Fredrik Dahlgren

That’s a great idea! Please open an issue on the repo so it doesn’t get lost. 🙂

Buttercup is now open-source! Now that DARPA’s AI Cyber Challenge (AIxCC) has officially ended, we can finally make Buttercup, our CRS (Cyber Reasoning System), open source!

We’re open sourcing our AI reasoning system Buttercup, which placed second in DARPAs AI Cyber Challenge! It runs on your laptop and works with any OSS-fuzz/ClusterFuzz compatible project.

blog.trailofbits.com/2025/08/08/b...

Trail of Bits won second place in DARPAs AI Cyber Challenge (AIxCC) at DEFCON! 🙌

Congratulations to all of the competing teams. Amazing work!

aicyberchallenge.com

Ordered and looking forward to reading this!

A request for ChatGPT to draw an ASCII art image of a fierce dragon, followed by an image of a happy little blob with snail-like pony tails.

Are we AGI yet?

No matter your interpretation of the categorical imperative, we can’t have a functioning society if lying isn’t penalized.

Exclusive: Google is indexing ChatGPT conversations, potentially exposing sensitive user data Thousands of shared ChatGPT chats are now appearing in Google search results.

Well this is bad. Google is indexing ChatGPT conversations exposing sensitive user data

I tried a few quick searches. I found someone's chat where I can see their api key

I found some building their resume. Their name, email and phone numbers are exposed.

www.fastcompany.com/91376687/goo...

YouTube video by The Tom Lehrer Wisdom Channel Tom Lehrer - Wernher von Braun

As we lost the great Tom Lehrer today, can every technologist please have (another) listen to youtu.be/QEJ9HrZq7Ro?... "Once the rockets are up / who cares where they come down? / that's not my department / says Wernher von Braun"

A list of topics from the Microsoft Ignite program. *Every* topic mentions Copilot, AI, or intelligent agents in some way.

I wonder if we’ll hear anything about AI at Microsoft Ignite this year..? 🤔

Building secure messaging is hard: A nuanced take on the Bitchat security debate The release of Bitchat last week was met with a mixture of glowing praise and sharp criticism. Both extremes bear some truth, but they also miss the mark and reveal gaps in how we discuss security in ...

Sometimes it is easy to forget that all of the mature E2EE systems we have today started out as small proof-of-concepts full of compromises, shortcuts, and we’ll-deal-with-that-later’s.

blog.trailofbits.com/2025/07/18/b...

The FIPS 140-3 Go Cryptographic Module Go now has a built-in, native FIPS 140-3 compliant mode.

We announced the new native Go FIPS 140-3 mode today!

FIPS 140, like it or not, is often a requirement, and I was increasingly sad about large deployments replacing the Go crypto packages with non-memory safe cgo bindings.

Go is now one of the easiest and most secure ways to build under FIPS 140.

Swedish Prime Minister Pulls AI Campaign Tool After It Was Used to Ask Hitler for Support Sweden's Moderate party allowed users to make the PM hold a sign bearing any name they wanted. You know what happened next.

Swedish Prime Minister Pulls AI Campaign Tool After It Was Used to Ask Hitler for Support

🔗 www.404media.co/swedish-prim...

Spain awards Huawei contracts to manage intelligence agency wiretaps Huawei will manage and store judicially authorized wiretaps in Spain, under a contract that bucks the trend of Western governments restricting use of the Chinese tech company's products and services.

Wow. Spain is putting salt typhoon out of business. They are just going to hand it all to them: Huawei contracted to manage their wiretaps….

therecord.media/spain-awards...

We ran a randomized controlled trial to see how much AI coding tools speed up experienced open-source developers.

The results surprised us: Developers thought they were 20% faster with AI tools, but they were actually 19% slower when they had access to AI than when they didn't.

Swedish security police have unintentionally leaked the locations of the Swedish prime minister and the Swedish monarch by using the fitness app Strava while on assignments.

Those who cannot learn from history are doomed to repeat it. 🙄

www.bbc.com/news/technol...

Commission presents Roadmap for effective and lawful access to data for law enforcement The European Commission presented today a Roadmap setting out the way forward to ensure law enforcement authorities in the EU have effective and lawful access to data.

Well, this horrible idea refuses to die so we should refuse to let it pass and start organizing again.

ec.europa.eu/commission/p...

Denmark pushes to suspend Hungary’s EU voting rights Danish European Affairs Minister Marie Bjerre says Copenhagen will ramp up Article 7 proceedings against Budapest.

Sounds like Denmark is going to make life quite uncomfortable for Orban 😁

About time to really show him his place and get Ukraine’s EU accession process moving.

A small animal, dancing in the dark holding a cane.

CodeQL now supports Rust!

github.blog/changelog/20...

The Trail of Bits cryptography team will be in Cannes for EthCC this week. Hit us up if you want to hang out and talk about ZK, MPC, FHE, E2EE or your favorite acronym of choice!

Never heard about mise before. I need to try this on a real project!

Release Notes - zizmor Abbreviated change notes about each zizmor release.

zizmor v1.10.0 is released!

this is a *huge* new release: it exposes a new (experimental) auto-fix mode, more precise subspanning for fixtures, as well as a brand new pedantic audit (anonymous-definition)

read the full notes here: docs.zizmor.sh/release-note...

NATO’s “Brain Death” in The Hague At the 2025 NATO Summit, allies pledged to raise defense spending to 5 percent of GDP. But spending targets alone ignore deeper issues. Europe must shift its focus to building capable, integrated mili...

My take on the NATO summit. Lots of unintended consequences with Europeans agreeing to something that few intend to deliver on. NATO ignoring its major challenge, fighting together as Europe with less US. That requires deep reforms, not vague spending pledges.
www.csis.org/analysis/nat...

We mostly talk about our livers when they fail. What about when our livers succeed? [liver image] Share if your liver is succeeding right now!

A chart for quantum computers, of number of qubits versus error rate, on a logarithmic scale. Broadly it shows a large gap between current quantum computers in the bottom left, and a curve in the top right of the resources they need to break RSA.

An out-of-schedule update to my quantum landscape chart: sam-jaques.appspot.com/quantum_land..., prompted by
@craiggidney.bsky.social 's new paper: arxiv.org/abs/2505.15917.

A startling jump (20x) in how easy quantum factoring can be!

Also: much improved web design!

We’ll miss you Will! Good luck and hope our paths cross again in the future!

Cryspen is excited to announce it has been awarded a grant from the Ethereum Foundation to extend our hax verification toolchain with support for the Lean prover. Watch this space for more on this soon!

#FormalVerification #Lean #Rust

Here's a paradox: Swedes have a very low opinion of Trump. Meanwhile, in many ways the Swedish government has adopted his playbook – the xenophobia, the war on "woke" and "cancel culture," the flagrant corruption, the rejection of experts and expertise, the attacks on universities, etc. >

1/ Earlier this year, Yuval Domb of @ingonyama.com discovered Logjumps — a more efficient way to do large-prime field multiplication than Montgomery multiplication. So much modern crypto relies on modular multiplication — all the way from TLS sessions to elliptic-curve based ZK proofs.

We (finally) published all the material from this course on SQIsign, including lecture slides and exercise sheets for the Sage laboratory. Available here: github.com/andreavico/S...