US Defense Secretary Pete Hegseth made comments about “stupid rules of engagement” on Monday, suggesting they may interfere with “fight[ing] to win” in Iran. www.hrw.org/news/2026/03...
02.03.2026 22:57 — 👍 53 🔁 24 💬 6 📌 5US Defense Secretary Pete Hegseth made comments about “stupid rules of engagement” on Monday, suggesting they may interfere with “fight[ing] to win” in Iran. www.hrw.org/news/2026/03...
02.03.2026 22:57 — 👍 53 🔁 24 💬 6 📌 5
In addition to the many things I didn't like about the Natural History Museum in London, one thing I especially disliked is a huge wall given to showing *constellations* (or, as I prefer to think of them, "old-school hallucinations"). Let's have some actual science, people.
02.03.2026 23:09 — 👍 6 🔁 1 💬 2 📌 0
Google with AI buttons
Google without AI buttons
I made a filterlist for uBlock Origin to remove Generative AI features on websites. Includes blocks for
* Google AI Summaries
* YouTube Ask button & chat summaries
* GitHub Copilot
* Facebook AI chat
* X's Grok buttons
* Deviantart DreamUp
* Booru AI images
* And more
github.com/Stevoisiak/S...
Do you love free speech, right to repair, and open source tech? If so, you should become a member of EFF today! eff.org/join
24.02.2026 18:01 — 👍 65 🔁 24 💬 0 📌 0
So-called 'nudify' apps. Smart glasses that secretly record video. An explosion in sexualised deepfakes.
Tech has turned against women, and it's time to regulate it properly, says author and gender equality campaigner Laura Bates.
Read more: ft.trib.al/Z3gd5bP
GDB will now have a save history command to save the command history to a file whenever you want.
This is cool as I usually need to manually copy-paste commands anyway because GDB tends to crash during my debugging sessions.
Hacktivists tried to find a workaround to Discord’s age-verification software, Persona. Instead, they found its frontend exposed to the open internet, and that was just the beginning.
www.therage.co/persona-age-...
“Based on these ethnographic findings, we initiate the cryptographic study of at-compromise security”
martinralbrecht.wordpress.com/2026/02/17/b...
Read our paper: eprint.iacr.org/2026/227 and blogpost: brave.com/blog/zklogin/
13.02.2026 17:12 — 👍 3 🔁 0 💬 0 📌 0This is not a failure of zero-knowledge proofs. It is a systems security failure caused by composition: ill-defined semantics, missing binding guarantees, exposed long-lived credentials, unjustified frontend trust assumptions, and opaque trust centralization.
13.02.2026 17:12 — 👍 1 🔁 0 💬 1 📌 05. Allows for centralization and privacy regressions: JWTs, often containing sensitive identity attributes, are forwarded to third-party services outside the original OIDC consent relationship, with no explicit user awareness or control.
13.02.2026 17:11 — 👍 0 🔁 0 💬 1 📌 04. Incorrectly trusts the frontend: zkLogin explicitly assumes that the frontend application is trusted and security-irrelevant, arguing that public frontend implies sufficient scrutiny. This assumption does not hold in real-world browser threat models.
13.02.2026 17:11 — 👍 0 🔁 0 💬 1 📌 03. Exposes long-lived credentials as static, long-lived bearer credentials exposed directly to browser environments. These credentials are commonly: stored in browser-accessible storage (e.g., localStorage), transmitted directly from frontend JavaScript and reused indefinitely.
13.02.2026 17:10 — 👍 0 🔁 0 💬 1 📌 01. Accepts malformed JWTs (with shadowed claims, invalid JSON): a single signed JWT can admit multiple conflicting interpretations (claim shadowing via duplicate keys, parser differentials across components, non-canonical encodings with ambiguous semantics).
13.02.2026 17:10 — 👍 0 🔁 0 💬 1 📌 0
At first glance, this seems to provide strong privacy and security guarantees.
But, what we found is that the story is not complete, as zkLogin:
What is zkLogin?
zkLogin allows users to authorize blockchain transactions using a ZKP of possession of a signed OpenID Connect (OIDC) JSON Web Token (JWT) via a ZKP over the signed JWT.
Paper: eprint.iacr.org/2026/227
Blogpost: brave.com/blog/zklogin/
Joint work with Hamed Haddadi and Kyle Den Hartog (3/n)
In our work, we show why this narrative can be incomplete: we analyze *zkLogin*, a widely deployed zero-knowledge authorization system, and demonstrate that its security does not only reduce to the security of the ZKP. Instead, it depends on assumptions.
13.02.2026 17:08 — 👍 0 🔁 0 💬 1 📌 0ZKPs are ipromoted as foundation for privacy-preserving authentication. Recent proposals, particularly in blockchain wallets, identity frameworks, and verifiable credential systems, suggest that ZKPs allow users to prove possession of externally issued credentials without revealing them (2/n)
13.02.2026 17:07 — 👍 0 🔁 0 💬 1 📌 0When Zero-Knowledge Proofs Are Not Enough: Lessons from a Real-World Zero-Knowledge Authorization System, a.k.a Analysis and Vulnerabilities in zkLogin (eprint.iacr.org/2026/227) (1/n)
13.02.2026 17:06 — 👍 7 🔁 4 💬 1 📌 0
@opentechfund.bsky.social is accepting applications to join our Security Lab until March 16, 2026.
Learn more:
buff.ly/lzCjWZu
The general counsel uploaded a picture on Linkedin showing the web panel of Paragon's spyware.
The panel shows a phone number in Czechia, Apps, Accounts, media on the phone, the interception status and numbers extracted from social media applications.
À l’occasion de la journée #FemmesEnScience, découvrez ces femmes qui façonnent les sciences informatiques ! #IA, optimisation et fonctions supports, elles innovent et repoussent les frontières du #numérique.
➡️ www.ins2i.cnrs.fr/fr/cnrsinfo/...
Benito carrying a football with musicians carrying flags behind him
Iconic moment as he says "God Bless América" and then names every country in South, Central, and North america in order
For the rest of the hemisphere, América doesn't mean the U.S.
It means evveeerrybody
09.02.2026 12:35 —
👍 2
🔁 0
💬 0
📌 0
Our lawsuit is fighting to ensure that critical research, including on Alzheimer’s disease, HIV prevention, LGBTQ+ health, and sexual violence can continue.
Research must be guided by science, not politics.
Amnesty International: Iran “carried out massacres of protesters, primarily on 8 and 9 January, when the death toll rose into thousands. January 2026 marks the deadliest period of repression by the Iranian authorities in decades of Amnesty’s research.” www.amnesty.org/en/latest/ca...
01.02.2026 13:08 — 👍 415 🔁 143 💬 8 📌 4
Apropos of nothing, here's a piece on Reform's plans for a British ICE: shado-mag.com/articles/opi...
Here's the policy document: web.archive.org/web/20260127...
Here's a piece on the Labour Government's practice of emulating the US' celebration of brutality: www.theguardian.com/politics/202...
The Open Web means several things to different people, depending on context, but recently discussions have focused on the Web's Openness in terms of access to information -- how easy it is to publish and obtain information without barriers there. https://www.mnot.net/blog/2026/01/20/open_web
20.01.2026 06:34 — 👍 24 🔁 12 💬 0 📌 0