Olivia
Online
Evan Sultanik
@ESultanik
Ph.D. computer security researcher @TrailOfBits. Editor of and frequent contributor to #pocorgtfo. My CV is a PDF that’s also an NES ROM
Philadelphia, PA, USA
Joined December 2008
480 Following
1.4K Followers
3K Posts
Pinned Tweet
After 6 months and over 5k new lines of 6502 assembly, the Kaizo-style platforming section of the NES game in my résumé is finally done! Yes, among other things, the PDF of my résumé is also an NES ROM. You can download it here for your emulating pleasure: https://t.co/NBbr5kVhqN
@JSyversen @aarondotrb I'm a proponent of AI development, but I think the analogy with compilers is flawed: https://t.co/wThZhxUryv
@me_jango Confirmed!
@robertgraham I chose to leave the terminal, go upstairs to departures, and do security at a normal checkpoint. There was no wait. My connecting flight was sold out but took off 70% full.
Who to follow
JP Aumasson 
@veorq
Serious Cryptographer https://t.co/yOkMDW38YI
BLAKE3 SipHash SLH-DSA codesigner
@taurus_hq cofounder+CSO
https://t.co/s4Gs6ZmKe3
zane
@zanelackey
GP @a16z helping build amazing cybersecurity and platform engineering companies. Previously Co-Founder of @SignalSciences and CISO @Etsy
ciamac moallemi
@ciamac
professor @Columbia_Biz / research @paradigm @uniswap / stochastic control, quantitative finance, market microstructure, blockchain
@robertgraham I transited at MIA this morning. The TSA checkpoint they feed all of the international arrivals through for domestic connections had a 1+ hour wait. The people doing crowd control (who looked like contractors) insisted the wait was just as long everywhere.
Memory Analysis for #Linux has always been a bit hit-or-miss. @trailofbits has released a tool called #mquire that doesn't require debug symbols for the originating Kernel.
#MemoryForensics #IncidentResponse #DFIR #DigitalForensics
@DominicJPino New York already has the largest citywide heating system in the world: https://t.co/gT6XF1ZYja
@pitdesi In other words: If you live anywhere in the East besides DC or Northern NJ, you'd only ever fly United if you're going to a United hub or one of their codeshares' hubs, like Tokyo.
@pitdesi In 2024, CUN had ~8.5x more US travelers than TYO. The only East Coast airports with direct flights to CUN operated by UA are EWR and IAD, both of which also have direct flights to TYO. If you are traveling from a DL/AA hub like PHL/JFK/MIA/BOS/ATL to CUN, you'd never fly UA.
This made me mirken until I realized the "i" and "e" were swapped.
OED #WordOfTheDay: mirken, v.
Shetland. To become dark and gloomy; to grow murky.
View the entry: https://t.co/MzjxzdIoHU
#BSidesBerlin Speaker Showcase
@kiki_morozova explores Weaponizing Image Scaling Against Production AI Systems.
@SecurityBSides #AI #Infosec
Solving the Traveling Salesman Problem for NYC's 474-station subway network, obviously! @ESultanik used Christofides algorithm to find a 20h 42min route through all 474 stations, which would beat the world record by 45 minutes. https://t.co/9lSYIBNntW
New post and tool! Attackers can break production AI systems by using image scaling to hide multi-modal prompt injections from users.
🧵for more info on what broke, how this works, and our new tool to try this out yourself
@fluffypony @VikParuchuri PS is a fully fledged programming language, which makes it even harder than PDF. You can have functions that programmatically render text; you’d have to emulate them. Fonts are often also either rasterized or vectorized, sometimes losing the original strings.
@dvyukov @pr0cf51 @TeamAtlanta24 If you ignore unit tests and competition-specific deployment scripts, the code for Trail of Bits' CRS is 22 KLOC using sloccount.
@dvyukov @theori_io @trailofbits FWIW, Trail of Bits spent the last month divorcing our system from the competition framework so you can run it on your laptop against real codebases. https://t.co/feydB2tjSe
@dvyukov @theori_io @trailofbits @trailofbits will be analyzing the detailed results as they are released by DARPA over the coming weeks and posting a series of blog posts on our conclusions.
@dvyukov @theori_io @trailofbits The scores roughly correlated with teams’ computation costs. Team Atlanta stated that they used their people power to develop three different systems, ran them in parallel, and then effectively merged the results.
@0xbool @trailofbits Thanks for the kind words! A quick clarification for anyone curious about the implementation: Deptective actually uses syscall tracing (not installation logs) to discover dependencies, and it was built without any LLMs. 100% deterministic. Immaculate implementation, not vibes 😂
Our new whitepaper covers secure-by-design steps that CEXes can take to keep users' accounts (and funds) safe from account takeover (ATO) in 2025.
(Read more 👇)
Last Seen Users on Sotwe
CAĞLA GÜNEŞ
Seen from Turkey
3nood
นัดเยสอมตะชลบุรี ทักมาคับ
Seen from Thailand
体育生1m
Seen from Vietnam
Daddy
Seen from United States
👑Dong King👑
Seen from Turkey
sissyloving
Seen from Saudi Arabia
Alfred Emergency Academic Centre
Seen from Sweden
Gaysel Olaylarr
Seen from Turkey
Tek erkek 63
Seen from Turkey
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers