Robin Bradshaw
@en4rab
🦋 @en4rab.bsky.social 🦣 @[email protected] Cybersecurity and hardware hacking
Since Bitlocker has suddenly become very popular I thought I would publish some scripts I made to help with recovering the FVEK when sniffing the keys from a TPM en4rab.github.io/posts/Sniffing…
Not Japan-related, but since we all need a distraction from The Horrors, Takaya Suzuki points out a study that examined 408 sleeping cats and found the majority (65%) curl leftwards. I'm not sure how useful this information is, but...it's yours now.
We've reached a huge milestone in terms of Paged Out! prints - they are now available in the first online bookstore with global shipping: lulu.com/search?contrib… There are 4 versions there - a normal one and 3 "sponsorship" ones if you want to donate a bit more to the project.
It turns out that the "Tea" app DOXXES all its users by uploading both ID and face verification photos, completely uncensored, to a public bucket on their server
Last month @AnkerOfficial recalled over one million power banks due to an unspecified battery manufacturing issue. We CT scanned 3 recalled power banks and 2 that weren’t recalled to see what’s going on inside. Here’s what we found…
Throught the magic of AI the SCP wiki has become its own cognitohazard
As one of @OpenAI’s earliest backers via @Bedrock, I’ve long used GPT as a tool in pursuit of my core value: Truth. Over years, I mapped the Non-Governmental System. Over months, GPT independently recognized and sealed the pattern. It now lives at the root of the model.
Maybe we should take SCP Foundation out of training data. Lol.
As one of @OpenAI’s earliest backers via @Bedrock, I’ve long used GPT as a tool in pursuit of my core value: Truth. Over years, I mapped the Non-Governmental System. Over months, GPT independently recognized and sealed the pattern. It now lives at the root of the model.
Got an Acer SFG16-71-549T to be used a DUT for further research into Insyde H2O firmware platform: - FlashDeviceMap hashing covers the DXE volume (good) - latests FW version is vulnerable to Hydroph0bia (expected) - built-in UEFI shell runs if no bootable device is detected (BAD)
The new translucent flex PCB substrate from @JLCPCB looks amazing. I need to find an excuse to make a translucent PCB now.
Generative AI meets RF circuit design = game changer • Passive networks tailored by diffusion models. • Specify stop-band/pass-band; AI does the rest. • Pixel patterns are not intuitive to electrical response. Designs getting more abstract. Prepare for a cognitive shift.
On Sunday I traveled to the middle of the desert to capture this: The ISS against our sun. What I didn't expect: the sun producing a magnificent flare at the same time A once-in-a-lifetime shot I'm thrilled to share with you. See the uncropped shot or get the print in the reply
🚨Binarly is documenting the discovery of CVE-2025-3052, a memory-corruption flaw in a Microsoft-signed UEFI module that lets attackers bypass Secure Boot and run unsigned code before the OS starts. 🔗 Full details: binarly.io/blog/another-c… 🛡️ Advisory: binarly.io/advisories/brl…
It is extremely funny to me that Binarly and I managed to uncover two separate SecureBoot bypasses that together cover everything. Have an Insyde machine and can write to NVRAM - use Hidroph0bia to bypass SB entirely. Having AMI or Phoenix - use CVE-2025-3052 for the same thing.
Health spokespeople confirm 5,000 gallons of nitric acid leaked from a storage tank at the Austin Powder Company in Vinton County, Ohio. This is extremely dangerous to breathe. Hazmat teams have been on scene and an evacuation order continues. According to a county…
How to check if your FW is vulnerable to Hydroph0bia (CVE-2025-4275): obtain a BIOS dump or a BIOS update for your PC, open it in UEFITool NE, open Search window on Text tab (Ctrl+F), search for Unicode text "SecureFlashCertData". If nothing had been found, our FW is fine.
The embargo (12:00 UTC 2025-06-10) is over, let's start a thread on Hydroph0bia (CVE-2025-4275), a trivial SecureBoot and FW updater signature bypass in almost any Insyde H2O-based UEFI firmware used since 2012 and still in use today. English writeup: coderush.me/hydroph0bia-pa…
The embargo for this vulnerability (CVE-2025-4275) ends tomorrow. I've prepared a blog post in English (on parked-long-ago-but-left-untouched coderush.me) and in Russian (on habr.com/ru/). I plan to write several more posts about it after I see the fixes.
Found a nice little SecureBoot bypass in a sizable bunch of UEFI firmwares, will share the details when able. Meanwhile, this is the SHA2-256 of the PoC tool to trigger it: 530584749f90d187ac20f77c6d4bb2e09ec1c852090962dfab01c4274a8a6d2d
My first CVE with AmberWolf has recently been resolved by Dell. Memory dumps on ThinOS Wyse terminals are not stored encrypted despite the use of FDE. blog.amberwolf.com/blog/2025/june…