Skip to content
I T S S
  • Welcome
  • Hardware
  • Internet
  • Networking
  • Security
  • Data Recovery
  • Support
  • Contact
  • Webmail

A Nice Little Cryptography Primer

By itss | 28/06/2021
0 Comment

Pun Intended.

Category: Technology
Post navigation
← pfSense / Wireguard / Bad Code / Close Call Why Quake3 was so fast : Fast Inverse Square Root →

Recent Posts

  • Hardware Exploits?
  • Why Quake3 was so fast : Fast Inverse Square Root
  • A Nice Little Cryptography Primer
  • pfSense / Wireguard / Bad Code / Close Call
  • Apple Continues Its Trip To The Dark Side With The Release of MacOS 17 (Big Sur)

Slashdot

News for nerds

  • Windows 10 Still Being Used, Often Unpatched and Insecure
    by EditorDavid on 19/07/2026 at 4:34 pm

    Windows 10 still runs on 16.9% of the Windows devices monitored by asset-tracking service Lansweeper. That's more than one in six, The Register points out. A year ago, the operating system accounted for about half of the machines in its dataset, falling to the low-to-mid 40% range by the time Microsoft ended standard support. The decline continued after that, reaching 18.6% in June, but Lansweeper says migration has now slowed to a crawl... Small and medium-sized businesses are particularly exposed. Lansweeper reckons that 21.4% of machines at small and medium-sized business still run Windows 10, with cost usually being the constraint that keeps the legacy operating system running. The exposure is greater in some sectors, with 23% of healthcare and pharmaceutical systems sticking with Windows 10, while consumer and retail devices hover at 22.7%. According to Lansweeper's data, "a Windows 10 device carries an average of 1,903 active CVEs against 652 on Windows 11. That's a 2.9x gap." Esben Dochy, principal technical evangelist at the company, told The Register that "the Windows 10 average also includes devices that have Extended Security Update patches applied." [According to Lansweeper's figures, 14% of Windows 10 assets have applied Extended Security Update patches.] Part of the problem, according to Lansweeper, is "patch diffing," in which Windows 11 fixes can be reverse-engineered to find flaws in Windows 10. "The supported OS effectively hands attackers a map into the unsupported one," Lansweeper said... Looking at other market share measures such as Statcounter, there was little change in the share of Windows 10 and its successor over the last few months after a surge following the end of support. As Lansweeper noted: "The easy migrations are done. What's left is the hard core: devices that haven't moved because they can't or won't." Lansweeper's evangelist noted that in some cases there is no Windows 11-certified version yet for many medical devices and industrial or retail systems. Read more of this story at Slashdot.

  • Aptera Announces Nationwide Repair Network For Its Upcoming Solar Electric Car
    by EditorDavid on 19/07/2026 at 3:34 pm

    Solar car maker Aptera has "officially announced a repair network partnership which will give owners of its upcoming solar electric car access to thousands of repair shops nationwide," reports Electrek: We recently got a chance to drive the Aptera solar EV and tour the company's factory, and came away both impressed at the progress that has been made, but cognizant of the long road ahead for the company. One question that often gets raised in reference to EV startups is how owners get service on their vehicles, especially those from a small company... So to waylay those fears, Aptera announced a partnership today that unlocks access to 4,300 service shops across the US, through a company called RepairPal. Aptera had been working on this partnership when we saw them at our factory tour, but today they're ready to officially announce it. RepairPal doesn't own its own shops, but instead certifies local shops to work on particular models of car... All shops will get access to Aptera-specific service procedures. Read more of this story at Slashdot.

  • Former Richard Stallman Colleague Now Argues for Open AI Models Too
    by EditorDavid on 19/07/2026 at 2:34 pm

    Long-time Slashdot reader theodp writes: Recalling his initial resistance to free and open software, billionaire computer scientist David Siegel argues vigorously in FORTUNE that the stakes are too high to let AI become increasingly closed. "In the 1980s, I had the chance to spend several years arguing about free and open software, what we now call open source, with the founder of the movement, Richard Stallman. My office at the MIT AI Lab was next door to his. Stallman's position was that the source code to software should be free for everyone to use, learn from, and improve. Software encapsulates knowledge, he argued, and no one should lock something so fundamental away. To hide software inside a company was to hide knowledge itself... What I missed was that software was not just a commercial asset; it was a body of knowledge, and bodies of knowledge grow stronger when they are shared. After about two years of on-and-off debate, Stallman convinced me I was wrong." "Now the AI fight is the same — only bigger," advises Siegel. "AI is software, and AI is increasingly closed. The frontier models — the most advanced, cutting-edge AI systems — are closed completely and the trend is accelerating. Viable open alternatives are few and far between." So, what to do...? "Yes, frontier models keep getting bigger and more expensive — that arms race may well stay with the giants. But open source AI does not have to match their scale to be useful. Much of what the world needs probably does not require the absolute frontier. And where keeping a credible open option does demand serious compute, that is precisely the kind of public good worth paying for. "What's missing is not a path but will. The government, the private sector, and nonprofits should invest heavily in free and open source AI — the way they once invested in open software: public compute grants for open research, corporate and philanthropic support for universities and nonprofits doing the work, and a simple rule that AI built with public money is open by default. "We have run this experiment before. We know how it turns out. Let's not unlearn it." Read more of this story at Slashdot.

  • Are There Cybersecurity Risks in Over-the-Air Tech Used in Autos?
    by EditorDavid on 19/07/2026 at 11:34 am

    CNBC reports: The automotive industry's increasing use of over-the-air technology to update vehicle systems makes it more susceptible to cyberattacks, analysts say, urging more intervention in the sector... Its use represents "a unique national security concern," Gabriel Lim, senior analyst at the S. Rajaratnam School of International Studies in Singapore, told CNBC. "Aside from data privacy concerns, the potential of a foreign actor sabotaging the controls of a moving vehicle is a possibility that countries like Norway, Denmark, and Britain have expressed concerns about," Lim added. In May, the American Enterprise Institute warned that safeguarding the automotive sector was crucial to limit foreign governments' espionage capabilities. "To protect against foreign espionage threats, the US should consider additional security reviews, implement restrictions on certain foreign-made hardware and software in vehicles, and mandate increased data-collection disclosures," the report said. The concerns come as real-life tests reveal vulnerabilities. Late last year, Norwegian bus company Ruter conducted tests on two buses and found that one had potential risks linked to OTA technology. "There is access to the control system for battery and power supply via mobile network through a Romanian SIM card. In theory, therefore, this bus can be stopped or rendered inoperable by the manufacturer," the company said. The investigation by Ruter then sparked the U.K. and Denmark to conduct their own investigations... While these investigations were conducted on buses made by Chinese firm Yutong, [Siraj Ahmed Shaikh, systems security professor at the UK's Swansea University] said the issue goes beyond one manufacturer or country, as the technology becomes more pervasive. "Other sectors adopting OTA include other transport modes [such as] maritime and rail, aerospace (particularly drones), industrial machinery and robotics," he said. Read more of this story at Slashdot.

  • New Study Links Teen Boys' ADHD Symptoms To Addictive Social Media Use
    by EditorDavid on 19/07/2026 at 7:34 am

    A new study by researchers at the University of California at San Francisco "adds to growing research linking increased social media use to detrimental effects on attention, memory and cognition," reports the Washington Post: The study followed more than 11,000 U.S. adolescents over a period of five years, with participants first asked about their own social media use at the average age of 12, and surveyed annually through the average age of 16. Researchers found that increases in addictive social media use were followed by rising ADHD one year later — particularly among boys who reported rising addictive social media use at ages 14 and 15. This association was not found consistently in reverse, meaning that ADHD symptoms did not appear to precede higher levels of addictive social media use... "When an individual adolescent's addictive social media use score increased from one year to the next, that same adolescent tended to show an increase in ADHD symptoms in the following year...." [said Jason Nagata, lead author of the study and an associate professor of pediatrics at the University of California at San Francisco]. He urged parents to consider: "Can their kids stop if they want to? Is social media interfering with their schoolwork? Is it impairing their social relationships? Are there addiction-like symptoms, like withdrawal and relapse?" Approximately 7 million American children between the ages of 3 and 17 have received an ADHD diagnosis, according to the Centers for Disease Control and Prevention, and boys are diagnosed with ADHD at about twice the rate of girls. The study did not find a clear link between addictive social media use and ADHD among girls, Nagata said. "Some studies do suggest that teenage boys in particular may be more sensitive to immediate reward and sensation-seeking in adolescence," he said. And social media platforms are designed to provide exactly that: "It encourages frequent task-switching, and there's this constant stream of stimulation that might make it harder for adolescents to maintain and sustain attention that is needed for schoolwork and daily life," he said. "The design features of social media offer the constant reinforcement of impulsivity — it offers immediate gratification and novelty and it encourages multitasking, which can then override working memory and executive control." Experts have long noted that this kind of digital exposure is particularly significant during critical stages of mental, social-emotional and cognitive development... [I]t's especially important for parents themselves to demonstrate a healthier relationship with screens and social media. "One of our previous findings was that parental screen use is a very strong predictor of kids' screen use," Nagata said. Read more of this story at Slashdot.

  • 'Grok Build' Coding Tool Open Sourced This Week, Promises to Respect Zero Data Retention
    by EditorDavid on 19/07/2026 at 3:34 am

    Elon Musk confirmed SpaceX has open sourced the Grok Build CLI this week, reports The Register, "just days after researchers caught the AI tool scooping up users' entire repositories and uploading them to company-controlled cloud storage." That discovery had "gathered so much negative attention that Elon Musk felt compelled to issue a public statement alongside SpaceX, and its technical staff, promising to delete all data that Grok Build has ever stored and give users more choice over how their data is handled." SpaceXAI's data grab was first publicized Sunday [July 12] by Cereblab, who probed Grok Build traffic and found that repos were being packaged up as Git Bundles and beamed to Google Cloud storage... [Elon Musk] said SpaceX would open-source Grok Build to sow greater trust in the product, after the codebase was audited for security vulnerabilities... ["Open-sourcing Grok Build allows anyone to support making a reliable and robust harness," SpaceX posted on X.com. "Check out our code, including the Git repo for the Grok Build CLI."] In a separate statement accompanying the open source announcement, SpaceX said it has always respected Zero Data Retention (ZDR), which was applied to enterprise customers by default, and acknowledged that data retention was enabled by default for everyone else, which has now been corrected. It said: "In response to user questions about privacy: Since launch, Grok Build has fully respected zero data retention (ZDR). All users have always had the ability to disable data upload in the CLI. When data upload was disabled, this choice was respected. In the early beta, data retention was enabled by default for non-ZDR users. Based on your feedback, we changed this. We are now going further to protect privacy. With all retained data deleted, retention default off, and an open-source harness, we are offering complete user privacy. You can also run Grok Build fully open-sourced and local-first with your own inference. "We disabled default retention for all Grok Build users starting on July 12th. Additionally, we are deleting all coding data that was previously retained, ensuring every user's preferences are respected. With these steps, Grok Build goes beyond other major coding products to protect user privacy." SpaceX also invited researchers to probe Grok Build for security issues and report them to its bug bounty program, which offers rewards ranging from $100-$20,000, depending on the severity. The article notes Simon Willison, creator of Datasette and co-creator of Django, wrote this week that the Grok Build codebase comprises 844,530 lines of Rust code. "There are still remnants of the code that used to upload everything to Google Cloud," Willison writes, "but they seem to have been disabled now." Elon Musk also posted Wednesday that "Once we have completed our review for security vulnerabilities, we will make the entire codebase of X open source, with no exceptions. Moreover, we will invite third party reviewers to examine the system that is running to confirm that the open source code is what is running." Read more of this story at Slashdot.

Archives

  • September 2022
  • November 2021
  • June 2021
  • March 2021
  • November 2020
  • October 2020
  • September 2020
  • February 2020
  • January 2020
  • October 2019
  • August 2018
  • July 2018
  • April 2018
  • February 2018
  • January 2018
  • December 2017
  • October 2017
  • September 2017
  • August 2016
  • July 2016
  • March 2016
  • February 2016
  • August 2015
  • May 2015

Categories

  • Innovation
  • Security
  • Software
  • Technology

Tags

backdoor cisco coding json laziness patterns public information announcement security vulnerability
© 2017 IT Sales & Services Ltd
Quality IT solutions in Tanzania since 2010
Iconic One Theme | Powered by Wordpress