A British journalistic trope involves the phrase “The pound in your pocket”, a derisory reference to the 1960s Prime Minister Harold Wilson’s use of it to try to persuade the public that a proposed currency devaluation wouldn’t affect them. Nearly six decades later not so many Brits carry physical pounds in their pockets as electronic […]
Depending on who you ask, the big news this week is that quantum computing researchers out of China have broken RSA. (Here’s the PDF of their paper.) And that’s true… sort of. There are multiple caveats, like the fact that this proof of concept is only factoring a 22-bit key. The minimum RSA size in […]
The Internet Archive has been hacked. This is an ongoing story, but it looks like this started at least as early as September 28, while the site itself was showing a creative message on October 9th, telling visitors they should be watching for their email addresses to show up on Have I Been Pwnd. Hi […]
There are a great many organizations out there, all with their own intentions—some selfish, some selfless, some that land somewhere in between. Most would put the Internet Archive in the category of the library—with its aim of preserving and providing knowledge for the aid of all who might call on it. Sadly, as [theresnotime] reports, […]
Many readers will be familiar with the idea of a glitching attack, introducing electrical noise into a computer circuit in the hope of disrupting program flow and causing unexpected behaviour which might lead to hitherto unavailable access to memory or other system resources. [David Buchanan] has written a piece investigating glitching attacks on PC memory, […]
Up first this week is a warning for the few of us still brave enough to host our own email servers. If you’re running Zimbra, it’s time to update, because CVE-2024-45519 is now being exploited in the wild. That vulnerability is a pretty nasty one, though thankfully requires a specific change from default settings to […]
Modern smartphones try and provide a number of useful features to their users, and yet, they’re not exactly designed with human needs in mind. A store-bought smartphone will force a number of paradigms and features onto you no matter whether you want them, and, to top it off, it will encroach on your privacy and […]
These days everything needs to be connected to remote servers via the internet, whether it’s one’s TV, fridge or even that new car you just bought. A recently discovered (and already patched) vulnerability concerning Kia cars was a doozy in this regard, as a fairly straightforward series of steps allowed for any attacker to obtain […]
It looks like there’s finally hope for sane password policies. The US National Institue of Standards and Technology, NIST, has released a draft of SP 800-63-4, the Digital Identity Guideline. There’s password guidance in there, like “SHALL NOT impose other composition rules (e.g., requiring mixtures of different character types) for passwords” and “SHALL NOT require […]