Olivia
Online
Nikita Abdullin
@0xABD
Security connoisseur, full-stack security specialist, hereditary tech-priest. Tweets are my personal opinions. Retweets are for informational purposes only.
Joined April 2013
342 Following
474 Followers
3.1K Posts
Pinned Tweet
Said this before, but, in light of recent events:
(1) Unbreakable end-to-end encryption is a basic human right.
(2) Personal digital devices are a direct extension of the human brain and must be free from government scrutiny.
End of discussion.
@josephdelong pic unrelated but OK, I fully respect your determination to decentralize something that:
(i) has historically always been a net loss for the banks anyway
(ii) has already been solved by tokenization & HCE
(iii) needs symmetric algorithms incompatible with threshold cryptography
Are we really going to pretend that EMV personalization hasn’t already been done over a secure channel (signed, encrypted) since EMV CPS 1.0 (2003), for over 20 years? It has been remote since the beginning. Who cares how the APDUs travel, anything short of RFC1149 will work lmao
Colossus cracked the code on secure remote credit card personalization
Who to follow
Cristofaro Mune
@pulsoid
In between Physics & Computing. Fault Injection, TEEs, IoT & anything else challenging my curiosity.
Founder at Raelize (@raelizecom)
Raelize
@raelizecom
Top-notch device security expertise at your service.
Dmitriy Evdokimov
@evdokimovds
Оbservability, visibility, security of containerised apps and K8s. eBPF fan.
Copypasting entire dependencies’ sources is like pinning their hashes but without a hash collision risk (lol)
supply chain attacks?
yeah no, I use C++. We don't even have a package manager.
@attrc Nah, there was a follow up, they just required IOMMU to be enabled, which ain’t much of an issue for non-cheaters, anyway https://t.co/CV4MEWwBSW
Well, that escalated quickly.
There’s been a wave of claims by cheaters about Vanguard “bricking” their PCs, so let’s clear that up: Vanguard does not damage hardware or disable your devices.
The photo we posted is a picture of cheat hardware devices that are sold explicitly for cheating in VALORANT (not normal PCs or PC components). Through our latest updates, Vanguard now makes those devices worthless for VAL, but does not in any way brick PCs or PC components or PC software.
Our latest update enforces standard platform security features, like the Input-Output Memory Management Unit (IOMMU), on accounts identified as using Direct Memory Access (DMA) cheating devices. These protections are already part of modern systems and when enabled, they block DMA cheat devices (such as those shown in the photo) from accessing memory in downstream applications, like our games.
If a cheat setup continues attempting to cheat after those protections are enabled, the system may generate hardware faults or instability. This is expected behavior under IOMMU when attempts are made to read protected memory.
Disabling IOMMU allows the cheat device to function again, but IOMMU will still be required to play our games. This means the cheat device won’t work with our games, but your PC isn’t “bricked.” We would not, and cannot, impact your PC’s functionality in any other fashion.
This functionality only applies to systems attempting to use DMA cheat devices, and players who are not using DMA-based cheat setups are not affected.
We’ll keep investing in anti-cheat to protect competitive integrity, and we’ll keep being as transparent as possible about how those systems work.
@matiasgoldberg Like, sure, if you can modify the OS under test to know the addresses etc., and slow down the speeds to 3200MT/s, you could pull it off with second-hand Agilent 190xx logic analyzer + plugin modules, like the https://t.co/op8TmEjwAs paper authors did, but they needed a few bits
@matiasgoldberg A custom PCB to expose the signals is not the issue, good luck drinking from that absolute firehose of raw data (4000MT/s to >8000MT/s) on dozens of high speed lanes (data is single-ended, not diff pairs, so you need buffer amps/comparators). FPGAs alone will be 5 figures easily
@georgejrjrjr To me the answer is to “what are we as a society prepared to sacrifice to uphold the civil liberties?”. No one needs to live through the alternative to see that the civil liberties are non-negotiable, and any path suppressing them, esp. the information, inevitably turns worse
An ever-growing “list of naughty things LLM are not allowed to discuss” is pointless, stupid and actively harmful to human progress. Cybersecurity is the best example, of course. Any attempt to restrict offensive security knowledge demonstrably hurts everyone.
one of the fun things about dc is popping in for a coffee and
overhearing some new fact llms are trained to not inform me about.
googling today’s example turned up one offhand mention in a forum from 2018.
chat was conspicuously (and explicitly) mum when asked to confirm.
@georgejrjrjr Imagine a simple mediation technique allows any human to teleport at will (“The Stars My Destination”, 1950s sci-fi). Doom-level on the “low effort”/“high impact” scale of the tech. Physical security disappears, everything is in deep crisis, but society survives nevertheless
@georgejrjrjr I believe we also disagree on the “no patch for a vuln” —> “censor it” in the physical world/society: if so, I say hiding it is much worse in the long term. Sure, no one wants chaotic evil actors on a rampage, but let’s be real: what stops them now? Def not LLM guardrails lol
@georgejrjrjr Are we really ready to arbitrarily restrict access to most of human technology because it could be misused? RE the ongoing 3D printer censorship madness
@Plinz And yet a reasonably simple brute force physical intervention on the substrate (e.g. fault injection using voltage, light, EMI, etc.) can dramatically violate any of the rules or states inside the machine (even beyond what is possible by rewriting/rewinding UTM tape, for example)
A perfect five-word horror story:
“Full chain, logic bugs only”
That's my chain — a full chain w/ logic bugs only! No memory corruption, no AI, and of course no collisions at all 😉
@gynvael I guess they could drain any leakage from DC negative output into the protective earth input via an RC filter (1M resistor, class Y capacitor) to mitigate ground loops, but then you need a PSU that has three inputs and more parts, when they just make it cheaper, sadly.
@NedWilliamson Lawvere’s fixed point theorem is the true goat of them all (category theory ftw)
@nnwakelam The experience of encountering the resulting gases isn’t worth a trip to ER (depending on the quantities involved, of course)
@halvarflake @ortegaalfredo The real problem is the autoregressive nature, I guess? There is no “final” grammar-abiding set of tokens anywhere in the hidden state at the point in time when you discard the most likely output token “42” in favor of, say, a multi token path resulting in “<xml><answer>42…”
@halvarflake @ortegaalfredo This 2024 paper shows (on an older 7B model and a toy example, but still) that constraining the decoding to a grammar can distort the output token distribution so much that the model is unable to arrive at a correct answer https://t.co/SWNk4DKj8G
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers