Informations about SSL certificates and networks security
CISA wants everyone—and government agencies in particular—to remove or upgrade an Ivanti Cloud Service Appliance (CSA) that is no longer being supported. Welcome to the security nightmare that is the Internet of Things. Powered by WPeMatico
This is an odd story of serving squid during legislative negotiations in the Philippines. Powered by WPeMatico
Over the summer, I gave a talk about AI and democracy at TedXBillings. The recording is Powered by WPeMatico
Microsoft is updating SymCrypt, its core cryptographic library, with new quantum-secure algorithms. Microsoft’s details are here. From a news article: The first new algorithm Microsoft added to SymCrypt is called ML-KEM. Previously known as CRYSTALS-Kyber, ML-KEM is one of three post-quantum standards formalized last month by the National Institute of Standards and Technology (NIST). The … Read More “Microsoft Is Adding New Cryptography Algorithms” »
New research evaluating the effectiveness of reward modeling during Reinforcement Learning from Human Feedback (RLHF): “SEAL: Systematic Error Analysis for Value ALignment.” The paper introduces quantitative metrics for evaluating the effectiveness of modeling and aligning human values: Abstract: Reinforcement Learning from Human Feedback (RLHF) aims to align language models (LMs) with human values by training … Read More “Evaluating the Effectiveness of Reward Modeling of Generative AI Systems” »
According to Microsoft researchers, North Korean hackers have been using a Chrome zero-day exploit to steal cryptocurrency. Powered by WPeMatico
In 2018, Australia passed the Assistance and Access Act, which—among other things—gave the government the power to force companies to break their own encryption. The Assistance and Access Act includes key components that outline investigatory powers between government and industry. These components include: Technical Assistance Requests (TARs): TARs are voluntary requests for assistance accessing encrypted … Read More “Australia Threatens to Force Companies to Break Encryption” »
The first live video of the Promachoteuthis squid, filmed at a newly discovered seamount off the coast of Chile. Blog moderation policy. Powered by WPeMatico
There is a side-channel attack against YubiKey access tokens that allows someone to clone a device. It’s a complicated attack, requiring the victim’s username and password, and physical access to their YubiKey—as well as some technical expertise and equipment. Still, nice piece of security analysis. Powered by WPeMatico
Really interesting analysis of the American M-209 encryption device and its security. Powered by WPeMatico