1. 1
    sagi avatar sagi 12 months ago | link | on: BitFunnel: Revisiting Signatures for Search

    In StrangeLoop 2016, Dan Luu had an awesome talk about BitFunnel and search performance:

    Talk: https://www.youtube.com/watch?v=80LKF2qph6I

    Transcripts: http://bitfunnel.org/strangeloop/

    1. 3
      Robbie avatar Robbie 1 year ago | link | on: CVE-2016-3873: Arbitrary Kernel Write in Nexus 9

      Nice write-up, especially the fix analysis at the end.

      How did you find the bug to begin with?

      1. 3
        sagi avatar sagi edited 1 year ago | link

        I’m sorry for the late response. I only noticed your comment now.

        Not much of a war lore. I simply searched for problematic copy_from_user() cases :)

      1. 3
        antifuchs avatar antifuchs 1 year ago | link | on: War Stories from Google's Vulnerability Reward Program

        This link goes to the middle of the presentation. The start is at https://docs.google.com/presentation/d/e/2PACX-1vTMBZV_hXgZkEyGBUw8K_pvPjrDBhceV-TYuHWw-Nc3LXA8PZwkW2zQj268W8XBhSkfDEXZ6DN7jrvC/pub

        1. 2
          sagi avatar sagi 1 year ago | link

          Thanks! Too bad I can’t edit.

          1. 1
            fcbsd avatar fcbsd 1 year ago | link

            Ask a mod to change it - @kyle @Irene or @jcs

            1. 3
              jcs avatar jcs Sysop 1 year ago | link

              done

        1. 2
          sagi avatar sagi 1 year ago | link | on: Systems programming as a swiss army knife

          Julia Evans is awesome! Definitely one for the RSS feed.

          1. 6
            Robbie avatar Robbie 1 year ago | link | on: Announcing the Project Zero Prize

            Sounds like they’re trying to burn as many exploits used in expensive surveillance suites as possible. Good for them for having the budget to host this :)

            1. 4
              sagi avatar sagi edited 1 year ago | link

              Yup! I’m thrilled to see the exploit-chains that are submitted.

              Their requirements are high:

              1. attack vectors: email rendered by gmail app, SMS opened by messenger app.
              2. remote code execution should elevate privileges to (at least) system security context.
              3. exploit-chain should work on both nexus 6p and nexus 5x (an attempt to eliminate vendor-specific threats).

              I recon that we’re about to see an exploit-chain that starts with the baseband-modem (i.e. messing with GSM / CDMA stuff).

              Exciting times :)