Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Matthew Garrett (@mjg59@nondeterministic.computer) Profile picture
Matthew Garrett (@mjg59@nondeterministic.computer)
@mjg59
Former biologist. Actual PhD in genetics. @mjg59@nondeterministic.computer, infosec @aurora_inno, OS security @BerkeleyISchool, https://t.co/CVivdtMBWe. He/him cis
2 subscribers
Nov 7, 2022 4 tweets 1 min read
I suspect that the number of Bazel experts out there is not terribly large, but: I'm hitting github.com/bazelbuild/rul… - one of the dependencies of a go_library() target needs a specific build tag to work in my environment. Is there any way to do that at the moment? Ok so the right thing to do here is to express the tags in the go_binary() target, but what's actually breaking things for me here is that go_repository() has "helpfully" called gazelle and generated a BUILD file that has copts set for the default tags
Jun 29, 2022 19 tweets 3 min read
It's been almost 15 years and a recent thread on LWN brought this up again so: why did we briefly have two drivers for R500 and R600 ATI chipsets under Linux (a thread) ATI had supported development of Linux drivers for their chipsets up until the R300, and R400 was similar enough that stuff got bodged together. R500 had an entirely new display engine and so no existing code worked. Fuuuuuuuuuuu.
Jun 17, 2022 4 tweets 1 min read
Ok so changing the IMEI on basically any Qualcomm device is just a matter of modifying index 550 in the NVRam? Fantastic Oh hey ModemManager already has code to write to Qualcomm NV over the diagnostic protocol this makes everything much easier
May 30, 2022 77 tweets 20 min read
Well, ok, let's start the Digital Fortress readthrough. Screenshot of text reading: Susan sat up. Emergency? She ha This is some Quillette level shit tbh Screenshot of text reading: He noticed that her strong haze
Apr 16, 2022 15 tweets 2 min read
Fascinating - ClearOS, the OS used on the scammy MAGA "Freedom Phone", ships a modified version of Signal that seems to be based on Signal 5.8.10, which means it's almost exactly a year out of date: clearos.app/app/com.clearo… I haven't been able to find the source code anywhere, so I'm working off decompiled binaries - most of the changes just seem to be branding pointing to their app store instead of the Play Store, but there's a bunch additional support for backing things up to their servers
Jan 24, 2022 10 tweets 3 min read
Thanks to a great suggestion from @dlprip, I think it's actually possible to transition Boot Guard protected systems to being able to run Coreboot while still providing strong security guarantees (note: this would still require the cooperation of the system vendor) The @FrameworkPuter people had suggested some sort of signed shim that would satisfy Boot Guard and would then jump into user-provided firmware. Good for freedom, but what about people who want stronger guarantees that their firmware hasn't been tampered with?
Jan 23, 2022 8 tweets 2 min read
Fun example of how selection pressure doesn't work the way you think! This is a male Long-tailed Widowbird. As you can see, it has a long tail. (Picture by Bernard DUPONT, CC-SA 2.0) A small, mostly black bird sitting on a barbed-wire fence. I The long tails are unique to the males, and seem to make life more difficult for them. The longer the tail, the more visible the bird, and the harder it is to fly. Longer tails mean a higher probability of predation. So why haven't they been selected against?
Oct 14, 2021 6 tweets 2 min read
arstechnica.com/information-te… - image search for the picture of the lobby gives us ecrtx.com/wp-content/upl…, which is 1812 Centre Creek Drive. linkedin.com/in/blueteam/ tells us that the character in this story was working for "Quantum Creative Limited" during the time in question. opengovus.com/texas-corporat… confirms that they were at 1812 Centre Creek Drive.
Jul 28, 2021 5 tweets 1 min read
dolosgroup.io/blog/2021/7/9/… is a great read and a good demonstration of hardware-backed disk encryption not solving all your problems. Here's a few things that could mitigate the risk: 1) Require a disk encryption password *as well as* the TPM-backed key. You want the TPM component in order to avoid a compromised boot process giving an attacker access to the disk, but having the entire FDE key automatically sent over an unencrypted bus is a problem.
Jun 4, 2021 19 tweets 5 min read
I'm reading through the claims in the MyPillow vs Democracy case (courtlistener.com/docket/5996040…) and this claim is amazing. Exhibit 12 is basically just a list of IP addresses, so I'm going to watch this Absolute 9-0 thing and let you know. In addition, Exhibit 12 showsa subset of 20 documented succe This is Mike Lindell's white hat hacker. He has just described this as "raw encrypted data". I'll let you figure out what the probability of "raw encrypted data" having those values is. Mike Lindell in a split screen conversation with a pixellateA hexdump of numbers that all fall within the printable ASCI
Jun 2, 2021 6 tweets 1 min read
(CW, sexual violence, linking to screenshot of text so people have to click through)

Techrights IRC is having a normal one, by which I mean this is absolutely not an unusual level of discourse there: codon.org.uk/~mjg59/techrig… Dude in question is the one who subscribed me to a massive number of mailing lists back in 2008 because I pointed out that his claims about a motherboard's ACPI tables proving an anti-Linux conspiracy were based on him not understanding ACPI
Jun 2, 2021 5 tweets 1 min read
Anyone else having trouble with TLS connections to Google stalling, or is it just me? TLS gets negotiated correctly, I see a response to the first packet of application data, and then after that I'm just in retransmit territory It's probabilistic, some requests work just fine. Doesn't look MTU related, the packet that never gets a response is only 123 bytes long.
May 28, 2021 7 tweets 2 min read
Doing security in the automotive space has given me a new awareness for just how many computers there are in a car, so I decided to ebay and tear down a duplicate of the telematics module on my partner's Subaru One side of a circuit board. A large chip is in the middle, The other side of the same board. This has multiple antenna The first picture shows an NXP SPC5605BVLQ6, which is POWER-based (at a whole 64MHz with 64K of RAM and 768K of flash). It has support for multiple CAN interfaces, which is a bus commonly used in automotive applications (please don't try to learn more, you'll end up upset)
May 26, 2021 7 tweets 2 min read
Welp, Freenode is now just shutting down channels that have topics indicating that the channel has migrated to another network, and is instead redirecting them to unofficial channels on Freenode: pastebin.com/dcivQs9Y I really wasn't joking about the rakes
May 25, 2021 16 tweets 2 min read
If anyone's wondering how the community feedback process for Freenode's proposed policy changes is going, the channel is currently discussing the nature of property rights with the hypothetical of the government giving your house to someone else as reparations Ah, we've now moved on to the stage where the new Freenode owner starts complaining about cancel culture
Feb 16, 2021 5 tweets 1 min read
In my time at Google I saw people earnestly engaging in racism, sexism and transphobia and arguing that they were just rationally debating the issues. On a mailing list with over 30,000 subscribers. I don't think Google attracts this people disproportionately. They're a meaningful part of the industry.
Feb 15, 2021 4 tweets 1 min read
These lights had a non-smart controller and the blue was consistent along the entire length. I've tried multiple WiFi and btle LED strip controllers and all have this behaviour - red and green are fine, the blue fades quickly. All using the original PSU. Anyone have any ideas? Oh, hmm, I'm actually only seeing about 4.5V on the output despite 5V on the input. Guess I need a beefier PSU?
Aug 25, 2020 6 tweets 1 min read
If I ever get asked "What happens when you type a URL into the browser and hit enter" we are having an exciting journey via hardware interrupts, the kernel, display servers, toolkits and accessibility interfaces Oh gosh I forgot about the scan matrix let's start there
Jun 12, 2020 15 tweets 3 min read
People think that biological sex is this straightforward thing where if you have two X chromosomes you're female and if you have an X chromosome and a Y chromosome you're male and this is extremely not how things work. The most obvious cases: you can have a single X chromosome. You can have three X chromosomes. You can have two X chromosomes and a Y chromosome. You can have an X chromosome and two Y chromosomes. Basically the only thing that doesn't work is having zero X chromosomes.
Jun 1, 2020 11 tweets 3 min read
Inspired by @foone's amazing thread on double sided floppies (), a brief story about Amiga floppy drives Floppy control on the Amiga involves four separate chips, but the interesting one is Paula. Paula was primarily known as the sound chip, but also handled receiving the raw data stream from the floppy drive.
Dec 29, 2019 4 tweets 1 min read
Two Christmases ago I wrote a Linux driver for the CD drive in the Commodore CDTV but then Google asserted that it related at the time of conception or reduction to practice of the invention to the employer’s business, or actual or demonstrably anticipated research or development Anyway I pushed it to github.com/mjg59/linux/tr… so you can have a preview of work that relates to either Google's business or actual or demonstrably anticipated research or development for a piece of hardware that was last produced 7 years before the company was incorporated