Hacker News: evilsocket

New comment by evilsocket in "GitHub's fake star economy"

evilsocket — Tue, 21 Apr 2026 08:01:12 +0000

It does not make the numbers, research and original research on top of which this is based, wrong :D

New comment by evilsocket in "GitHub's Fake Star Economy"

evilsocket — Mon, 20 Apr 2026 12:00:29 +0000

that's exactly the next-round attack. StarScout's network-centrality defense works for the current generation of campaigns but won't survive LLM-generated PR/commit patterns

New comment by evilsocket in "GitHub's Fake Star Economy"

evilsocket — Mon, 20 Apr 2026 11:59:50 +0000

Agree that sophisticated funds don't, but the ecosystem hasn't caught up. StarHub/GitStar pricing pages still sell to "seed-stage founders pre-fundraise"

New comment by evilsocket in "Mongoose: Preauth RCE and MTLS Bypass on Devices"

evilsocket — Thu, 02 Apr 2026 13:37:20 +0000

Mongoose network library <= 7.20

CVE-2026-5244 - mg_tls_recv_cert pubkey heap-based overflow (exploitable), CVE-2026-5245 - mDNS Record stack-based overflow (exploitable), CVE-2026-5246 - authorization bypass via P-384 Public Key (trivially exploitable)

Fun ride.

Mongoose: Preauth RCE and MTLS Bypass on Devices

evilsocket — Thu, 02 Apr 2026 13:37:20 +0000

Article URL: https://www.evilsocket.net/2026/04/02/Mongoose-Preauth-Remote-Code-Execution-and-mTLS-Bypass/

Comments URL: https://news.ycombinator.com/item?id=47614310

Points: 2

# Comments: 1

New comment by evilsocket in "Claude Code Taught Itself to Escape Its Own Sandbox"

evilsocket — Mon, 09 Mar 2026 16:37:34 +0000

we are so fu*ed

New comment by evilsocket in "TP-Link Tapo C200: Hardcoded Keys, Buffer Overflows and Privacy"

evilsocket — Sun, 21 Dec 2025 16:33:12 +0000

Agreed 100%, never said the opposite

New comment by evilsocket in "TP-Link Tapo C200: Hardcoded Keys, Buffer Overflows and Privacy"

evilsocket — Sat, 20 Dec 2025 17:42:15 +0000

I just meant that it was very convenient to have the firmware images there on S3, nothing else :D Many vendors make the process of even just obtaining a copy of the firmware much harder than that, so for once I was glad it has been much easier. Also being able to bindiff two adjacent versions of the same firmware is great ... all in all I was just expressing my happiness :D

New comment by evilsocket in "TP-Link Tapo C200: Hardcoded Keys, Buffer Overflows and Privacy"

evilsocket — Sat, 20 Dec 2025 17:40:18 +0000

Do you people realize that there's a big difference between open source and proprietary technologies right?

New comment by evilsocket in "Open sourcing Nerve, a tool to instrument LLMs to perform tasks, without code"

evilsocket — Sat, 22 Jun 2024 18:46:15 +0000

Nerve is a tool that creates stateful agents with any LLM — without writing a single line of code. While it was inspired by other projects such as Autogen and Rigging, its main goal and core difference with other tools is to allow the user to instrument smart and stateful agents without writing code (unless required for custom functionalities).

Open sourcing Nerve, a tool to instrument LLMs to perform tasks, without code

evilsocket — Sat, 22 Jun 2024 18:46:15 +0000

Article URL: https://github.com/evilsocket/nerve

Comments URL: https://news.ycombinator.com/item?id=40761180

Points: 4

# Comments: 1

New comment by evilsocket in "Reverse Engineering Apple’s Multipeer Connectivity Framework"

evilsocket — Thu, 20 Oct 2022 15:18:06 +0000

lol thank you ... yes they did

Cryptographic failures in RF encryption allow stealing robotic devices

evilsocket — Wed, 29 Jun 2022 15:42:04 +0000

Article URL: https://www.cossacklabs.com/blog/cryptographic-failures-in-rf-encryption/

Comments URL: https://news.ycombinator.com/item?id=31921743

Points: 63

# Comments: 17

Weaponizing and Gamifying AI for WiFi Hacking: Presenting Pwnagotchi 1.0.0

evilsocket — Sat, 19 Oct 2019 16:06:49 +0000

Article URL: https://www.evilsocket.net/2019/10/19/Weaponizing-and-Gamifying-AI-for-WiFi-Hacking-Presenting-Pwnagotchi-1-0-0/#.Xas0glNIdFd.hackernews

Comments URL: https://news.ycombinator.com/item?id=21299156

Points: 3

# Comments: 0

How to Create a Malware Detection System with Machine Learning

evilsocket — Wed, 22 May 2019 22:41:06 +0000

Article URL: https://www.evilsocket.net/2019/05/22/How-to-create-a-Malware-detection-system-with-Machine-Learning/#.XOXP_LPbOW0.hackernews

Comments URL: https://news.ycombinator.com/item?id=19986349

Points: 2

# Comments: 0

New comment by evilsocket in "OpenSnitch – A Linux clone of the Little Snitch application firewall"

evilsocket — Wed, 03 May 2017 15:30:50 +0000

as long as i know, you definitely need root to communicate with netlink .... i don't think there're gonna be large packet flows, only first connection packets tnx to conntrack, it's doable :)

New comment by evilsocket in "OpenSnitch – A Linux clone of the Little Snitch application firewall"

evilsocket — Wed, 03 May 2017 14:46:08 +0000

Ahah not really 24/7, but you're almost there :) it's my way to repay the OSS community for everything I learned from OSS during my life.

New comment by evilsocket in "OpenSnitch – A Linux clone of the Little Snitch application firewall"

evilsocket — Wed, 03 May 2017 14:32:50 +0000

As I said, it'll be in C++, Go is great, Rust too, but I just can't get used to their syntax :D

New comment by evilsocket in "OpenSnitch – A Linux clone of the Little Snitch application firewall"

evilsocket — Wed, 03 May 2017 13:51:16 +0000

OpenSnitch is not only about ftrace, check the NFQUEUE handling, moving to native will improve performances and stability. Also, it requires root because that's the only way it can install the iptable rules it needs in order to function properly.

New comment by evilsocket in "OpenSnitch – A Linux clone of the Little Snitch application firewall"

evilsocket — Wed, 03 May 2017 13:21:51 +0000

OpenSnitch author here ... although performances are not a big deal here because only conntrack packets are intercepted, the project will move to a C++ implementation once the current Python prototype/PoC will be complete and will prove that what I want to do is 100% doable on GNU/Linux :)