dragosr
@dragostech.bsky.social
Autonomous Carbon Based LLM with 42 years of tuning on Information Attack and Defense.
Host of CanSecWest, and PacSec.
Security audits, code, IR, LLM, red team consulting.
Specialize in Firmware, and RF.
VA7MOV
Host of CanSecWest, and PacSec.
Security audits, code, IR, LLM, red team consulting.
Specialize in Firmware, and RF.
VA7MOV
Reposted by dragosr
Merry Christmas 😊
December 25, 2025 at 12:49 PM
Merry Christmas 😊
Reposted by dragosr
THC Release 💥: The world’s largest IP<>Domain database: ip.thc.org
All forward and reverse IPs, all CNAMES and all subdomains of every domain. For free.
Updated monthly.
Try: curl ip.thc.org/1.1.1.1
Raw data (187GB): ip.thc.org/docs/bulk-da...
(The fine work of messede 👌)
All forward and reverse IPs, all CNAMES and all subdomains of every domain. For free.
Updated monthly.
Try: curl ip.thc.org/1.1.1.1
Raw data (187GB): ip.thc.org/docs/bulk-da...
(The fine work of messede 👌)
December 17, 2025 at 1:33 PM
THC Release 💥: The world’s largest IP<>Domain database: ip.thc.org
All forward and reverse IPs, all CNAMES and all subdomains of every domain. For free.
Updated monthly.
Try: curl ip.thc.org/1.1.1.1
Raw data (187GB): ip.thc.org/docs/bulk-da...
(The fine work of messede 👌)
All forward and reverse IPs, all CNAMES and all subdomains of every domain. For free.
Updated monthly.
Try: curl ip.thc.org/1.1.1.1
Raw data (187GB): ip.thc.org/docs/bulk-da...
(The fine work of messede 👌)
Took 5 years. (spoiler: unsafe race) www.phoronix.com/news/First-L...
Had to happen eventually, and won't be the last.
Had to happen eventually, and won't be the last.
Linux Kernel Rust Code Sees Its First CVE Vulnerability
The first CVE vulnerability has been assigned to a piece of the Linux kernel's Rust code.
www.phoronix.com
December 17, 2025 at 9:01 PM
Took 5 years. (spoiler: unsafe race) www.phoronix.com/news/First-L...
Had to happen eventually, and won't be the last.
Had to happen eventually, and won't be the last.
Reposted by dragosr
be wary of gift cards in the Apple ecosystem: hey.paris/posts/appleid/
20 Years of Digital Life, Gone in an Instant, thanks to Apple
Summary: A major brick-and-mortar store sold an Apple Gift Card that Apple seemingly took offence to, and locked out my entire Apple ID, effectively bricking my devices and my iCloud Account, Apple De...
hey.paris
December 13, 2025 at 7:16 PM
be wary of gift cards in the Apple ecosystem: hey.paris/posts/appleid/
39% of Cloud instances need to patch urgently for 100% reliable unauthenticated RCE in React and Next.js www.wiz.io/blog/critica...
Critical RCE Vulnerabilities Discovered in React & Next.js | Wiz Blog
React and Next.js are exposed to critical unauthenticated RCE via CVE-2025-55182 and CVE-2025-66478. Learn which versions are impacted and how to mitigate.
www.wiz.io
December 3, 2025 at 7:19 PM
39% of Cloud instances need to patch urgently for 100% reliable unauthenticated RCE in React and Next.js www.wiz.io/blog/critica...
Reposted by dragosr
A *huge* vaccine victory. I've been writing on this for years; Australia has seen remarkable progress in cervical cancer prevention with the HPV vaccine. I love seeing science triumph like this.
Australia recorded ZERO cases of cervical cancer in women under 25 for the first time since they started tracking the cancer in the 80s.
This is the power of vaccines.
The HPV vaccine is extremely effective at preventing cancer.
Viruses can be oncogenic. Get your vaccines and protect yourself!
This is the power of vaccines.
The HPV vaccine is extremely effective at preventing cancer.
Viruses can be oncogenic. Get your vaccines and protect yourself!
newsGP - Australia set for world-first cervical cancer elimination
Vaccination programs have played a key role, and GPs remain ‘instrumental’ in boosting screening rates to reach the 2035 target.
www1.racgp.org.au
November 27, 2025 at 6:12 PM
A *huge* vaccine victory. I've been writing on this for years; Australia has seen remarkable progress in cervical cancer prevention with the HPV vaccine. I love seeing science triumph like this.
Reposted by dragosr
Some of us have been advocating this going back since chatGPT launched. It also has other benefits: correcting someone else's work is actually a really good way to learn something yourself.
November 23, 2025 at 9:24 PM
Some of us have been advocating this going back since chatGPT launched. It also has other benefits: correcting someone else's work is actually a really good way to learn something yourself.
Reposted by dragosr
So there’s a website called Deer Of St Nicholas which posts Christmas wish letters from Ukrainian children who had their childhood stolen by the war, anyone can pick a child and get them their present and it’s that time of the year again to achingly scroll it for hours again
November 7, 2025 at 8:21 AM
So there’s a website called Deer Of St Nicholas which posts Christmas wish letters from Ukrainian children who had their childhood stolen by the war, anyone can pick a child and get them their present and it’s that time of the year again to achingly scroll it for hours again
I have a new favorite place in Shibuya, Tokyo - Taco Fanatico, amazing tequila collection. Delicious!
渋谷で新しいお気に入りの店を見つけた - Taco Fanatico。テキーラの品揃えが充実している。おいしい!
渋谷で新しいお気に入りの店を見つけた - Taco Fanatico。テキーラの品揃えが充実している。おいしい!
November 9, 2025 at 5:57 AM
I have a new favorite place in Shibuya, Tokyo - Taco Fanatico, amazing tequila collection. Delicious!
渋谷で新しいお気に入りの店を見つけた - Taco Fanatico。テキーラの品揃えが充実している。おいしい!
渋谷で新しいお気に入りの店を見つけた - Taco Fanatico。テキーラの品揃えが充実している。おいしい!
We trusted images because they were hard to fake. That assumption is dead. Authentication must shift to cryptographic signatures from photographers and publishers. Trust becomes transitive: you trust the image only to the extent you trust its signer.
October 29, 2025 at 1:33 AM
We trusted images because they were hard to fake. That assumption is dead. Authentication must shift to cryptographic signatures from photographers and publishers. Trust becomes transitive: you trust the image only to the extent you trust its signer.
Let's figure out what the duties & tariffs impact is in various parts of the world.
Reply with your country's price.
Reply with your country's price.
October 26, 2025 at 6:18 PM
Let's figure out what the duties & tariffs impact is in various parts of the world.
Reply with your country's price.
Reply with your country's price.
This is a good deep dive on what really happened with AWS
www.ookla.com/articles/aws...
www.ookla.com/articles/aws...
Revealing the Cascading Impacts of the AWS Outage | Ookla®
Explore the global impact of the Oct 2025 AWS US-EAST-1 outage, with 16M+ reports, a DNS root cause, and clear guidance to contain future failures.
www.ookla.com
October 22, 2025 at 4:53 PM
This is a good deep dive on what really happened with AWS
www.ookla.com/articles/aws...
www.ookla.com/articles/aws...
This is the best GPU internals write-up I've seen in a long time.
www.aleksagordic.com/blog/matmul
www.aleksagordic.com/blog/matmul
Inside NVIDIA GPUs: Anatomy of high performance matmul kernels - Aleksa Gordić
From GPU architecture and PTX/SASS to warp-tiling and deep asynchronous tensor core pipelines.
www.aleksagordic.com
October 16, 2025 at 2:46 AM
This is the best GPU internals write-up I've seen in a long time.
www.aleksagordic.com/blog/matmul
www.aleksagordic.com/blog/matmul
Open source pure Rust UEFI BIOS
Native Rust not just wrappers on old risky C code.
github.com/openDevicePa...
Native Rust not just wrappers on old risky C code.
github.com/openDevicePa...
GitHub - OpenDevicePartnership/patina: Patina Firmware
Patina Firmware. Contribute to OpenDevicePartnership/patina development by creating an account on GitHub.
github.com
October 10, 2025 at 2:10 PM
Open source pure Rust UEFI BIOS
Native Rust not just wrappers on old risky C code.
github.com/openDevicePa...
Native Rust not just wrappers on old risky C code.
github.com/openDevicePa...
Speech recognition through high frequency mouse sensors. sites.google.com/view/mic-e-m...
Mic-E-Mouse
Your computer mouse has big ears.
Image courtesy of GPT4/Dall-E-3, generated using the keywords "computer mouse with big ears and a microphone as a scroll wheel."
sites.google.com
October 6, 2025 at 8:55 PM
Speech recognition through high frequency mouse sensors. sites.google.com/view/mic-e-m...
Malicious Rust crate updates, faster_log and async_println, cryptocurrency key scanners.
blog.rust-lang.org/2025/09/24/c...
blog.rust-lang.org/2025/09/24/c...
crates.io: Malicious crates faster_log and async_println | Rust Blog
Empowering everyone to build reliable and efficient software.
blog.rust-lang.org
September 24, 2025 at 9:19 PM
Malicious Rust crate updates, faster_log and async_println, cryptocurrency key scanners.
blog.rust-lang.org/2025/09/24/c...
blog.rust-lang.org/2025/09/24/c...
Reposted by dragosr
I want to tell you about a friend of mine real quick. I've mentioned her on here before, but you don't know any details yet, and she's about to make history in a very real sense.
Meet Michi Benthaus:
Meet Michi Benthaus:
September 1, 2025 at 7:10 PM
I want to tell you about a friend of mine real quick. I've mentioned her on here before, but you don't know any details yet, and she's about to make history in a very real sense.
Meet Michi Benthaus:
Meet Michi Benthaus:
Reposted by dragosr
Now this is real convenient, especially on machines where it's impossible to hit the right key fast enough to enter the UEFI BIOS settings.
On #OpenBSD/amd64, you can now type "machine fwsetup" at the boot> prompt in efiboot(8).
marc.info?l=openbsd-cv...
On #OpenBSD/amd64, you can now type "machine fwsetup" at the boot> prompt in efiboot(8).
marc.info?l=openbsd-cv...
August 27, 2025 at 3:08 PM
Now this is real convenient, especially on machines where it's impossible to hit the right key fast enough to enter the UEFI BIOS settings.
On #OpenBSD/amd64, you can now type "machine fwsetup" at the boot> prompt in efiboot(8).
marc.info?l=openbsd-cv...
On #OpenBSD/amd64, you can now type "machine fwsetup" at the boot> prompt in efiboot(8).
marc.info?l=openbsd-cv...
Reposted by dragosr
Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3
Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3
thehackernews.com
August 25, 2025 at 7:23 PM
Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3
Yeah ok, this is Linux's birthday in 1991. I was running Unix on my home IBM PC clone 80286 using sources I compiled from SysVr2 code two years before that in 1989.
August 25, 2025 at 8:40 PM
Yeah ok, this is Linux's birthday in 1991. I was running Unix on my home IBM PC clone 80286 using sources I compiled from SysVr2 code two years before that in 1989.
Reposted by dragosr
rust is a language in which you can borrow a cow
August 24, 2025 at 11:05 PM
rust is a language in which you can borrow a cow