oh my. i feel like we might be in for some fireworks when usenix security 2023 starts

wrv.github.io/h26forge.pdf

tl;dr - h.264, the most ubiquitous video standard on the planet needs direct hardware support to be fast, which places untrusted input at a higher privilege level than pretty much anything

also, the specification for it is so big, and implemented independently by so many different vendors that simply by making a library to mess with it, new exploits basically flowed like water

Sign in to participate in the conversation
Awoo Space

Awoo.space is a Mastodon instance where members can rely on a team of moderators to help resolve conflict, and limits federation with other instances using a specific access list to minimize abuse.

While mature content is allowed here, we strongly believe in being able to choose to engage with content on your own terms, so please make sure to put mature and potentially sensitive content behind the CW feature with enough description that people know what it's about.

Before signing up, please read our community guidelines. While it's a very broad swath of topics it covers, please do your best! We believe that as long as you're putting forth genuine effort to limit harm you might cause – even if you haven't read the document – you'll be okay!