edermi

@[email protected]
378 Followers
219 Following
330 Posts
it-security, FPV, anything I'm interested in. Personal opinions, occasional memes and shitposts
Bloghttps://edermi.github.io
Githubhttps://github.com/edermi
Twitter (inactive)https://twitter.com/michael_eder_
CityMunich 🥨
edermi1d ago
https://www.buchodi.com/bigo-ads-deploys-c2-style-infrastructure-to-survive-domain-bans-heres-the-decrypted-config/
BIGO Ads Deploys C2-Style Infrastructure to Survive Domain Bans. Here's the Decrypted Config.

The BIGO Ads SDK ships with an encrypted configuration file that maps out a global network of ad-serving domains, backup hosts, and failover infrastructure. The file is AES-encrypted with a hardcoded key, served from Alibaba Cloud, and designed to make the ad network resilient to domain blocking. The SDK source

Buchodi's Threat Intel
edermi3d ago
Show threadGrapheneOSMar 9
If banks and governments insist on checking devices for security they should define actual standards. It should be possible for any tiny project to be certified at no cost and the standards should be fairly enforced so a mainstream device without current patches is disallowed.
edermi6d ago
https://youtu.be/jZ4kh2cJyYM #FPV
Mr Steele 2026 Freestyle Rig With KISS? Apex ImpulseRC?

YouTube
edermiMar 11
Devine Lu LinvegaMar 6
I love how vibecoded commits are called vommits. It's so perfect.
edermiMar 10

nice

https://jyn.dev/remotely-unlocking-an-encrypted-hard-disk/

remotely unlocking an encrypted hard disk

what's a few systemd services in initramfs between friends?

edermiMar 10

"The Law of Frictionless Security: If a security decision requires no change to a business process, it likely provides no change to your actual resilience."

https://diablohorn.com/2026/02/27/invisible-security-requires-friction-first/

Invisible security requires friction first

Because a security decision without friction is just resilience without reality. Since I’ve been more involved in blue team operations and the corresponding decision making processes, it has …

DiabloHorn
edermiMar 8
Spring Training! #FPV #Racing
https://www.youtube.com/watch?v=BuRaK2iyhFI
Spring Training

YouTube
edermiMar 6
FlüpkeMar 5

Traffic That MUST NOT Be Dropped

https://datatracker.ietf.org/doc/html/rfc4890#section-4.3.1

RFC 4890: Recommendations for Filtering ICMPv6 Messages in Firewalls

In networks supporting IPv6, the Internet Control Message Protocol version 6 (ICMPv6) plays a fundamental role with a large number of functions, and a correspondingly large number of message types and options. ICMPv6 is essential to the functioning of IPv6, but there are a number of security risks associated with uncontrolled forwarding of ICMPv6 messages. Filtering strategies designed for the corresponding protocol, ICMP, in IPv4 networks are not directly applicable, because these strategies are intended to accommodate a useful auxiliary protocol that may not be required for correct functioning. This document provides some recommendations for ICMPv6 firewall filter configuration that will allow propagation of ICMPv6 messages that are needed to maintain the functioning of the network but drop messages that are potential security risks. This memo provides information for the Internet community.

IETF Datatracker
edermiMar 6
WurzelmannMar 5
Wieso darf Haferdrink nicht "Hafermilch" heißen, aber Cisco darf ihre Produkte "Cisco Secure Firewall" nennen?
edermiMar 6
jenny (phire)Mar 3

what the—and I cannot stress this enough—absolute fuck:

"...sensitive and personal footage captured by [Meta Smart Glasses]—including people going to the bathroom, getting dressed, and having sex—is being reviewed by contractors who see all of it uncensored."

https://gizmodo.com/dear-meta-smart-glasses-wearers-youre-being-watched-too-2000728928

Dear Meta Smart Glasses Wearers: You're Being Watched, Too

Not for your eyes only.

Gizmodo