Alright, bringing back #MalwareStories because of xz/lzma fiasco and how close we came to a MAJOR cybersecurity catastrophe of a global scale.

Will try to keep it as simple as possible for those who don't speak nerd. But some computing knowledge will still be needed. 🧵 Lets start with what it is. Xz/lzma are tools for that help compress and decompress files.

Think of it as winrar or zip, but for nerds. A kind of winrar that you can incorporate into other softwares you are building.

🚨 ATTENTION EVERYONE: Office of the Prosecutor (“OTP”) at ICC (International Criminal Court) is accepting evidence of war crimes comitted by Israel as part of their ongoing warcrimes probe.

🫵YOU CAN HELP. HERE IS HOW 🧵 If you have specific evidence (video, audio, photo, document, etc) of any incident of war crime or crime against humanity (examples listed in attached screenshot) you can fill out the from (link given later in the thread) and submit it to ICC via their portal.

Them: "Do you condemn the massacre done by Hamas?"

Me: "Do you condemn Nakba, Deir Yassin massacre, Sabra and Shatila Massacre, 50 years of West Bank occupation, 20 years of blockade on Gaza, 3 tiered apartheid system, Shaikh Jarrah evictions, Murder of Shireen Abu Akleh (1/n) Cave of the Patriarchs massacre, Massacre of Ibrahim al-Maqadma Mosque, Kafr Qasim massacre, Rishon LeZion Massacre, Murder of 250 unarmed protestors during 2018 march of return, jailing of Ahed Tamimi, killing of Mohammed al-Tamimi, repeated attacks on Al Aqsa mosque, killing of

🚨Important thread for all who wish to boycott Israel. You've probably seen lists like the one attached, and bigger ones, of companies to boycott.

Many of these are compiled with good intentions, but many are DELIBERATELY INLFATED and designed to dilute the impact of boycotts.🧵 Imagine a billion people being given 10000 companies to boycott. No one will be able to boycott them all. Each person will probably choose different set of companies to boycott. Someone may boycott McDonalds, but not Pepsi. Someone may boycott Pepsi, but not starbucks and so on.

Fascinating and terrifying world of SIM cards:

If you are a 90s(or earlier) kid who lived through the pre-smartphone era, you might remember there was a time when people used to save their contacts directly to SIM cards instead of mobile storage. Almost nobody does it anymore. What many of you might not know is that sim cards have far greater capabilities than just dumb storage. They have a CPU, ROM and RAM. Like a small computer that can run tiny apps (called applets). Because that is what SIM cards were originally designed to do.

So guys, remember I polled you few days ago on whether I should do threads on different malware I find in the wild? and instead of telling me to get a life yall said yes?

This ones on you all🧵: Around 3 weeks ago I got a message from a "client" on fiverr. Asked me to look at requirements file and tell them if im up for the job. The requirements file was a rar archive containing the following files and folders.

1 year pathway into software development career (for those with no tech background whatsoever):

1) Take a Harvard CS50x on Edx (free, 3-6 months).
2) Take 2-3 udacity courses (not nanodegrees) in sub-field of your choice (free, 4-6 months)
3) Spend some time building portfolio 4) finally, join a bootcamp that is sponsored by a major software house or tech company. Companies sponsor bootcamps mostly to cultivate talent. So its not your chance to learn but to also get noticed and hired. Thats what you would be going for.

My previous thread was obviously a joke. This one is NOT. If you open forensically website (29a.ch/photo-forensics), you see a default image loaded up in a web based image analysis tool. It proved VERY BASIC kind of image analysis techniques. They are not remotely conclusive. At bottom right corner, you can see "string extraction" button. It will basically extract the exif data along with some other text based info that can be extracted.

If you click that button with the default image loaded, it will show you string extracted FROM THAT DEFAULT IMAGE.

Many people are saying we lost match against Sri Lanka because of Shadab's catch. However, my superior python coding skills have proven this to be false. The image circulating online about Shadab's drop catch is fake.

Here is what I found out...🧵 I can share original source codes and raw data to verified journalists only. Ordinary peasants don't DM.

I know many of you are confused about economy, especially the part about IMF, raising fuel prices, etc. Let me simplify it.🧵

February: IMF was bad. Raising fuel prices to appease them was bad. IK was a total incompetent buffoon who handed the country to IMF on silver platter! April: IMF was not that bad, but the deal PTI negotiated with them was bad. And PTI raising petrol prices? that was the worst. But not to worry. Now that the na-ehel was out, the tajurbakaar team is gonna fix everything at Shahbaz Speed!

@LegenWirLos @FreedomError404 Let me explain. It will take a few tweets so bear with me here.

ICJ judgement directed Pakistan to do 2 main things:

1) Allow Indian consulate staff to meet Jadhav.

2) Review his death sentence under light of the fact that his rights to consular access were violated. @LegenWirLos @FreedomError404 Pakistan fulfilled the first condition almost immediately. Judgement came in August, and first meeting b/w Jadhav and Ind consulate took place in September. The meeting did not go well. India demanded 2nd meeting but it was rejected. But earlier this month we also provided that.

1/ Thread: I was initially supportive of Manzoor Pashteen, but not anymore. While we are at the topic of #ReleaseManzoorPashteen, lets go through some facts and you can see for yourself if he is indeed just about Pashtun rights. 2/ I originally liked him because I thought he was fighting for justice in case of Naqeebullah, as well as for the missing persons who are allegedly picked up by security agencies. But it gradually became clear that he was just using them as stepping stones for his larger agenda.