Back to the Chronicles [07/15/24]

Posted on Mon 15 July 2024 in Thought

Just an update

Took some weeks off from the nightly grind. Although I mostly kept up with current events, research, reading, and watching some past con talks. Now it's Hacker Summer Camp time, and all the conferences are in full swing. I probably won't be attending them, but I do know I'll be on an island hacking with some buddies, eating, surfing/snorkeling, and catching sunsets. So in short, here are some bullet point thoughts about what's been spinning up in my mind and fingers:

Island Hacking
  • Type promotion bugs are easy to find and trigger, but is the target software worth it?
  • Continue to focus on macOS and Linux (Debian) systems
  • Focusing on some pre-methodology flows (hopefully more to come in the future)
  • V8 bugs and V8 sandbox: Recently watched @5aelo’s - V8 heap sandbox talk and @edwardzpeng’s talk on sandbox escape. Fascinating insights!
  • Should I turn some focus on browser-based VR?
  • Based on some of my recent analysis, browser and image/file parsing still seem to be highly targeted
  • Continue to write more content, even if it's an update like this!