ActivityPub Viewer

A small tool to view real-world ActivityPub objects as JSON! Enter a URL or username from Mastodon or a similar service below, and we'll send a request with the right Accept header to the server to view the underlying object.

Open in browser →
{ "@context": [ "https://www.w3.org/ns/activitystreams", { "ostatus": "http://ostatus.org#", "atomUri": "ostatus:atomUri", "inReplyToAtomUri": "ostatus:inReplyToAtomUri", "conversation": "ostatus:conversation", "sensitive": "as:sensitive", "toot": "http://joinmastodon.org/ns#", "votersCount": "toot:votersCount", "Hashtag": "as:Hashtag" } ], "id": "https://abpe.org/users/gslin/statuses/114112290161659660", "type": "Note", "summary": null, "inReplyTo": null, "published": "2025-03-05T22:56:05Z", "url": "https://abpe.org/@gslin/114112290161659660", "attributedTo": "https://abpe.org/users/gslin", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://abpe.org/users/gslin/followers" ], "sensitive": false, "atomUri": "https://abpe.org/users/gslin/statuses/114112290161659660", "inReplyToAtomUri": null, "conversation": "tag:abpe.org,2025-03-05:objectId=203119:objectType=Conversation", "content": "<p>AMD CPU microcode 的簽名漏洞 在 Lobsters 上看到 Google 對上個月 AMD CPU 的 microcode 耕更新漏洞的分析:「Zen and the Art of Microcode Hacking」,看完後發現原來是自己設計出來的簽名驗證導致的... CPU 透過修正 microcode 修正問題算是行之有年的方法,可以在開機後讀進來改變本來設計的行為,也因為這個動作很危險,通常會加上數位簽名的方式確保只有原廠可以改。 AMD 在這邊的設計是用了 RSA 2048 bit 簽名保護,但把整把 RSA public key 放進去驗證會吃太多電晶體,所以這邊只存了 128-bit value 以節省電晶體空間,這邊本來以為是用 MD5 被撞,或是用… <a href=\"https://blog.gslin.org/archives/2025/03/06/12295/amd-cpu-microcode-%e7%9a%84%e7%b0%bd%e5%90%8d%e6%bc%8f%e6%b4%9e/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"ellipsis\">blog.gslin.org/archives/2025/0</span><span class=\"invisible\">3/06/12295/amd-cpu-microcode-%e7%9a%84%e7%b0%bd%e5%90%8d%e6%bc%8f%e6%b4%9e/</span></a> <a href=\"https://abpe.org/tags/algorithm\" class=\"mention hashtag\" rel=\"tag\">#<span>algorithm</span></a> <a href=\"https://abpe.org/tags/amd\" class=\"mention hashtag\" rel=\"tag\">#<span>amd</span></a> <a href=\"https://abpe.org/tags/cmac\" class=\"mention hashtag\" rel=\"tag\">#<span>cmac</span></a> <a href=\"https://abpe.org/tags/cpu\" class=\"mention hashtag\" rel=\"tag\">#<span>cpu</span></a> <a href=\"https://abpe.org/tags/hardware\" class=\"mention hashtag\" rel=\"tag\">#<span>hardware</span></a> <a href=\"https://abpe.org/tags/key\" class=\"mention hashtag\" rel=\"tag\">#<span>key</span></a> <a href=\"https://abpe.org/tags/microcode\" class=\"mention hashtag\" rel=\"tag\">#<span>microcode</span></a> <a href=\"https://abpe.org/tags/number\" class=\"mention hashtag\" rel=\"tag\">#<span>number</span></a> <a href=\"https://abpe.org/tags/random\" class=\"mention hashtag\" rel=\"tag\">#<span>random</span></a> <a href=\"https://abpe.org/tags/rsa\" class=\"mention hashtag\" rel=\"tag\">#<span>rsa</span></a> <a href=\"https://abpe.org/tags/security\" class=\"mention hashtag\" rel=\"tag\">#<span>security</span></a> <a href=\"https://abpe.org/tags/vulnerability\" class=\"mention hashtag\" rel=\"tag\">#<span>vulnerability</span></a></p>", "contentMap": { "zh": "<p>AMD CPU microcode 的簽名漏洞 在 Lobsters 上看到 Google 對上個月 AMD CPU 的 microcode 耕更新漏洞的分析:「Zen and the Art of Microcode Hacking」,看完後發現原來是自己設計出來的簽名驗證導致的... CPU 透過修正 microcode 修正問題算是行之有年的方法,可以在開機後讀進來改變本來設計的行為,也因為這個動作很危險,通常會加上數位簽名的方式確保只有原廠可以改。 AMD 在這邊的設計是用了 RSA 2048 bit 簽名保護,但把整把 RSA public key 放進去驗證會吃太多電晶體,所以這邊只存了 128-bit value 以節省電晶體空間,這邊本來以為是用 MD5 被撞,或是用… <a href=\"https://blog.gslin.org/archives/2025/03/06/12295/amd-cpu-microcode-%e7%9a%84%e7%b0%bd%e5%90%8d%e6%bc%8f%e6%b4%9e/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" translate=\"no\"><span class=\"invisible\">https://</span><span class=\"ellipsis\">blog.gslin.org/archives/2025/0</span><span class=\"invisible\">3/06/12295/amd-cpu-microcode-%e7%9a%84%e7%b0%bd%e5%90%8d%e6%bc%8f%e6%b4%9e/</span></a> <a href=\"https://abpe.org/tags/algorithm\" class=\"mention hashtag\" rel=\"tag\">#<span>algorithm</span></a> <a href=\"https://abpe.org/tags/amd\" class=\"mention hashtag\" rel=\"tag\">#<span>amd</span></a> <a href=\"https://abpe.org/tags/cmac\" class=\"mention hashtag\" rel=\"tag\">#<span>cmac</span></a> <a href=\"https://abpe.org/tags/cpu\" class=\"mention hashtag\" rel=\"tag\">#<span>cpu</span></a> <a href=\"https://abpe.org/tags/hardware\" class=\"mention hashtag\" rel=\"tag\">#<span>hardware</span></a> <a href=\"https://abpe.org/tags/key\" class=\"mention hashtag\" rel=\"tag\">#<span>key</span></a> <a href=\"https://abpe.org/tags/microcode\" class=\"mention hashtag\" rel=\"tag\">#<span>microcode</span></a> <a href=\"https://abpe.org/tags/number\" class=\"mention hashtag\" rel=\"tag\">#<span>number</span></a> <a href=\"https://abpe.org/tags/random\" class=\"mention hashtag\" rel=\"tag\">#<span>random</span></a> <a href=\"https://abpe.org/tags/rsa\" class=\"mention hashtag\" rel=\"tag\">#<span>rsa</span></a> <a href=\"https://abpe.org/tags/security\" class=\"mention hashtag\" rel=\"tag\">#<span>security</span></a> <a href=\"https://abpe.org/tags/vulnerability\" class=\"mention hashtag\" rel=\"tag\">#<span>vulnerability</span></a></p>" }, "attachment": [], "tag": [ { "type": "Hashtag", "href": "https://abpe.org/tags/algorithm", "name": "#algorithm" }, { "type": "Hashtag", "href": "https://abpe.org/tags/amd", "name": "#amd" }, { "type": "Hashtag", "href": "https://abpe.org/tags/cmac", "name": "#cmac" }, { "type": "Hashtag", "href": "https://abpe.org/tags/cpu", "name": "#cpu" }, { "type": "Hashtag", "href": "https://abpe.org/tags/hardware", "name": "#hardware" }, { "type": "Hashtag", "href": "https://abpe.org/tags/key", "name": "#key" }, { "type": "Hashtag", "href": "https://abpe.org/tags/microcode", "name": "#microcode" }, { "type": "Hashtag", "href": "https://abpe.org/tags/number", "name": "#number" }, { "type": "Hashtag", "href": "https://abpe.org/tags/random", "name": "#random" }, { "type": "Hashtag", "href": "https://abpe.org/tags/rsa", "name": "#rsa" }, { "type": "Hashtag", "href": "https://abpe.org/tags/security", "name": "#security" }, { "type": "Hashtag", "href": "https://abpe.org/tags/vulnerability", "name": "#vulnerability" } ], "replies": { "id": "https://abpe.org/users/gslin/statuses/114112290161659660/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://abpe.org/users/gslin/statuses/114112290161659660/replies?only_other_accounts=true&page=true", "partOf": "https://abpe.org/users/gslin/statuses/114112290161659660/replies", "items": [] } }, "likes": { "id": "https://abpe.org/users/gslin/statuses/114112290161659660/likes", "type": "Collection", "totalItems": 0 }, "shares": { "id": "https://abpe.org/users/gslin/statuses/114112290161659660/shares", "type": "Collection", "totalItems": 0 } }