The next step after encrypted DNS: anonymized DNS. I’m thrilled to announce the first generally available implementations of the Anonymized DNScrypt protocol. - Say no to centralization. We need DNS relays all over the world.
Don’t panic, folks. This is very good work, especially given the low memory complexity of this attack. But there are 33 steps left. Your bitcoins are safe.
Number of times a chatbot actually solved my problem: 0. Number of times an annoying chatbot popup I never asked for made me want to leave the website right away: every single time.
Downfall can steal AES encryption keys from OpenSSL. Not by exploiting side channels in an unprotected software implementation. It also works on implementations leveraging hardware-protected AES-NI opcodes. And on most SIMD implementations of most ciphers. This is really bad.
Downfall - Successor to previous data leaking vulnerabilities in CPUs including Meltdown and Fallout. Downfall defeats all previous mitigations once again.
Sloth is a Mac application that displays all open files and sockets in use by all running applications on your system. This makes it easy to inspect which apps are using which files and sockets.
Microsoft Checked C: an extension to C that adds static and dynamic checking to detect or prevent common programming errors such as buffer overruns, out-of-bounds memory accesses, and incorrect type casts.
Crap. My daughter managed to decrypt the note I gave her for xmas. Now I’m screwed, I have to follow through. She also mentioned that I partially reused a previous key. Go to hell.
Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community.
Quelqu’un d’intéressé pour prendre ma fille en stage de Juin à Septembre sur Paris ? (Elle s’apprête à signer pour faire du Java dans une SSII, vous comprendrez l’urgence de mon message…)
Sorry if my OSS contributions haven't been very high recently. My personal life took an unexpected turn; In a couple months, I lost a lot, including my dignity.
OpenBSD’s cron(8) daemon can now randomize values, and prevent multiple jobs from running concurrently. Small, but super useful additions that all cron implementations should have had forever.
@LHodlemort
Wouldn’t help in that case. Collision resistance of a composition degrades to the one of the weakest function (it’s even slightly worse). Double SHA2 only protects against length extension attacks.
WireHub is a simple, small, peer-to-peer, decentralized, extensible VPN. It uses WireGuard tunnels and provides distributed peer discovery & routing capabilities, NAT traversal, flexible name resolution, and more.
RT
@aboundlabs
: Progress update on our capture app. Still a little glitchy and has plenty to fix (e.g. loop closure, floating fragments) but it's coming together.
Downfall - Successor to previous data leaking vulnerabilities in CPUs including Meltdown and Fallout. Downfall defeats all previous mitigations once again.
RT
@0x6d696368
: It still works! Setting the number of partition entries in the GPT to 0 (zero) of a USB stick crashes Windows 7 32-bit with a division by zero just by inserting the USB stick.
Happy to say that things are now back to normal. It was a good life lesson, and an opportunity to start over. I now have a new soulmate, a stable address/place to sleep, and internet connectivity 😄 So, time to write a lot of code again!