ivan FratricNew Project Zero blog post in which I dissect Apple DER-encoded entitlements and tell a story about how I found a fun (albeit short-lived) bug in the way they were decoded. https://googleprojectzero.blogspot.com/2023/01/der-entitlements-brief-return-of.html
グレェ「grey」@ifsecure "The fix for the Psychic Paper bug: originally, the problem occurred because Apple had four XML parsers in the OS, so, surprisingly, the fix was to add a fifth one."
Gotta keep Wirth's law stable I guess?
Here's hoping Apple deprecates SHA-1 usage entirely sooner than later (I thought it was already considered worth deprecating way back in 2005 at least)?