11364
• Articles: @officercia • Blog: officercia.mirror.xyz • X: x.com/officer_cia
A small correction.
These steps simply stop people on your phone from removing the app (e.g. when you give it to a kid).
Ideally, the same feature should prevent Apple from removing the app from the device. I couldn't find any confirmation or refutation of this in the Apple’s documentation.
So I’m not sure if it will help…but that’s a good thing to do anyways.
• https://support.apple.com/en-us/105121
#telegram #security
France goes to war with Telegram, arrests Durov…
With a very special guest OfficerCIA
Watch Live on Youtube
💊 New Bug Bounty Alert 💊
dlcBTC - $20,000
dlcBTC is a safer wrapped Bitcoin utilizing Discreet Log Contracts (DLCs) to provide a theft-proof bridge to cross-chain DeFi. In contrast to other solutions, dlcBTC is self-custodied by merchants and decentralized with reserves always verifiable via Chainlink’s proof-of-reserves.
Learn more here and start hunting 🪲
officercia.medium.com/recovering-funds-with-hackedwalletrecovery-tool-92a9378da792?1
Читать полностью…
As you can see, I accidentally anticipated events and exposed myself a little sooner than I would have been exposed 😅
Although, my identity was no secret to my employers and oldest subscribers…
#offtopic
Btw I agree here. Better save your seed phrases somewhere else: https://x.com/buda_kyiv/status/1827460988511129650
#security #privacy #opsec
I think that Telegram will continue to exist one way or another (maybe we will have a couple of DDoS attacks), but in general - it is unlikely that its arrest will change anything globally. And the criminals will return to Jabber and Matrix. Sad but true.
#offtopic
One of our dear friends and colleagues has written a a research paper showcasing Glider's pattern matching capabilities and how it can help you detect Ethereum Mixers. So let's dive right in 👇
• x.com/elen__kay/status/1826964800821190985?1
#OSINT #security
officercia.mirror.xyz/z7UhL4a_R5L0iPiAufCx7OXC24-onnNg92RzcwPP1VQ
Читать полностью…
Дорогие друзья, обращаюсь к вам на родном мне языке. Я принял решение раскрыть свою личность и начать постепенный уход от никнейма «officercia» и так далее.
Мне хочется верить что я - это больше чем просто никнейм и что вы читаете меня не из-за этого никнейма (который получился таким совершенно случайно), а в первую очередь - из-за моих статей, моего контента и потому что вам это интересно.
Я сменил название своего твиттера, канала и блога. Как только я придумаю как лучше всего поменять тег никнейм (который пишется через @), я обязательно это сделаю - это касается и моего гитхаб аккаунта и так далее. Пока что, я сменю имя и сделаю аккаунт более публичным.
Много причин побудило меня сделать это, и личная безопасность - одна из самых основных. Я очень часто подвергался всевозможным проверкам, слежке и разного рода вниманию которого я точно не хотел получить и все это несмотря на свою выраженную нейтральность и в целом - пародийность аккаунта. Видимо, моя ошибка была думать, что это смешно. Это не смешно, это всего лишь пранк, вышедший из под контроля.
Надеюсь, что мой шаг будет воспринят вами хорошо и он ознаменует начало новой эры моего блога. Искренне ваш, Vladimir S., aka officercia.
• x.com/officer_cia/status/1826758130094547291
#offtopic
officercia.mirror.xyz/iErSmQtt575yXvcPJvPAVJHZ6WxgoDWVd72uMvQ_8Ho
Читать полностью…
Amazing initiative: https://x.com/xyz_remedy/status/1825510777593434165?s=46
#security #twitter
https://youtu.be/SmT2NbicLKw?si=7cDB_V42vHhuKkky
Читать полностью…
I do not plan to write new articles because whatever I do - there are those who try to kill this desire in me. Starting from those who falsely accused me of plagiarism and ending with those who accused me of some political idiotic things. I hope you are all happy, only Glider articles will be coming out from me.
And for all your questions about my nickname, I now have one answer - I self-define myself as a CIA agent and that's my gender. Imagine an amorphous tentacle, that's me.
I hope this post doesn't offend anyone at least this time.
#offtopic
Dear friends, the interview with me is officially published!
A few clarifications on the interview (it was taped a long time ago, so a few things need to be corrected):
• I only work with the @xyz_remedy team; the other specified teams, such as W3A, are no longer connected with me.
• The rest of what I said is completely true.
Please excuse my unprofessional language! Also, let me know if you liked it.
Link: https://youtu.be/SmT2NbicLKw?si=7cDB_V42vHhuKkky
There are rumors that Telegram may be forcibly removed from Apple devices (this is unlikely, but such fears have a place).
In order to protect yourself from this removal, you need to prohibit the removal of applications in the settings of your device (go to Settings -> Screen Time - > Content and Privacy Restrictions -> ITunes & AppStore Purchases -> Deleting Apps) and then as on the screenshot!
Please like and share!
• x.com/officer_cia/status/1828169853821145537?12
#security #telegram
Discussing Telegram with @leviathan_news ! Please join!
Link: https://app.restream.io/new-event-invitation/a3g1V21wTy30mIb9akyUrPJhMQzex4w/email
#security #telegram
Looks like a great addition to Glider, WDYT about it? 🤔
• x.com/xyz_remedy/status/1828049001934962984?1
#audit #security
Check out my articles about Telegram and its security limitations ⬇️
• Unveiling Messenger Weaknesses: Understanding How Hackers Can Infiltrate and Compromise Your Device
• Telegram Security Best Practices
#opsec #security #privacy
Please photoshop French police logo to the little hippo 😅
Читать полностью…
Save it before GitHub gets banned 😬
• https://github.com/OffcierCia/Crypto-OpSec-SelfGuard-RoadMap
#security #opsec
You can read the full paper here: https://cse.aua.am/files/2024/05/DetectingEthereumMixers.pdf
#research
🧢 gm whitehats 🧢
Continuing with our Glider Q&A Series, this week's question is: How does Glider work?
🎩 Glider at its heart is a code-analysis query engine. It allows developers/researchers to write Glides (queries written in Python).
Each Glide defines a specific set of instructions that the query engine must execute. These instructions specify what Solidity code Glider should look for.
Once a Glide is written, a Glide developer can then submit the query to Glider. Glider first validates that the query syntax is correct. If the syntax is correct, Glider then processes the query instructions and scans the entire Glider database for any Solidity code that matches the query’s specifications.
Once finished, Glider returns the Solidity code results back to the researcher/developer to review in a readable format.
Don't forget to join our Discord for more Glider Resources 💊
Wishing you all a nice weekend 🫡☀
Greetings, friends I've made the decision to come clean and gradually stop going by the moniker "officercia" and other like nicknames.
I would like to think that I am more than just a nickname and that the main reasons you read my articles and content are because you are interested in them rather than because of my nickname (which happened by accident). My blog, channel, and Х/Twitter have all changed names. I'll make sure to modify the nickname tag (with a «@») as soon as I figure out how to do so; the same goes for my github account and other accounts. I'll change my name and make the account more visible for the time being.
There are numerous factors that have inspired me to do this, the most basic of which being personal safety. I was frequently exposed to scrutiny, spying, and unwanted attention, despite my pronounced neutrality and overall mockery of the account.
Apparently, my error was thinking it was humorous. It is not funny. I hope my move is well accepted by you and marks the start of a new era for my blog. Sincerely yours, Vladimir S., also known as Officercia.
• x.com/officer_cia/status/1826758130094547291
#offtopic
Date: 2024-08-22
Bug bounty program was added to Remedy:
DLC Link
🧢 Do you submit a lot of bug reports, but only a few of them ever get escalated to the organization? Finding a valid bug does not always guarantee a bounty, as you still need to back up your findings by submitting high-quality reports.
So we asked Hexens.io's expert triage team to share valuable tips to help you submit better bug reports 👇
✍ A great bug report starts with a clear and concise bug description. Explain exactly what the bug is, provide context about its impact, and why it matters. It sets the stage for understanding the bug from the outset.
Example - LID-2
🖥 If the vector is complex, detail the attack step by step. Lay out each action clearly, enabling anyone to reproduce the issue. This approach shows the exact exploitation method, making assessing and addressing the risk easier.
Example - EIG 14
🛡A working Proof of Concept (PoC) is essential. Demonstrate the exploit in action using videos, screenshots, or live links (for Web2) and an executable code file for Web3. This validates the bug’s impact and shows it’s not just theoretical but a real-world threat.
Example - MAN1-17
🧩 Add references and links to related CVEs, docs, or external sources. These resources bolster your report’s credibility, offering additional context and helping to compare the issue with known vulnerabilities.
🎯 Use clear and concise language. Avoid jargon and keep your report straightforward. The goal is to communicate effectively with both technical and non-technical team members, ensuring everyone understands the bug and its risks.
🧢 And finally, if the triage team suggests an improvement, or requires more information to properly triage your submission - please make sure you provide all of the necessary info. The team does their best to help you succeed but they cannot do it without your collaboration.
Now get hunting 🪲 There’s a valid bug report waiting to be submitted 💊
Sad but true: x.com/xyz_remedy/status/1824023229683429490?1
#offtopic #audit #bugbounty
🧢 GM whitehats👋
We are starting a Q&A series, where we’ll be addressing your most burning questions regarding Glider - everything from technical to non-technical. This series will be especially useful if you're new here and want to learn more about Glider from 0.
Today, let’s start with the basics: What is Glider IDE?
Glider IDE is a revolutionary research tool that allows developers and researchers to query contracts at scale. Glider allows researchers to query EVM-chain deployed Solidity code for common vulnerabilities, code patterns, and compliance verification to just name a few. Glider IDE provides users several key features that include an embedded editor to write Glides, the ability to run Glides against EVM chains, and view Glider documentation. It is a one-stop shop for researchers interested in finding bugs, collecting statistical data, and developing queries to build implementation standards.
If you have questions you'd like us to address in this series then drop them in the comments or ask them in our Discord
Stay tuned for the next post in the series 👀
officercia.medium.com/they-threatened-to-freeze-me-alive-the-dark-side-of-the-cryonics-an-interview-1dc52d8ebf60
Читать полностью…
🧢 GM whitehats👋
We are starting a Q&A series, where we’ll be addressing your most burning questions regarding Glider - everything from technical to non-technical. This series will be especially useful if you're new here and want to learn more about Glider from 0.
Today, let’s start with the basics: What is Glider IDE?
Glider IDE is a revolutionary research tool that allows developers and researchers to query contracts at scale. Glider allows researchers to query EVM-chain deployed Solidity code for common vulnerabilities, code patterns, and compliance verification to just name a few. Glider IDE provides users several key features that include an embedded editor to write Glides, the ability to run Glides against EVM chains, and view Glider documentation. It is a one-stop shop for researchers interested in finding bugs, collecting statistical data, and developing queries to build implementation standards.
If you have questions you'd like us to address in this series then drop them in the comments or ask them in our Discord
Stay tuned for the next post in the series 👀