jduck's Avatar

jduck

@jduck.me

Continuously learning about computer security through research and development.

701
Followers 246
Following 50
Posts 26.07.2023
Joined
Posts Following

Latest posts by jduck @jduck.me

πŸ«‚

26.12.2025 14:09 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

btw me and my friend are still looking for CCC tickets, if you happen to be willing to sell them please message me!! .-. #39c3

26.12.2025 07:18 πŸ‘ 6 πŸ” 8 πŸ’¬ 0 πŸ“Œ 0

It's official. No hacker summer for me due to family health complications. I will miss everyone but hope you have a great (and safe) time!! ❀️

14.07.2025 11:21 πŸ‘ 3 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
SURE 2025 | The Workshop on Software Understanding and Reverse Engineering The Workshop on Software Understanding and Reverse Engineering

I'm proud to announce that myself and @AtipriyaBajaj have created the Workshop on Software Understanding and Reverse Engineering (SURE), which will be co-located at CCS 2025. sure-workshop.org/

Please follow our workshop account @sureworkshop and RT it for visibility :).

25.04.2025 16:30 πŸ‘ 7 πŸ” 6 πŸ’¬ 1 πŸ“Œ 0
Post image

We're proud to announce the release of Binary Ninja 5.0. Here's some highlights: Union Support, Dyld Share Cache & Kernel Cache, Firmware Ninja, Auto Stack Arrays, Stack Structure Type Propagation, and so much more. Check out the blog post for more information: binary.ninja/2025/04/23/5...

23.04.2025 20:06 πŸ‘ 25 πŸ” 15 πŸ’¬ 0 πŸ“Œ 1
Preview
Does using Rust really make your software safer? - Blog - Tweede golf We keep saying that Rust is how we make software safer. In this blog, we'll tackle a real-world vulnerability, 'rewrite it in Rust', and show you the results of our empirical research, both as a h ...

Does using #rustlang really make your software safer? tweedegolf.nl/en/blog/152/...

23.04.2025 14:38 πŸ‘ 54 πŸ” 18 πŸ’¬ 1 πŸ“Œ 2

I'm proud to announce that I, through my company @magnetitesec.bsky.social, donated to the Redox OS project! If you're not familiar, Redox OS is a pure Rust Micro kernel based operating system. This donation allows them to sponsor one additional student for their Summer of Code!

22.04.2025 00:40 πŸ‘ 9 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0

I played @defcon.bsky.social CTF quals with @shellphish.bsky.social this year! I'm really impressed with the difficulty levels Nautilus Institute put forth. Making CTF challenges in the AI era has... special considerations... but they nailed it :-) Thanks to everyone involved for a great weekend!

15.04.2025 14:32 πŸ‘ 5 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Hey Steve! Would have loved to attend but a) waitlisted and b) wasn't feeling up to it (sinus headache from allergies I think). Hope it went great!

10.04.2025 01:38 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
A small bug in the signature verification of AOSP OTA packages A signature verification bypass in a function that verifies the integrity of ZIP archives in the AOSP framework

There is a small bug in the signature verification of OTA packages in the Android Open Source Framework.
Official builds doing normal double verification of packages are not vulnerable but OEMs and third party apps may be.
JΓ©rΓ©my Jourdois explains it here:
blog.quarkslab.com/aosp_ota_sig...

08.04.2025 17:51 πŸ‘ 5 πŸ” 5 πŸ’¬ 0 πŸ“Œ 0
Building a Linux Kernel Driver using Rust - Rust Exercises

"Building a Linux Kernel Driver using Rust": rust-exercises.ferrous-systems.com/latest/book/...

05.04.2025 08:06 πŸ‘ 42 πŸ” 9 πŸ’¬ 0 πŸ“Œ 1

I thought you loved C. You must be trolling.

04.04.2025 21:29 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
BSides Canberra 2025 Schedule, talks and talk submissions for BSides Canberra 2025

Our Call for Presentations & Events is now open!

Got cool research, a fresh exploit, or a unique cybersec insight? Submit your talk & be part of Australia’s biggest hacker con!

cfp.bsidescbr.com.au/bsides-canbe...

31.03.2025 22:50 πŸ‘ 2 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0
GitHub - ariel-os/ariel-os: Ariel OS is a library operating system for secure, memory-safe, low-power Internet of Things, written in Rust Ariel OS is a library operating system for secure, memory-safe, low-power Internet of Things, written in Rust - ariel-os/ariel-os

github.com/ariel-os/ari... /via @mattkeeter.com #rustlang

31.03.2025 16:56 πŸ‘ 45 πŸ” 4 πŸ’¬ 1 πŸ“Œ 0

Don't forget, the CFP for the 40th anniversary issue of Phrack is open until June 15th 2025. You can be someone's favorite article in the future!!

bsky.app/profile/phra...

24.03.2025 23:31 πŸ‘ 7 πŸ” 10 πŸ’¬ 0 πŸ“Œ 0

Global warming!! Someone outside has covid!!!

29.03.2025 18:13 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Video thumbnail

Having some fun with EM measurements today - side-channels are awesome!

29.03.2025 13:57 πŸ‘ 42 πŸ” 5 πŸ’¬ 1 πŸ“Œ 1

Paged Out! #6 has arrived! And it's jam-packed with content!
You can download it here:
pagedout.institute?page=issues....

29.03.2025 12:23 πŸ‘ 23 πŸ” 27 πŸ’¬ 0 πŸ“Œ 3

Actually I made a mistake and it is actually fixed in 6.14.

29.03.2025 02:05 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Original post on infosec.exchange

Tonight. AHA 0xDE.

If it is your first time attending, you will give an β€œintro talk”. This is an opportunity to share about yourself and allow us to get to know you. This is an important part of the new attendee process. Please take it seriously.

If you’ve given an intro talk before, but have […]

27.03.2025 20:52 πŸ‘ 2 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Preview
GitHub - jduck/bs25-slides: Slides from "Musing from Decades of Linux Kernel Security Research" at BOOTSTRAP25 Slides from "Musing from Decades of Linux Kernel Security Research" at BOOTSTRAP25 - jduck/bs25-slides

Happy to share my slides from BOOTSTRAP25. Unfortunately the bug discussed is still not patched in Linux 6.14.0 despite it being reported explicitly. Slides are in markdown but there's a PDF in "releases" too github.com/jduck/bs25-s...

25.03.2025 19:26 πŸ‘ 14 πŸ” 7 πŸ’¬ 1 πŸ“Œ 0

Not to mention specifically block and/or modify it

25.03.2025 19:22 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

The sedexp Linux malware was disclosed in late 2024. In my talk at @kernelcon.bsky.social, I will present my own deep dive of the malware, including many parts that have not been made public, such as loading of a memory-only rootkit. Be sure to attend for a teardown with @volatilityfoundation.org 3!

20.03.2025 18:01 πŸ‘ 12 πŸ” 7 πŸ’¬ 0 πŸ“Œ 0
Preview
Antitrust (2001) ⭐ 6.1 | Action, Crime, Drama 1h 48m | PG-13

Has anyone else seen m.imdb.com/title/tt0218... ? Eerie

08.03.2025 05:56 πŸ‘ 2 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Last week I attended Vector35 @re-verse.io RE//verse conference and it was great! Excellent food, high signal to noise (RE/VR), and great people. I scored some amazing schwag including a SIM transposer and a @binaryninja.bsky.social hacky sack! w00t!

04.03.2025 03:57 πŸ‘ 11 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

On March 29th, I will be speaking at @bsidessd.bsky.social on Volatility 3, including all its new features and plugins. Be sure to attend to catch a sneak peak at the new framework before the major release later this Spring!

www.bsidessd.org

#DFIR #infosec

03.03.2025 15:49 πŸ‘ 8 πŸ” 7 πŸ’¬ 0 πŸ“Œ 1
Post image Post image

Digital vs film X-ray . Film offers higher resolution and better dynamic range with the same settings, but slightly longer exposure time (and more tedious image acquisition). Comes in handy when it comes to tiny electronics. Images of an Abbott Lingo continuous glucose monitor.

26.02.2025 14:40 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

Yes and no on rust in the kernel. I really wish it was more and faster

26.02.2025 19:58 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Blackhoodie at Ringzer0 Bootstrap 2025 Compiler Internals for Security Engineers

BlackHoodie will be back at @ringzer0.bsky.social Bootstrap conference in Austin, TX 🀠 On Friday March 21st I'll be teaching Compiler Internals for Security Engineers, a class for women by women, and it's free. Register here blackhoodie.re/Ringzer0_Boo...

19.02.2025 17:56 πŸ‘ 7 πŸ” 11 πŸ’¬ 0 πŸ“Œ 1

Nice! There's sadly a hugely tiny portion of comms on the Internet about exposing Rust to C (versus tons about wrapping C in Rust). I would love to see that change!

19.02.2025 19:02 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0