1. 1

    I did this course while studying at the Hebrew University. Couldn’t recommend it more - for beginners that’s the ultimate connector of dots.

    1. 3

      Working on Israel’s Indie Hackers Chapter - indietlv.com (pretty much basic right now) and a DNS over TLS library and client for Node.js:

      1. 2

        Working on a Node.js dns-over-tls library - https://github.com/sagi/node-dns-over-tls and a command line client that uses it.

        1. 1

          In StrangeLoop 2016, Dan Luu had an awesome talk about BitFunnel and search performance:

          Talk: https://www.youtube.com/watch?v=80LKF2qph6I

          Transcripts: http://bitfunnel.org/strangeloop/

          1. 3

            Nice write-up, especially the fix analysis at the end.

            How did you find the bug to begin with?

            1. 3

              I’m sorry for the late response. I only noticed your comment now.

              Not much of a war lore. I simply searched for problematic copy_from_user() cases :)

              1. 2

                Thanks! Too bad I can’t edit.

                1. 1

                  Ask a mod to change it - @kyle @Irene or @jcs

                  1. 3

                    done

              1. 2

                Julia Evans is awesome! Definitely one for the RSS feed.

                1. 6

                  Sounds like they’re trying to burn as many exploits used in expensive surveillance suites as possible. Good for them for having the budget to host this :)

                  1. 4

                    Yup! I’m thrilled to see the exploit-chains that are submitted.

                    Their requirements are high:

                    1. attack vectors: email rendered by gmail app, SMS opened by messenger app.
                    2. remote code execution should elevate privileges to (at least) system security context.
                    3. exploit-chain should work on both nexus 6p and nexus 5x (an attempt to eliminate vendor-specific threats).

                    I recon that we’re about to see an exploit-chain that starts with the baseband-modem (i.e. messing with GSM / CDMA stuff).

                    Exciting times :)