Issues » #162

#162 – January 25, 2023

How to Get New Ideas

The way to get new ideas is to notice anomalies: what seems strange, or missing, or broken?

Bitwarden design flaw: Server side iterations

Bitwarden is a hot candidate for a LastPass replacement. Looking into how they encrypt data, it doesn’t do things that much better however.

Pwning the all Google phone with a non-Google bug

It turns out that the first “all Google” phone includes a non-Google bug. Learn about the details of CVE-2022-38181, a vulnerability in the Arm Mali GPU. Join me on my journey through reporting the vulnerability to the Android security team, and the exploit that used this vulnerability to gain arbitrary kernel code execution and root on a Pixel 6 from an Android app.

Accelerating our A/B experiments with machine learning

Like many companies, Dropbox runs experiments that compare two product versions—A and B—against each other to understand what works best for our users. When a company generates revenue from selling advertisements, analyzing these A/B experiments can be done promptly; did a user click on an ad or not?

Apple 'Reality Pro' headset will toggle between AR/VR and serve as Mac display

Apple’s first AR/VR headset could be unveiled sometime this spring, and rumors continue to offer more information about what Apple has in the works. A wide-ranging new report from Bloomberg now offers a slew of details on Apple’s “Reality Pro” headset, including that the “eye- and hand-tracking capabilities will be a major selling point”.

newsletters

Join over 1,600 readers for a free daily email with fresh news, articles and tutorials.