Proprietary Software and Integrity Issues
-
Fixing the TPM: Hardware Security Modules Done Right
Yet, the specs span hundreds of pages. The public API of the TPM2 Software stack comprises close to 1200 functions and required 80K lines of code to implement.
-
DEFCON Quantum Village 2: Electric Boogaloo
First, the Quantum Village need more cryptographers; both in attendance and as speakers.
This includes aspiring cryptographers and students. You’re likely better at discussing security threats and understanding how cryptography-relevant quantum computers will impact society than you give yourself credit for. Many of you have exactly the knowledge and experience needed to mount an honest opposition to quantum optimism.
To make the intermingling of the two villages seamless, I’d like to ask the DEFCON event staff to place the two villages next door to each other in 2024, if possible.
-
A Tale of Two Forwarded Headers
This is the story of how I handled troubleshooting the redirect URL for OAuth2 in Appsmith, which contained the host as localhost instead of the actual domain name when hosted on Google Cloud Run. This is a story of how Forwarded and X-Forwarded-* headers were propagating through multiple reverse proxies and how they can be confused.
-
Hackers threaten patients after massive cyber attack on Israeli hospital
The attack is the work of the Ragnar_Locker ransomware team, a group that has been around since at least 2020. Ragnar Team has generally not attracted as much media attention as some other groups, and inspection of their leak site does not reveal any other medical entities as victims — or at least as victims who did not pay their ransom demands.
-
Hotmail email delivery fails after Microsoft misconfigures DNS
Hotmail users worldwide have problems sending emails, with messages flagged as spam or not delivered after Microsoft misconfigured the domain’s DNS SPF record.
-
hahaha we live in hell
the lot has three signs hung up with instructions on how to pay, because every single lot in town supports one to five different competing parking lot apps. there's one sign that says you can use Park Mobile, and gives a lot ID, and then on another wall there's a sign that says you can use PayByPhone, with a different lot ID, and then there's a huge sign with a QR code that encourages you to Scan Here To Park, as if it's the official primary method for doing so. It is not, it's just another app.
-
Cruise Agrees to Reduce Driverless Car Fleet in San Francisco After Crash
On Friday, the California Department of Motor Vehicles, which regulates the safety of the driverless cars, asked Cruise to halve the number of vehicles it was operating in San Francisco. The Cruise vehicle’s collision with a fire truck the day before had injured a passenger in the driverless car. Earlier in the week, another Cruise vehicle got stuck in newly poured concrete on another city street.
-
hahaha we live in hell
the lot has three signs hung up with instructions on how to pay, because every single lot in town supports one to five different competing parking lot apps. there's one sign that says you can use Park Mobile, and gives a lot ID, and then on another wall there's a sign that says you can use PayByPhone, with a different lot ID, and then there's a huge sign with a QR code that encourages you to Scan Here To Park, as if it's the official primary method for doing so. It is not, it's just another app.
-
Bad incentives will make autonomous vehicles unsafe
And since so much has been written about the robotaxis at this point, I usually point to an existing explanation of the problems with robotaxis, like Safe Street Rebel’s statement, instead of winging it myself. The SSR statement highlights the labor, surveillance, accessibility, and car-trip-generating aspects of autonomous vehicles, as does the SF Bicycle Coalition’s statement.
But there’s a more subtle safety issue I want to draw out. It comes down to incentives and human responsibility.
-
Cruise agrees to halve its robotaxi fleet following two crashes
The California Department of Motor Vehicles has asked Cruise, the autonomous vehicle unit of General Motors, to reduce its fleet of driverless cars in San Francisco by 50% after two recent collisions involving its vehicles. Cruise has agreed to comply with the request and will operate no more than 50 robotaxis during the day and 150 at night.