dugite-code

@dugite_code
31 Followers
30 Following
774 Posts

Dugite-Code is one of my internet Pseudonym's.

I am interested in Art, Technology and "Hacking" things to work how they should. If I can create something it makes me feel fulfilled to do so.

Bloghttps://peekread.info
Githubhttps://github.com/dugite-code
dugite-code7h ago
S1m19h ago

Good to see a POC that shows how useless security-wise is the Play Integrity:

Android LPE using DRAM bitflip => https://bsky.app/profile/retr0.id/post/3mljtyauw322d

A requirement to get any security protection with the Play Integrity is that attackers can't bypass it on any device.

As soon as an attacker can bypass it, it is possible to distribute app clones (fake banking app) that proxy-pass the Integrity requests to a controlled device, defeating the Play Integrity.

On the other side, how many users are locked-out of critical services because of the Play Integrity? For legit users, any non-trivial workaround is a blocker.

Play Integrity is not about security, but about coercition, Google's tool to impose their conditions: eg. forcing OEM to preinstall their apps, some with privileges (Chrome, Youtube, Play Services, etc)

#Google #PlayIntegrity #Android #LPE

David Buchanan (@retr0.id)

injected frida-gadget via slightly modified AndKittyInjector

Bluesky Social
Show threaddugite-code7h ago
@ironicbadger
My only note, you guys audio is mixed a bit quiet. Love the content, glad to have you back podcasting
dugite-code7h ago
Alex Kretzschmar12h ago

If you've been missing #selfhosted podcast since it wrapped, then there's a new show in town. The spiritual successor. Check it out!

https://bitflip.show

BitFlip.show

The pragmatic side of infrastructure. A podcast hosted by Alex, Adam, Geoff, and Stephen.

dugite-code7h ago
Ars Technica11h ago
Data center used 30 million gallons of water without initially paying
Can AI save us from the AI industry’s endless thirst for water? Outlook not so good.
https://arstechnica.com/tech-policy/2026/05/data-center-used-30-million-gallons-of-water-without-initially-paying/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social
dugite-codeApr 23
IzzyApr 16

Remember? "Sideloading" is here to stay, and won't go away, they said? Don't be afraid, they said? Something something "we heard you"? Suuuure! Who would ever doubt it!

Attached the copy of a mail developers with apps in the PlayStore CURRENTLY receive. Please, read the text in the red box carefully:

"Apps not registered by September 2026 WILL NO LONGER BE INSTALLABLE ON CERTIFIED ANDROID DEVICES in select countries."

See an exception there? I don't.

#Google #Android #DeveloperCertfication

dugite-codeApr 19
Jim SalterApr 16
"Sysadmins don't need to be technical, they just need to use ChatGPT!" I feel like somebody just shit in my coffee cup over standard SMTP.
dugite-codeMar 22
Show threadIzzyMar 20

Day 4. A response, finally. The usual clown message: Review failed. Well, the "clown message" is the one in the attached graphic: They don't know themselves. Something something link, but they don't know which. Or, in other words: "These URLs host malware or unwanted software downloads: None". 🤦‍♂️

If that's how reliable their services are, maybe they should NOT hold the keys to the entire Internet (and app stores)? 🤔

#Google #SafeBrowsing

dugite-codeMar 22
Show threadyou're all idiotsMar 20

@gloriouscow @thias here's my tip:

Paste the labels on the *inside* of the box. They don't strip off, never get lost.

#electronics

Show threaddugite-codeMar 22
@arstechnica
too little, too late for me. I've moved off windows on my personal machines to linux for good now. It's unlikely I'll ever go back
Show threaddugite-codeMar 19
@arstechnica
The 20 app limit for personal apps shows how ill thought out this all is. CICD pipelines make this trivial to bypass for scammers while only impacting legitimate users