Profile avatar
xenokovah.bsky.social
Interested in reverse engineering, firmware, bluetooth, trusted computing, and training. Founder of OpenSecurityTraining2 https://ost2.fyi
99 posts 238 followers 27 following
Prolific Poster
Conversation Starter
Posts 34 Comments 16

Espressif’s response: https://www.espressif.com/en/news/response_esp32_bluetooth

submitted 1 day ago • 1 comment

Good. Both Tarlogic and BleepingComputer have removed the term “backdoor” now. Blog post updated accordingly. Language matters, and FUD gets repeated by people who don’t know what they’re talking about and turns into justifications for company bans.

submitted 2 days ago • 0 comments

I’ve posted a detailed explanation of why the claimed ESP32 Bluetooth chip “backdoor” is not a backdoor. It’s just a poor security practice, which is found in other Bluetooth chips by vendors like Broadcom, Cypress, and Texas Instruments too. https://darkmentor.com/blog/esp32_non-backdoor/

submitted 2 days ago • 7 comments

BlackHoodie will be back at @ringzer0.bsky.social Bootcamp on March 21st with a training about Compiler Internals for Security Engineers, brought to you by.. me 😊 Registration is open, please tell your friends and hacker family, alternatively shares appreciated 😁 blackhoodie.re/Ringzer0_Boo...

submitted 7 days ago • 0 comments

A little fix on CPU clock detection and now go-boot runs on a Dell as well. Second entry in the Hardware Compatibility List: github.com/usbarmory/go...

submitted 8 days ago • 0 comments

I think other people should join me in encouraging Andrea to make a TamaGo class for OST2 :) We need more cool low level topics like this!

submitted 14 days ago • 0 comments

Google’s not dead yet…even the LLMs that google for things don’t actually *Google* for them…

submitted 15 days ago • 0 comments

Monday bump for the Monday crowd!

submitted 15 days ago • 0 comments

🥳Happy to say that you’re in good company, and we’ve exceeded 26k registered students at OST2! 🎉

submitted 15 days ago • 0 comments

See, I knew if I posted it I’d end up finding it ;) The answer appears to be that the names come from the section headings of the BT specs v1.0B-v1.1 (removed in v1.2). I just had never bothered to download earlier than v2.0 before (which I checked back to)

submitted 16 days ago • 0 comments

I’ve been trying to find a citation for this but haven’t been able to yet: does anyone know where the BT HCI transport layer protocol commonly-used short names like “H4” or “H5” originally came from? (They’re certainly not in the specs…)

submitted 16 days ago • 0 comments

Scenes from the #DistrictCon power outage (this generator apparently started working towards the end of closing ceremonies)

submitted 16 days ago • 1 comment

Super kudos to the @districtcon.bsky.social organizers, who are still managing to run the conference despite the power being out to the entire block!

submitted 17 days ago • 0 comments

@shmoocon.bsky.social is dead. Long live ShmooCon! But what’s past is prolog and I’m off to check the vibe at @districtcon.bsky.social today (and speak tomorrow) and see if it’s picking up the baton.

submitted 18 days ago • 1 comment

@veronicakovah.bsky.social and I have too much material for our 4-day BLE training at RingZer0. So I made a separate free workshop. If you’re in attendance you’ll get to go deep into BLE device identification and 2thprinting! https://ringzer0.training/bootstrap25-workshop-blue2thprinting/

submitted 18 days ago • 0 comments

Last bump for @veronicakovah.bsky.social and my “Bluetooth Low Energy: Full Stack Attack” training March 18th-21st in Austin TX at RingZer0! https://ringzer0.training/bootstrap25-bluetooth-low-energy-full-stack-attack/ These interactions between the BT host and controller is just 3 slides!

submitted 18 days ago • 0 comments

📢Call for beta testers!📢 The beta for "Fuzzing 1001: Introductory Fuzzing" will start ~ March 7th. It will take ~6 hours to complete. If you're interested in participating, please sign up below. https://forms.gle/fxCM9Y1CprUJgQi59

submitted 18 days ago • 0 comments

BlackHoodie will be back at @ringzer0.bsky.social Bootstrap conference in Austin, TX 🤠 On Friday March 21st I'll be teaching Compiler Internals for Security Engineers, a class for women by women, and it's free. Register here blackhoodie.re/Ringzer0_Boo...

submitted 20 days ago • 0 comments

I can now invoke EFI Boot Services and jump to Linux. The shell interface is 520 LOC, the EFI driver is 160 LOC. I cannot emphasize enough how productive, lean and efficient is bare metal Go to develop this. Next up Console I/O so that I can boot this on real hardware.

submitted 21 days ago • 1 comment

“Your branch is ahead of 'origin/master' by 288 commits.” 👀 Blue2thprinting v2.0.0 released! https://github.com/darkmentorllc/Blue2thprinting

submitted 22 days ago • 0 comments

I've made my "Architecture 1005: RISC-V 32-bit and 64-bit assembly" playlist public on YouTube for downloaders. But as always it's best experienced with the randomized assembly exercises in https://ost2.fyi/Arch1005 https://www.youtube.com/playlist?list=PLUFkSN0XLZ-ngGxCtYimQmjIMXUnufVUN

submitted 29 days ago • 0 comments

“Packets come from a can! They were put there by a man! In a factory downtown…” So…the song is about an AI who’s moving to the country to eat a lot of packets. But they’re still using human labor in factories to can their packets…so that’s nice I guess…

submitted 30 days ago • 0 comments

As I was coming home from BT sniffing I sang “Millions of packets! Packets for free!” And now for the past couple days I’ve had the Peaches song, with “peaches” replaced with “packets” stuck in my head… https://www.youtube.com/watch?v=3c2iL6kcK84

submitted 30 days ago • 0 comments

We’re looking for more classes on enterprise security. If you have an idea for a classs, let us know at [email protected]!

submitted 36 days ago • 0 comments

Videos from the new Introductory Fuzzing class are currently with the video editor. Stay tuned for a call for beta testers soon!

submitted 36 days ago • 0 comments

Is that image showing up as an animated gif for other folks? I tried from both the official and 3rd party app but it wasn’t animated for me…

submitted 43 days ago • 1 comment

“Bluetooth Low Energy - Full Stack Attack” by @veronicakovah.bsky.social and I will be offered at the upcoming RingZer0.training and Hardwear.io trainings in Austin TX and Santa Clara CA. The latest outline and links to both trainings are here: https://darkmentor.com/training/ble_full_stack_attack/

submitted 43 days ago • 0 comments

The CFP deadline for hardwear.io is coming up soon! I’m on the CFP review board and looking forward to seeing what new research folks have done! https://hardwear.io/usa-2025/cfp.php

submitted 43 days ago • 0 comments

*Request For Uncommon Data*: The following are Bluetooth AdvData types which I haven't found in my data collection. If you have Bluetooth pcaps or HCI logs, it'd be great if you can run the below tshark command over your folder(s) to see if you have seen instances of these data types in the wild. 👇

submitted 43 days ago • 1 comment

TIL that the somewhat-rare Bluetooth AdvData type 0x3D is for the 3D Synchronization Profile which is used for 3D displays to talk to 3D glasses. So apparently now I can detect 3D-capable TVs.

submitted 49 days ago • 0 comments

Crowdsourced data query quickstart: cd ~ git clone --branch BTIDES https://github.com/darkmentorllc/Blue2thprinting cd Blue2thprinting git checkout sharetag sudo ./setup_analysis_helper_debian-based.sh cd Analysis python3 TellMeEverything.py --query-BTIDALPOOL --use-test-db --company-regex "HP"

submitted 57 days ago • 1 comment

I’ve published BTIDES (BlueTooth Information Data Exchange Schema) to its own repository so that it can easily be incorporated as a git submodule in other research projects. I have started using this for crowdsourced BT info sharing. https://github.com/darkmentorllc/BTIDES_Schema

submitted 57 days ago • 0 comments

I’ve published CLUES (Custom Lightweight UUID Exchange Schema) and my current data about Bluetooth custom UUIDs to its own repository so that it can easily be incorporated as a git submodule in other research projects. https://github.com/darkmentorllc/CLUES_Schema

submitted 57 days ago • 0 comments

I don’t think I’m crazy when I say that it’ll be a *lot* easier to learn Bluetooth stuff from @veronicakovah.bsky.social and my #RingZer0 class (ringzer0.training/bootstrap25-...) than from the BT spec. Example piece of the breakdown in animated form vs. nigh-indecipherable picture from spec:

submitted 64 days ago • 1 comment