| Website | https://www.wallenborn.net |
| Podcast | https://armchairinvestigators.de |
| Reversing Classes | https://mal.re |
I can't tell you how much you should watch this video if you like the moon, or astronomy, or just space.
Hank Green put together a half-hour video "Explaining the Most Important Artemis II Photos". It's a very different feel from his usual videos. He uses a calm, conversational tone, and he doesn't appear on screen. Instead, he shows us pictures from space and explains why they're remarkable.
100% worth your time if you like space at all.
I think this wasn't mentioned on the Fediverse yet, so here we go: https://malshare.com is back up! If you've never heard of it: It's an openly developed and cost-free malware repository. As a resarcher, you can register an account and upload and download malware samples to share with other researchers. You only need an email address (feel free to use a throw-away). This sadly became necesarry btw to avoid abuse.
Anyway, we've been hard at work to discuss scope (and reduce it), did some spring cleaning, and automate as much as possible.
A couple of changes:
* CI/CD via github actions
* got rid of YARA scanning
* allowed URL submissions
* got the daily digest working again
Esp. not scanning with YARA anymore was a hard decision. Because without that, it's really just SHA256s. But it's surprisingly hard to run YARA at scale. And in the end, we figured: before there's no MalShare, let's have one without YARA.
We also centralized all issue tracking on https://github.com/Malshare/MalShare/issues. There were issues over 4 years old. We've addressed a couple and the plan is to not let it come to this in the future. Speaking of: please reach out if you want to get involved, we are not that many people and can use any help. There's also donation options to cover hosting cost (we have a lot of malware...).
I wouldn't necessarily call it a treasure trove but I have a bunch of raw notes on all kinds of technical topics. Some of those are quite obscure and at least at the time I couldn't find any other source on the open web documenting that stuff. Generating form letters in Word on Windows from a web app via protocol handlers and PowerShell — to give an example from to top of my head.
I also run a blog at https://ntf.sh with some friends. So I do have a self-hosted established way of publishing this kind of stuff. And finally, like everyone on the planet, I have limited time. Assuming that I'll simply not publish any of this without help from AI, what does my bubble here think I should do? (I know some of you are quite opposed to using AI for content production).
Also happy to hear alternative solutions as responses here! But just publishing those notes (as is or with some light manual editing) is not an option: They might contain specifics I can't talk about publicly and are also just too much written in my "brain language" to be comprehensible by anyone else.
| ✍️ Start the Slop Machine | |
| :blobwizard: Keep your Secrets |
My therapist said I need to find things to keep me busy, so I created the @cdnspace Artemis II dashboard.
I reverse-engineered the Unity Engine powering the NASA AROW visualization and found an absolute treasure trove of data to display.
Little did I expect that it's now being seen by anywhere from 200 to 600 people at any given time with 130,000 people having looked at it in the last 24 hours. People are even building projects around my API.
Yesterday, I received a message on LinkedIn from someone working in Mission Control in Houston... and they're using my dashboard! He even sent me a photo, but I can't share it until after the crew has splashed down.
Mind blown, and an absolute pick-me-up. The best part? It's being served from my basement.
Perhaps some people I know who find AI tools useful will see this. Maybe you will think "but what about my use case? Are you saying that's not okay? Are you dismissing something I find useful?"
I think this article is a good way to think of things: https://ideophone.org/dont-seek-permission-center-values/
Which is to say: Why are you asking me for permission? What is it that YOU value in your work? What do you want from your tools?
The tools work for you and should be driven by you. Not your company's token usage dashboards, not the FOMO of being somehow left behind, not the ever present vague need for some sort of "efficiency". Figure out what you want and own your choice.
heise+ | Binary Refinery: Allrounder für die Malware-Analyse
Mehrere Analyseschritte in einem einzigen Befehl? Für Binary Refinery kein Problem. Wir stellen das kostenlose Kommandozeilen-Toolkit für Profis vor.
The 500 page ENTSOE final report on last year’s blackout in Spain just dropped for some light saturday morning breakfast reading:
https://www.entsoe.eu/publications/blackout/28-april-2025-iberian-blackout/#Publications_&_Documents
PSpice is a SPICE circuit simulator from Cadence Design Systems that encrypts proprietary semiconductor model files to protect vendor IP and prevent reuse in third-party SPICE simulators. The encryption scheme is proprietary and undocumented.
mytwobits01
Andy
Chad 
Markus Vervier 👾
Cindʎ Xiao 🍉
heise Security
jaseg
buherator