Sotwe logo Sotwe logo
uffeux's profile image

Jeremy Boone

@uffeux

HW/FW security researcher @ fruit company
Canada
Joined May 2009
419 Following
1.3K Followers
2K Posts
uffeux's profile image
Jeremy Boone @uffeux
Hello friends. Check out this awesome and unique role that just opened up on my team in SEAR. Wanna secure Apple silicon, ROMs, iBoot, and more? https://t.co/0NMPs77lZt
7
171
52
60
29K
uffeux  retweeted
naehrdine's profile image
Jiska @naehrdine
Broadcom and Cypress chips have the same HCI "backdoor" allowing to write to the Bluetooth chip's RAM. This feature is used for firmware patches. We didn't request CVEs for that 9 years ago. Instead, we built the InternalBlue Bluetooth research framework. https://t.co/nSo82jRRuU
4
325
88
117
40K
uffeux's profile image
Jeremy Boone @uffeux
where my peeps on bluesky? @uffeux.bsky.social
1
0
0
0
482
uffeux  retweeted
jon_roelofs's profile image
jon @jon_roelofs
@evilsocket any interest in working on security in compilers? my team is looking for someone with a peculiar intersection of skills/interests: https://t.co/d3xvJVipeB
3
93
14
19
37K

Who to follow

securelyfitz's profile image
Joe Fitz
@securelyfitz
Hardware Security Trainer and Researcher
spendergrsec's profile image
Brad Spengler
@spendergrsec
President of @opensrcsec, developer of @grsecurity Personal account
alexjplaskett's profile image
Alex Plaskett Verified account
@alexjplaskett
Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Posts about 0day, OS, mobile and embedded security.
uffeux  retweeted
radian's profile image
Ivan Krstić Verified account @radian
🔺New on the Apple Security Research blog: introducing Private Cloud Compute! We believe this is the most advanced security architecture ever deployed for cloud AI compute at scale. https://t.co/bsrpkCdivX
14
404
143
128
96K
uffeux  retweeted
jacquesgt's profile image
Jacques Fortier @jacquesgt
Are you excited to use the power of safe modern programming languages like Swift to make software more secure? My SPEAR team at Apple is hiring a Swift Software Engineer to do exactly that! https://t.co/ZkmCkvmAf8
3
50
24
18
17K
uffeux  retweeted
radian's profile image
Ivan Krstić Verified account @radian
🔺New on the Apple Security Research blog: introducing PQ3, a groundbreaking post-quantum cryptographic protocol for iMessage. To our knowledge, PQ3 has the strongest security properties of any at-scale messaging protocol in the world. https://t.co/NIyeXjVne6
7
357
123
64
61K
uffeux's profile image
Jeremy Boone @uffeux
that disclosure timeline though...
quarkslab's profile image
quarkslab @quarkslab
Is remote code execution in UEFI firmware possible? Yes it is. Meet #PixieFAIL: 9 vulnerabilities in the IPv6 stack of EDK II, the open source UEFI implementation used by billions of computers. Full details by @fdfalcon and @4Dgifts in our new blog post: https://t.co/g4Bg2GK4Y8
quarkslab's tweet photo. Is remote code execution in UEFI firmware possible? Yes it is. Meet #PixieFAIL: 9 vulnerabilities in the IPv6 stack of EDK II, the open source UEFI implementation used by billions of computers. Full details by @fdfalcon and @4Dgifts in our new blog post: https://t.co/g4Bg2GK4Y8 https://t.co/s1e4jreAsP
4
338
203
88
79K
0
8
0
0
1K
uffeux  retweeted
quarkslab's profile image
quarkslab @quarkslab
Is remote code execution in UEFI firmware possible? Yes it is. Meet #PixieFAIL: 9 vulnerabilities in the IPv6 stack of EDK II, the open source UEFI implementation used by billions of computers. Full details by @fdfalcon and @4Dgifts in our new blog post: https://t.co/g4Bg2GK4Y8
quarkslab's tweet photo. Is remote code execution in UEFI firmware possible? Yes it is. Meet #PixieFAIL: 9 vulnerabilities in the IPv6 stack of EDK II, the open source UEFI implementation used by billions of computers. Full details by @fdfalcon and @4Dgifts in our new blog post: https://t.co/g4Bg2GK4Y8 https://t.co/s1e4jreAsP
4
338
203
88
79K
uffeux's profile image
Jeremy Boone @uffeux
@4Dgifts Check out the Tianocore Bugzilla. These were first reported in October and November of 2022. Amazing.
1
2
0
0
52
uffeux  retweeted
NCCsecurityUS's profile image
NCC Group North America InfoSec @NCCsecurityUS
New Blog: Technical Advisory – Multiple Vulnerabilities in Nagios XI https://t.co/5KGHvBHkZ7
1
8
4
2
2K
uffeux  retweeted
NCCsecurityUS's profile image
NCC Group North America InfoSec @NCCsecurityUS
New Blog: Technical Advisory: Sonos Era 100 Secure Boot Bypass Through Unchecked setenv() call https://t.co/EJiVqT0MF0
0
4
2
3
696
uffeux  retweeted
NCCsecurityUS's profile image
NCC Group North America InfoSec @NCCsecurityUS
New Blog: Shooting Yourself in the .flags – Jailbreaking the Sonos Era 100 https://t.co/rPsm3hVKGY
0
2
1
2
740
uffeux  retweeted
NCCGroupInfosec's profile image
NCC Group Research & Technology @NCCGroupInfosec
Shooting Yourself in the .flags – Jailbreaking the Sonos Era 100 The Era 100 is Sonos’s flagship device, released on March 28th 2023. NCC found weaknesses within the bootloader which can lead to full compromise of the device. https://t.co/h5LBbUJe7g https://t.co/8JkcXU3y7H
15
40
13
14
7K
uffeux's profile image
Jeremy Boone @uffeux
@ryanaraine According to the sequence of steps in this document, I am still stuck at Step #1 after 300+ days. Tianocore hasn't even begun to engage IFVs, ODMs or OEMs. I think the Tianocore PSIRT lives in a time dilation vortex.
1
7
5
0
3K
uffeux's profile image
Jeremy Boone @uffeux
@ryanaraine I reported 2 vulns in EDK2 that are still unfixed. They are... let me check... 336 days old. Tianocore security team ghosted me. Had to engage downstream vendors to get any traction whatsoever. Still, no fix in sight.
1
18
7
0
4K
uffeux  retweeted
kdunn_security's profile image
Kevin Dunn @kdunn_security
Public Report – Caliptra Security Assessment During August and September of 2023, Microsoft engaged NCC Group to conduct a security assessment of Caliptra v0.9. The assessment identified 26 vulnerabilities, which were promptly addressed by the Caliptra... https://t.co/A9d5DaZxTo
kdunn_security's tweet photo. Public Report – Caliptra Security Assessment During August and September of 2023, Microsoft engaged NCC Group to conduct a security assessment of Caliptra v0.9. The assessment identified 26 vulnerabilities, which were promptly addressed by the Caliptra... https://t.co/A9d5DaZxTo https://t.co/k1guHbxlwC
0
1
1
0
249
uffeux's profile image
Jeremy Boone @uffeux
Caliptra is an open source silicon root-of-trust built using Rust on RISCV. Check out our public report: https://t.co/KoqapP2D26
0
3
1
1
418
uffeux  retweeted
NCCsecurityUS's profile image
NCC Group North America InfoSec @NCCsecurityUS
New Blog: Public Report – Caliptra Security Assessment https://t.co/HY3WErg90D
0
1
2
0
615
uffeux  retweeted
GregHil14555931's profile image
Greg Hilton @GregHil14555931
Public Report – Caliptra Security Assessment During August and September of 2023, Microsoft engaged NCC Group to conduct a security assessment of Caliptra v0.9. The assessment identified 26 vulnerabilities, which were promptly addressed by the Caliptra... https://t.co/a1IrC4NK9S
GregHil14555931's tweet photo. Public Report – Caliptra Security Assessment During August and September of 2023, Microsoft engaged NCC Group to conduct a security assessment of Caliptra v0.9. The assessment identified 26 vulnerabilities, which were promptly addressed by the Caliptra... https://t.co/a1IrC4NK9S https://t.co/P9m8ghcsn8
0
1
1
0
208

Last Seen Users on Sotwe

Vkckmesome's profile image
VC Yêu Some
Seen from Vietnam
keullib3145633's profile image
클립3
Seen from Korea
Doutei_Chinpoo's profile image
道程金寶🔞 Verified account
Max20242022's profile image
Max
digitalmedia_x's profile image
digitalmedia Verified account
yla187009's profile image
لزلوُزهـ رههـف🧚🏻‍♀️
Seen from Italy
ahmetaysun8690's profile image
ahmetaysu16
Seen from Turkey
kgzz08's profile image
kareg
Seen from Mexico
nguyenphongcuto's profile image
Phongg Nguyen ²¹⁰
Seen from Vietnam
mygirlcaprice's profile image
bf ni cap
Seen from Brazil

Trends for you

1
Knicks
Under 10K tweets
2
Josh Hart
Under 10K tweets
3
#loveislandusa
Under 10K tweets
4
ORM VEGGIE POPUP ICONSIAM
Under 10K tweets
5
#AEWDynamite
Under 10K tweets
6
Scott Foster
Under 10K tweets
7
#82and0
Under 10K tweets
8
Betrayed
Under 10K tweets
9
Hop Sing
Under 10K tweets
10
Shamet
Under 10K tweets

Most Popular Users

elonmusk's profile image
1
Elon Musk Verified account
@elonmusk
240.1M followers
barackobama's profile image
2
Barack Obama Verified account
@barackobama
119.3M followers
realdonaldtrump's profile image
3
Donald J. Trump Verified account
@realdonaldtrump
111.6M followers
cristiano's profile image
4
Cristiano Ronaldo Verified account
@cristiano
108.8M followers
narendramodi's profile image
5
Narendra Modi Verified account
@narendramodi
106.9M followers
rihanna's profile image
6
Rihanna Verified account
@rihanna
97.2M followers
nasa's profile image
7
NASA Verified account
@nasa
92.1M followers
justinbieber's profile image
8
Justin Bieber Verified account
@justinbieber
90.5M followers
katyperry's profile image
9
KATY PERRY Verified account
@katyperry
86.7M followers
taylorswift13's profile image
10
Taylor Swift Verified account
@taylorswift13
80.5M followers
ladygaga's profile image
11
Lady Gaga Verified account
@ladygaga
72.1M followers
kimkardashian's profile image
12
Kim Kardashian Verified account
@kimkardashian
69.3M followers
youtube's profile image
13
YouTube Verified account
@youtube
68.6M followers
imvkohli's profile image
14
Virat Kohli Verified account
@imvkohli
68.4M followers
billgates's profile image
15
Bill Gates Verified account
@billgates
63.4M followers
theellenshow's profile image
16
The Ellen Show
@theellenshow
62.5M followers
cnn's profile image
17
CNN Verified account
@cnn
61.9M followers
neymarjr's profile image
18
Neymar Jr Verified account
@neymarjr
60.9M followers
x's profile image
19
X Verified account
@x
60.9M followers
cnnbrk's profile image
20
CNN Breaking News Verified account
@cnnbrk
59.9M followers