Email or username:

Password:

Forgot your password?
All posts qwertyoruiopz's posts Back to profile
2 posts total
qwertyoruiopz

Netscape Navigator exploitation is probably harder than modern Blink/WebKit. Our crack team of browser researchers found type confusions in the JS engine, but the behaviour makes no sense. And we are learning the ISA looking at MacsBug. #37c3
29 Dec 2023 at 18:43 | Open on nso.group
Show previous comments
codecolorist @ 37c3

@qwertyoruiop things that won’t happen to it:
29 Dec 2023 at 21:20 | Open on infosec.exchange
J. Peterson

@qwertyoruiop The site of a MacsBug screen is traumatizing to those of us who wrote apps for the Mac in the '80s.

30 Dec 2023 at 3:12 | Open on mastodon.social
Oliver Hunt
qwertyoruiopz

they say C++ is all about zero cost abstractions but no one is accounting for the cost of therapy needed after looking at C++ code for long enough

26 Oct 2023 at 15:55 | Open on nso.group
Oliver Hunt

@qwertyoruiop In fairness that's how they treat all of the other costs that come from C and C++: ASLR, Pointer Auth, zoned/typed allocators, etc. C and C++ achieve "zero abstractions" by defining any of the costs incurred by the language design choices as being UB and out of the scope of the language itself. Which is certainly a strategy.

Also, I cannot stress enough how amazing it is to me that you were able to get that domain.

26 Oct 2023 at 17:21 | Open on mastodon.social
Pierre H.

@qwertyoruiop which is why we're rewriting all of XNU in C++, just for your (dis)pleasure

26 Oct 2023 at 18:34 | Open on infosec.exchange
Adriano

@qwertyoruiop Nietzche had words for C++. Words we did not heed.

26 Oct 2023 at 18:36 | Open on lile.cl
Go Up