December 21, 2023
December 21, 2023
The Embers of Autoregression paper is a must read if you're working in any domain where low probability outputs are often the correct answer https://t.co/GsTzBHH7ve (aka, everyone trying to do anything related to root cause analysis, patching, exploitation, bug finding)
— Sean Heelan (@seanhn) December 21, 2023
lcamtuf :verified: :verified: :verified:: "Every couple of years, a study comes out implying…" - Infosec Exchange
Every couple of years, a study comes out implying that bad drivers favor certain car brands: https://www.lendingtree.com/insurance/brand-incidents-study/ This year, it generated some extra headlines because Tesla took the #2 spot on the list. The narrative is that liking Elon Musk must be correlated with being an asshat on the road. It's a cool story, but I think it is more logically explained through the prism of differences in product line-ups. Consider, for example, that pickup trucks are more accident-prone in part because of their use in construction, snow plowing, hauling boats, and so on. This alone can explain why Ram is #1 while Ford is #18. They make nearly-identical trucks, but while Ram is a pickup-only brand, Ford also sells a lot of family cars. Probably the same goes for Tesla: they exclusively offer performance cars. The vehicles are driven more aggressively because they can be. It's just not something you pull off in a 2001 vintage Saturn, which is apparently one of the safest brands.
💪🏼 Yesterday @_clem1 and @vladhiewsha discovered and reported a new ITW 0-day to the Chrome team. TODAY, 1 day later, Chrome has a fix out to protect users!!! Thank you, Chrome! CVE-2023-7024https://t.co/2tkx0Zc9pf
— Maddie Stone (@maddiestone) December 20, 2023
https://www.panoptica.app/research/7-ways-to-escape-a-container
Dave Aitel: "I really want more focused rhetorical flair from …" - Mastodon
Attached: 1 image I really want more focused rhetorical flair from CISA tbh. Something like "Every security patch is a failure of process and initiative. They should be extremely rare - not on a monthly cadence. A secure by design product does not have a patch cycle."
Lastly, we can confirm that a fugitive named Leonard Francis ((aka Fat Leonard)), who fled the United States before he could be sentenced for his lead role in a brazen bribery and corruption case is being extradited from Venezuela.
— Laura Rozen (@lrozen) December 20, 2023
Poor Fat Leonard.
Happy anniversary to the Spanish space program!
Spanish Prime Minister Luis Carrero Blanco is assassinated in Madrid by Basque terrorist group ETA.
— 1973 Live (@50YearsAgoLive) December 20, 2023
They planted a bomb in his car that, in front of photographers’ cameras, went flying. pic.twitter.com/tyEKdlBbBs
Full page ad in today's WSJ 🤔 pic.twitter.com/3CrDZCjS4T
— Bryson 🦄 (@brysonbort) December 20, 2023
This guy did something similar a couple years ago. His name is Daniel Chien, a 75 year old who lives down the street from the referenced PO box. Weird. pic.twitter.com/hh2v8k9E4a
— SúperBueno (@evanfrancen) December 20, 2023
Cybery bits from the 2024 NDAA:
— Ravi Nayyar (@ravirockks) December 20, 2023
🧵https://t.co/opRHoVC2uH
