alexis

Bluesky is asking for my age verification today although I’m not even in the UK or using any UK VPN.

Alexis Cao, a visiting intern from Johns Hopkins University, has joined COSIC to work on enhancing the security and privacy of mixnets this summer. Welcome!
#choosecosic #cosic #kuleuven

The Guardian launches Secure Messaging, a world-first from a media organisation, in collaboration with the University of Cambridge Secure Messaging is a new innovation for confidential story-sharing and source protection, underpinning the Guardian’s commitment to investigative journalism. The Guardian has published the open sourc...

www.theguardian.com/gnm-press-of...

YouTube video by BSidesCharm BSidesCharm 2025 - Beyond Tor and VPN: Protect Your Privacy With Decentralized Mixnet - Alexis Cao

my talk last month is now up on youtube!!
youtu.be/oGQ4nDvTW_4

and that’s a wrap for 4 years of undergrad at hopkins!! 🥹

the weekend was a blast! thank you Shawn for capturing these moments!

Photos by Shawn Thomas Photography @understudy77.bsky.social
www.shawnthomas.art

gave my first talk at BSidesCharm on mixnets this weekend! appreciate everyone that came and made it such an incredible experience!!

the calm before the storm

for the first time i just had a full conversation in arabic with my uber driver. we talked about school, majors, and numbers lol. he was speaking very slowly to me and i don’t understand everything, but still. hopkins arabic classes are finally paying off!!

putting some final edits to the slides for my talk tomorrow. can’t wait to share this!! @bsidescharm.bsky.social

a consultation to revise telecom surveillance laws opened by switzerland federal council requires telecom companies in 🇨🇭 to oblige to certain user data collection and monitoring

Undocumented "backdoor" found in Bluetooth chip used by a billion devices The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains an undocumented "backdoor" that could be leveraged for attacks.

ESP32 Bluetooth firmware contains 29 hidden HCI commands (0xFC01–0xFC44), enabling RAM/Flash manipulation, MAC spoofing, and LMP/LLCP packet injection. Attackers can achieve persistent implants, device impersonation, firmware checks bypass, and advanced Bluetooth-based pivoting.
tinyurl.com/esp32bd

just submitted my first ever cfp proposal!!

Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel On November 20, 2024, Shubham Shah and I discovered a security vulnerability in Subaru’s STARLINK admin panel that gave us unrestricted access to all vehicles and customer accounts in the United State...

Oh boy, Sam Curry comes again with yet another critical #vulnerability, now in Subaru vehicles, basically allowing full remote control over the cars.

#Automotive security is no joke, but manufacturer's still live by security standards from the beginning of the century.

samcurry.net/hacking-subaru

omg now i can’t unsee it 😂

c69cb94fbf0c059e8cf91cf0f369f576

#cyberdeckchallenge #shmoocon