DE version is available. Content is displayed in original English for accuracy.
UAF = Use After Free (https://en.wikipedia.org/wiki/Dangling_pointer)
DE version is available. Content is displayed in original English for accuracy.
Discussion Sentiment
Analyzed from 1063 words in the discussion.
Trending Topics
Discussion (47 Comments)Read Original on HackerNews
I'm all ears now
Two boot looped, I had to enter recovery and the other just powered off [0].
The demo modifies the wallpaper on supported Pixel devices.
[0] IonStack https://rootme.nebusec.ai
____
Tip: Install a Chromium flavor browser (Chromite) separate from the main browser.
Disable Javascript and hardware accelerated video decoder (commonly exploited) from the flags page and enable reader mode to fix broken JS-dependent websites when browsing blogs and random sites on your personal devices, else dedicate a tablet.
I would have hoped that only a few of us are so misinformed as to do that.
Claude-ism detected. IME with Claude Code an object does not have a type or definition, apparently, but rather a shape (or at least it reaches for that word before more technically-accurate ones). Problems are not of a similar class or type, but of the same shape. Functions are not defined by their signatures but by their shape. Who talks like this and how did it make its way into the training data so pervasively?
I don't mean that as a criticism—the question of how to receive AI-processed content is a huge one that is in a state of chaotic turbulence right now. I'm working on a post about that over here: https://news.ycombinator.com/item?id=48887149.
Btw, Nebula Sec is a YC startup in the current batch. We've been working with them on how to launch on HN, and one of the things I've been trying to explain is that the HN audience won't respond well to LLM-generated reports. The underlying work, though, is very impressive. These guys know what they're doing—the OP is by no means their only significant find—and the fact that they're doing it with an agent, rather than the traditional way, is significant.
Obviously this is only one signal among many, one that can be overruled, but the ick remains regardless.
It's not so widely used and it's not explained in the first couple screenfuls of TFA (which by itself is weirdly structured, taking entire paragraphs to explain when it was introduced, when it was discovered, etc. before even explaining what it actually is).
Of course the title was chosen when the article was first published on a site dedicated to security, where probably everyone knows it. This suggests that insisting on unmodified titles when republishing in HN is a poor rule.
It was even enumerated in the first pass of CWE as CWE-416 in 2006.
There is a lot of cool work that went into making memory allocation work well; the different arenas, fast bins, chunk headers, etc. are super cool.
"Use after free" is also described in most standard books about C as a thing you should never do, have you read one?
The idea that Claude came up with it is ridiculous.
2025: https://redis.io/blog/security-advisory-cve-2025-49844/ 2023: https://seclists.org/oss-sec/2023/q2/133 2022: https://www.zerodayinitiative.com/advisories/ZDI-22-1690/ 2014: https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/008_o...
It's an issue as old as time, or thereabouts.
https://news.ycombinator.com/newsguidelines.html
https://news.ycombinator.com/newsguidelines.html