Pinned toot

Ever since I was 7 years old, I've been interested in computers, the Internet, and more recently, cybersecurity and social engineering.

I strive to become an excellent cybersecurity engineer. I'm always eager to learn and love meeting new people with similar interests. Feel free to drop me a DM!

For more information, please check out my personal blog:

Pinned toot

Friendly reminder: is a great project to contribute your otherwise idle computing power.

You can set complex scheduling options, either by time of day, battery level, non-BOINC CPU usage, mouse and keyboard activity and so on. This way, it won't take up all your resources when you're compiling or playing videogames.

You can also configure it to only take a percentage of the CPU, a specific core count, or only allow it to run in bursts.

Contribute today!

protonmail: Hiiiiii please trust us with your private key pleeeeeeaaaase

> I'll pause the music a second to watch this video in the TL.
> Wait Spotify, what do you mean "play"? I said pause.
> *Closes Spotify*
> *Music still playing*
> What the fuck.

So long story short I've been listening to the same chiptune on loop for the past one and a half hours.

I wish I was joking.

Quit my first, very exploitative PhD position. Felt great afterwards and the free time gave me the chance to dive into generative art. I found my passion and now have a new PhD position in that field.

Plundervolt 鈥 the latest security vulnerability in Intel CPUs:

鈥 Paper: (PDF file)
鈥 Plundervolt exploits privileged software interfaces that are used to adjust frequency and voltage of CPUs.
鈥 They corrupted the integrity of Intel SGX by controlling the voltage when executing enclave computations.
鈥 SGX cannot protect against Plundervolt.

#plundervolt #intel #sgx #vulnerability #cpu #infosec #security

Hey interesting tool. I haven't came across it before, I mean I typically figure this stuff out manually...

Malicious Python libraries stealing OpenPGP and SSH keys:

鈥 Look for python3-dateutil, and jeIlyfish.
鈥 Both modules try to exfiltrate SSH/OpenPGP keys and send them to an IP address.
鈥 This is the third time the PyPI team intervenes to remove typo-squatted malicious Python libraries from the official repository.

#python #malware #pypi #infosec #security #cybersecurity

ok, all you new people who arrived in the Fediverse this week... and there do appear to be a LOT of N00bs(in the best sense).... Let's do a Follow Friday!


@djsundog is possibly the best all around netizen on the Fedi.

@maxeddy Tech journalist, and nice and approachable too... I even assume he likes hugs.

@ella_kane our community organizer in this corner of the fediverse, and mastermind on #WeareNameless, a monthly movie viewing session... a LOT of fun!

@lilithsaintcrow and @mwlucas Both authors who have inspired discussions often, that lift the lid on the publishing industry.

@Mainebot He's like... to the north of me... but kinda smart.... and smart-alecky....actually a very solid source of quality thoughts on a wide range of topics.

@viciousviscosity qUEEN OF gIFS

@tek, admin of, also a name to watch for infosec.

@jerry Admin of

@JohnsNotHere Host of the Purple Squad Security podcast

@drwho @remotenemesis @GeoffWozniak @ryen @m4iler

on and on...

Sooo many other great netizens... The instant I post this I will regret many I didn't list.

Love language and compiler design? So do I!

I'm designing my own programming language as my Computer Science and Engineering Bachelor thesis! Super, super excited.

I present you with... The XYZ language

Ideas, suggestions, and constructive criticism are welcome.

My blog is now CDN free, and thanks to the use of aggressive local and server caching, it should feel just as fast as it was before!

I liked this article on the failures of the Boeing 737 Max. Very well written and detailed technical and administrative explanations on what went wrong.

My gf's learning html. Nobody told her that vim's a strange tool for genius programmers, so I just told her it was a normal tool, showed her insert and escape, then let her get on with it.

Half an hour later, I showed her another vim command.

Someone with almost zero education, who can't type properly, is programming in vim because nobody told her it was difficult. I know people who can program in Haskell who aren't sure if they can do vim.

there were some things i ddn't knew about raspberry pis:

"Linux runs on that ARM CPU, we know that, but we might be surprised to learn that Linux on this device is only a second class citizen. The GPU cores run a real time operating system called ThreadX. This operating system is closed source and rules the system without the open source Linux Kernel being aware of it."

and guess who bought the ThreadX operating system last april?

Verifpal 鈥 tool to verify the security of cryptographic protocols:

鈥 paper: (PDF file)
鈥 user manual: (PDF file)
鈥 Verifpal is still highly experimental software
鈥 available for Windows, Linux and macOS

#verifpal #crypto #cryptography #verification #security #cybersecurity #infosec

Crossposted from Twitter 

Hard at work implementing categories in my #mac client app for the #nextcloud notes app!

"When C is your hammer, everything looks like a thumb"

Banned C standard library functions in Git source code:

Another privacy win from Apple as they take a firm no-exceptions policy to all tracking practices in Safari.

Their newly-announced policy states that "tracking users 'without' consent... will [get you] kicked off the platform, treated like malware."

Show more

Le贸n Castillejos's choices:

Mastodon 馃攼

Fast, secure and up-to-date instance. provides knowledge and tools to protect your privacy against global mass surveillance.

Matrix Chat:
Support us on OpenCollective, your contributions are tax deductible!