| Website | https://www.wallenborn.net |
| Podcast | https://armchairinvestigators.de |
| Reversing Classes | https://mal.re |
Yes, a file full of zero bits transfers faster over USB2.0 than a file full of one bits.
I've known this forever but it still feels ridiculous when you actually test it and it's true!
USB truly is cursed.
You don't see toys like this around anymore. The Atomic Energy Lab set was available from 1951 to 1952 and sold for a whopping $50.
"The set came with four types of uranium ore, a beta-alpha source, a pure beta source, a gamma source, a spinthariscope, a cloud chamber, an electroscope, a geiger counter, and a manual."
More here 🤯:
https://interestingengineering.com/culture/radioactive-toy-deemed-world-most-dangerous
The #homeautomation protocol is named #Thread, perhaps that is a typo as #Threat is more apt and accurate. If you roll your own device you might very well experience the full force of their blood thirsty lawyers.
What the actual F.
🚨 RIFT Update:
We’ve boosted our compiler detection! 🛠️
Now with sharper insights into binaries built using GNU, MinGW, and MSVC toolchains.
More enhancements are on the way—stay tuned! 🔍✨
#ReverseEngineering #MalwareAnalysis #RIFT #malware #msft
Did you know that new #Emoji can be proposed by anyone, simply by following some guidelines laid out by the #Unicode consortium? There's a time window each year where they accept proposals, and a select few might make it into future sets.
This year I turned one in: "Circuit Board", which I was surprised to find 1. didn't exist and 2. had not been proposed before (though CPU and Microchip have both been submitted and declined in the last 5 years)
You can read my proposal here:
https://storage.googleapis.com/greg-kennedy.com/Proposal%20for%20Emoji%20%E2%80%9CCircuit%20Board%E2%80%9D.pdf
and you can see the Unicode emoji proposal guidelines here:
https://www.unicode.org/emoji/proposals.html
Anyway, the odds aren't great of getting accepted, but if it IS then you can say "hey! I know the guy who submitted that one!"
Attached are the sample images I drew up for the proposal - which, incidentally, are now Public Domain as well. Enjoy!
For "all my new followers" here: if you are able to understand German, I'm podcasting since a couple of years now. Throughput is limited but we are at 10 episodes now (and counting). Chris' and my format is somewhere in between "two guys just talking" and "reading a lecture script". Hence the limited throughput: we just need a bit of time to prepare each episode.
Anyway, here's the URL: https://armchairinvestigators.de/ you can listen to it directly on the site or just search for "Armchair Investigators" on your favorite Podcast platform (how to actually get your self-hosted Podcast distributed is also a funny story, but more for a blag post, I think).
Oh yeah: our goal is to make cyber accessible to everyone (even your parents) while still being interesting for the average nerd. Topics for example are the Triton/Trisis case, cyber operations by the GRU, Olympic Destroyer, etc.
If you can't understand German but might have people who do, I'd very much appreciate a forward or mention 🙇
RULECOMPILE - Undocumented Ghidra decompiler rule language
Or “How I got annoyed by a poor decompilation so I unearthed a hidden Ghidra feature” TLDR: there is a (undocumented and disabled by default) feature in the Ghidra decompiler that lets you create your own decompiler passes, using a custom DSL. I leverage it to write a deobfuscation rule for a simple obfuscation technique. Story Setup - introduction and problem statement Decompiler 101 - building and using Ghidra decompiler directly RULECOMPILE - a curious #define flag from the decompiler source A forgotten language of dragons - reverse-engineering a forgotten code pattern matching DSL How to train your dragon - how to write a rule that is actually useful Conclusion - parting thoughts Story setup It all started with this one missed deobfuscation:
New preprint (joint work with Albin Ahlbäck): "Fast basecases for arbitrary-size multiplication"
Abstract: Multiple precision libraries typically use assembly-optimized loops for basecase operations on variable-length operands. We consider the alternative of generating lookup tables with hardcoded routines for many fixed sizes, e.g. for all multiplications up to 16 by 8 words. On recent ARM64 and x86-64 CPUs, we demonstrate up to a 2x speedup over GMP for basecase-sized multiplication and a 20% speedup for Karatsuba-sized operands. We pay special attention to the computation of approximate products and demonstrate up to a 3x speedup over GMP/MPFR for floating-point multiplication.
Multiple precision libraries typically use assembly-optimized loops for basecase operations on variable-length operands. We consider the alternative of generating lookup tables with hardcoded routines for many fixed sizes, e.g. for all multiplications up to 16 by 8 words. On recent ARM64 and x86-64 CPUs, we demonstrate up to a 2x speedup over GMP for basecase-sized multiplication and a 20% speedup for Karatsubasized operands. We pay special attention to the computation of approximate products and demonstrate up to a 3x speedup over GMP/MPFR for floating-point multiplication.
Asahi Lina (朝日リナ) // nullptr::live
Natasha Jay
h3artbl33d 
Dwarf Fortress Bugs
Andreas Klopsch
Greg
Joxean Koret (@matalaz)
Fredrik Johansson