Hacker News
- TrailOfBits: Build Provenance for Homebrew https://blog.trailofbits.com/2024/05/14/a-peek-into-build-provenance-for-homebrew/ 0 comments
- ABI compatibility in Python: How hard could it be? https://blog.trailofbits.com/2022/11/15/python-wheels-abi-abi3audit/ 2 comments
- 64 bits ought to be enough for anybody https://blog.trailofbits.com/2019/11/27/64-bits-ought-to-be-enough-for-anybody/ 57 comments
- Destroying x86_64 instruction decoders with differential fuzzing https://blog.trailofbits.com/2019/10/31/destroying-x86_64-instruction-decoders-with-differential-fuzzing/ 111 comments
- Our suite of Ethereum security tools https://blog.trailofbits.com/2018/03/23/use-our-suite-of-ethereum-security-tools/ 31 comments
Lobsters
- The life and times of an Abstract Syntax Tree https://blog.trailofbits.com/2024/05/02/the-life-and-times-of-an-abstract-syntax-tree/ 4 comments compilers
- Look out! Divergent representations are everywhere https://blog.trailofbits.com/2022/11/10/divergent-representations-variable-overflows-c-compiler/ 3 comments security
- Microsoft didn’t sandbox Windows Defender https://blog.trailofbits.com/2017/08/02/microsoft-didnt-sandbox-windows-defender-so-i-did/ 2 comments rust , security , windows
- The Challenges of Deploying Security Mitigations https://blog.trailofbits.com/2017/02/20/the-challenges-of-deploying-security-mitigations/ 5 comments compilers , security
- A Preview of McSema: A framework for converting x86 binaries to LLVM bitcode http://blog.trailofbits.com/2014/06/23/a-preview-of-mcsema/ 4 comments programming
- Seriously, stop using RSA (2019) https://blog.trailofbits.com/2019/07/08/fuck-rsa/ 7 comments crypto
- Why fuzzing over formal verification? https://blog.trailofbits.com/2024/03/22/why-fuzzing-over-formal-verification/ 3 comments ethereum
- Codex (and GPT-4) can’t beat humans on smart contract audits https://blog.trailofbits.com/2023/03/22/codex-and-gpt4-cant-beat-humans-on-smart-contract-audits/ 9 comments ethereum
- Working on blockchains as a Trail of Bits intern https://blog.trailofbits.com/2022/10/05/trail-of-bits-internship-blockchain-tealer/ 5 comments ethereum
- Shedding smart contract storage with Slither https://blog.trailofbits.com/2022/07/28/shedding-smart-contract-storage-with-slither/ 15 comments ethereum
- Are blockchains decentralized? A new Trail of Bits research report examines unintended centralities in distributed ledgers https://blog.trailofbits.com/2022/06/21/are-blockchains-decentralized/ 6 comments cryptocurrency
- Part 2 of 2: Implementing constant-time crypto using LLVM’s optnone https://blog.trailofbits.com/2022/02/01/part-2-rusty-crypto/ 7 comments rust
- Disclosing Shamir’s Secret Sharing vulnerabilities and announcing ZKDocs https://blog.trailofbits.com/2021/12/21/disclosing-shamirs-secret-sharing-vulnerabilities-and-announcing-zkdocs/ 2 comments crypto
- Is RSA safe for signing JWTs? https://blog.trailofbits.com/2019/07/08/fuck-rsa/ 81 comments crypto
- Let's build a high-performance fuzzer with GPUs! https://blog.trailofbits.com/2020/10/22/lets-build-a-high-performance-fuzzer-with-gpus/ 3 comments compsci
- ECDSA: Handle with Care https://blog.trailofbits.com/2020/06/11/ecdsa-handle-with-care/ 12 comments crypto
- Destroying x86_64 instruction decoders with differential fuzzing https://blog.trailofbits.com/2019/10/31/destroying-x86_64-instruction-decoders-with-differential-fuzzing/ 75 comments programming
- A new C++ SQLite wrapper https://blog.trailofbits.com/2019/08/26/wrappers-delight/ 60 comments cpp
- Writing a SQLite wrapper in modern C++ https://blog.trailofbits.com/2019/08/26/wrappers-delight/ 11 comments programming
- Siderophile: Expose your Crate’s Unsafety https://blog.trailofbits.com/2019/07/01/siderophile-expose-your-crates-unsafety/ 18 comments rust
- Getting 2FA Right in 2019 https://blog.trailofbits.com/2019/06/20/getting-2fa-right-in-2019/ 10 comments netsec
- What Application Developers Need To Know About TLS Early Data (0RTT) https://blog.trailofbits.com/2019/03/25/what-application-developers-need-to-know-about-tls-early-data-0rtt/ 5 comments programming
- On Bounties and Boffins https://blog.trailofbits.com/2019/01/14/on-bounties-and-boffins/ 4 comments netsec
- Optimizing Lifted Bitcode with Dead Store Elimination https://blog.trailofbits.com/2018/07/06/optimizing-lifted-bitcode-with-dead-store-elimination/ 11 comments programming
- Vulnerability Modeling with Binary Ninja https://blog.trailofbits.com/2018/04/04/vulnerability-modeling-with-binary-ninja/ 5 comments netsec
- Trail of Bits reviewed and confirmed Ryzen vulnerabilities https://blog.trailofbits.com/2018/03/15/amd-flaws-technical-summary/ 3 comments hardware
- Microsoft didn’t sandbox Windows Defender, so I did https://blog.trailofbits.com/2017/08/02/microsoft-didnt-sandbox-windows-defender-so-i-did/ 54 comments netsec
- An extra bit of analysis for cLEMENCy, the DEFCON CTF architecture https://blog.trailofbits.com/2017/07/30/an-extra-bit-of-analysis-for-clemency/ 3 comments netsec
- Windows network security now easier with osquery https://blog.trailofbits.com/2016/09/27/windows-network-security-now-easier-with-osquery/ 6 comments netsec
- Verizon's DBIR is harmful: the DBIR’s ‘Forest’ of Exploit Signatures https://blog.trailofbits.com/ 8 comments netsec
- Hardware Side Channels on Virtual Machines http://blog.trailofbits.com/2015/07/21/hardware-side-channels-in-the-cloud/ 3 comments netsec
- Using Static Analysis And Clang To Find Heartbleed http://blog.trailofbits.com/2014/04/27/using-static-analysis-and-clang-to-find-heartbleed/ 4 comments netsec
- Semantic Analysis of Native Programs, introducing CodeReason http://blog.trailofbits.com/2014/02/23/semantic-analysis-of-native-programs-introducing-codereason/ 4 comments netsec
- iVerify is now available on GitHub – Trail of Bits http://blog.trailofbits.com/2013/07/24/iverify-is-now-available-on-github/ 5 comments netsec
- Don't get added to the YAML botnet, come to a free Ruby Security workshop this week in NYC! http://blog.trailofbits.com/2013/06/03/free-ruby-security-workshop/ 6 comments netsec
Linking pages
- GitHub - crytic/awesome-ethereum-security: A curated list of awesome Ethereum security references https://github.com/trailofbits/awesome-ethereum-security 3 comments
- GitHub - kaizensoze/security-blogs: A list of security blogs. https://github.com/kaizensoze/security-blogs 3 comments
- San Bernardino iPhone Technically Can Be Hacked Without Apple, Researchers Say - ABC News http://abcnews.go.com/US/san-bernardino-iphone-technically-hacked-apple-researchers/story?id=37065676 3 comments
- Week in Ethereum News February 25, 2023 – Week in Ethereum News https://weekinethereumnews.com/week-in-ethereum-news-february-25-2023 2 comments
- GitHub - foorilla/allinfosecnews_sources: A list of online news & info sources in the InfoSec/Cybersecurity space https://github.com/foorilla/allinfosecnews_sources 1 comment
- allinfosecnews_sources/README.md at main · foorilla/allinfosecnews_sources · GitHub https://github.com/foorilla/allinfosecnews_sources/blob/main/README.md 0 comments