Blog
 / 
About
egglessness - random notes on computer security
Welcome to my blog!
I'm Daniele Ferla and this is the place where I put some ideas and random notes about computer security and other stuff. Just the nitty-gritty, to keep everything simple. Enjoy :)
24 Sep 2019
The hackiest way I've seen to pass WiFi credentials to an IoT device
Picture this: you just bought your brand new IoT device. You take it out from the box and power it on. But... how do you pass your WiFi credentials to make it connect to your network? This solution literally blew my mind!
09 Apr 2019
No, using strncpy won't really make you safer
Even if specifying the length of the buffer you want to operate on seems a good security practice, using strncpy instead of strcpy may help attackers to leak sensible data from your program memory. Here's why.
19 Feb 2019
_FORTIFY_SOURCE: explained
Compilers like GCC and Clang give developers the possibility to secure buffers in their applications by supplying the _FORTIFY_SOURCE macro at compile time. In this post, we will see how does it work and what can it do for us.
14 Dec 2018
Abusing Facebook prefetching to leak users IP address and user agent
Prefetching external links on Facebook can surely enhance the user experience, but... can it be exploited to do some reconnaissance on a target victim?
17 Oct 2018
Testing a MachineFunctionPass on LLVM without having to recompile every time
Recompiling the whole LLVM infrastructure is a very tedious and long process. I'll show you how to get away with it in just a few seconds.