Show newer

Major change of Germany's positions on EU policies:
👍New government opposes EU's #chatcontrol plans!
👍Pro right to #anonymity! #DigitalServicesAct
👍Pro ban on #BiometricMassSurveillance! #AIAct
#dataretention only "on an ad hoc basis and by judicial order"
#Thread 👎

RT @AndroidTamer
adb open to public is always going to be a danger. if its open to public not asking for key verification safe to assume the OS version itself is very old acting as a double whammy IMHO. twitter.com/GossiTheDog/status

RT @KimZetter
Apple is also donating $10 million, as well as any damages obtained from lawsuit, to orgs like Citizen Lab that helped expose NSO activity. "Apple will also support the accomplished researchers at the Citizen Lab with pro-bono technical, threat intelligence, and engineering" help

RT @billyleonard
It's great to see Apple finally notifying NSO victims, but also great to accurately remember history. @Google TAG and @Android have been securing and notifying NSO victims for the past 5+ years. twitter.com/jsrailton/status/1

RT @AndreaBarisani
Our new advisory covers unexpected interactions in OP-TEE TrustZone configuration.

On the NXP i.MX6UL the NonSecure OS gets a "beauty sleep" and wakes up as Secure OS when a suspend/resume cycle is triggered!

Check details at: labs.f-secure.com/advisories/o

RT @mikko
Sci-Hub is a freely accessible decentralized database of more than 85,000,000 research papers, used by more than 500,000 people every day. These people are scientists and students, medical practitioners and journalists. The service is available at sci-hub.se. twitter.com/slashdot/status/14

RT @acm_wisec
WiSec 2022 Organization Committee has been finalized! wisec2022.cs.utsa.edu/organiza
CFP coming soon.

RT @evacide
This comprehensive article about what a shitshow Amazon's internal security has been for many years is amazing. "User data flowed like water." wired.com/story/amazon-failed-

RT @enigmaconf
The program is live, and registration is now open for Enigma 2022! bit.ly/enigma2022 We look forward to seeing you in Santa Clara in February...or online!

🚨 EU interior ministers jointly spoke out in favour of mandatory #chatcontrol, which is to be proposed by the EU Commission early in 2022. Government representatives seem to have lost all respect for private messages and photos.

patrick-breyer.de/en/eu-interi

RT @matteo_maffei
@jkulinz is hiring a full professor in Formal Methods, who will succeed @ArminBiere as head of the institute on Formal Models and Verification. Lots of potential of collaborations across Austria, apply! jku.at/en/the-jku/work-at-the-

RT @damienmiller
This is a good writeup of the SSH signatures that @sebkinne added to OpenSSH a couple of years ago.

The only thing that I'd add is that all of this works with keys held on FIDO hardware tokens too (much harder to steal) twitter.com/__agwa/status/1459

Come do cool security and privacy research in Austria! @tugraz, @jkulinz, and @tuvienna are sufficiently close that collaborations can actually happen with physical meetings included 😉
---
RT @StefanMangard
We have an open tenure track position in security and privacy at @tugraz:
tugraz.at/fakultaeten/csbme/ne. The position comes with a competitive starti…
twitter.com/StefanMangard/stat

RT @RealWorldCrypto
The list of accepted talk proposals for 2022 is now online: rwc.iacr.org/2022/acceptedpape
Invited speakers and registration to follow soon.

RT @OpenPriv
Last weeks @cwtch_im beta 1.4 release featured a new experiment: In-app Server Hosting!

For our 20th Discreet Log @dan_ballard discusses why accessible self-hosting of decentralized, private preserving infrastructure is an important feature for Cwtch.

openprivacy.ca/discreet-log/20

RT @naehrdine
Ghost Peak is a distance shortening attack on HRP UWB, a technology announced for the next generation of car keys and other security-critical applications like payments. The portable distance shortening setup only costs 65 USD.
High-res video: youtu.be/wRCt1MvdlCY

The Commission wants to collect and store data on your whereabouts and private communications ( #dataretention ), but when it comes to keeping records of their own correspondence, they are suddenly much less enthusiastic! spiegel.de/international/europ

THREAD 🧵🔽 (1/6)

For anybody interested in the DJI drones WiFi protocol: A Master thesis by Thomas Cristof @jkulinz/@insjku has just been finished, releasing a new tool to help analyze protocol details. It can even extract the full video stream 🧐: github.com/Toemsel/dji-wifi-to

Congrats to Thomas!

RT @ShaneHuntley
More technical details from @eryeh and the team on last months exploit and the associated campaign.

blog.google/threat-analysis-gr

TAG discovered watering hole attacks targeting visitors to Hong Kong websites for a media outlet and a prominent pro-democracy labor and political group. twitter.com/ShaneHuntley/statu

Show older
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!