@AlexAltea profile picture
Alexandro Sanchez @AlexAltea
Joined December 2009
  • Tweets 686
  • Following 508
  • Followers 4,946
33 Photos and videos
Alexandro Sanchez retweeted
Maurice Heumann@momo5502
30 Apr 2025
My emulator now has a name: Sogen. It now manages to analyze BO6's protection right in your browser :D
1:18
18
29
321
19,096
Hey @googlemaps, when are you going to use gaussian splatting with LoDs (see CityGaussian or LoG papers) to render 3D maps data? You could merge angled aerial and Street View footage for truly seamless transitions, and benefit from proper transparency and decent-ish specularity.
1
7
2,764
Are there any small USB MITM devices that let you swap keyboard Win/Alt keycodes from HID reports? Tired of doing in software for each machine... I'm considering getting @Hak5's OMG cable for this, but feels a bit overkill (no need for WiFi, GNSS or even payloads).
1
3
2,495
Are there any cheap devices with full TrustZone exploits that could be used to generate fake attestations for @GrapheneOS devices? Firebase App Check and Play Integrity API are getting increasingly pervasive. We need "attestation proxies" now.
2
9
4,068
Code is the subset of data that is valid under a Turing-complete system.
Emmett Shear
@eshear
4 Feb 2024
Software engineering question: What's the difference between code and data?
6
3,446
Alexandro Sanchez retweeted
Boris Larin@oct0xor
27 Dec 2023
We're revealing details of an obscure debugging feature in the Apple A12-A16 SoC’s that bypasses all of the hard-to-hack hardware-based memory protections on new iPhones. Its not used by the firmware and we don't know how the attackers found out about it. securelist.com/operation-tri…

Operation Triangulation: The last (hardware) mystery

Recent iPhone models have additional hardware-based security protection for sensitive regions of the kernel memory. We discovered that to bypass this hardware-based security protection, the attackers...

securelist.com
25
240
913
315,517
Do ransomware negotiations consider that a large % of AI SaaS startup valuations is contributed by the secrecy of their state-of-the-art models/params? Real shame if weights were leaked. Yes, illegal to use, but also cheap to launder. Piracy on steroids.
4
1
5
2,967
Threat actors could realistically demand $100m and expect to be paid.
1
2
1,392
If GPT-5 released today, and @OpenAI was fully breached tomorrow, would a $1b model ransom be fair? If so, stressful times for their InfoSec team.
1
1,273
Months after this tweet we got c2pa.org/ and truepic.com/. Sony A9III cameras announced this week supports it! Glad to see action.

C2PA | Providing Origins of Media Content

Enhance digital safety through the use of content authenticity tools. C2PA provides a way to ensure content transparency by analyzing the origin of media.

c2pa.org
Alexandro Sanchez
@AlexAltea
10 Aug 2021
Are there any cameras with crypto co-processors to digitally sign footage with in-hardware keys? If not, this absolutely needs to happen; the inaction of vendors/media is baffling. Might not be enough to fight state-sponsored shoops, but enough to deter medium/small actors.
1
1,756
Filling a customs form, that generates PDFs, which I have to print, "sign" (with a squiggle), scan and send... for some person to read and manually type in an identical form. Just to charge me few cents of taxes and few dozen EUR of "handling". Bureaucrats are a waste of oxygen.
6
1,349
Are there any physical cryptocurrency coins? Something like TPM w/ privkey, NFC to broadcast pubkey. Zero-cost offline "transactions" in-person. Button on the back to redeem the coin value (sign broadcast to another wallet). Cash registers read pubkeys via NFC to compute total.
2
2
2,244
Alexandro Sanchez retweeted
Aleksei Kulaev@flat_z
27 Jul 2023
finally... hello, PS5 PSP :)
129
240
1,496
353,312
Alexandro Sanchez retweeted
Maor Shwartz@malltos92
20 Jun 2023
The boom, the bust and the adjust The offensive cybersecurity industry — trends and updates I'm super excited to publish this article which embeds my experience in the offensive cybersecurity industry over the years. I hope you will enjoy it. medium.com/@maor_s/the-boom-…

The boom, the bust and the adjust

About me

medium.com
12
59
212
58,704
Alexandro Sanchez retweeted
0xor0ne
@0xor0ne
3 Jun 2023
Icicle is a multi architecture emulation framework designed for firmware fuzzing. Nice research work Paper: arxiv.org/pdf/2301.13346.pdf github repo (pre-release): github.com/icicle-emu/icicle #fuzzing #firmware #infosec #cybersecurity
1
96
315
54,080
EU AI regulation proposals have convinced me bureaucrats are going down the route of contemporary artists. Build a career via attention by being provocative, crippling industries, proud of the corpses they leave behind as their masterpiece. Hanlon's razor doesn't cut it.
5
2,710
This will not work, at least not economically. Even with robust sw, in-hw keys need to resist physical attacks. This worked for Microsoft in Xbox One and later because despite no shortage of talented/motivated people, nobody drops 100k hours $1m lab hw with with unclear ROI.
This tweet is unavailable
2
14
3,595
And if they fail only once and keys leak, it's back to the silicon drawing board... And facing the hard decision of dropping mode/param updates from old hw or letting attackers get future models.
1
1,854
Interesting that when LLMs hallucinate API/lib functionality, it's just so convincing and convenient. The latent space seems to contain the collective expectations and wishes of developers. Rather than fighting it, devs could explore it for new features and applications.
3
1
8
2,509
Prediction: LLMs will dramatically reduce the dev cost of consuming APIs ⇒ Increasing their traffic/expenses, esp to free APIs ⇒ Short-term lowering quotas, long-term pushing for high perf langs/DBs.
1
3
2,165
Load more