Jose Carlos Luna

say what you want about slopping, but its really great for getting <whatever> done in whatever domain specific thing I don't want to study right now. case in point: this rigol scope on my workbench; i use it maybe a few times a year and am always annoyed by the clunky UI (10% skill issue, 90% horrible UX). I vaguely knew about the existence of SCPI (over USB); then I noticed last night the thing has an ethernet jack too. one network cable and one prompt later and I now have a python script that can arm/configure the scope with the exact setup I want, without ever touching the physical buttons on the thing. 🤓

I mean the idea that we need to care about every vulnerability in very product is flawed imho. I don’t have a magic 8 ball but it’s a tad strange to think defenders arent getting any advantage here. I made a honeypot the other day, in the time it takes me to have a cup of tea and i spent the time actually making the tea

💥 Introducing "Dirty Frag" A universal Linux LPE chaining two vulns in xfrm-ESP and RxRPC. A successor class to Dirty Pipe & Copy Fail. No race, no panic on failure, fully deterministic. ~9 years latent. Ubuntu / RHEL / Fedora / openSUSE / CentOS / AlmaLinux, and more. Even if you've applied the "Copy Fail" mitigation, your Linux is still vulnerable to "Dirty Frag". Apply the Dirty Frag mitigation. Details: https://t.co/9nqku4svkY

not sure why, but releasing Pyre - Ghidra's decompiler running fully in your browser. Drop an ELF / Mach-O / PE / wasm, navigate decompiled C with cmd-click + xrefs in Monaco. No server, no upload, binaries must never leave the page... source. https://t.co/1cCwmILbuQ deployed at: https://t.co/LnJesWibf6

Today, Telegram notified all its users in Spain with this alert: Pedro Sánchez’s government is pushing dangerous new regulations that threaten your internet freedoms. Announced just yesterday, these measures could turn Spain into a surveillance state under the guise of “protection.” Here’s why they’re a red flag for free speech and privacy: 1. Ban on social media for under-16s with mandatory age verification: This isn’t just about kids—it requires platforms to use strict checks, like needing IDs or biometrics. ⚠️ Danger: It sets a precedent for tracking EVERY user’s identity, eroding anonymity and opening doors to mass data collection. What starts with minors could expand to all, stifling open discourse. 2. Personal and criminal liability for platform executives: If “illegal, hateful, or harmful” content isn’t removed fast enough, bosses face jail. ⚠️ Danger: This will force over-censorship—platforms will delete anything remotely controversial to avoid risks, silencing political dissent, journalism, and everyday opinions. Your voice could be next if it challenges the status quo. 3. Criminalizing algorithm amplification: Amplifying “harmful” content via algorithms becomes a crime. ⚠️ Danger: Governments will dictate what you see, burying opposing views and creating echo chambers controlled by the state. Free exploration of ideas? Gone—replaced by curated propaganda. 4. “Hate and polarization footprint” tracking: Platforms must monitor and report how they “fuel division.” ⚠️ Danger: Vague definitions of “hate” could label criticism of the government as divisive, leading to shutdowns or fines. This can be a tool for suppressing opposition. These aren’t safeguards; they’re steps toward total control. We’ve seen this playbook before—governments weaponizing “safety” to censor critics. On Telegram, we prioritize your privacy and freedom: strong encryption, no backdoors, and resistance to overreach. ✊ Stay vigilant, Spain. Demand transparency and fight for your rights. Share this widely—before it’s too late.

For all the malware devs out there 🦠🧑‍💻 Every infostealer uses a different timestamp format. Some of you even invent new ones. Analysts everywhere are crying while parsing those logs. Please. Just use ISO8601. (One of our clients advised that) Make it a standard among whatever nasty thing you're coding. If you don't know how, please contact us. #ISO8601 #CyberThreat #MalwareDev