Finally got a few mins to finish off some projects. First up ‘the dancing car’ - a stand-alone car cluster which ‘dances’ along with music. #CarHacking

This. We said it was a bad idea from the start and it is. Privacy nightmare and easily bypassed

Got a new gym bag for Valentine’s Day. This is going to amuse me for months. #wehackhealth

Spot on. Anyone that says ‘security isn’t hard’ has never had to deal with pre-existing conditions

Hey @LGUK Your recent firmware upgrade for the G1 TV just broke ARC support, and with no firmware downgrade permitted I now have no sound. Perhaps having a rollback feature or even a downgrade feature might not make for salty users..

Train tickets booked - see you all @BSidesLondon next weekend!

Fancy retrieving plaintext user credentials, deactivation passcodes and uninstall passwords for Palo Alto Global Protect VPN? Thank goodness Palo Alto make that easy for you ... Full write up here : https://t.co/6T65cHCi9n Tooling available here :

I downloaded my Amazon Music data to try to figure out what song I was listening to, and included in the data is the amount of times they've tried to upsell me something recently. A paid service tried to sell me something over 500 times in the last few months...

For the first time in many years I tried to connect an iPhone to a Windows PC to do a backup. 1 hour in and I'm still no closer to getting either device to 'trust' the other - how did Apple mess this up so badly?!

Cortex XDR full bypass with stock meterpreter payload. Screenshot from tooling demo, apologies for quality.

Broken PCB trace/pad repair. I need some enamel wire me thinks….

Just a brief article showing how easy it is to figure out where the canary files are kept on systems using Cortex XDR and how to avoid them. Issue was reported to Palo Alto, but it was determined to be a non-issue, so … here you go 😊 https://t.co/n1nLXruVT8

Can confirm. I got the nerve up to talk to Dave in a queue for Blackhat many years ago. He was in a cast for a broken foot and was with friends and yet still was willing to have a chat for a few moments about random stuff.

We still do staged updates for our operating systems, small batches to confirm there are no issues before we push out globally. Is anyone doing the same for every other app on their machines? Today showed you need to be.

Electrical people, please help settle an argument over how long a car battery could power a gaming console for: Console uses 210W and needs 110v, battery is 12v@55ah capacity(660W?) Battery CCA is 440, with a step up transformer can the battery power the console for 3 hours?

It took me many years to get password policies changed in every org and the changes were made around this premise. Stop enforcing complexity, length and patterns and just prevent common themes

Some power is being used though, although none of the ICs are getting warm at all

I was interested in what killed all of the equipment, this is the Pi 400 Desktop. Interestingly there is a large burn mark next to the HDMI connector and not the power or USB connectors where I would expect it to be.

*Erg*. Hardware testing failure this morning led to a Pi Desktop, Monitor, 2x USB Hubs and a few other bits getting fried when main voltage jumped into my testing machine from a USB connection. Thankfully it wasn't my laptop getting hit but it still scared the life out of me :(

Wow @NetflixUK - that’s a jump. Currently it’s £8 a month, now it’s jumping to £11 a month or forcing Ads on me. That’s a 37.5% price increase.

Cake and a new book, looking forward to this afternoon @drjessicabarker