stephen ryner jr. 🦉

@[email protected]
515 Followers
553 Following
12.1K Posts

"New rule for trail running: if you set out to climb a mountain within six hours of sunset, bring your damn headlamp”

A SWE in a HWE world. Bikes to work in Cupertino. World’s laziest ultra runner. Still a kid from Long Island.

https://soundcloud.com/nuthatch/fort-hill-morning-songs
https://open.spotify.com/playlist/4vKJjftAfizHfomnRwIH2z?si=172f781533714f71
https://bandcamp.com/nuthatch

Domainhttps://nuthatch.com
GitHubhttps://github.com/nuthatch
Recursionhttps://infosec.exchange/@nuthatch
Stravahttps://strava.com/athletes/nuthatch
LinkedInhttps://www.linkedin.com/in/nuthatch
Location37.34159° N, 122.00535° W
Show threadstephen ryner jr. 🦉1d ago
@Adrianthomas I’m glad to hear!!
Show threadstephen ryner jr. 🦉2d ago
Imagine opening a PDF and being greeted with a wall of PostScript commands. Not helpful! Don’t do this!
Show threadstephen ryner jr. 🦉2d ago
“Oh, this is a diagram? Huh!"
stephen ryner jr. 🦉2d ago
If your app registers itself as the default handler for SVG files, but then only shows XML source, your app should stop hijacking SVG files.
stephen ryner jr. 🦉2d ago
Show threadstephen ryner jr. 🦉2d ago
@carnage4life with great power comes great responsibility. Be careful how many jobs you take on just because you can.
Show threadstephen ryner jr. 🦉2d ago
@sdarlington throwing away the one advantage they had over Google
Show threadstephen ryner jr. 🦉2d ago
@fj appreciate them explaining their work in English. They’re so excited!
Show threadstephen ryner jr. 🦉2d ago
@carnage4life with great power comes great responsibility. Be careful how many jobs you take on just because you can.
stephen ryner jr. 🦉2d ago
Francesco Marini2d ago

There has been a lot of sloppy reporting regarding DarkSword, with basically every news outlet saying that iOS 18 is vulnerable. It’s not, if you have the latest 18.7.3.

Google has a more in depth analysis, with a lot more information on the specific versions of iOS that are affected.

TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2).

https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain

#iOS #DarkSword

The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors | Google Cloud Blog

DarkSword is a new iOS exploit chain that leverages multiple zero-day vulnerabilities to fully compromise iOS devices.

Google Cloud Blog
stephen ryner jr. 🦉2d ago
Bryan 2d ago
A number of airports (including SFO) opted out of federally run TSA agents when Homeland Security started the program in 2004. They pay screening agents directly. I’m greatly annoyed more airports don’t opt into this solution…

http://archive.today/8A5QT