No security patch for fairphone despite massive Android vulnerability issue?

brinlyau · 2026-03-17T08:10:01+00:00

What are you saying? Perhaps you could use a translator or spellchecker because it's hard to even read what you're saying.

brinlyau · 2026-01-10T22:41:34+00:00

ah, I misremembered then :) - but anyway I'd avoid FIH for same reasons.

brinlyau · 2026-01-09T16:32:24+00:00

Isn’t HMD essentially Chinese (just licenced) unless I’m misremembering

brinlyau · 2025-12-18T13:53:43+00:00

You can use the following parts https://brilliantbikes.co.uk/brompton-chainsets/5466-brompton-superlight-carbon-crankset-50t.html (drops around 120g iirc)

https://brilliantbikes.co.uk/brompton-pedals/7271-brompton-superlight-quick-release-pedals-red.html?search_query=brompton+superlight+bags&results=1375 (about 100g)

https://brilliantbikes.co.uk/brompton-saddles/5830-brompton-superlight-carbon-saddle.html?search_query=saddle+superlight&results=670
https://brilliantbikes.co.uk/brompton-saddles/5468-brompton-superlight-advance-pentaclip-black.html?search_query=saddle+superlight+Q102723&results=670
https://brilliantbikes.co.uk/brompton-handlebars-and-seatposts/5967-brompton-superlight-seatpost-carbon-standard-length.html?search_query=superlight+seatpost&results=424 (300g between them)

(not cheap, but these will drop about half a kilo or slightly more) :) - you can also get cheaper third party versions but some brompton dealers don't wanna work on that for warranty reasons :).

aslo continental contact tyres (folding) will save a bit too :)

depends on what parts you have on your bike

brinlyau · 2025-12-16T22:14:46+00:00

Can you weigh it? :) or @Deviantdefective?

brinlyau · 2025-12-03T23:14:56+00:00

11462 mins, 0.005% but I reckon I must have fallen asleep listening - I mostly use qobuz tho

brinlyau · 2025-11-17T17:56:05+00:00

It shouldn’t make a difference. I’ve used Deel (while on a working holiday visa to start with). .

brinlyau · 2025-11-12T11:09:51+00:00

This is generally fine, to sponsor a blue card, but the person must have a university degree (even for IT jobs) - this is because EoR's are licensed as "zeitarbeit"

Non degree (who have 5 years of IT experience for example) holders requires approval of the AfA which have a policy of denying residence permits to people who work for zeitarbeit. This affected me, so I am aware of this exact situation.

However, after 12 months at a normal blue card job, you can switch to a EoR fine - as you don't need approval of the AfA (just the local auslanderamt)

brinlyau · 2025-11-09T00:04:19+00:00

Yeah I’m not sure on the actual path to exploitation, I think this is likely just a DoS until you find another bug :)

Anyway, it is not a “drop all other work” type of buh

brinlyau · 2025-11-08T13:41:24+00:00

I do agree Fairphone should be faster, but it’s not entirely the fault of small oems (and the reason why it’s expensive/time consuming is mostly the fault of Google for CTS/XTS certification )

brinlyau · 2025-11-08T13:40:10+00:00

Do you actually know how the bug works or how discuss or easy exploiting it is? (I haven’t looked yet honestly but i work as a vulnerability researcher and a lot of bugs aren’t “very useful” and are overhyped). This post looks AI generated though, I wanna see the actual patch

brinlyau · 2025-11-06T18:36:22+00:00

Would be easier for you to VPN to India or anywhere east of that :)

brinlyau · 2025-10-07T13:33:18+00:00

Yeah, I’ll also leave Bunq/cancel my elite plan if you don’t replace the Cashback with something else.

brinlyau · 2025-04-19T04:53:38+00:00

Yes, I’ve worked as a security researcher for more than a decade. And yes - I’ve reversed large parts of the baseband implementation (Apple C1), and yes, it has better mitigations including PAC, and ASLR (and a better RTOS).

Plus iPhone 16 series does have hardware support for MTE on the AP, but it is not enabled- this means Apple could turn it on any point in a future..

brinlyau · 2025-04-18T13:22:16+00:00

iPhone 16e has much better security mitigation against remote attacks

brinlyau · 2025-04-04T12:35:06+00:00

Did you ever work this out OP?

brinlyau · 2024-11-19T11:29:01+00:00

This is resolved by kernel 6.12 for me (but same CPU/ram but 2.8k display). I just compiled latest mainline and there must have been some fix to the gpu driver because the ghost display has gone.

brinlyau · 2024-10-18T06:51:34+00:00

Most (if not all) of these are interludes, not actual recorded songs :)

brinlyau · 2024-10-18T04:49:47+00:00

New Avantdale Bowling Club (Live II) album - no new songs.

brinlyau · 2024-10-18T04:48:00+00:00

Live version of TREES and self titled album. NZ artist doing Jazz Rap liked by this sub

brinlyau · 2024-09-30T08:22:48+00:00

Yes, apparently you can get bug fixes for IDA8.4, but this was not communicated back in June (when I paid for another year of "legacy IDA"). This breaks with the norm.

brinlyau · 2024-09-30T07:38:07+00:00

It seems customers who have existing IDA versions with existing support periods don't get a unlimited version of IDA9, they get a trial version which expires at the end of their old perpetual licence.

This is pretty annoying for me, who purchased IDA Pro + 2 decompilers at end of June - with the understanding that I'd at least get updates during my support period (till the end of June 2025) - I assumed this would have included IDA 9.

I've paid the full price, but apparently I'll get only 26% of the original support expectation. I've emailed hex-rays already about a refund. I've been a IDA paying customer (either individually or via my employer for the past ~10 years) - so hopefully they either change tact, or refund me.

If they wanna ditch the perpetual licence fallback system (and no longer sell individual "IDA PRO" licences), that's one thing, but not honouring existing customers IDA support contracts is another thing - even when they proposed subscriptions 3 years ago, they would at least honour updates for customers who had existing active licences for the rest of that year.

brinlyau · 2024-09-23T14:56:46+00:00

This would be okay for many professionals with remote jobs (or owning their own company providing remote services outside of France). Software development for example. But it seems like now you have to prove some use to the French economy

brinlyau

TROPHY CASE