Skip to content
I T S S
  • Welcome
  • Hardware
  • Internet
  • Networking
  • Security
  • Data Recovery
  • Support
  • Contact
  • Webmail

A Nice Little Cryptography Primer

By itss | 28/06/2021
0 Comment

Pun Intended.

Category: Technology
Post navigation
← pfSense / Wireguard / Bad Code / Close Call Why Quake3 was so fast : Fast Inverse Square Root →

Recent Posts

  • Hardware Exploits?
  • Why Quake3 was so fast : Fast Inverse Square Root
  • A Nice Little Cryptography Primer
  • pfSense / Wireguard / Bad Code / Close Call
  • Apple Continues Its Trip To The Dark Side With The Release of MacOS 17 (Big Sur)

Slashdot

News for nerds

  • Infotainment, EV Charger Exploits Earn $1M at Pwn2Own Automotive 2026
    by EditorDavid on 25/01/2026 at 2:34 am

    Trend Micro's Zero Day Initiative sponsored its third annual Pwn2Own Automotive competition in Tokyo this week, receiving 73 entries, the most ever for a Pwn2Own event. "Under Pwn2Own rules, all disclosed vulnerabilities are reported to affected vendors through ZDI," reports Help Net Security, "with public disclosure delayed to allow time for patches." Infotainment platforms from Tesla, Sony, and Alpine were among the systems compromised during demonstrations. Researchers achieved code execution using techniques that included buffer overflows, information leaks, and logic flaws. One Tesla infotainment unit was compromised through a USB-based attack, resulting in root-level access. Electric vehicle charging infrastructure also received significant attention. Teams successfully demonstrated exploits against chargers from Autel, Phoenix Contact, ChargePoint, Grizzl-E, Alpitronic, and EMPORIA. Several attacks involved chaining multiple vulnerabilities to manipulate charging behavior or execute code on the device. These demonstrations highlighted how charging stations operate as network-connected systems with direct interaction with vehicles. There's video recaps on the ZDI YouTube channel — apparently the Fuzzware.io researchers "were able to take over a Phoenix Contact EV charger over bluetooth." Three researchers also exploited the Alpitronic's HYC50 fast-charging with a classic TOCTOU bug, according to the event's site, "and installed a playable version of Doom to boot." They earned $20,000 — part of $1,047,000 USD was awarded during the three-day event. More coverage from SecurityWeek: The winner of the event, the Fuzzware.io team, earned a total of $215,500 for its exploits. The team received the highest individual reward: $60,000 for an Alpitronic HYC50 EV charger exploit delivered through the charging gun. ZDI described it as "the first public exploit of a supercharger". Read more of this story at Slashdot.

  • Work-From-Office Mandate? Expect Top Talent Turnover, Culture Rot
    by EditorDavid on 24/01/2026 at 11:34 pm

    CIO magazine reports that "the push toward in-person work environments will make it more difficult for IT leaders to retain and recruit staff, some experts say." "In addition to resistance, there would also be the risk of talent turnover," [says Lawrence Wolfe, CTO at marketing firm Converge]... "The truth is, both physical and virtual collaboration provide tremendous value...." IT workers facing work-from-office mandates are two to three times more likely than their counterparts to look for new jobs, according to Metaintro, a search engine that tracks millions of jobs. IT leaders hiring new employees may also face significant headwinds, with it taking 40% to 50% longer to fill in-person roles than remote jobs, according to Metaintro. "Some of the challenges CIOs face include losing top-tier talent, limiting the pool of candidates available for hire, and damaging company culture, with a team filled with resentment," says Lacey Kaelani, CEO and cofounder at Metaintro... There are several downsides for IT leaders to in-person work mandates, [adds Lena McDearmid, founder and CEO of culture and leadership advisory firm Wryver], as orders to commute to an office can feel arbitrary or rooted in control rather than in value creation. "That erodes trust quickly, particularly in IT teams that proved they could deliver remotely for years," she adds. The mandates can also create new friction for IT leaders by requiring them to deal with morale issues, manage exceptions, and spend time enforcing policy instead of leading strategy, she says. "There's also a real risk of losing experienced, high-performing talent who have options and are unwilling to trade autonomy for proximity without a clear reason," McDearmid adds. "When companies mandate daily commutes without a clear rationale, they often narrow their talent pool and increase attrition, particularly among people who know they can work effectively elsewhere." McDearmid has seen teams "sitting next to each other" who collaborate poorly "because decisions are unclear or leaders equate visibility with progress... Collaboration doesn't automatically improve just because people share a building." And Rebecca Wettemann, CEO at IT analyst firm Valoir, warns of return-to-office mandates "being used as a Band-Aid for poor management. When IT professionals feel they're being evaluated based on badge swipes, not real accomplishments, they will either act accordingly or look to work elsewhere." Thanks to Slashdot reader snydeq for sharing the article. Read more of this story at Slashdot.

  • Airlines Cancel Over 10,000 US Flights Due To Massive Winter Storm
    by EditorDavid on 24/01/2026 at 10:34 pm

    "Airlines canceled more than 10,000 U.S. flights scheduled for this weekend," reports CNBC, "as a massive winter storm sweeps across the country, with heavy snow and sleet forecast, followed by bitter cold... set to snarl travel for hundreds of thousands of people for days." More than 3,500 flights on Saturday were canceled, according to flight tracker FlightAware. Many of Saturday's cancellations were in and out of Dallas Fort Worth International Airport, with about 1,300 scrubbed flights, and at Dallas Love Field, with 186 cancellations, the majority of the schedule at each airport. American Airlines, based in Fort Worth, Texas, had canceled 902 Saturday flights, about 30% of its mainline schedule and Southwest Airlines canceled 571 flights, or 19%, according to FlightAware. U.S. flight cancellations nearly doubled to more than 7,000 [now up to 8,947] on Sunday when the storm is expected to hit the mid-Atlantic and Northeast U.S. As of midday on Saturday, most flights from Raleigh-Durham International Airport in North Carolina to Portland, Maine, were canceled. Major airline hubs were affected as far south as Atlanta, where Delta Air Lines is based.... American, Delta, JetBlue Airways, Southwest Airlines, United Airlines and other U.S. carriers said they are waiving change and cancellation fees as well as fare differences to rebook for customers with tickets to and from more than 40 airports around the country. The waivers include restrictive basic economy tickets. More than 80% of Sunday's flights at New York's LaGuardian Airport were cancelled, according to the article, at well as 90% of Sunday's flights at Viriginia's Ronald Reagan Washington National Airport. Read more of this story at Slashdot.

  • Cheap Green Tech Allows Faster Path To Electrification For the Developing World
    by EditorDavid on 24/01/2026 at 9:34 pm

    Slashdot reader Mr. Dollar Ton summarizes this article from Bloomberg: According to a new report from think tank "Ember", the availability of cheap green tech can have developing countries profit from earlier investment and skip steps in the transition from fossil to alternatives. India is put forward as an example. While China's rapid electrification has been hailed as a miracle, by some measures, India is moving ahead faster than China did when it was at similar levels of economic development. It's an indication that clean electricity could be the most direct way to boost growth for other developing economies. That's mainly because India has access to solar panels and electric cars at a much lower price than China did about a decade ago. Chinese investments lowered the costs of what experts call "modular technologies" — the production of each solar panel, battery cell and electric car enables engineers to learn how to make it more efficiently. The think tank's team even argues "that countries such as India, which don't have significant domestic fossil-fuel reserves, will become 'electrostates' that meet most of their energy needs through electricity generated from clean sources," according to the article: No country is an electrostate yet, [says Ember strategist Kingsmill Bond], but countries are increasingly turning to green electricity to power their economies. Nations that are less developed than India will see even more advantages as the cost of electricity technologies, from solar panels and electric vehicles to battery components and minerals, continue to fall. Neither India nor China is going electric purely to cut emissions or meet climate targets, says Bond. They're doing so because it makes economic sense, particularly for India, which imports more than 40% of its primary energy in the form of coal, oil and gas, according to the International Energy Agency. "To grow and have energy independence, India needs to reduce the terrible burden of fossil-fuel imports worth $150 billion each year," said Bond. "India needs to find other solutions...." [I]f countries like India find ways to grow electrotech manufacturing without absolute dependence on Chinese equipment, electrification could speed up further. With the U.S. and Europe continuing to add exclusions for Chinese-linked electrotech, countries like India will have an incentive to invest in their own manufacturing capacity. "We are probably at a moment of peak Chinese dominance in the electrotech system, as the rest of the world starts to wake up and realize that this is the energy future," he said. Read more of this story at Slashdot.

  • Microsoft 365 Endured 9+ Hours of Outages Thursday
    by EditorDavid on 24/01/2026 at 8:34 pm

    Early Friday "there were nearly 113 incidents of people reporting issues with Microsoft 365 as of 1:05 a.m. ET," reports Reuters. But that's down "from over 15,890 reports at its peak a day earlier, according to Downdetector." Reuters points out the outage affected antivirus software Microsoft Defender and data governance software Microsoft Purview, while CRN notes it also impacted "a number of Microsoft 365 services" including Outlook and Exchange online: During the outage, Outlook users received a "451 4.3.2 temporary server issue" error message when attempting to send or receive email. Users did not have the ability to send and receive email through Exchange Online, including notification emails from Microsoft Viva Engage, according to the vendor. Other issues that cropped up include an inability to send and receive subscription email through [analytics platform] Microsoft Fabric, collect message traces, search within SharePoint online and Microsoft OneDrive and create chats, meetings, teams, channels or add members in Microsoft Teams... As with past cloud outages with other vendors, even after Microsoft fixed the issues, recovery efforts by its users to return to a normal state took additional time... Microsoft confirmed in a post on X [Thursday] at 4:14 p.m. ET that it "restored the affected infrastructure to a (healthy) state" but "further load balancing is required to mitigate impact...." The company reported "residual imbalances across the environment" at 7:02 p.m., "restored access to the affected services" and stable mail flow at 12:33 a.m. Jan. 23. At that time, Microsoft still saw a "small number of remaining affected services" without full service stability. The company declared impact from the event "resolved" at 1:29 p.m. Eastern. Microsoft sent out another X post at 8:20 a.m. asking users experiencing residual issues to try "clearing local DNS caches or temporarily lowering DNS TTL values may help ensure a quicker remediation...." Microsoft said in an admin center update that [Thursday's] outage was "caused by elevated service load resulting from reduced capacity during maintenance for a subset of North America hosted infrastructure." Furthermore, Microsoft noted that during "ongoing efforts to rebalance traffic" it introduced a "targeted load balancing configuration change intended to expedite the recovery process, which incidentally introduced additional traffic imbalances associated with persistent impact for a portion of the affected infrastructure." US itek's David Stinner said it appears that Microsoft did not have enough capacity on its backup system while doing maintenance on its main system. "It looks like the backup system was overloaded, and it brought the system down while they were still doing maintenance on the main system," he said. "That is why it took so many hours to get back up and running. If your primary system is down for maintenance and your backup system fails due to capacity issues, then it is going to take a while to get your primary system back up and running." "This was not Microsoft's first outage of 2026," the article notes, "with the vendor handling access issues with Teams, Outlook and other M365 services on Wednesday, a Copilot issue on Jan. 15 plus an Azure outage earlier in the month..." Read more of this story at Slashdot.

  • AI Luminaries Clash At Davos Over How Close Human-Level Intelligence Really Is
    by EditorDavid on 24/01/2026 at 7:34 pm

    An anonymous reader shared this report from Fortune The large language models (LLMs) that have captivated the world are not a path to human-level intelligence, two AI experts asserted in separate remarks at Davos. Demis Hassabis, the Nobel Prize-winning CEO of Google DeepMind, and the executive who leads the development of Google's Gemini models, said today's AI systems, as impressive as they are, are "nowhere near" human-level artificial general intelligence, or AGI. [Though the artilcle notes that later Hassabis predicted there was a 50% chance AGI might be achieved within the decade.] Yann LeCun — an AI pioneer who won a Turing Award, computer science's most prestigious prize, for his work on neural networks — went further, saying that the LLMs that underpin all of the leading AI models will never be able to achieve humanlike intelligence and that a completely different approach is needed... ["The reason ... LLMs have been so successful is because language is easy," LeCun said later.] Their views differ starkly from the position asserted by top executives of Google's leading AI rivals, OpenAI and Anthropic, who assert that their AI models are about to rival human intelligence. Dario Amodei, the CEO of Anthropic, told an audience at Davos that AI models would replace the work of all software developers within a year and would reach "Nobel-level" scientific research in multiple fields within two years. He said 50% of white-collar jobs would disappear within five years. OpenAI CEO Sam Altman (who was not at Davos this year) has said we are already beginning to slip past human-level AGI toward "superintelligence," or AI that would be smarter than all humans combined... The debate over AGI may be somewhat academic for many business leaders. The more pressing question, says Cognizant CEO Ravi Kumar, is whether companies can capture the enormous value that AI already offers. According to Cognizant research released ahead of Davos, current AI technology could unlock approximately $4.5 trillion in U.S. labor productivity — if businesses can implement it effectively. Read more of this story at Slashdot.

Archives

  • September 2022
  • November 2021
  • June 2021
  • March 2021
  • November 2020
  • October 2020
  • September 2020
  • February 2020
  • January 2020
  • October 2019
  • August 2018
  • July 2018
  • April 2018
  • February 2018
  • January 2018
  • December 2017
  • October 2017
  • September 2017
  • August 2016
  • July 2016
  • March 2016
  • February 2016
  • August 2015
  • May 2015

Categories

  • Innovation
  • Security
  • Software
  • Technology

Tags

backdoor cisco coding json laziness patterns public information announcement security vulnerability
© 2017 IT Sales & Services Ltd
Quality IT solutions in Tanzania since 2010
Iconic One Theme | Powered by Wordpress