alkali
@alkalinesec.bsky.social
mobile security / symbolic execution . he / him
Reposted by alkali
Doctor says, 'Dont worry, parser design is simple. Great programmer Kate Compton has written the parser you seek’
November 16, 2025 at 2:44 PM
Doctor says, 'Dont worry, parser design is simple. Great programmer Kate Compton has written the parser you seek’
Reposted by alkali
Reposted by alkali
fun little bit of code in CoreFoundation when you attempt to call addObjectsFromSet: with a non-set argument. it warns you 64 times while adding to "checkForAndForgiveClientSin" with the error message also including "Please wait while the system corrects this..." like its gonna take a minute lol
November 5, 2025 at 3:36 PM
fun little bit of code in CoreFoundation when you attempt to call addObjectsFromSet: with a non-set argument. it warns you 64 times while adding to "checkForAndForgiveClientSin" with the error message also including "Please wait while the system corrects this..." like its gonna take a minute lol
Reposted by alkali
Some more cool JS Engine bugs found by Big Sleep were fixed in yesterday's Apple security updates: support.apple.com/en-us/125632
Technical details will be available soon at issuetracker.google.com/issues?q=com...
Technical details will be available soon at issuetracker.google.com/issues?q=com...
About the security content of iOS 26.1 and iPadOS 26.1 - Apple Support
This document describes the security content of iOS 26.1 and iPadOS 26.1.
support.apple.com
November 4, 2025 at 5:10 PM
Some more cool JS Engine bugs found by Big Sleep were fixed in yesterday's Apple security updates: support.apple.com/en-us/125632
Technical details will be available soon at issuetracker.google.com/issues?q=com...
Technical details will be available soon at issuetracker.google.com/issues?q=com...
petition to change the name "big sleep" to "superhuman hacking machine" so i feel less bad about it finding 1000x more bugs than me
November 4, 2025 at 6:01 PM
petition to change the name "big sleep" to "superhuman hacking machine" so i feel less bad about it finding 1000x more bugs than me
support.apple.com/en-us/125632
the name "big sleep" feels a lot more insulting now that its really threatening to take our jobs
the name "big sleep" feels a lot more insulting now that its really threatening to take our jobs
About the security content of iOS 26.1 and iPadOS 26.1 - Apple Support
This document describes the security content of iOS 26.1 and iPadOS 26.1.
support.apple.com
November 4, 2025 at 5:19 PM
support.apple.com/en-us/125632
the name "big sleep" feels a lot more insulting now that its really threatening to take our jobs
the name "big sleep" feels a lot more insulting now that its really threatening to take our jobs
Reposted by alkali
does everybody know about my favorite website, the embroidery tips page that forgot to close its <h3> tags
Embroidery Trouble Shooting Page
Embroidery Trouble Shooting Answers to all your questions about Embroidery problems
web.archive.org
October 25, 2024 at 3:39 PM
does everybody know about my favorite website, the embroidery tips page that forgot to close its <h3> tags
Reposted by alkali
turning a big dial taht says "AI" on it and constantly looking back at the market for approval like a contestant on the price is right.
This is what announcing 30,000 layoffs does to your stock price in 2025. I fear AI mania has completely cooked investor’s brains
October 27, 2025 at 11:09 PM
turning a big dial taht says "AI" on it and constantly looking back at the market for approval like a contestant on the price is right.
Reposted by alkali
tired: traveling for halloween
wired: spooky action at a distance
wired: spooky action at a distance
October 23, 2025 at 8:12 AM
tired: traveling for halloween
wired: spooky action at a distance
wired: spooky action at a distance
Reposted by alkali
this psyduck is adorable
October 12, 2025 at 12:30 PM
this psyduck is adorable
Reposted by alkali
Apple is planning a special initiative featuring iPhone 17 with Memory Integrity Enforcement. To rapidly make this defense available to those targeted by mercenary spyware, the company will provide a thousand iPhone 17 devices to civil society organizations.
security.apple.com/blog/apple-s...
security.apple.com/blog/apple-s...
A major evolution of Apple Security Bounty, with the industry's top awards for the most advanced research - Apple Security Research
Today we’re announcing the next major chapter for Apple Security Bounty, featuring the industry’s highest rewards — up to $2 million and a maximum payout in excess of $5 million — expanded research ca...
security.apple.com
October 10, 2025 at 3:52 PM
Apple is planning a special initiative featuring iPhone 17 with Memory Integrity Enforcement. To rapidly make this defense available to those targeted by mercenary spyware, the company will provide a thousand iPhone 17 devices to civil society organizations.
security.apple.com/blog/apple-s...
security.apple.com/blog/apple-s...
(guy designing c++): alright how do we make it as hard as possible to find the actual value of a variable
October 10, 2025 at 6:49 PM
(guy designing c++): alright how do we make it as hard as possible to find the actual value of a variable
Reposted by alkali
NEW: In May, a Texas police department said they used the powerful Flock surveillance network against a woman who had an abortion "for her safety"
Newly obtained court records show it was a 'death investigation,' and they considered charging her with a crime
www.404media.co/police-said-...
Newly obtained court records show it was a 'death investigation,' and they considered charging her with a crime
www.404media.co/police-said-...
Police Said They Surveilled Woman Who Had an Abortion for Her 'Safety.' Court Records Show They Considered Charging Her With a Crime
Court records show that the narrative Flock and a Texas Sheriff's Office has told the public isn't the whole story, and that police were conducting a 'death investigation' into the abortion.
www.404media.co
October 7, 2025 at 1:04 PM
NEW: In May, a Texas police department said they used the powerful Flock surveillance network against a woman who had an abortion "for her safety"
Newly obtained court records show it was a 'death investigation,' and they considered charging her with a crime
www.404media.co/police-said-...
Newly obtained court records show it was a 'death investigation,' and they considered charging her with a crime
www.404media.co/police-said-...
its pretty cool how we are warping our economy so that it will either develop AGI or completely implode.
(actually a part of me does unfortunately really think this is cool)
(actually a part of me does unfortunately really think this is cool)
October 7, 2025 at 12:30 PM
its pretty cool how we are warping our economy so that it will either develop AGI or completely implode.
(actually a part of me does unfortunately really think this is cool)
(actually a part of me does unfortunately really think this is cool)
Reposted by alkali
Reposted by alkali
slightly ominous mailer from the Red Cross
October 1, 2025 at 7:24 PM
slightly ominous mailer from the Red Cross
Reposted by alkali
Reposted by alkali
Happy radare2 6.0.4 release day infosec.exchange/@radareorg/1...
September 28, 2025 at 7:29 AM
Happy radare2 6.0.4 release day infosec.exchange/@radareorg/1...
reading more about the Team Atlanta AIxCC solution i do still wonder if eliminating the LLM components in favor of normal ML classification (or just "dumb" hardcoded logic) could achieve results that are nearly as good and orders of magnitude more efficient
team-atlanta.github.io/blog/post-ml...
team-atlanta.github.io/blog/post-ml...
From Harness to Vulnerability: AI Agents for Code Comprehension and Bug Discovery
We are Team Atlanta, the first-place winner of DARPA AIxCC.
team-atlanta.github.io
September 28, 2025 at 2:25 PM
reading more about the Team Atlanta AIxCC solution i do still wonder if eliminating the LLM components in favor of normal ML classification (or just "dumb" hardcoded logic) could achieve results that are nearly as good and orders of magnitude more efficient
team-atlanta.github.io/blog/post-ml...
team-atlanta.github.io/blog/post-ml...
i was thinking earlier today about how i never reflexively check janky looking sites for injection vulns anymore. so i tested the next site where i got the vibe. immediate sqli
September 27, 2025 at 11:55 PM
i was thinking earlier today about how i never reflexively check janky looking sites for injection vulns anymore. so i tested the next site where i got the vibe. immediate sqli
Reposted by alkali
The iPhone 17 is powered by Apple's A19 SoC (System on a Chip). Chipwise took a die photo of the chip, but it's a bit drab. I spiced it up by applying the over-saturated color gradient that Apple used for die photos of the M1 chip :-)
Link to the original die photo: chipwise.tech/our-portfoli...
Link to the original die photo: chipwise.tech/our-portfoli...
September 23, 2025 at 11:39 PM
The iPhone 17 is powered by Apple's A19 SoC (System on a Chip). Chipwise took a die photo of the chip, but it's a bit drab. I spiced it up by applying the over-saturated color gradient that Apple used for die photos of the M1 chip :-)
Link to the original die photo: chipwise.tech/our-portfoli...
Link to the original die photo: chipwise.tech/our-portfoli...