About 105 results
https://octet-stream.net/b/scb/2026-01-14-difficulties-enabling-apples-mie.html · 14 Jan 2026 · 🦋 Bluesky
14 January 2026 I previously blogged a demo in which I activated Apple's new hardware memory tagging feature, part of Memory Integrity Enforcement. This could accurately detect at runtime when I had overflowed a buffer or caused a use-after-free. Very ne...
https://octet-stream.net/b/scb/2026-01-12-progress-in-standard-site-validation.html · 12 Jan 2026 · 🦋 Bluesky
12 January 2026 A few days ago I published a simple validation tool for standard.site, which is a proposed standard for announcing long-form content on the ATProto network. (I explained what this is about in a previous post.) My tool is relatively sim...
https://octet-stream.net/b/scb/2026-01-03-including-rust-in-an-xcode-project-with-pointer-auth-arm64e.html · 3 Jan 2026 · 🦋 Bluesky
3 January 2026 When you add the "Enhanced Security" Capability to an iOS app in Xcode, one of the options is "Authenticate Pointers" (ENABLE_POINTER_AUTHENTICATION). This is checked by default. Therefore somebody who is adding this Capability in order to...
https://nesbitt.io/2025/12/27/how-to-ruin-all-of-package-management.html · 27 Dec 2025
Attach financial incentives to open source metrics and watch the spam flood in.
https://nesbitt.io/2025/12/17/typosquatting-in-package-managers.html · 17 Dec 2025
A reference guide to typosquatting techniques, real-world examples, and detection tools.
https://octet-stream.net/b/scb/2025-12-16-experiments-with-memory-integrity-enforcement.html · 16 Dec 2025 · 🦋 Bluesky
16 December 2025 Imagine if you could write C code and the computer would detect and abort immediately if you wrote one byte past the end of your heap allocation—or if you tried to access it after it was freed. It sounds like AddressSanitizer, right? I...
https://nesbitt.io/2025/12/10/slopsquatting-meets-dependency-confusion.html · 10 Dec 2025
LLMs can leak internal package names, making dependency confusion attacks easier to scale.
https://til.iainsimmons.com/posts/raycast-extension-fetch-error · 2 Dec 2025
today iain learned: How to fix a Raycast Extension fetch error
https://www.coryd.dev/posts/2025/captchas-and-the-punishment-of-privacy-conscious-users · 8 Oct 2025
I've been using an adblocker of some sort or another for roughly as long as I've been using the internet. It's become a necessary security measure and a necessary part of protecting your attention online. I also pay for and frequently use a VPN. Privacy sh...
https://octet-stream.net/b/scb/2025-09-16-protect-your-keys-with-the-secure-enclave.html · 20 Sep 2025 · 🦋 Bluesky
20 September 2025 This is the transcript and slides from a presentation I gave at /dev/world in Melbourne on September 4, 2025, describing how the Secure Enclave works to protect cryptographic keys in Apple devices, building up to a demo where we perform...