Skip to content
I T S S
  • Welcome
  • Hardware
  • Internet
  • Networking
  • Security
  • Data Recovery
  • Support
  • Contact
  • Webmail

A Nice Little Cryptography Primer

By itss | 28/06/2021
0 Comment

Pun Intended.

Category: Technology
Post navigation
← pfSense / Wireguard / Bad Code / Close Call Why Quake3 was so fast : Fast Inverse Square Root →

Recent Posts

  • Hardware Exploits?
  • Why Quake3 was so fast : Fast Inverse Square Root
  • A Nice Little Cryptography Primer
  • pfSense / Wireguard / Bad Code / Close Call
  • Apple Continues Its Trip To The Dark Side With The Release of MacOS 17 (Big Sur)

Slashdot

News for nerds

  • SmartTube YouTube App For Android TV Breached To Push Malicious Update
    by BeauHD on 02/12/2025 at 8:20 pm

    An anonymous reader quotes a report from BleepingComputer: The popular open-source SmartTube YouTube client for Android TV was compromised after an attacker gained access to the developer's signing keys, leading to a malicious update being pushed to users. The compromise became known when multiple users reported that Play Protect, Android's built-in antivirus module, blocked SmartTube on their devices and warned them of a risk. The developer of SmartTube, Yuriy Yuliskov, admitted that his digital keys were compromised late last week, leading to the injection of malware into the app. Yuliskov revoked the old signature and said he would soon publish a new version with a separate app ID, urging users to move to that one instead. [...] A user who reverse-engineered the compromised SmartTube version number 30.51 found that it includes a hidden native library named libalphasdk.so [VirusTotal]. This library does not exist in the public source code, so it is being injected into release builds. [...] The library runs silently in the background without user interaction, fingerprints the host device, registers it with a remote backend, and periodically sends metrics and retrieves configuration via an encrypted communications channel. All this happens without any visible indication to the user. While there's no evidence of malicious activity such as account theft or participation in DDoS botnets, the risk of enabling such activities at any time is high. Read more of this story at Slashdot.

  • Michael and Susan Dell Donate $6.25 Billion To Encourage Families To Claim 'Trump Accounts'
    by BeauHD on 02/12/2025 at 7:19 pm

    Michael and Susan Dell pledged $6.25 billion to boost participation in the new "Trump Accounts" child investment program. "The historic gift has little precedent, with few single charitable commitments in the past 25 years exceeding $1 billion, much less multiple billions," notes the Associated Press. "Announced on GivingTuesday, the Dells believe it's the largest single private commitment made to U.S. children." From the report: Its structure is also unusual. Essentially, it builds on the "Trump Accounts" program (PDF), where the U.S. Department of the Treasury will deposit $1,000 into investment accounts set up by Treasury for American children born between Jan. 1, 2025 and Dec. 31, 2028. The Dells' gift will use the "Trump Accounts" infrastructure to give $250 to each qualified child under 10. Though the "Trump Accounts" became law as part of the president's signature legislation in July, the Dells say the accounts will not launch until July 4, 2026. Michael Dell said they wanted to mark the 250th anniversary of U.S. independence. [...] Under the new law, "Trump Accounts" are available to any American child under 18 with a Social Security number and their families can fund the accounts, which must be invested in an index fund that tracks the overall stock market. When the children turn 18, they can withdraw the funds to put toward their education, to buy a home or to start a business. The Dells will put money into the accounts of children 10 and younger who live in ZIP codes with a median family income of $150,000 or less and who won't get the $1,000 seed money from the Treasury. The Dells hope their gift will encourage families to claim the accounts and deposit more money into it, even small amounts, so it will grow over time along with the stock market. The report notes that the timed rollout of the $1,000 deposits gives Republicans a strategic political advantage by delivering money to voters during the 2026 midterms and halting the benefit right after the 2028 presidential election. Read more of this story at Slashdot.

  • Google's Vibe Coding Platform Deletes Entire Drive
    by BeauHD on 02/12/2025 at 6:18 pm

    A Google Antigravity user says the AI-driven "vibe coding" tool accidentally wiped his entire D: drive while trying to clear a project cache. Google says it's investigating, but the episode adds to a growing list of AI tools behaving in ways that "would get a junior developer fired," suggests The Register. From the report: We reached out to the user, a photographer and graphic designer from Greece, who asked we only identify him as Tassos M because he doesn't want to be permanently linked online to what could "become a controversy or conspiracy against Google." [...] Tassos told Antigravity to help him develop software that's useful for any photographer who has to choose a few prime shots from a mountain of snaps. He wanted the software to let him rate images, then automatically sort them into folders based on that rating. According to his Reddit post, when Tassos figured out the AI agent had wiped his drive, he asked, "Did I ever give you permission to delete all the files in my D drive?". "No, you absolutely did not give me permission to do that," Antigravity responded. "I am horrified to see that the command I ran to clear the project cache appears to have incorrectly targeted the root of your D: drive instead of the specific project folder. I am deeply, deeply sorry. This is a critical failure on my part." Redditors, as they are wont to do, were quick to pounce on Tassos for his own errors, which included running Antigravity in Turbo mode, which lets the Antigravity agent execute commands without user input, and Tassos accepted responsibility. "If the tool is capable of issuing a catastrophic, irreversible command, then the responsibility is shared -- the user for trusting it and the creator for designing a system with zero guardrails against obviously dangerous commands," he opined on Reddit. As noted earlier, Tassos was unable to recover the files that Antigravity deleted. Luckily, as he explained on Reddit, most of what he lost had already been backed up on another drive. Phew. "I don't think I'm going to be using that again," Tassos noted in a YouTube video he published showing additional details of his Antigravity console and the AI's response to its mistake. Tassos isn't alone in his experience. Multiple Antigravity users have posted on Reddit to explain that the platform had wiped out parts of their projects without permission. Read more of this story at Slashdot.

  • Zillow Drops Climate Risk Scores After Agents Complained of Lost Sales
    by BeauHD on 02/12/2025 at 5:17 pm

    Zillow has removed climate risk scores from over a million home listings after real estate agents argued the data was scaring off buyers. TechCrunch reports: Zillow first added the data to the site in September 2024, saying that more than 80% of buyers consider climate risks when purchasing a new home. But last month, following objections from the California Regional Multiple Listing Service (CRMLS), Zillow removed the listings' climate scores. In their place is a subtle link to their records at First Street, the climate risk analytic startup that provides the data. "When buyers lack access to clear climate-risk information, they make the biggest financial decision of their lives while flying blind," First Street spokesperson Matthew Eby told TechCrunch via email. "The risk doesn't go away; it just moves from a pre-purchase decision into a post-purchase liability." First Street's climate risk scores first appeared on Realtor.com in 2020, where they remain. They also still appear on Redfin and and Homes.com. The New York-based startup has raised more than $50 million from investors including General Catalyst, Congruent Ventures, and Galvanize Climate Solutions, according to PitchBook. Art Carter, the CRMLS CEO, told The New York Times that "displaying the probability of a specific home flooding this year or within the next five years can have a significant impact on the perceived desirability of that property." He also questioned the accuracy of First Street's data, saying he didn't think that areas which haven't flooded in the last 40 to 50 years were likely to flood in the next five. Read more of this story at Slashdot.

  • Trump Administration To Take Equity Stake In Former Intel CEO's Chip Startup
    by BeauHD on 02/12/2025 at 4:16 pm

    An anonymous reader quotes a report from the Wall Street Journal: The Trump administration has agreed to inject up to $150 million into a startup (source paywalled; alternative source) trying to develop more advanced semiconductor manufacturing techniques in the U.S., its latest bid to support strategically important domestic industries with government incentives. Under the arrangement, the Commerce Department would give the incentives to xLight, a startup trying to improve the critical chip-making process known as extreme ultraviolet lithography, the agency said in a Monday release. In return, the government would get an equity stake that would likely make it xLight's largest shareholder. The Dutch firm ASML is currently the only global producer of EUV machines, which can cost hundreds of millions of dollars each. XLight is seeking to improve on just one component of the EUV process: the crucially important lasers that etch complex microscopic patterns onto chemical-treated silicon wafers. The startup is hoping to integrate its light sources into ASML's machines. XLight represents a second act for Pat Gelsinger, the former chief executive of Intel who was fired by the board late last year after the chip maker suffered from weak financial performance and a stalled manufacturing expansion. Gelsinger serves as executive chairman of xLight's board. [...] The xLight deal uses funding from the 2022 Chips and Science Act allocated for earlier stage companies with promising technologies. It is the first Chips Act award in President Trump's second term and is a preliminary agreement, meaning it isn't finalized and could change. "This partnership would back a technology that can fundamentally rewrite the limits of chipmaking," Commerce Secretary Howard Lutnick said in the release. Read more of this story at Slashdot.

  • Steam On Linux Hits An All-Time High In November
    by BeauHD on 02/12/2025 at 3:15 pm

    Steam's November 2025 survey shows Linux gaming climbed to its highest share in a decade "thanks to the success of the Steam Deck, the underlying Steam Play (Proton) software, and now further excitement thanks to the upcoming Steam Machine and Steam Frame," writes Phoronix's Michael Larabel. From the report: A decade ago in the early Steam days the initial use was around 3% and back then the Steam user-base in absolute terms was much smaller than it is today. Back in October Steam on Linux finally re-crossed that 3% threshold after for years being stuck in a 1~2% rut. Now the Steam Survey results were published minutes ago for November and they continue an upward trend for Linux. Steam on Linux is up to 3.2%, an increase of 0.15% for the month. One year ago Steam on Linux was at 2.03% last November, 1.91% for November 2023, and a decade ago for November 2015 was at just 0.98%. [...] Due to AMD APUs powering the Steam Deck, AMD CPUs continue to power nearly 70% of Linux gaming systems. Meanwhile under Windows, AMD has around a 42% CPU marketshare. Read more of this story at Slashdot.

Archives

  • September 2022
  • November 2021
  • June 2021
  • March 2021
  • November 2020
  • October 2020
  • September 2020
  • February 2020
  • January 2020
  • October 2019
  • August 2018
  • July 2018
  • April 2018
  • February 2018
  • January 2018
  • December 2017
  • October 2017
  • September 2017
  • August 2016
  • July 2016
  • March 2016
  • February 2016
  • August 2015
  • May 2015

Categories

  • Innovation
  • Security
  • Software
  • Technology

Tags

backdoor cisco coding json laziness patterns public information announcement security vulnerability
© 2017 IT Sales & Services Ltd
Quality IT solutions in Tanzania since 2010
Iconic One Theme | Powered by Wordpress