When the payment for vulns drops i'm wondering where the value is for hackers to run these tools anymore? The LLMs don't do the job for you, testing is still a LOT OF WORK.

consider logic errors and race conditions. Its surely not impossible for llm to find these, but it seems likely that you'll need to step throught the program control flow in order to reveal a lot of these interactions.

I feel like people consider LLM as free since there isn't as much hand-on-keyboard. I kinda disgree, and when the cost of paying out these vulns falls, I feel like nobody is gonna wanna eat the token spend. Plenty of hackers already use ai in their workflows, even then it is a LOT OF WORK.

To answer your question, I thought it might just be slightly harder to extract secrets or exploit a running process directly. Thats all I was saying.

Essentially, 5G is sort of a lie. Phones spend a lot of time exchanging information via 4g/lte, and just like 2g/3g and 3g/4g, there are simply downgrades that can be performed in the field, without getting too far into the weeds.

5G matters not for this.

GrapheneOS really wants the software in the phone to not pwn the phone. This is good. Its a different, and much more difficult problem to secure the connection to the telco, and the larger internet, because the transport is attacker controlled.

Think of it this way: Say you use Qubes because security is valued very highly for you. Even if you run Qubes, if your router is controlled by your attacker, what kind of a security guarantee could you really get for yourself?

Android's attack surface seems pretty jagged. For example there is only one webrender engine on iOS, where you can run anything you like on Android/GrapheneOS.

What that means is they can push malicious settings and configurations (Definitely) and probably malicious firmware to the handset at will. They don't need to code this, they buy the software packages from the usual suspects. Adversary simply needs to put a drt box or a hailstorm or what-not close enough to the handset to do the work.

The baseband can do a lot, it has dma (if I recall correctly) and can almost certainly screen look, and extract information from some but not all base bands. This varies.

GrapheneOS cannot really influence this, but hardened_malloc could conceivably help. What would be great is a bench firmware re-flash, but I don't want to do this every single day.

I just popped in to add that NASA employee Charles White, a scientist involved with the Mars Rover project, also helped make a Burning Man Mars Rover Car (back before Playa Burning Man was completely and utterly torched twice over by Military Industrial Complex Vacationers and Billionaires) and you can hear an interview with him here on Charles White's yt channel: https://youtu.be/BKGROOedAgI ( Mars Rover Art Car interview with Ray Cirino and Charles White )

Charles White is a pretty good guy in my opinion, we play the same video game (EvE: Online) Where Charles White is a very, very well known community member who is known as "The Space Pope". He officiates weddings at our Iceland Fanfest gathering and also runs a Suicide Prevention Outreach group in EvE: Online, as well as teaching leadership skills.

Here's Charles White giving a presentation as an Official NASA employee about Space and our solar system at EvE Fanfest 2016: https://www.youtube.com/watch?v=Atm6Y_JYPEU

Heres a interview about EvE: Online with the Space Pope: https://www.youtube.com/watch?v=dWuj7LfyN4U

anyhow sorry to hijack this about EvE: Online but we have lots of cool people like Scott Manley playing, too: https://www.youtube.com/watch?v=huZlA0eg12U

I really just wanna point out that getting contracts for government administrative building is already like, way in and near the top of the game, this could have set them back 9 months or none at all, still, someone has to be held accountable when there is an obvious miscarriage like this.

I mean they called their boss! They had a special letter! Why didn't shitty sheriff just like demand that the security chief come out and make some calls? 600k sounds fair I suppose but 6 years sure doesn't when its an elected official!

I use audacity for recording vinyl occasionally, but for CD audio I have a bunch of cli scripts. Much easier.

I would suggest that anybody reading NOT try this unless you have a quite large and empty lot with no public access. Pay close attention, they are not called Emergency Brakes, they are called Parking Brakes.

The stated purpose of these brakes are to ensure your car wont roll away while parked. Anybody with a manual transmission knows the ritual of shifting into 1 or Reverse and turning their wheels toward the curb while parked even while the parking brake is engaged.

They won't serve you in an emergency. Here's Mitch Hedberg on "Emergency brake": https://www.youtube.com/watch?v=kMKV1B0vuI8

Just wanted to add, a EPB used for emergency stop in his scenario is just using the regular stopping brakes, its not an emergency brake either.

If that doesn't work you hit it with a hammer from the other side until the parking brake shoes pop out of the pins and come off with the rotor.

The thing people might forget is to clear the corrosion off of the wheel and hub which can be a problem if it breaks away as you drive.

Sometimes its front/rear and sometimes it is diagonal, but it should still do the emergency trick.

It’s 2025 and things move along. People still post their file sharing tools here, but yeah I agree that it does hit different now.

https://en.wikipedia.org/wiki/Crypto_Wars

This is quite the departure and it is quite troubling to me. The ESA launch site is down there iirc, seems like we have natural allies who would join a push, but instead we sent a carrier group.

And more!