About 18 results
https://octet-stream.net/b/scb/2026-01-30-mie-soft-mode.html · 29 Jan 2026 · 🦋 Bluesky
HOME BLOGS PROJECTS GITHUB 30 January 2026 I wrote previously that I was having difficulty making Apple's Memory Integrity Enforcement feature do what it says on the tin. After getting some help from Eskimo on the developer forums I'm pleased to r...
https://octet-stream.net/b/scb/2026-01-14-difficulties-enabling-apples-mie.html · 14 Jan 2026 · 🦋 Bluesky
14 January 2026 I previously blogged a demo in which I activated Apple's new hardware memory tagging feature, part of Memory Integrity Enforcement. This could accurately detect at runtime when I had overflowed a buffer or caused a use-after-free. Very ne...
https://octet-stream.net/b/scb/2026-01-12-progress-in-standard-site-validation.html · 12 Jan 2026 · 🦋 Bluesky
12 January 2026 A few days ago I published a simple validation tool for standard.site, which is a proposed standard for announcing long-form content on the ATProto network. (I explained what this is about in a previous post.) My tool is relatively sim...
https://octet-stream.net/b/scb/2026-01-03-including-rust-in-an-xcode-project-with-pointer-auth-arm64e.html · 3 Jan 2026 · 🦋 Bluesky
3 January 2026 When you add the "Enhanced Security" Capability to an iOS app in Xcode, one of the options is "Authenticate Pointers" (ENABLE_POINTER_AUTHENTICATION). This is checked by default. Therefore somebody who is adding this Capability in order to...
https://octet-stream.net/b/scb/2025-12-16-experiments-with-memory-integrity-enforcement.html · 16 Dec 2025 · 🦋 Bluesky
16 December 2025 Imagine if you could write C code and the computer would detect and abort immediately if you wrote one byte past the end of your heap allocation—or if you tried to access it after it was freed. It sounds like AddressSanitizer, right? I...
https://treybastian.leaflet.pub/3m6jokldu3s2q · 26 Nov 2025 · 🦋 Bluesky
it's not as simple as you may think
https://octet-stream.net/b/scb/2025-09-16-protect-your-keys-with-the-secure-enclave.html · 20 Sep 2025 · 🦋 Bluesky
20 September 2025 This is the transcript and slides from a presentation I gave at /dev/world in Melbourne on September 4, 2025, describing how the Secure Enclave works to protect cryptographic keys in Apple devices, building up to a demo where we perform...
https://octet-stream.net/b/scb/guide-to-signing-notarising-single-cli-binary-mac.html · 30 Nov 2024
30 November 2024 Problem Statement I'm compiling a single executable file for Mac, e.g., a Rust or Go program. I want to distribute it directly to users outside the App Store. I've paid 149 Australian dollarydoos for Apple's Developer Program and want t...
https://wedistribute.org/2024/02/pixelfed-cve/ · 10 Feb 2024
For the second time this month, a Fediverse project reports a critical vulnerability. The devs are on top of it: admins, update your servers!
https://wedistribute.org/2024/02/mastodon-remote-takeover/ · 1 Feb 2024
A new Mastodon vulnerability was found out in the wild, and it's a nasty one. Admins are advised to update to the latest release ASAP.