@fegge.bsky.social
Cryptography and static analysis @ Trail of Bits
The call for talks for CAW 2026 (a workshop affiliated with Eurocrypt) is out!
This year's motto is "cryptography under real-world constraints and threat models", but other applied cryptography is also very welcome.
All info is on: caw.cryptanalysis.fun.
Uppfriskande att se att någon har visioner som inte handlar om att utvisa människor eller sätta barn i fängelse.
www.dn.se/varlden/eu-v...
Omni Klimathotet/Svenska krisberedskapen Rubrik: Klimatanpassning på paus: Elva tjänster kvar i landet
Steg 1
Regeringen tar bort anslaget för klimatanpassning
Steg 2
Två av tre tjänster inom förebyggande klimatarbete försvinner
Steg 3
Klimatrelaterade katastrofer blottar luckor i krisberedskapen
Steg 4
Klimatministern läxar upp länsstyrelserna
Steg 5
[inget händer]
¯\_(ツ)_/¯
omni.se/a/73Xzmo
Good post on Merkle tree certificates.
29.10.2025 06:43 — 👍 3 🔁 0 💬 0 📌 0
Överskrider kvarvarande koldioxidbudget med 1000 procent • AP-fonderna försvarar sina fossilinvesteringar.
27.10.2025 05:16 — 👍 15 🔁 6 💬 0 📌 0
ABB:s robotikförsäljning till Japan är ett tecken på Sveriges och Europas industriella förtvining.
Där tänker man långsiktigt – här jagar man snabba klipp, skriver @jonasalgers.bsky.social.
WAICT builds on subresource integrity to create an end-to-end transparency solution for web applications. It is still early days, but this looks like great news for web application auditability and trust! 🎉
blog.cloudflare.com/improving-th...
Geostationary satellites are leaking critical data, transmitting sensitive communications in the clear. With just $800 of consumer hardware, researchers intercepted military, telecom, retail, and infrastructure traffic. satcom.sysnet.ucsd.edu/docs/dontloo...
14.10.2025 10:47 — 👍 56 🔁 26 💬 1 📌 4
Vad bra Moderaterna mår. (Återigen: Underlaget jag skriver utifrån är alltså officiell SCB-statistik!)
08.10.2025 06:11 — 👍 94 🔁 21 💬 10 📌 1
Påminnelse. År 2025 lever 700 000 människor i materiell och social fattigdom i Sverige. Det är en ökning med 120 000 på ett år. Bara sedan 2021 har andelen fattiga nästan fördubblats, från 3,5% till 6,6%. Ojämlikheten skenar
www.dagensarena.se/innehall/fat...
Ett screenshot med texten ”Min avsikt: Med denna inloggning kommer FinShark AB komma åt följande tjänster i 180 dagar: - Titta på transaktionskonton och kortkoppladekontokopplade kort - Initiera betalningsuppdrag från transaktionskonton”
Jag försökte bli månadsgivare till en organisation jag stödjer, men för att godkänna autogirot var jag tvungen att ge något som heter FinShark tillgång till mitt konto i 180 dagar!? Det känns ju helt bananas! Är det här verkligen det bästa vi kan åstadkomma 2025?
07.10.2025 10:57 — 👍 2 🔁 1 💬 0 📌 0We are alarmed by reports that Germany is on the verge of a catastrophic about-face, reversing its longstanding and principled opposition to the EU’s Chat Control proposal which, if passed, could spell the end of the right to privacy in Europe. signal.org/blog/pdfs/ge...
03.10.2025 16:14 — 👍 4002 🔁 2431 💬 41 📌 145This is so cursed.
02.10.2025 21:40 — 👍 4 🔁 0 💬 1 📌 1I really recommend reading the blog post though. It goes into detail on some of the engineering and security considerations that went into the design, as well as how the rollout is handled.
02.10.2025 21:29 — 👍 0 🔁 0 💬 0 📌 0The triple ratchet extends the double ratchet with a second, sparse post-quantum ratchet called SPQR. SPQR is based on a chunked version of ML-KEM 768. The outputs from both are passed to a KDF to form a hybrid KEM.
02.10.2025 21:24 — 👍 2 🔁 0 💬 1 📌 0Signal is really pushing the envelope with their new post-quantum secure triple ratchet. The protocol is formally verified using ProVerif, and the implementation uses hax to verify correctness and panic-freeness of the implementation. Really great work!
02.10.2025 21:15 — 👍 2 🔁 0 💬 1 📌 0This gives a whole new meaning to APT.
27.09.2025 12:21 — 👍 1 🔁 0 💬 0 📌 0Excel is Turing complete. Just sayin.
26.09.2025 18:43 — 👍 0 🔁 0 💬 0 📌 0LLDB adds native support for MCP.
lldb.llvm.org/use/mcp.html
Fan ta svenska folket om de inte röstar bort de brunblå om ett år.
18.09.2025 19:37 — 👍 69 🔁 6 💬 3 📌 0
18.09.2025 14:36 — 👍 41 🔁 18 💬 4 📌 3
An image of the Mexican gulf, with the label ”Mexican gulf” followed by ”American gulf” in parenthesis.
In the EU (Sweden) we (and Google) are apparently still not wholly convinced.
18.09.2025 12:09 — 👍 0 🔁 0 💬 0 📌 0I know it’s been said again and again, but what does it say about ChatControl that its backers keep explicitly *exempting* law enforcement and national security accounts from content scanning?
17.09.2025 17:10 — 👍 95 🔁 41 💬 3 📌 8I’m Not a Robot, a game about solving CAPTCHAs, is out now!
good luck :)
> neal.fun/not-a-robot/
Man page for the less command, telling you that the flag LESSSECURE puts the less command in secure mode
TIL that setting LESSSECURE makes you more secure
15.09.2025 21:24 — 👍 51 🔁 7 💬 2 📌 1
Solving AI alignment alignment.
alignmentalignment.ai
The image shows two LibreOffice documents. A normal document to the left, and a malicious document to the right. The malicious document contains an additional, malicious word/document.xml file. The signature is checked against the original word/document.xml file, while the malicious word/document.xml file is displayed to the user.
Great paper on finding and exploiting parser differentials between ZIP parsers to bypass signature validation, malware detection, or VSCode extension ID validation.
www.usenix.org/conference/u...
There's a sick linenoise article by @there.is.no.aarch64.mov in @phrack.org 71 called "Learning An ISA By Force Of Will", where ixi goes from unknown binary blob, to manual instruction decoding, to figuring out control flow, and gives a critique of the RE'd ISA.
phrack.org/issues/71/3#...
Over 600 GB of source code, internal communication, and documentation about the great firewall of China leaked from Geedge Networks.
gfw.report/blog/geedge_...
