Mastodawn

Aleks 1d ago

Adrian Sanabria 1d ago

At RSA, when you’re at one of the main hotels, vendors leave marketing stuff at your door or in your room.

Cisco distributed full-on video players with built-in li-ion batteries and I just now found time to dig into it.

Aleks 6d ago

BalCCon 6d ago

We probably shouldn’t be doing this.
This message may or may not have been intercepted.
If you are reading this, you are already involved.
Hackers, breakers, builders, and curious minds — this is your signal.
We’re opening the Call for Papers for Balkan Computer Congress - BalCCon2k26.
If you’ve built something interesting, broken something important, or learned something the hard way — come share it.
https://cfp.balccon.org/balccon2k26-2026/

BalCCon2k26

Schedule, talks and talk submissions for BalCCon2k26

Aleks Mar 9

Kenneth Finnegan Dec 11, 2022

One of my nice friends at Hurricane Electric gave me a dead 100G-LR4 optic to tear apart for your entertainment, so for the sake of your entertainment, lets dig into it! 🧵

Aleks Feb 9

NTLLM , wonder what it would look like…

@nor4 There you go.

That really only happens to me: I am still doing some carnival event related things in my hometown. Last week the owner of the company contracted for stage audio and lighting approached me (he's been doing that for years and we know each other from these events) and told me he recently wanted to buy a single photo printer and found one on a surplus auction website. What ye didn't realize was that he ordered a whole pallet of these fucking things for less than 200€.

Now he sits on a bunch of these printers, but the catch is they are an OEM variant and the media kits (paper and ink essentially) are differently coded and incompatible between the OEM version he has and the original. Theory is it's all just software enforcing that as usual. He has a firmware updater containing the original firmware, but the updater refuses to install it.

Me: "Can't be that hard to convince the thing otherwise"
Him: "Okay, I'll get you one next week if you want"

Now I have one of these printers in the back of my car. Dude knew exactly how to nerd-snipe me and I'm not even mad.

I just asked him for the original firmware. He downloaded it on his phone, extracted the Zip and I saw a ".S" file next to the exe that is the updater. In the preview on the iPhone the file format looked familiar.

Me: "Can you open that file there? Oh look! That's a Motorola S-Record file! And that's most likely the firmware. And you see these patterns all over the place? It's not even encrypted..."
Him: "What the fuck?"

He also got me two weird Intel Atom kiosk PCs with an 11 inch touchscreen in the front: "Oh, these are terminals that are usually connected to these printers in shops where you can have your pictures printed. I thought you might have some use for them, so I brought you two as well. I paid about 0,70€ per box, just take them"

🤷‍♂️

Aleks Jan 14

Very cool writeup detailing the steps for reverse engineering an ECC algorithm of a raw NAND flash dump without fancy tools of suspicious origin! https://infosec.exchange/@neodyme/115893392115590628

Neodyme (@[email protected])

Drones are hot - their security is not. Here is how we removed the NAND, dumped firmware, and reverse-engineered ECC on a consumer drone. Stay tuned for part 2! https://neodyme.io/de/blog/drone_hacking_part_1/

Infosec Exchange

Aleks Jan 9

The hell is GhidraLite? Somebody is having fun , wonder what it serves you if you visit from a different OS. Bad google.

Aleks Jan 2

Aleks Dec 22

Did someone get you this air quality monitor as a gift? I wanted to have it log the data, but didn’t quite trust it with internet access. I dug around a bit, got a root shell and untethered it. Read the writeup: https://blog.29b.net/dispatches/cgs2_decloud/

Aleks Jan 1

You get a lot of those happy new year email that you ignore , but this one from WHOI is just amazing https://www.whoi.edu/campaign/why-the-ocean/