I feel like the dream of static analysis was always a pipe.
When the payment for vulns drops i'm wondering where the value is for hackers to run these tools anymore? The LLMs don't do the job for you, testing is still a LOT OF WORK.
lots of security issues form at the boundaries between packages, zones, services, sessions, etc. Static analysis could but doesn't seem to catch this stuff from my perspective. Bugs are often chains and that requires a lot of creativity, planning etc
consider logic errors and race conditions. Its surely not impossible for llm to find these, but it seems likely that you'll need to step throught the program control flow in order to reveal a lot of these interactions.
I feel like people consider LLM as free since there isn't as much hand-on-keyboard. I kinda disgree, and when the cost of paying out these vulns falls, I feel like nobody is gonna wanna eat the token spend. Plenty of hackers already use ai in their workflows, even then it is a LOT OF WORK.
5G CSS is harder yes, but keep in mind that most 5G is the 5G_NSA variety, and is really just riding on the same cell bands, no mmwave here. You probably notice that your phone often slips out of 5g, or you inhabit different modes here.
Essentially, 5G is sort of a lie. Phones spend a lot of time exchanging information via 4g/lte, and just like 2g/3g and 3g/4g, there are simply downgrades that can be performed in the field, without getting too far into the weeds.
well, a concerted attack could easily subvert the baseband if you have a few million dollars and the correct letterhead or private contacts.
GrapheneOS really wants the software in the phone to not pwn the phone. This is good. Its a different, and much more difficult problem to secure the connection to the telco, and the larger internet, because the transport is attacker controlled.
Think of it this way: Say you use Qubes because security is valued very highly for you. Even if you run Qubes, if your router is controlled by your attacker, what kind of a security guarantee could you really get for yourself?
GrapheneOS have hardened_malloc which is a huge advantage, I think. It makes the weird machines problem much harder. I would say be very careful, because you can still get previews of images, or old and weird media formats that could be exploitable, and android/GrapheneOS doesn't have the same sorts of policy as say Apple with the iMessage blast door. They control safari, etc.
Android's attack surface seems pretty jagged. For example there is only one webrender engine on iOS, where you can run anything you like on Android/GrapheneOS.
fyi a Cell Site Simulator can masquerade as the legitimate telco operator and push type 0 messages to the handset.
What that means is they can push malicious settings and configurations (Definitely) and probably malicious firmware to the handset at will. They don't need to code this, they buy the software packages from the usual suspects. Adversary simply needs to put a drt box or a hailstorm or what-not close enough to the handset to do the work.
The baseband can do a lot, it has dma (if I recall correctly) and can almost certainly screen look, and extract information from some but not all base bands. This varies.
GrapheneOS cannot really influence this, but hardened_malloc could conceivably help. What would be great is a bench firmware re-flash, but I don't want to do this every single day.
I just popped in to add that NASA employee Charles White, a scientist involved with the Mars Rover project, also helped make a Burning Man Mars Rover Car (back before Playa Burning Man was completely and utterly torched twice over by Military Industrial Complex Vacationers and Billionaires) and you can hear an interview with him here on Charles White's yt channel: https://youtu.be/BKGROOedAgI (
Mars Rover Art Car interview with Ray Cirino and Charles White )
Charles White is a pretty good guy in my opinion, we play the same video game (EvE: Online) Where Charles White is a very, very well known community member who is known as "The Space Pope". He officiates weddings at our Iceland Fanfest gathering and also runs a Suicide Prevention Outreach group in EvE: Online, as well as teaching leadership skills.
I mean it was fine for these guys because they got huge press and happen to be in an industry that can handle this. They've got experience, current employment, industry contacts, and there's really barely a functional college curriculum, or certification track for this. You #1 need to be trusted to break in since you know, they teach each other how to break into high-security facilities.
I really just wanna point out that getting contracts for government administrative building is already like, way in and near the top of the game, this could have set them back 9 months or none at all, still, someone has to be held accountable when there is an obvious miscarriage like this.
I mean they called their boss! They had a special letter! Why didn't shitty sheriff just like demand that the security chief come out and make some calls? 600k sounds fair I suppose but 6 years sure doesn't when its an elected official!
I have, they're tiny shoes and it'll lock up your rear wheels at best.
I would suggest that anybody reading NOT try this unless you have a quite large and empty lot with no public access. Pay close attention, they are not called Emergency Brakes, they are called Parking Brakes.
The stated purpose of these brakes are to ensure your car wont roll away while parked. Anybody with a manual transmission knows the ritual of shifting into 1 or Reverse and turning their wheels toward the curb while parked even while the parking brake is engaged.
Most people doing the right thing use a torque limiter to "gun" the wheel on and then set final torque with the tires just touching the ground (for friction) which is totally adequate.
The thing people might forget is to clear the corrosion off of the wheel and hub which can be a problem if it breaks away as you drive.
Thats the same case with all brakes in use more or less. Also modern brakes have two hydraulic systems, in the case that one of the loops (front or rear) breaks there should be sufficient pressure to apply the brakes still.
Sometimes its front/rear and sometimes it is diagonal, but it should still do the emergency trick.
At the time hacker meant informal programmer, among other things. “I’m hacking on my book review website” “I’m hacking on a desktop filesharing app.” Those hackers sometimes got a nice swing at it and this place has indeed always been a finance-friendly venue for these nerds to commingle.
It’s 2025 and things move along. People still post their file sharing tools here, but yeah I agree that it does hit different now.
I feel like we could do better, quite easily. People are very gung-ho (jing-go?) on this and it seems clear to me that we can use our significant technological advantages and investigatory prowess to target these bad actors just like any other day at the office.
This is quite the departure and it is quite troubling to me. The ESA launch site is down there iirc, seems like we have natural allies who would join a push, but instead we sent a carrier group.
The chilling effect of the executive. The current admin leverages government agencies against the corporation who will report on this if not to their liking.
When the payment for vulns drops i'm wondering where the value is for hackers to run these tools anymore? The LLMs don't do the job for you, testing is still a LOT OF WORK.