Dean Jerkovich
@tecnik.bsky.social
Security @ google | kiwi | New Yorker
Reposted by Dean Jerkovich
If you were in favor of providing law enforcement access routes into your encrypted data during the Biden administration, have you changed your mind?
I'm curious how the "This will only be used with due process and legal authority" perspective is holding up in the era of DOGE.
I'm curious how the "This will only be used with due process and legal authority" perspective is holding up in the era of DOGE.
February 6, 2025 at 12:29 AM
If you were in favor of providing law enforcement access routes into your encrypted data during the Biden administration, have you changed your mind?
I'm curious how the "This will only be used with due process and legal authority" perspective is holding up in the era of DOGE.
I'm curious how the "This will only be used with due process and legal authority" perspective is holding up in the era of DOGE.
My first car was $100 and I can’t stop comparing things to how many 1985 corollas it costs. I should probably at least update it for inflation to be intellectually honest.
February 4, 2025 at 11:43 PM
My first car was $100 and I can’t stop comparing things to how many 1985 corollas it costs. I should probably at least update it for inflation to be intellectually honest.
Reposted by Dean Jerkovich
The unseen world of 3d printing at 1000fps!
YouTube video by Lost In Tech
youtu.be
February 3, 2025 at 6:35 PM
Reposted by Dean Jerkovich
I got Linux running in a PDF file using a RISC-V emulator.
PDFs support Javascript, so Emscripten is used to compile the TinyEMU emulator to asm.js, which runs in the PDF. It boots in about 30 seconds and emulates a riscv32 buildroot system.
linux.doompdf.dev/linux.pdf
github.com/ading2210/li...
PDFs support Javascript, so Emscripten is used to compile the TinyEMU emulator to asm.js, which runs in the PDF. It boots in about 30 seconds and emulates a riscv32 buildroot system.
linux.doompdf.dev/linux.pdf
github.com/ading2210/li...
January 31, 2025 at 8:02 PM
I got Linux running in a PDF file using a RISC-V emulator.
PDFs support Javascript, so Emscripten is used to compile the TinyEMU emulator to asm.js, which runs in the PDF. It boots in about 30 seconds and emulates a riscv32 buildroot system.
linux.doompdf.dev/linux.pdf
github.com/ading2210/li...
PDFs support Javascript, so Emscripten is used to compile the TinyEMU emulator to asm.js, which runs in the PDF. It boots in about 30 seconds and emulates a riscv32 buildroot system.
linux.doompdf.dev/linux.pdf
github.com/ading2210/li...
Reposted by Dean Jerkovich
As someone who's on both sides of this one, it's a no-brainer: Disclose and then the clock starts. Threat actors aren't bound by NDAs or 3rd party intermediaries and neither are security researchers. Coordinated disclosure is in every company's interest, but if they refuse, that's on them.
Twice this week I’ve heard from researchers who literally can’t disclose security vulnerabilities to companies, because they refuse to accept them. The companies will only let them go through outside services like HackerOne, where coincidentally you have to sign an NDA.
January 15, 2025 at 10:00 PM
As someone who's on both sides of this one, it's a no-brainer: Disclose and then the clock starts. Threat actors aren't bound by NDAs or 3rd party intermediaries and neither are security researchers. Coordinated disclosure is in every company's interest, but if they refuse, that's on them.
Reposted by Dean Jerkovich
(please re-post for reach - thank you!)
Learned a cool new Linux trick? Know an interesting quirk in a network protocol? Or have something else to share?
Write a 1-page article for the #6 issue of Paged Out! :)
pagedout.institute?page=cfp.php
Soft deadline is Feb 1st.
Learned a cool new Linux trick? Know an interesting quirk in a network protocol? Or have something else to share?
Write a 1-page article for the #6 issue of Paged Out! :)
pagedout.institute?page=cfp.php
Soft deadline is Feb 1st.
January 7, 2025 at 7:41 AM
(please re-post for reach - thank you!)
Learned a cool new Linux trick? Know an interesting quirk in a network protocol? Or have something else to share?
Write a 1-page article for the #6 issue of Paged Out! :)
pagedout.institute?page=cfp.php
Soft deadline is Feb 1st.
Learned a cool new Linux trick? Know an interesting quirk in a network protocol? Or have something else to share?
Write a 1-page article for the #6 issue of Paged Out! :)
pagedout.institute?page=cfp.php
Soft deadline is Feb 1st.
It’s truly phenomenal and inspiring what was achieved by skunkworks - I assumed the 1980s was a freewheeling Wild West lacking regulation and rules.
Certainly does a rug pull on notions of “I could do .. if only ..”
Certainly does a rug pull on notions of “I could do .. if only ..”
December 5, 2024 at 1:38 PM
It’s truly phenomenal and inspiring what was achieved by skunkworks - I assumed the 1980s was a freewheeling Wild West lacking regulation and rules.
Certainly does a rug pull on notions of “I could do .. if only ..”
Certainly does a rug pull on notions of “I could do .. if only ..”
Ben Rich in his book on skunkworks & the F117a: ~the unions would’ve killed us if they found out we wouldn’t hire bearded men. But osha demanded clean shaved faces due to safety concerns with the materials we used
This post by Haroon sent me down a rabbit hole: blog.thinkst.com/2019/02/when...
This post by Haroon sent me down a rabbit hole: blog.thinkst.com/2019/02/when...
When you can’t do awesome things, because of crushing bureaucracy
I’ve sometimes bumped into people who bemoan their broken company cultures with varying degrees of self-awareness. Around 2007, a then-customer heard we were heading to Vegas to speak at BlackHat a…
blog.thinkst.com
December 5, 2024 at 1:37 PM
Ben Rich in his book on skunkworks & the F117a: ~the unions would’ve killed us if they found out we wouldn’t hire bearded men. But osha demanded clean shaved faces due to safety concerns with the materials we used
This post by Haroon sent me down a rabbit hole: blog.thinkst.com/2019/02/when...
This post by Haroon sent me down a rabbit hole: blog.thinkst.com/2019/02/when...
Zero trust is coarse grained, so it’s not an end goal but rather step 1. Step 2 is extending the model to do fully context-aware fine grained (object-level) access. Step 3 isn’t clear, but will be once we’re seeing attacks against step 2.
November 23, 2024 at 4:21 PM
Zero trust is coarse grained, so it’s not an end goal but rather step 1. Step 2 is extending the model to do fully context-aware fine grained (object-level) access. Step 3 isn’t clear, but will be once we’re seeing attacks against step 2.
I’m pretty sure I’m young and hip but also pretty sure a lot of security people don’t remember wardriving with PCMCIA cards and debugging bad drivers in a moving car
November 22, 2024 at 10:33 PM
I’m pretty sure I’m young and hip but also pretty sure a lot of security people don’t remember wardriving with PCMCIA cards and debugging bad drivers in a moving car
Wardriving over IP
I don’t think this is a new trick tbh… still a vector people don’t necessarily think about tho
Russian spies—likely Russia's GRU intelligence agency—used a new trick to hack a victim in Washington, DC: They remotely infected another network in a building across the street, hijacked a laptop there, then breached the target organization via its Wifi. www.wired.com/story/russia...
November 22, 2024 at 10:30 PM
Wardriving over IP
Reposted by Dean Jerkovich
The thing that's confusing me is how after doing mass layoffs, tech companies keep managing to hire people from a pool of like 10 North Korean spies despite there being so many real applicants looking for jobs
November 20, 2024 at 7:30 PM
The thing that's confusing me is how after doing mass layoffs, tech companies keep managing to hire people from a pool of like 10 North Korean spies despite there being so many real applicants looking for jobs