ProPublica has a long investigative article on how the Cyber Safety Review Board failed to investigate the SolarWinds attack, and specifically Microsoft’s culpability, even though they were directed by...
Read moreA new vampire squid species was discovered in the South China Sea. Blog moderation policy.
Read moreNew Open SSH Vulnerability
July 3 2024It’s a serious one:
The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems;...
Read more
Public Surveillance of Bars
July 2 2024This article about an app that lets people remotely view bars to see if they’re crowded or not is filled with commentary—on both sides—about privacy and openness.
Read moreUpcoming Book on AI and Democracy
July 2 2024If you’ve been reading my blog, you’ve noticed that I have written a lot about AI and democracy, mostly with my co-author Nathan Sanders. I am pleased to announce...
Read moreModel Extraction from Neural Networks
July 1 2024A new paper, “Polynomial Time Cryptanalytic Extraction of Neural Network Models,” by Adi Shamir and others, uses ideas from differential cryptanalysis to extract the weights inside a neural...
Read moreFriday Squid Blogging: New Squid Species
June 29 2024A new squid species—of the Gonatidae family—was discovered. The video shows her holding a brood of very large eggs. Research paper.
Read moreJames Bamford on Section 702 Extension
June 28 2024Longtime NSA-watcher James Bamford has a long article on the reauthorization of Section 702 of the Foreign Intelligence Surveillance Act (FISA).
Read moreSecurity Analysis of the EU’s Digital Wallet
June 27 2024A group of cryptographers have analyzed the eiDAS 2.0 regulation (electronic identification and trust services) that defines the new EU Digital Identity Wallet.
Read more
Recent Comments