FileVault 2 is the full-disk encryption system of macOS. Normally, it's turned on from System Preferences, and locks the disk with the passwords of all the users allowed to unlock the machine. Overloading the login/unlock/sudo password is an understandable UX simplicity choice, but makes it very hard to…

On Monday, Tavis Ormandy of Project Zero revealed that the Cisco WebEx Chrome extension (20M users) has a critical vulnerability. OMFG🔥 The WebEx Chrome extension has a trivial code execution vulnerability: any website could just install malware on your machine silently https://t.co/3hsvUaQRJU — Filippo Valsorda (@FiloSottile) 23…

Usual disclaimer: "technical notes" posts are probably of zero interest to the blog followers and are just meant for Google. If they annoy, tell me and I'll get a wiki or something. In a past life I wrote FFmpeg filters, which has the interesting side effect of making…

I decided I will blog short technical guides when I do something undocumented. These are probably of zero interest to the blog followers and are just meant for Google. If they annoy, tell me and I'll get a wiki or something. I am moving a machine off Linode (old style…

Hello, a quick post to allow everyone to play along at home with this Superfish thing. (In case this isn't clear: this post is for security professionals only) Disclaimer: sleep deprived and exhausted. Been working on Badfish for 16 hours now, expect inconsistencies. If you don't know what this is…