Three browsers down, one to go... time to get some sleep :)
Manfred Paul
92 posts
Manfred Paul
@_manfp
Security but not as in "national security". Playing CTFs with @redrocket_ctf (and @Sauercl0ud). Pwn2Own Vancouver 2020..=2024\{2023}. @manf@infosec.exchange
Outside of computed bounds
Joined January 2020
- No, I'm not just spending all my time breaking the assumptions of eBPF JIT-compilers. I also have completely different hobbies, like breaking the assumptions of javascript JIT-compilers!
- This argument feels deeply unsettling to me. No matter your stance on states exploiting vulnerabilities, shifting the moral obligation to vendors and researchers and demanding they be complicit in it is a dangerous precedent and short-sighted.New blog post "Google: Stop Burning Counterterrorism Operations" My reflection on an incident where Project Zero and TAG knowingly shut down an active Western counterterrorism cyber operation, and the real-world harm that could have resulted from it. poppopret.org/2024/06/24/goo…
- Happy to have my write-up on @thezdi's blog again - after so many fights with some kind of range analysis, a bug that just directly gives every type confusion you want felt quite funIn a new guest blog, #Pwn2Own winner @_manfp details CVE-2024-2887 - a bug he used to exploit both #Chrome and #Edge during the contest on his way to winning Master of Pwn. He breaks down the root cause and shows how he exploited it. Read the details at zerodayinitiative.com/blog/2024/5/2/…
- If you're a security researcher and in Germany, consider signing cysec-reform.jetzt . Decriminalizing research might not be the top political priority right now, but it's still important!
- Replying to @ghidraninjaI can in fact confirm that I can barely pass as a human being
- Replying to @maxpl0itTo be fair, browser sandboxes are a huge part of these mitigations - and for that I only did the Firefox one (the other stuff was Renderer-Only)
- Replying to @bl4styI found my first CVE during GoogleCTF - I totally thought that it was the intended solution to find one in (legacy-sandboxed) Ghostscript (it wasn't - but I still think it might have been easier than the challenge!)
- Had a great time playing for the German team at @ecsc2024, shout out to the organizers for putting on a really great competition!
- Replying to @_manfpTheir job is making software more secure, not being geopolitical judges of which exploit campaign is moral and good. If you're concerned with tech companies inserting themselves into such things, then wouldn't the latter actually give them much *more* power?
- Replying to @_manfpThis really just feels like the discourse of backdooring encryption all over again. There is no "secure but with exceptions for when the good guys need access". That's called being insecure.
- 18 months ago I learned that you can’t schedule a Tweet more than 18 months in the future.
