2 years ago I did a PoC to run #rust 🦀 in the #pixel modem
Today it shipped in millions of devices!
They grow up to fast! 🥲
security.googleblog.com/2026/04/brin...
#rust #security #smartphone #baseband
Posts by jiska
I'm reading a bunch of Coruna reports after dinner because I am a cool person who knows how to party. Of particular interest: not only does Coruna not work against iOS in lockdown mode, but if it even detects lockdown mode running, it bails. This is why I talk about lockdown mode so damn much.
Google's Pixel 10 supports Apple's AirDrop protocol. Curious about how they did this? Let's take a look!
youtu.be/qBsNoa0FOPw
Google's Pixel 10 supports Apple's AirDrop protocol. Curious about how they did this? Let's take a look!
youtu.be/qBsNoa0FOPw
Call History Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: A user with Live Caller ID app extensions turned off could have identifying information leaked to the extensions Description: A logic issue was addressed with improved checks. CVE-2026-20638: Nils Hanff (@nils1729@chaos.social) of Hasso Plattner Institute
Wallet We would like to acknowledge Aaron Schlitt (@aaron_sfn) of Hasso Plattner Institute, Cybersecurity - Mobile & Wireless, Jacob Prezant (prezant.us), Lorenzo Santina (@BigNerd95) and Marco Bartoli (@wsxarcher) for their assistance.
Two students I supervised in today's iOS release notes 🎉🎉🎉
support.apple.com/en-us/126346
The Cycle 2 deadline for the USENIX WOOT Conference is in ~ 3 weeks (March 3, 2026)!
WOOT continues to include both a Systematization of Knowledge (SoK) track and an Up-and-Coming track (industry-focused).
Details are available in the Call for Papers:
www.usenix.org/conference/w...
In this video, I'm analyzing a really confusing dialog on macOS. Let's dig a bit deeper into what it should do and what it's actually doing. #reverseengineering
youtu.be/P7hYg2GpsTk
In this video, I'm analyzing a really confusing dialog on macOS. Let's dig a bit deeper into what it should do and what it's actually doing. #reverseengineering
youtu.be/P7hYg2GpsTk
Last weekend, Telekom changed their network name from "Telekom.de" to "Im besten Netz." 📶
Curious about how they did this? Will more ad campaigns follow? And what can you do to change it back?
More details in this video: youtu.be/-PchHdFhl5M
The new AirTags 2 just arrived!
Time to take them apart 🧵
Don't miss out on Jiska Classen's - @naehrdine.bsky.social - training on "Practical iOS Reverse Engineering" at #OffensiveCon26
Find more details here🔗https://buff.ly/psTxdyG
I reverse engineered DexProtector, the security solution protecting applications like Revolut and other banking apps.
From custom ELF loaders to vtable hooking, here is an insight into how these protections work and their limitations.
www.romainthomas.fr/post/26-01-d...
Want to know how Apple's Low Latency WiFi works?
Today, 3:40pm CET, Hall 1, #39c3.
More details: events.ccc.de/congress/202...
Stream: streaming.media.ccc.de/39c3/one
In 2026, Jiska Classen - @naehrdine.bsky.social - returns to OffensiveCon with a training on "Practical iOS Reverse Engineering". More details here🔗https://buff.ly/psTxdyG
🚀 Don't miss this chance to improve your skills—sign up now!
WOOT deadline approaching 👀
This is Limburg BE, not NL - though they are pretty close.
www.bsides-limburg.be/home
GrapheneOS released some innovative mitigations prior to Apple. Yet, it needs Big Tech to apply such ideas and make phones more secure at scale.
Using an iPhone 17, which now also ships with EMTE, Inactivity Reboot, SPTM, TXM, Conclaves, ...? — Oh, just the average Apple fangirl/boy who gets a new device every year due to camera improvements. ✅
GrapheneOS im Visier der Strafverfolgung Quelle der Bedenken scheinen Berichte mehrerer französischer Medien zu sein, darunter einer der Tageszeitung Le Parisien. Darin wird GrapheneOS als "Geheimwaffe" bezeichnet, mit der Drogenhändler und andere Kriminelle ihre Daten vor der Polizei schützten. Dass sich das Betriebssystem im Vergleich zum Standard-Android besonders schwer knacken lässt, hatte zuletzt eine geleakte Präsentationsfolie des Forensikdienstleisters Cellebrite gezeigt.
Using a Pixel with GrapheneOS that features Inactivity Reboot, MTE, and more? — You must be a drug dealer. 🚨
Researchers tried plugging every possible phone number into WhatsApp's web app. They found they could collect 3.5 billion users' phone numbers, plus photos for half and profile text for more than a third, the biggest personal data exposure ever by some measures. www.wired.com/story/a-simp...
Binary Ninja 5.2, Io, is live and it's out of this world! binary.ninja/2025/11/13/b...
With some of our most requested features of all time including bitfield support, containers, hexagon, Ghidra import, and a huge upgrade to TTD capabilities, plus a ton more, make sure to check out the changelog!
USENIX WOOT Conference 2026: two submission deadlines this year!
- Cycle 1: December 12, 2025 *only one month away* !
- Cycle 2: March 3, 2026
WOOT still has a SoK track and an "Up-and-coming track" (~Industry), CFP for details:
www.usenix.org/conference/w...
Dein erster Congress und pures Chaos? Die Chaospat:innen sind für dich da. Melde dich bis zum 25. November. Willkommen sind alle, die den #39c3 offener und vielfältiger machen wollen! events.ccc.de/2025/11/10/3...
I just published the slides of my #OBTS v8.0 talk about Apple's #C1 baseband. Our C1 #binja loader is now available on GitHub, and you can find a recording on YouTube.
lukasarnold.de/posts/obtsv8...
Wir freuen uns, den Vorverkauf für den #39c3 anzukündigen. Im Anschluss an die Voucherphase gibt es zwei offene Verkaufstermine. (Fast) alle Engel erhalten heute eine E-Mail mit Voucher events.ccc.de/2025/10/16/3...
On a Saturday night I stumbled across something on the internet that made me feel like ****** my pants. A giant dataset of real surveillance operations targeting 1000s of people across nearly every country. Unraveling it and the mysterious company behind it has consumed 1.5 years of my life