can anyone recall any interesting vulnerabilities in Windows applications that were due to mishandling of character encoding (UTF-16 vs. UTF-8 vs. ASCII, or codepage stuff depending on system locale) in file paths and/or unexpected case sensitivity in file paths? ones with good write-ups strongly preferred.

looking specifically for Windows, specifically character encoding related bugs, and specifically bugs in apps rather than bugs in the OS's own file path handling (e.g. WorstFit)

#infosec

Following up to myself do any #infosec people know who to complain at when someone files a CVE against a literal 20 year old unsupported version of software you maintain?

can anyone recall any interesting vulnerabilities in Windows applications that were due to mishandling of character encoding (UTF-16 vs. UTF-8 vs. ASCII, or codepage stuff depending on system locale) in file paths and/or unexpected case sensitivity in file paths? ones with good write-ups strongly preferred.

looking specifically for Windows, specifically character encoding related bugs, and specifically bugs in apps rather than bugs in the OS's own file path handling (e.g. WorstFit)

#infosec

Following up to myself do any #infosec people know who to complain at when someone files a CVE against a literal 20 year old unsupported version of software you maintain?

A vulnerability on a security chip present in over 100 Dell laptop models could allow attackers to steal sensitive data and monitor some computer activities.

https://mobilesyrup.com/2025/08/05/dell-fixed-security-chip-vulnerability-that-left-millions-open-to-attack/
- - -
Une vulnérabilité dans une puce de sécurité présente dans plus de 100 modèles d'ordinateurs portables Dell pourrait permettre aux attaquants de voler des données sensibles et de surveiller certaines activités informatiques.

// Article en anglais //

#Dell#InfoSec#InformationSecurity#Cybersécurité#IT#TI

A vulnerability on a security chip present in over 100 Dell laptop models could allow attackers to steal sensitive data and monitor some computer activities.

https://mobilesyrup.com/2025/08/05/dell-fixed-security-chip-vulnerability-that-left-millions-open-to-attack/
- - -
Une vulnérabilité dans une puce de sécurité présente dans plus de 100 modèles d'ordinateurs portables Dell pourrait permettre aux attaquants de voler des données sensibles et de surveiller certaines activités informatiques.

// Article en anglais //

#Dell#InfoSec#InformationSecurity#Cybersécurité#IT#TI

So…who hates those Google log-in pop-ups that are seemingly everywhere now? Wanna make them go away?

1. Get uBlock Origin (which you should have already been using):
https://ublockorigin.com/

2. Open the plugin and click the settings button.

3. Click on the “my filters” tab and paste this into the input:
||accounts.google.com/gsi/*$xhr,script,3p

That’s it! Worked flawlessly for me.

#Google#Privacy#Security#PopUps#InfoSec#BadGoogle

***infosec specialists are needed in the resistance ***

The world needs tech security specialists to run workshops at public libraries for all ages & abilities to remove spyware, AI, reduce surveillance, understand the issues, & for more advanced, move to Linux, degooglefy, etc.

Libraries will pay good wages for these workshops.
If you have these skills, please consider offering them.

#libraries #library #tech #infosec #privacy #security #activism #antifa #resistance