| Personal blog | https://blog.thijsalkema.de/ |
| Pronunciation | [ˈtɛis ˌɑlkəˈmaːdə] |
| Pronouns | he/him |
I'm super excited that we get to have a dedicated event on March 5th at Apple Park with sessions on MIE, new tools in Enhanced Security in Xcode and more.
It's the time to learn and ask about our security posture and how to adopt the best defenses in the industry for your own applications and protect the security and privacy of your users.
https://developer.apple.com/events/view/D4MG4S3PJ7/dashboard
This is the first public talk Ivan @radian has given in 6 years - featuring formal verification of post-quantum cryptography, the evolution of the Secure Page Table Monitor, a view into Memory Integrity Enforcement, updates to Apple Security Bounty... amazing stuff!
Apple SEAR is hiring offensive security researchers!
We’re looking for talented researchers across multiple areas of security.
Check out the job description here:
https://jobs.apple.com/en-us/details/200623813-2911/offensive-security-researcher?team=SFTWR
If you’re interested in low level systems like RTOS, firmware, coprocessors, embedded components, or microkernels, my team would especially like to hear from you.
Feel free to reach out if you have any questions.
Are you interested in bleeding-edge microarchitecture offensive security research, with a concrete impact on user security?
We have just opened a Microarchitecture Security Internship position at Apple, in SEAR LASER! ❤️🔥
Apply here: https://jobs.apple.com/en-us/details/200624069/microarchitecture-security-internship
First talk is done! I think it went quite well.
Next one is tomorrow at 19:00 (probably, it has been moved around a lot already) in Andromeda.
Made it to #WHY2025!
Last time we had to give 3 presentations, which was a bit much. So this time we’re doing 3 presentations again of course…
Today on our blog we have a guest post from René Ammerlaan about multiple vulnerabilities he found in Ruckus Unleashed. The most impressive part was how he chained some of them together to go from access to the guest WiFi network to RCE on the controller itself!
This blog post describes multiple vulnerabilities found in the firmware of Ruckus Unleashed and ZoneDirector. The vulnerabilities were found and reported to CommScope by René Ammerlaan, a guest writer for this blog post. I will take you through all the vulnerabilities and demonstrate how they can be exploited by an attacker.
About 5 years ago, I reported a vulnerability in iOS allowing apps to spoof the app name when requesting to add a VPN profile. The app could just specify whatever text to show there.
Yesterday, two writeups were posted about other TCC prompts trusting the apps triggering them too much:
https://wts.dev/posts/tcc-who/
https://rambo.codes/posts/2025-05-12-a-privacy-mechanism-that-backfired
It does surprise me that Apple invests so much effort into their sandbox and permission system with the assumption that apps might be malicious, but then keeps messing up the UI around these features.
Pierre H.
Thomas Bosboom ✅
0xor0ne
Pietro Borrello
Sector 7
CISA KEV Tracker