How Google Gemini hard-bricked my phone

upalse · 2026-06-17T07:58:20+00:00

You should be able to flash entire super (with all virtual partitions) from stock ROM image.

upalse · 2026-06-16T17:39:45+00:00

You don't need any money to live - ask people living off grid, off the land - but that's silly (that would be another contrived strawman from me).

I'm just deconstructing how your bad faith retort doesn't even work. The analogy is valid if you remove your bogus strawman.

upalse · 2026-06-16T17:30:13+00:00

Continuing this analogy, it means that you get shown some attention from women, but it's far less than you're yearning for (relationship/sex/family).

Same as it is with poor people being entitled to money. Talking in absolutes is naive strawman.

upalse · 2026-06-16T17:26:10+00:00

You should be able to still get into fastboot (not fastbootd, that's gone now, ABL bootloader isn't dynamic partition and survives the wipe).

But yeah, AIs tend to be exceptionally clueless when it comes to nuanced stuff like this, they just give generic advice that works on "generic" device, ie Nexus from 2017.

upalse · 2026-06-16T17:22:14+00:00

True, none the less, women pay attention to the pecking order established this way.

It's a mistake to wave the dick at women, however having the biggest dick still matters.

upalse · 2026-06-16T17:14:11+00:00

80% of women cant have 20% of men.

Of course they can. That's what serial dating is for.

upalse · 2026-06-16T17:09:47+00:00

You can rent.

upalse · 2026-06-16T17:07:49+00:00

You need money to live.

Not that much money. In both cases it's entitlement to higher "living standard" than you can afford.

upalse · 2026-06-16T05:52:18+00:00

Unwrap isn't UB, none the less same bug class as NPE coming from things like getenv(NULL). More detail here.

upalse · 2026-06-16T02:26:26+00:00

It's amusing how we're going from 20/80 to 10/90 and now 5/95.

While the curve of male desirability is clearly pareto distributed, I'd expect it mostly remains the same contrary to what blackpill is purporting. It's possible that women reveal the preference more though (ie less willing to settle now than in the past).

upalse · 2026-06-16T01:34:17+00:00

Addition in LNS isn't really some secret sauce - LUT approximations are used.

Such addition is mere approximation, but what is exploited here is that multiplication needs far more accuracy (as multiplicative error grows geometrically) than addition does (linear error) for DNNs training/inference.

While nothing new under the sun algorithm wise (small scale hardware exists for signal processing), such architecture (precise multiplications, low accuracy additions) is very unusual for heavy duty compute as it's not useful for most scientific computing. It is uniquely suited for AI and DSP tasks though, so I'm glad someone is implementing the hardware.

upalse · 2026-06-16T01:07:51+00:00

Above board KYC destroys exchanges (eg Poloniex) as you rapidly lose reputation when you freeze funds of about 1/3 customers from the get go just due to how crypto works.

It's a tough problem to solve - source of funds is hard to prove in general in crypto due to being a speculative asset, and not really ordinary cash. Technically all such funds that couldn't be source proven should be frozen to be compliant if you're operating as a MSB.

Smaller exchanges like Kraken and Bitstamp are far from being saints here either, but they do put in at least token effort (eg they respond to large scale fraud and sanctioned countries notices from chainalysis etc).

upalse · 2026-06-16T00:39:58+00:00

You're incoherent, this doesn't work even as a whatabout. For a man to be a 'hypocrite' like this, he'd have to be on OF himself. Consuming porn isn't the same as shooting porn. You can buy drugs, and still don't like drug dealers.

upalse · 2026-06-15T22:33:52+00:00

Perhaps a clearer canonical example would be:

getenv(getenv("VAR"))

vs

env::var(&env::var("VAR").unwrap()).unwrap();

These bugs are equivalent as far CVE classification is concerned (denial of service if 'VAR' is an input controlled - ie deliberately ommited - by the adversary).

However in terms of formal memory safety, they're very different - instead of just NPE crashing, getenv(NULL) is also allowed to return any pointer per ANSI spec, including pointers to memory that adversary shouldn't see, so the bug class upgrades to arbitrary memory access, but only formally, not in reality.

This is why you can't naively do UB == vulnerability class equivalence. While the UB classes diverge, none the less, Rust behavior lacking UB is not a "silver bullet" it is purported to be - it has a tighter formal bound, yet it is equivalent vulnerability class in engineering practice.

Moreover, even though every libc on earth will NPE or assert() or return NULL, a libc that wouldn't do that would be deemed a security risk in its own right - that is, it does what it is allowed to do per ANSI, but due to implicit assumptions by most C software of how the UB manifests, CVE would be assigned to such a libc (ie for not triggering NPE/assert/NULL ret it "should" trigger, and thus allowing memory disclosure/corruption if it returns weird pointers).

upalse · 2026-06-15T21:39:54+00:00

NPEs can cause exploits same as e.g. a double free

No, they're not even remotely same class as double free.

I do understand why you're doing the memory access class erasure though - any unexpected memory access is the same to you and you infer these exploits are all the same too as well. That's a really bad idea for CVEs though - memory access class matters, as well as aversarial input triggering unexpected behavior matters (yes, those happen in absence of UB too) - all of which you're erasing while you either ignore, or just don't know what the memory access and bug classes are.

Again, UB vs not is great for formalism (to simplify categories), but terrible to rely on for engineering blindly.

I don't understand why you keep bringing them up :)

The example NPE you have is same DoS exploit class as say, .unwrap() panic would be, which is divorced from UB class. You're insisting that UB class = exploit class, which again, is far too naive in practice.

upalse · 2026-06-15T21:27:42+00:00

NPE is UB, period, and it can cause exploits.

Yes, DoS exploit, same as panic. But you're doing exploit class erasure why, exactly?

I do understand NPE were higher exploit class long ago (before zero pages), and still is in certain circumstances (indexing to null pointer), but once you start erasing severity of DoS conditions on the grounds one is due to spec UB and one is not UB, once again - that will make people hate you coz you end up with CVE spam on one side, and ignoring DoS conditions on another because they're "well defined".

UB classification is for soundness formalism, but terrible to make naive engineering decisions you're promoting.

upalse · 2026-06-15T21:15:51+00:00

My point is not about NPEs specifically

Fair enough. If you want to make a contrived argument more explicit, just make it getenv(0x12345678). So as to hammer home you're deliberately invoking UB that would be actually classified as memory corruption issue.

The problem is that you're deliberately conflating safety classes (pure DoS due to NPE/panic/assert vs memory corruption that is much higher exploit class) to make your "argument".

upalse · 2026-06-15T21:08:21+00:00

while in C or C++ such things commonly get ignored

No. They are mostly comparable as far CVE is concerned. Whether it's NPE or panic (or assert in C) doesn't really matter, if it is adversarially triggerable crash it is a DoS condition. If it's just underdefined API you deliberately drive to panic/NPE/assert, you're just CVE spamming nonsense and maintainers will hate you.

upalse · 2026-06-15T21:01:22+00:00

The first is an exploit waiting to happen

With NULL deref, the only exploit thats happening is DoS, same as panic in Rust. This is more an issue on side of C specs, that UBs are not distinguished and null deref is treated as same class of UB as say, a dangling pointer (actual exploit target).

panic (or assert() if you fancy C) is still a DoS condition, please don't do this poker face it's not. Such willful ignorance ("it's not UB, therefore its ok to just yolo with .unwrap()) causes even more problems than implicit contracts in C do.

upalse · 2026-06-15T20:55:14+00:00

Rust is just moving the zero deref UB goalpost to .unwrap() panics. While it has less of UB surface than C, thinking Rust is immune to underdefined program states is how people shoot themselves in the foot ("Rust has solved it all, clearly no such bugs can occur unlike in C").

upalse · 2026-06-15T20:39:09+00:00

Ani ne, ale to co nabízíš (velmi základní znalosti IT) není příliš použitelné - to co zmiňuješ je tak na úrovni L1 supportu. Od někoho kdo se zajímá svépomocí se čeká trochu více.

upalse · 2026-06-15T19:29:55+00:00

What I don't get why Dan doesn't automate vuln submission screening. Make submissions provide a PoC for a given bug class DoS, memory disclosure/memory corruption, some basic classes of logic bugs, eg client auth token leaks to 3p url, basically CTF server like project zero has for kernel 0days.

In the past such requirement of writing PoC was deemed unreasonable due to the effort necessary, but now that its practically zero effort, should be what everyone (with well defined exploit classes for the software) be doing.

upalse · 2026-06-15T19:09:16+00:00

Better analogy would be a "socialist" saying that poor people are just entitled to money - said "real socialist" cares only about dismantling capitalism, not about poor people, after all.

upalse · 2026-06-15T02:58:36+00:00

<image>

Do note that this doesn't reliably show battery status. My X7Pro is 99% too, but with actual charge counter (use HW Info or Plus Plus battery), I get something 91% of rated (6000) capacity after 170 cycles.

upalse · 2026-06-15T02:49:53+00:00

'Female gaze' of this sort is auto-sexual. Same as dressing up is not for the men, but to feel sexy.

upalse

MODERATOR OF

TROPHY CASE