Jacob Torrey

@jacobtorrey
13 Followers
98 Following
146 Posts
Food, computer security, volunteerism, travel, doggos, amateur radio newbie
Homepagehttps://jacobtorrey.com/
Bloghttp://blog.jacobtorrey.com/
Jacob TorreyNov 18, 2022
Lee Holmes Nov 18, 2022

🎉🎉🎉 Hotel and flights are covered!!! 🎉🎉🎉 - If you've got an idea for a talk, we'd love to see you at BlueHat!

Call for papers closes on December 8th: https://msrc-blog.microsoft.com/2022/10/13/bluehat-2023-call-for-papers-is-now-open/.

Jacob TorreyNov 18, 2022
Taylor ParizoNov 18, 2022

#TryHackMe is hosting an Advent of Cyber. Beginner friendly exercises AND prizes so anyone of any skill level can participate.

If coding is more your thing, @singe posted about #AdventOfCode which has small coding tasks each day

Hope to see a lot of progress from everyone. Maybe we can treat this like Wordle and share progress to keep everyone engaged?

https://tryhackme.com/christmas
https://adventofcode.com/

TryHackMe | Cyber Security Training

TryHackMe is a free online platform for learning cyber security, using hands-on exercises and labs, all through your browser!

TryHackMe
Jacob TorreyNov 18, 2022
PwnallthethingsNov 17, 2022

Keynotes and briefings from BlackHat 2022 are now online (h/t @eng) https://www.youtube.com/user/BlackHatOfficialYT

#infosec

Jacob TorreyNov 17, 2022
#AI-generated medical images are terrifying, this is what came back from the prompt of: 'xray of wrist' 😂
Jacob TorreyNov 17, 2022
Bob McIntoshNov 17, 2022

Water drops on moss sporophytes

#mosstodon #moss #sporophytes

Jacob TorreyNov 17, 2022
Yixin ZouNov 17, 2022
[Boost appreciated] A friendly reminder that #usec2023 submission deadline is tomorrow (Nov.18 Anywhere on Earth)! Information on research or vision track submissions can be found at the event website https://usablesecurity.net/USEC/usec23/. #infosec #security #privacy #chi #cscw
Call for Papers: Workshop on Usable Security and Privacy (USEC) 2023 – NDSS Symposium

Jacob TorreyNov 17, 2022
HD MooreNov 17, 2022
In which Ian Carroll casually compromises a Turkish root CA trusted by most browsers: https://ian.sh/etugra
Security concerns with the e-Tugra certificate authority

Certificate authorities (CAs) are a critical backbone of internet security; when they are compromised, users lose the ability to securely connect to websites without fear of interception. Websites cannot insulate themselves against a fully-compromised CA, even if they normally use other CAs.

Security concerns with the e-Tugra certificate authority
Jacob TorreyNov 16, 2022

I wanted to add a rand() biased default value to a column in #MySQL. To support replication, that is not allowed, so you must use a trigger. You cannot use the trigger to update the inflight INSERTed rows unless you set the trigger to occur BEFORE insert:

Example:
DELIMITER $$
CREATE trigger set_rand BEFORE INSERT on `tbl` FOR EACH ROW
BEGIN
IF NEW.randcol IS NULL THEN set NEW.randcol = FLOOR(RAND()*999999999);
END IF;
END$$
DELIMTER ;

Jacob TorreyNov 16, 2022
Dominic WhiteNov 15, 2022

Hidden gem in the paper just shared by @vanhoefm https://dl.acm.org/doi/abs/10.1145/3495243.3560530

A single frame can wake up (from power saving) all devices on a network and get them to respond with their real, not randomized MAC address. A beacon management frame with the Traffic Indication Bitmap (TIM) set to FF for all devices.

Non-cooperative wi-fi localization & its privacy implications | Proceedings of the 28th Annual International Conference on Mobile Computing And Networking

ACM Conferences
Jacob TorreyNov 15, 2022
Alex Plaskett Nov 15, 2022

An AArch64 fuzzer based on the Apple Silicon hypervisor. Looks like an interesting project and the docs are well written.

https://github.com/impalabs/hyperpom
https://blog.impalabs.com/2211_hyperpom.html

GitHub - Impalabs/hyperpom: AArch64 fuzzer based on the Apple Silicon hypervisor

AArch64 fuzzer based on the Apple Silicon hypervisor - GitHub - Impalabs/hyperpom: AArch64 fuzzer based on the Apple Silicon hypervisor

GitHub