have you seen the new supply chain vuln? don't update tubu. it's literally on heebee. they got poodee's deps. they infiltrated dippy. roll back weeno. disable scripts in ~/.gumpyrc. it's in poob. do not install poob. do not update poob. uninstall poob right now. poob has it in for you.
KPTI is not enabled on recent systems because intel processors since ~2018 haven't been affected by Meltdown, its not disabled for performance
by default, Linux uses "mitigations=auto" and enables mitigations on boot based on the processor, if it is affected by Meltdown then Linux will enable KPTI
I think it might be that some people misunderstand Meltdown as an inherent consequence of out-of-order execution like Spectre is for speculative execution, but it isn't, AMD chips were never affected and Intel chips haven't been for years
I've noticed a surprising amount of people in security have misconceptions about Meltdown, where they think its still a problem and that either KPTI is still being commonly deployed on recent Linux systems or think KPTI was disabled for performance reasons
Sorry, I didn't intend to jump on her or anything with my response :(
I definitely I could've better expressed what I was saying, but the character limit on this site makes it hard. The other responses were very unwarranted though, I don't know why they felt the need to jump in like that.
The majority of those in the US military come from a middle class background. Low income backgrounds are slightly underrepresented even. I've heard similar arguments before, but they just don't seem to be reflected in demographic data afaict.
www.cfr.org/backgrounder...
Kansas Sends Letters To Trans People Demanding The Immediate Surrender Of Drivers Licenses "The legislature did not include a grace period." ERIN REED FEB 25, 2026 88 5 21 Share Kansas Sate Capitol // farzinvousoughian
1. Numerous transgender people in Kansas are reporting that the state has sent them a letter demanding the immediate surrender of drivers licenses.
Those driving could be arrested, charged, and see privileges revoked.
Subscribe to support our journalism.
www.erininthemorning.com/p/kansas-sen...
i don't usually like to post about politics because it's depressing and id rather post about fun security stuff
but there's just such horrifying stuff going on here, denying hormones and surgeries, tapering people on hormones off of them. people are going to die from this...
wrote a short blog post about some toying around I did with using kprobes to get around a mitigation in order to disable SMEP/SMAP:
blog.zolutal.io/two-shot-ker...
๐ฃ Call for papers!
If you're interested in all things metascience, consider submitting to the 1st Workshop on Metascience and Critical Reflections in Security & Privacy (MetaCRiSP), co-located with IEEE S&P. Deadline's Feb 12, AoE.
CfP & details: metacrisp.org
Am I tripping or is this sentence really weird, are they using AMAB here to lop cis men and transfems together...? no comment on the rest of it, but this gave me an ick ngl
"Overwhelmingly white, upper middle class+, and AMAB the FOSS community seems confused, why can't it attract more adherents?"
I solved my first ever v8 exploitation challenge this past weekend and did a little writeup on it:
blog.zolutal.io/securinets-s...
a screenshot of debug output from doing a successful nested page walk
Success :3
that my normal guest page-walking code for converting an L1 virtual address to an L1 physical address was able to be entirely reused to do an L2 physical address to L1 physical address walk by just using the L1 EPTP in place of the L1 cr3 was pretty neat
it was actually surprisingly easy to implement, except that I for some reason was treating the result of the nested page walk as an L1 physical address instead of an L2 physical address, just needed one more page walk to finish it off
a screenshot of debug output from doing a successful nested page walk
Success :3
"Yes please walk the EPT in L1 for the L2 cr3 to get the L2 PML4 physical address in L1 so you can convert that to a virtual address in your VMM to read the L2 PML4E associated with an L2 virtual address" - Statements dreamed up by the utterly Deranged
I finally got around to blogging again!
This time its about the fun rabbit hole I went down last year of trying to improve Linux kernel ROP gadget discovery:
blog.zolutal.io/joys-of-kern...
We brought the FineIBT bypass to the linux-hardening mailing list a few months ago and it has since been addressed by introducing a new paranoid FineIBT mode that adds caller-side checks.
The LWN article that got written about it does a good job describing the issue and fix: lwn.net/Articles/101...
My first paper is now up on the USENIX Security site :)
We evaluated the prevalence of x86_64/aarch64 system instructions in Linux kernel builds and their applicability to Control Flow Hijacking exploitation, identifying a FineIBT (Kernel CFI) bypass in the process!
www.usenix.org/conference/u...