frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

MSI Center – How to gain SYSTEM privileges in seconds

https://mrbruh.com/msicenter/
24•MrBruh•1h ago

Comments

huflungdung•1h ago
You have physical access to the machine. Dump its bios and inject this https://download.microsoft.com/download/8/a/2/8a2fb72d-9b96-...

Shrug.emoji

Klathmon•54m ago
Is there any valid reason to still be using 3DES in 2026?

It was formally deprecated in 2018 and has been surpassed in just about every single way by AES long before that.

At this point I feel like it's use is such a huge red flag

nzeid•46m ago
> After this minor hiccup, the experience with MSI was actually quite pleasant. They prepared a patch for the vulnerability within two days of me reporting it and told me which MSI Center release it was to be bundled with, and when they planned to release the new version.

Was NOT expecting a happy ending.

I don't know if the part of MSI Center with the pipe vulnerability is automatically installed on desktops but this is the terribly written software that you need to turn off all the obnoxious lights on your MB and DRAM.

edoceo•26m ago
I love those lights. Got a case with clear sides so it's blasting rainbows at my wall all the time.
matheusmoreira•11m ago
> this is the terribly written software that you need to turn off all the obnoxious lights on your MB and DRAM

You should reverse engineer it and write a free software replacement!

I did this for my Clevo laptop's keyboard LEDs:

https://github.com/matheusmoreira/ite-829x

Still one of my most satisfying projects and I use it to this day. These manufacturer apps are so bad. Clevo control center would take over a minute to display a window on screen, it was so aggravating. My replacement program works instantly and is scriptable.

The LED control was implemented over USB. Reversed it by capturing packets with wireshark and replaying them using libusb. MSI probably used ACPI/WMI for this which is much more annoying to work with. I gave up on reversing my laptop's ACPI/WMI features years ago but now that I've got AI I'm trying again, it's been a huge help.

drdexebtjl•28m ago
I wish the author went into a bit more detail about how MSI fixed it, as is usual in write ups like this.

It left me thinking maybe the patch introduced a different vulnerability that’s still under an embargo :)

KennyBlanken•13m ago
More likely MSI just being MSI. They're infamous for being far more concerned about image than most vendors so don't expect much info.

Giant trees have no trouble pumping water to top branches

https://news.exeter.ac.uk/faculty-of-environment-science-and-economy/giant-trees-have-no-trouble-...
93•hhs•3h ago•42 comments

Leanstral 1.5: Proof Abundance for All

https://mistral.ai/news/leanstral-1-5/
90•programLyrique•3h ago•23 comments

MSI Center – How to gain SYSTEM privileges in seconds

https://mrbruh.com/msicenter/
24•MrBruh•1h ago•7 comments

GLM5.2 on AMD MI355X at 2626 tok/s/node at over 2x lower cost than Blackwell

https://www.wafer.ai/blog/glm52-amd
94•latchkey•4h ago•25 comments

Steam Controller Auto-Charge – pilot to magnetic charging puck using CV

https://github.com/FossPrime/Steam-Controller-Auto-Charge
71•zdw•3h ago•11 comments

SearXNG: A free internet metasearch engine

https://github.com/searxng/searxng
135•theanonymousone•6h ago•41 comments

The circuit that lets your brain think and see

https://www.engineering.columbia.edu/about/news/circuit-lets-your-brain-think-and-see
39•hhs•3h ago•6 comments

Jamesob's guide to running SOTA LLMs locally

https://github.com/jamesob/local-llm
278•livestyle•11h ago•126 comments

CueBench for Developers is live: score how well you drive coding agents

https://app.cuebench.dev
5•DillonMehta•45m ago•1 comments

Amsterdam invented the fire department

https://worksinprogress.co/issue/how-amsterdam-invented-the-fire-department/
39•zdw•3h ago•11 comments

Applied Category Theory Course (2018)

https://math.ucr.edu/home/baez/act_course/index.html
58•measurablefunc•5h ago•7 comments

New serious vulnerabilities spiked around release of Claude Mythos Preview

https://epoch.ai/data-insights/cve-severity-spike
48•cubefox•4h ago•8 comments

Espionage Against the European Parliament

https://citizenlab.ca/research/member-of-committee-investigating-spyware-hacked-with-pegasus/
276•ledoge•5h ago•67 comments

Costco is the anti-Amazon

https://phenomenalworld.org/analysis/the-anti-amazon/
316•bookofjoe•11h ago•285 comments

Scientists discover guidance system for migratory songbirds

https://news.exeter.ac.uk/faculty-of-environment-science-and-economy/scientists-discover-guidance...
12•bit_economist•2h ago•2 comments

Dispersion loss counteracts embedding condensation in small language models

https://chenliu-1996.github.io/projects/LM-Dispersion/
21•E-Reverance•3h ago•5 comments

Infracost (YC W21) Is Hiring a Marketing Lead to Shift FinOps Left

https://www.ycombinator.com/companies/infracost/jobs/YTJcFwr-marketing-lead
1•akh•5h ago

We put a Redis server inside our runtime

https://encore.dev/blog/redis-runtime
22•eandre•2d ago•7 comments

Factories are just rooms

https://interconnected.org/home/2026/07/03/factories
198•arbesman•11h ago•77 comments

International chess federation sanctions Kramnik

https://www.fide.com/fide-ethics-disciplinary-commission-issues-a-decision-in-case-involving-gm-v...
127•DarkContinent•9h ago•66 comments

Software, from First Principles

https://fazamhd.com/mental-models/software/
39•faza•4h ago•8 comments

Africans Are Turning to Starlink

https://www.economist.com/middle-east-and-africa/2026/07/02/africans-are-turning-to-starlink
109•bookofjoe•5h ago•113 comments

Show HN: A statically typed, cross-platform, easily bootstrappable build system

https://github.com/rochus-keller/BUSY/
3•Rochus•3d ago•0 comments

Notes from Building Tinkerfont

https://mighil.com/notes-from-building-tinkerfont
11•surprisetalk•2d ago•0 comments

Hunting a 16-year-old SQLite WAL bug with TLA+

https://ubuntu.com/blog/hunting-a-16-year-old-sqlite-bug-with-tla-is-dqlite-affected
171•peterparker204•3d ago•14 comments

FreeBSD ate my RAM

https://crocidb.com/post/freebsd-ate-my-ram/
88•theanonymousone•7h ago•38 comments

You can get Unicode working on DOS

https://twitter.com/i/status/2071469740141224272
11•vkaku•2d ago•3 comments

Wordgard: In-browser rich-text editor from the creator of ProseMirror

https://wordgard.net/
266•indy•17h ago•90 comments

GitFut – Your GitHub stats turned into a World-Cup-style player card

https://gitfut.com
20•redbell•3h ago•9 comments

PostgreSQL and the OOM killer: Why we use strict memory overcommit

https://www.ubicloud.com/blog/postgresql-and-the-oom-killer-why-we-use-strict-memory-overcommit
158•furkansahin•13h ago•86 comments