Joined January 2014
- Tweets 2,775
- Following 109
- Followers 2,113
- Likes 944
355 Photos and videos
Pinned Tweet
9 Sep 2019
Finally got a few mins to finish off some projects. First up ‘the dancing car’ - a stand-alone car cluster which ‘dances’ along with music.
#CarHacking
8
21
186
Jun 2
I honestly thought @_Freakyclown_’s book had been adapted when I saw the title of this new movie
youtu.be/ORxw68y3lyw?si=apMD…
2
1
363
12
36
150
20,252
Feb 27
This one has the potential for causing a lot of grief to coffee shops who use the same AP for guest access and their corporate backend.
I’ve worked with retail and banks who have exactly the same set up too
New AirSnitch attack breaks Wi-Fi encryption in homes, offices, and enterprises: arstechnica.com/security/202…
AirSnitch resets WiFi security back to the bad-old-days of ARP spoofing and trivial MITM.
2
231
25 Jul 2025
This. We said it was a bad idea from the start and it is.
Privacy nightmare and easily bypassed
25 Jul 2025
Watching companies come out with stupid ways of doing age verification which are all easily bypassed just shows that it was misguided from the start. It just needs to be scrapped in favour of better education.
1
179
14 Feb 2025
Got a new gym bag for Valentine’s Day. This is going to amuse me for months.
#wehackhealth
1
164
5 Feb 2025
Spot on.
Anyone that says ‘security isn’t hard’ has never had to deal with pre-existing conditions
2
983
5 Jan 2025
Hey @LGUK Your recent firmware upgrade for the G1 TV just broke ARC support, and with no firmware downgrade permitted I now have no sound.
Perhaps having a rollback feature or even a downgrade feature might not make for salty users..
159
Fancy retrieving plaintext user credentials, deactivation passcodes and uninstall passwords for Palo Alto Global Protect VPN? Thank goodness Palo Alto make that easy for you ...
Full write up here : shells.systems/extracting-pl…
Tooling available here : github.com/t3hbb/PanGP_Extra…
2
69
196
65,000
4 Sep 2024
I downloaded my Amazon Music data to try to figure out what song I was listening to, and included in the data is the amount of times they've tried to upsell me something recently.
A paid service tried to sell me something over 500 times in the last few months...
1
1
293
3 Sep 2024
For the first time in many years I tried to connect an iPhone to a Windows PC to do a backup.
1 hour in and I'm still no closer to getting either device to 'trust' the other - how did Apple mess this up so badly?!
1
167
6 Aug 2024
Broken PCB trace/pad repair.
I need some enamel wire me thinks….
1
160
Just a brief article showing how easy it is to figure out where the canary files are kept on systems using Cortex XDR and how to avoid them. Issue was reported to Palo Alto, but it was determined to be a non-issue, so … here you go 😊
shells.systems/cortex-xdr-ra…
3
43
125
13,346
1 Aug 2024
Can confirm.
I got the nerve up to talk to Dave in a queue for Blackhat many years ago. He was in a cast for a broken foot and was with friends and yet still was willing to have a chat for a few moments about random stuff.
1 Aug 2024
Flying out Sat for BlackHat! Look forward to seeing you amazing folks. I'll be around our #BinaryDefense booth and our #TrustedSec training class.
Always happy for a hug, fist bump, or handshake. I promise, while I might look big, but I'm a teddy bear and very approachable! 😂
1
243
19 Jul 2024
We still do staged updates for our operating systems, small batches to confirm there are no issues before we push out globally.
Is anyone doing the same for every other app on their machines? Today showed you need to be.
1
137
21 May 2024
Electrical people, please help settle an argument over how long a car battery could power a gaming console for:
Console uses 210W and needs 110v, battery is 12v@55ah capacity(660W?)
Battery CCA is 440, with a step up transformer can the battery power the console for 3 hours?
226
1 May 2024
It took me many years to get password policies changed in every org and the changes were made around this premise.
Stop enforcing complexity, length and patterns and just prevent common themes
1 May 2024
(yes, I know both exceed the policy, but it's what people do)
The solution isn't to make passwords better - it's to make the damage of compromising one password limited.
MFA.
Principle of least privilege.
Stop blaming the users.
2
397
1 May 2024
*Erg*.
Hardware testing failure this morning led to a Pi Desktop, Monitor, 2x USB Hubs and a few other bits getting fried when main voltage jumped into my testing machine from a USB connection.
Thankfully it wasn't my laptop getting hit but it still scared the life out of me :(
1
2
381
1 May 2024
I was interested in what killed all of the equipment, this is the Pi 400 Desktop.
Interestingly there is a large burn mark next to the HDMI connector and not the power or USB connectors where I would expect it to be.
1
190
1 May 2024
Some power is being used though, although none of the ICs are getting warm at all
134