Olivia
Online
NULL0B
@NULL0B
0x90🇨🇺
computer science lover, mid skilled cybersec research enthusiast.
ill Rt anything awesome in CS. just trying to have a good feed here.
Joined July 2013
977 Following
61 Followers
649 Posts
WSL1 was one of Microsoft's most ambitious kernel projects: Linux binaries running on NT without a Linux kernel. "lxcore.sys" translated Linux syscalls into NT kernel operations on the fly.
WSL2 took the pragmatic route and runs a real Linux kernel in a lightweight VM.
OpenLxCore is reverse-engineering and recreating the WSL1 compatibility layer, exposing the magic that made Linux-on-NT possible.
Azeria Labs is probably the most complete free resource for learning ARM security research that exists.
ARM assembly from zero. Shellcode development. Stack overflows. ROP chains. Heap exploitation. iOS kernel heap grooming. TrustZone internals. GDB debugging. QEMU lab setup. Even an online ARM assembler.
If ARM exploitation is something you want to understand, start here.
https://t.co/MnfDCdNtrG
https://t.co/QtCZ3nhujT
Author: @Fox0x01
#ReverseEngineering #ExploitDevelopment #InfoSec
As believers of open research, we are disappointed to see Anthropic silently degrading Fable 5 for AI development
"Any topic related to building pretraining pipelines, distributed training infrastructure, or ML accelerator design... may have limited effectiveness through Claude via methods such as prompt modification, steering vectors, or parameter-efficient fine-tuning."
Not only do they get to decide what you use LLMs for in research, but this also enables them to silently intervene in your research without you knowing.
This sets a dangerous precedent. If a model refuses openly, users can understand the boundary. If a model falls back to another model, users can still evaluate the difference. But if a model silently modifies or weakens its own answers while still pretending to help, researchers lose the ability to know whether a failed result came from their own idea, their implementation, or an invisible intervention by the model provider.
That is not safety. Safety policies should be transparent, auditable, and user-visible.
On top of that, the people most harmed by this are not the largest labs with massive teams and proprietary infrastructure. It is the independent researchers, academic groups, startups, and open-source builders who rely on public tools to compete, innovate, and pioneer AI for everyone else.
A teenager in the United States started publishing software at 14 in 1998, built the entire online infrastructure for the Occupy Wall Street movement in 2011, joined Google as a software engineer, quit in 2018, and then spent five years writing a C library that does something the entire industry said was impossible.
Then she combined it with llama.cpp and shipped the easiest way on the planet to run a large language model on any computer.
Her name is Justine Tunney.
Here is the story, because almost nobody outside the low level systems world knows what one engineer has built.
Justine was born in 1984. She started writing and publishing software at 14, back when distribution meant uploading binaries to BBS systems and chat networks. She picked up the handle jart, which she still uses on GitHub today. She did the work most teenagers her age were not doing. She read the systems programming literature. She studied compilers. She fell in love with C.
In July 2011 she registered the @occupywallst Twitter handle and the occupywallst dot org domain. Within weeks the protest movement that began in Zuccotti Park in New York had become a global phenomenon, and her infrastructure was the digital backbone of the entire thing. She handled the social media, the website, the donations, the coordination. She built the platform that pushed the movement to reach millions.
After Occupy she joined Google as a software engineer. She worked on TensorBoard, the visualization tool for TensorFlow, and on site reliability for Google infrastructure. She stayed for years. Then in 2018 she left Google Brain to work on a personal project.
The project was called Cosmopolitan Libc.
Cosmopolitan does something most C programmers would tell you is mathematically impossible. It lets you compile a C program once and have the resulting binary run natively on Linux, Windows, macOS, FreeBSD, OpenBSD, and NetBSD with no modification. One file. Six operating systems. No virtual machines. No interpreters. No recompilation. The technique she invented is called Actually Portable Executable.
The implications are wild. Cosmopolitan binaries violate every assumption about how operating systems load programs. They are at once a Windows PE file, a Linux ELF binary, a macOS Mach-O binary, and a shell script. The same bytes run on every platform.
For five years she worked on it mostly alone. She funded the development partly through Mozilla's MIECO program, which sponsored her work on Cosmopolitan 3.0, released on October 31, 2023.
A month later she shipped llamafile.
llamafile is what happens when you combine Cosmopolitan with llama.cpp. You take any LLM weights file in the standard GGUF format, you wrap it in Justine's binary, and you get a single file that runs on six operating systems without installation. No Python. No CUDA setup. No dependency hell. Just one file that you double click and it works.
Mozilla launched it as an official project of their innovation group on November 29, 2023. It went viral immediately. The repository, hosted at github .com/mozilla-ai/llamafile, now has 24,600 stars. The license is Apache 2.0.
Justine kept shipping. She added GPU support to Cosmopolitan, a task systems engineers thought would require rewriting the whole thing. She added dlopen support, another thing nobody else had figured out. She wrote whisperfile, a single file version of OpenAI's Whisper speech-to-text model based on the same architecture.
Her GitHub profile lists projects most engineers would consider impossible. sectorlisp, a Lisp interpreter that fits in a boot sector. blink, the tiniest x86-64-linux emulator on Earth. bestline, a teletypewriter command session library. redbean, a complete web server inside a single zip file.
A teenager who shipped software in 1998 grew up to write the C library that the entire local AI movement now runs on top of.
She did most of it alone, and most people scrolling AI Twitter cannot name her.
For years, Rust binaries made reversing a nightmare. Modern decompilers only support C, lacking meaningful types, constructs, and language-specific functions. Led by @34r7hm4n, we're releasing our S&P work Oxidizer, the first deep Rust decompiler, built on angr!
Interested? 🧵👇
We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity.
A dev open-sourced a VPN that smuggles your internet through port 53.
It's called MasterDnsVPN. It hides your traffic inside DNS queries, the one packet type no firewall on earth can block without breaking the internet itself.
MIT License. 100% Open Source.
ps5-linux is now available on 5.50, 6.00 and 6.02 firmwares! https://t.co/WiiQiPCoIa
Using a patched hv heap oob bug: https://t.co/ldDPr3EKyg
Another Windows zero day released by Nightmare Eclipse (sort of)
It turns out Microsoft just straight up didn't patch an old CVE from 2020 correctly.
https://t.co/sNWBtTo4at
One of our security researchers demonstrated a local root shell on Linux using a page-cache poisoning primitive in AF_RXRPC’s RxGK path.
We call it DirtyCBC: a sibling to DirtyFrag in the broader CopyFail / DirtyFrag / Fragnesia family. The issue is fixed on mainline.
The candidate path was surfaced through Delphos’s agentic analysis workflow, then manually verified and exploited end to end.
AES-256 was not broken. It just wasn’t the boundary that mattered.
RxGK decrypted data in place before authentication completed.
Under the right conditions, that write could land in the page cache. The HMAC check still failed and the connection was aborted, but the page-cache mutation had already happened.
Two RESPONSE packets were enough to place a tiny ELF into the cached first page of a readable SUID-root binary. The file on disk stayed unchanged. The next exec produced a root shell.
Full writeup and PoC on the Delphos Labs GitHub.
https://t.co/gmCEub1v2t
☣️Windows kernel exploitation, a beginners introduction
🔹Part 1: https://t.co/ADJmXCBXfW
🔹Part 2: https://t.co/EhphLSrhRE
🔹Part 3: https://t.co/Fwml9Iz2Hs
🔹Part 4: https://t.co/5rewVcNkZh
🔹Part 5: https://t.co/L9AKCqen7s
A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens https://t.co/iZZgVoKNd9
Awesome Large Language Models for Vulnerability Detection https://t.co/p0DR30TQEg
another day, another universal linux LPE
@BackEngineerLab https://t.co/QR5KGzFobv
Static Devirtualization of Themida/CodeVirtualizer. The techniques in this article apply to pretty much every virtual machine obfuscator with minor modifications.
https://t.co/RMvPKcv3KB
Original Program & Devirtualized Output
https://t.co/R8hLk9ISRZ
This is underated but goldmine.
Another LPE vector on Linux ...
I lost count ...
https://t.co/LL2BUe112O
Writeup by @0xAsm0d3us on the correct approach to utilise LLMs to find bugs.
Can't agree more with what he said.
You can't just go ask LLMs to find everything they can. Need to be brutally specific and start with something like known bug classes.
https://t.co/ebOYKxjIs5
Last Seen Users on Sotwe
Exxx
Seen from United States
عم الحصـ،ـريات 🔥💋
Seen from Saudi Arabia
AnneyeEns
Seen from Turkey
心儿🤍
Seen from Turkey
Dekizarx 
Seen from Mexico
B
Seen from Switzerland
JeanieLust 🇲🇾18+ selling dirty unwashed panties
Seen from India
®
Seen from Germany
Amatör Türk Paylaşım
Seen from Turkey
Sellamarsha
Seen from Indonesia
Most Popular Users
Elon Musk
@elonmusk
240.5M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.4M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.9M followers
KATY PERRY
@katyperry
87.5M followers
Taylor Swift
@taylorswift13
81.4M followers
Lady Gaga
@ladygaga
72.9M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.7M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.6M followers