Thanks for the confirmation. I will follow the steps to reproduce to confirm the status. Let me know if you need anything else from myside I hope this type of hard effort deserve something rewards Paypal or bank transfer Best Regards

Told someone their "vulnerability report" is bs (result of an automatic scanner that has a false positive...)

This was the response 😑

Sometimes it’s nice to go back to basics:

Built firmware that’s just 246 bytes, uses no RAM at all, and runs parasitically from a 1-wire bus at just 0.2 mA.

Yet it emulates a full jetski key!

You can see voltage rising until the chip starts running based on the BOD threshold.

I don’t think that’s true

If you ever lose the keys to your older Sea-Doo Jetski you might find these bytes useful when talking to the ECU😇

95 BC 2F 02 04 A4 75 BE

Option A: Upgrade iPhone to iOS26 and have to use liquid glass

Option B: Get pwned by DarkSword malware

I don't know which one is worse

Put that thing on a pole and call it the BLE swiffer.

Sometimes, you simply need Bluetooth HIGH Energy📡

The issue is the ESR. It's too low, impacting the loop stability of the regulator in this case

If the datasheet says to use tantalum capacitors - then use tantalum capacitors!

Blue = Ceramics
Yellow = Tantalum

Not if you try ifconfig first every single time 🤷‍♂️

alias ip='rm -rf /'

Simple age check for Linux:

Just have the shell ask the user to check the host IP on first boot.

If they type ifconfig they are old enough, if they type ip addr they deserve to be restricted from their computer 😇

Things I didn’t see coming: apparently I own a Game Boy signed by a Eurovision contestant?! 😆

youtu.be/8XR2RvfZ-68

No JLC, component placement is not correct 😂

Awesome!!

We wrote a similar tool compatible with a bunch of programmers:

flash.hextree.io

Won today’s bet of “Do I really have no oil pressure, or is the gauge just broken?” 😅

If you find one where some channels don’t move: In 90% of cases it’s just the transistors that are broken. Simple to change and readily available at Digikey & co.

Replaced all on mine just to be sure.

Wow, used Yamaha 01V96 are a steal - and 17 motor faders are a lot of fun 😀

a shirtless man with blonde hair is sitting in a chair . ALT: a shirtless man with blonde hair is sitting in a chair .

Memory Tagging Extension checking my pointer

"The pointer was feeling fabulous today."

Yes VSCode, I obviously want to use the color-picker to edit the address offsets in Arm assembly 😂

Yep, just a very simple nRF52840 BLE sniffer :)

Fancy, the board-house sent me x-rays of my PCBs!

We were able to find some minor correlations, but by far not enough to leak the key successfully.

If you think you found something - even if it's not a full attack - send an e-mail, it's about making the implementation more secure, not about building the best attack.🛡️

RP2350 Hacking Challenge 2: Less randomisation, more correlation - Raspberry Pi Our second RP2350 Hacking Challenge has evolved, with prize money still up for grabs.

My first post on the RaspberryPi Blog 😍

We've extended the RP2350 side-channel hacking challenge to April 30 - and even better: To make attacks for the challenge easier, we decided to disable the random chaffing and some more mitigations!

www.raspberrypi.com/news/rp2350-...

The one on the stands is just a random QFP carrier i had on my desk - the one on the bottom is my PCBite plate :)

flashfixer.py GitHub Gist: instantly share code, notes, and snippets.

gist.github.com/nezza/3841f9...

Yeah I have a script that takes multiple dumps and then creates one "true" dump with the most likely bytes from multiple dumps.

It also logs out outliers which is helpful!

The PCB is suuuper sensitive. I ripped off three pads so far... To get to chip-select I had to solder onto the tiny tiny tiny via barrel😵‍💫