Olivia
Online
Will Harris
@parityzero
Chrome Security gnome. I work on the sandbox and local data protection on Windows. @parityzero.99 on signal.
Opinions here are my own!
Joined June 2011
801 Following
3.9K Followers
2.5K Posts
Pinned Tweet
Try out the early alpha of Process Isolation in Chrome 138. chrome://flags/#enable-process-isolation-ui then chrome://settings/system for the switch. Read known issues https://t.co/68RfiInChZ and report bugs! Especially interested in App-Compat bugs.
@0xcharlie The sooner we have the bug the sooner we are able to fix it for users. Breaking exploits with offset changes doesn't cause the bug to magically disappear or make users any safer.
@0xcharlie We already tried to avoid releasing Chrome updates in the days leading up to pwn2own just in case a benign offset change meant we didn't get a juicy bug. Prefer to get the bug than not. Harder to avoid now though with weekly updates...
@simplylurking2 Hmm, many techniques here might not work any more...? e.g. Secure Preferences now enabled on Enterprise and use App-Bound Encryption for hashes. Post what you find from your testing :)
Who to follow
Julien Vanegue
@jvanegue
CTO Office / Head of Infra & Security Research @Bloomberg. Interested in mathematical techniques for software, systems, and network analysis at world scale.
Jann Horn - [email protected]
@tehjh
occasional human borrow checker; works at Google Project Zero; personal account;
mastodon: [email protected]
Cedric Halbronn
@saidelike
AI-Enhanced Security researcher, Pwn2Own {2021, 2022}, #VR #RE #ED #AI (Mastodon: @[email protected])
@simplylurking2 Setting Chrome policy needs admin though doesn't it...? HKCU policy keys are ACLed?
@5aelo seems like strong CFI should be possible - I suppose I am talking both forward and backward edge, and maybe CET or some hardware support? I think this seems more achievable than 'solving the JIT problem' but I dunno
@5aelo Why does building strong CFI also mean you can probably solve the JIT problem?
pwn2own has always been a great datapoint for how hard it is to find vulns, what exploit mitigations are working, new exploitation techniques, and now how AI works on offensive security.
This young man Manchester Madgwick seems to know everything. What a mind. Bravo 👏🏻
#UniversityChallenge
Great advice from @AnthropicAI on prep for accelerated AI vulnerability discovery, including what to do if you don’t have a dedicated security team, if you’re reporting bugs you found, or are an open source maintainer.
/ht @_decius_ for sending the link
https://t.co/3qfqDJzCPM
@WindowsCentral Make it so right clicking on a file in explorer on a modern 64-core theadripper 3995WX doesn't take 3 seconds to open the context menu.
The window between vulnerability disclosure and real-world exploitation keeps shrinking.
The Zero Day Clock visualizes how fast attackers are operationalizing new CVEs. What used to take months now often happens in days, or hours.
The future needs to be Secure by Design.
https://t.co/zFXOSKB7eq
#AppSec #CyberSecurity
Someone finally made a proper video on the xz backdoor. It’s missing a lot of the story, that I hope gets told someday, but still worth a watch.
@afneil On international flights with no first class cabin they sometimes don't even bother calling group 1 (BA Gold) and go straight to 2 (business class).
@xaitax I find it amusing that Copilot is using App-Bound Encryption - how about adding this support directly into the OS instead? Does this mean I work in AI Security now? :)
Interesting. Microsoft Edge now finally switched on App-bound encryption for their passwords. At least for me now on Version 144.0.3719.35. Last test on Version 142.0.3595.53 this wasn't the case.
@jrozner @dinodaizovi yes, DBSC means the attacker must maintain persistence on the device so increases the cost/risk of any attacks.
@jrozner @dinodaizovi ... you need something like application isolation or strong application secret binding (macOS has keychain, Windows has app-bound encryption). 2/2
@jrozner @dinodaizovi yes, exactly - so the cookie can be stolen but it can't be used off the device because of the need to present the short lived bearer token which is hardware bound. I don't think the goal of DBSC is to block an attacker with a persistent presence on the device. for that ... 1/2
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers