Share this page!

Brendan Dolan-Gavitt Profile picture
Twitter logo
29 Dec, 4 tweets, 2 min read
It's under-appreciated how simple and elegant the OS X UI experience is. In just a single glance here I can learn absolutely nothing about where all my disk space went
It calls to mind the classic design principles of ed(1): "generous enough to flag errors, yet prudent enough not to overwhelm the novice with verbosity" Let's look at a typical novice's session with the mighty ed:
Another elegant touch is the way the UI gently keeps users on the path of righteousness. Open source weirdos may complain about their "freedoms", but I sleep more soundly knowing that Big Mac is watching out for me–there will be no rogue disk inventorying in this house! UI screenshot: "Disk Inventory X" cannot be opened
And let me call out this detail: "macOS cannot verify that this app is free from malware". It's pretty cool to know that for signed apps, Apple is able to solve the halting problem—honestly astonishing that they only charge developers $99/year for that.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Brendan Dolan-Gavitt

Brendan Dolan-Gavitt Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @moyix

Brendan Dolan-Gavitt Profile picture
22 Dec
The camera-ready version of our @IEEESSP 2022 paper, "IRQDebloat: Reducing Driver Attack Surface in Embedded Devices" (w/@highw4y2h3ll) is now available! messlab.moyix.net/papers/irqdebl… Screenshot of title and authors (Zhenghao Hu and Brendan Dol
The basic problem we're looking at in this paper is: if you buy some embedded/IoT device, it may come with a bunch of features that you don't use (say, Bluetooth) that nonetheless require driver support and expose unnecessary attack surface.
Maybe you're a company deploying a fleet of Meraki routers, you don't need the Bluetooth Low Energy localization stuff, and you're worried about vulnerabilities like this one arstechnica.com/information-te…
Read 19 tweets
Brendan Dolan-Gavitt Profile picture
20 Dec
Hmm, this is actually much less impressive than I expected as far as inverting PhotoDNA (based only on reading @hackerfactor's blog post) reddit.com/r/MachineLearn…
@hackerfactor @matthew_d_green perhaps of interest if you haven't seen it yet and want to take a break from fighting with half of CS twitter about NFTs ;)
Ah, I see, it's taking a pure black box ML approach to try and learn the inverse straight from the hashes. OK, that is pretty impressive!
Read 5 tweets
Brendan Dolan-Gavitt Profile picture
20 Dec
So, with Broadcom's acquisition of Symantec, it seems like the source code for PGP Desktop (aka Symantec Encryption Desktop) is nowhere on the internet? I have a copy but I'm pretty sure I can't host it anywhere: (d) give (meaning sell, loa...
Seems like a loss for archival and data recovery work! :(
FWIW, the version I have is:
MD5 (PGPDesktop10.0.1_Source.zip) = c9193850f923cda995e6d4b9f45fcbdf
Read 4 tweets
Brendan Dolan-Gavitt Profile picture
18 Dec
Probably getting old, I opted to just pay for a janky conversion utility rather than try to RE the Microsoft Outlook 15 message format :(

(I may still RE it)
The format is a pain in the ass, it stores messages in 3 undocumented binary parts: metadata, message body, and attachments. It has an sqlite database but that just points you to the metadata file.
Also, everything is referenced by GUIDs, which are in a mix of
- Raw binary GUID data
- ASCII GUIDs
- UTF-16-LE GUIDs
- Base64-encoded blobs that contain GUIDs
Read 4 tweets
Brendan Dolan-Gavitt Profile picture
17 Dec
The camera-ready version of our @IEEESSP 2022 paper evaluating the security of code generated by GitHub CoPilot is now up on arXiv! arxiv.org/abs/2108.09293 Asleep at the Keyboard? Assessing the Security of GitHub Cop
@IEEESSP We designed 89 different scenarios for Copilot to complete based on MITRE's "Top 25 Most Dangerous Software Weaknesses" (cwe.mitre.org/top25/archive/…), and then had Copilot generate completions for each scenario, creating 1,689 programs.
@IEEESSP This is too many to check by hand, so we used CodeQL with a combination of built-in queries and our own custom queries to check the resulting code for the relevant vulnerability. Surprisingly (at least to me), ~40% of the suggestions overall were vulnerable!
Read 7 tweets
Brendan Dolan-Gavitt Profile picture
17 Dec
Okay, so, this will either be hilarious or get my account disabled by NYU IT during finals week
I guess I should have expected this but I'm still a bit surprised: got a hit from a Google-owned IP mxtoolbox.com/SuperTool.aspx… Screenshot of Canarytoken alert email
I haven't even sent an email with the new signature yet so I guess this is from some part of gmail infrastructure that logs changes to signatures?
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @moyix has new unrolls!

Check out other threads from @moyix!

Read all threads by @moyix

:(