Skip to content
I T S S
  • Welcome
  • Hardware
  • Internet
  • Networking
  • Security
  • Data Recovery
  • Support
  • Contact
  • Webmail

A Nice Little Cryptography Primer

By itss | 28/06/2021
0 Comment

Pun Intended.

Category: Technology
Post navigation
← pfSense / Wireguard / Bad Code / Close Call Why Quake3 was so fast : Fast Inverse Square Root →

Recent Posts

  • Hardware Exploits?
  • Why Quake3 was so fast : Fast Inverse Square Root
  • A Nice Little Cryptography Primer
  • pfSense / Wireguard / Bad Code / Close Call
  • Apple Continues Its Trip To The Dark Side With The Release of MacOS 17 (Big Sur)

Slashdot

News for nerds

  • Ruby Fights Supply-Chain Attacks With Filter Offering 'Cooldown' Before Installing New Packages
    by EditorDavid on 08/06/2026 at 11:34 am

    Most supply-chain attacks using Ruby's package hosting site "exploit a narrow window," according to a new blog post form Ruby core maintainer Hiroshi Shibata. So its packaging-managing Bundler tool now offers a filter that blocks new version until it's been public "for at least N days. Releases too new to have been scrutinized are passed over in favor of ones that have aged past the window." The feature was designed in the open, drawing on how other ecosystems approach the same problem. It is opt-in, and complements rather than replaces existing defenses like mandatory 2FA and trusted publishing... Cooldown is unset by default, so a project without it keeps resolving to the newest versions.... Passing 0 disables cooldown for the run... Cooldown is most useful as one part of the wider security investment happening on rubygems.org. The registry now validates gem contents at push time and checks logins against Have I Been Pwned so that compromised passwords cannot be reused, work described in Protecting rubygems.org from the outside in. A dedicated team is running AI-assisted vulnerability scanning against the most critical gems, backed by Alpha Omega and Anthropic, and the direction of all of this is tracked on a public roadmap. Trusted publishing and mandatory 2FA already raise the bar for who can push a release in the first place. Read more of this story at Slashdot.

  • A San Francisco Burglar Escaped in a Robotaxi - and Police Still Can't Find Him
    by EditorDavid on 08/06/2026 at 7:34 am

    A burglar took a self-driving Waymo taxi to rob a San Francisco yoga studio this past January, reports TechCrunch — "and police have still not caught them." Even the police officer assigned to the case thought it would be easier to solve, notes The San Francisco Chronicle, since Waymos are outfitted with multiple high-definition cameras and require users to make accounts with their credit card numbers: It's common for officers to seek video footage of a crime from any of the Waymos, Teslas and other high-tech vehicles that record their surroundings. That information can be crucial for identifying suspects or creating a reliable timeline of events. At times, police will go so far as to obtain search warrants to tow the vehicle "witnesses" to ensure they don't lose valuable video evidence. In the Hot 8 Yoga burglary case, San Francisco police issued a search warrant that forced Waymo to turn over information on the account that ordered the ride and video footage from the white Jaguar that served as the getaway car, police records show. Faye said that he couldn't discuss certain details of the case, but that the Waymo user's account information didn't lead police to the suspect. In general, he said, it's not unusual for a criminal to order a service with stolen information or a burner phone. The video evidence didn't help much either, Faye said. He said that the company had not retained interior footage of the car by the time the search warrant was filed in April and that it had kept the faces seen outside the car blurred for privacy reasons... Waymo does not publicly disclose how long it retains video footage. The company blurs faces and license plates in the public-facing images it uses in a database designed for research.... Last year in Los Angeles, a person allegedly robbed a grocery store before hopping in a Waymo. Officers were able to chase down the vehicle after the suspect got inside, and the car pulled itself over after police turned on the car's emergency lights, according to Los Angeles-area news outlets. "Farah Issa, studio manager of Hot 8 Yoga, showed the Chronicle a copy of the surveillance video from her phone, noting how the Waymo dropped off the suspect and waited for him to finish the burglary before taking off again." Read more of this story at Slashdot.

  • Texas Grid Flags Risks As Data Centers, Crypto Sites Fail Voltage Tests
    by EditorDavid on 08/06/2026 at 4:34 am

    Reuters reports: Several large data centers and crypto facilities planning to connect to the Texas power grid ahead of peak summer demand have failed key reliability tests, raising the risk of power outages just as electricity use hits its seasonal high, according to the state grid operator... Unlike traditional industrial customers, which tend to draw electricity steadily and predictably, data centers are engineered to cut their connection to the grid at the first sign of trouble to protect their equipment and keep services running. That makes them an unpredictable and potentially destabilizing force on grids already under pressure from rising demand. Four groups of unnamed large electricity users, including data centers, abruptly disconnected from the Texas grid during a test of how they would handle routine voltage disturbances, the Electric Reliability Council of Texas (ERCOT) said in a report dated May 21. When large customers abruptly cut their power use, it can knock the grid off balance and trigger wider outages. ERCOT, which manages electricity for most of Texas, said it reviewed about 20 gigawatts of large customers seeking to connect to the system, including eight projects totaling roughly 3.9 gigawatts aiming to start up before July 1. It said it identified four groups of large power users that could each trigger more than 5,000 megawatts of demand tripping under certain fault conditions, based on simulations of transmission system disturbances. Those abrupt drops in demand were equivalent to the electricity consumption of a large city such as Boston. Read more of this story at Slashdot.

  • Police Sued After Imprisoning Innocent Man Placed Near Violent Crime By Flock License Plate Reader
    by EditorDavid on 08/06/2026 at 1:34 am

    "When Hugo Parra was arrested last year on felony charges, his pleas of innocence fell on deaf ears," reports the Times of San Diego: San Diego police had a description of the Alfa Romeo car he was riding in [but no license plate number] and a witness who identified him during a curbside lineup as the man who brandished a handgun in Golden Hill. They had also checked the city's automatic license plate camera system, run by the private company Flock, and got a "hit," substantiating the claim. The problem, says attorney Alex Coolman, was that Parra was five miles away from Golden Hill at the time of the crime, and the so-called hit from the license plate reader was captured before any police pursuit began. "This Flock hit was obviously the wrong car, as it could not have been in both places simultaneously," said Coolman, who represents Parra and the driver, 23-year-old Ariel Beltran. Despite the signs pointing to it being a different Alfa Romeo, police arrested Beltran and Parra... [An officer had informed dispatch that one of the men "matched the victim's description, other than having a different-colored hooded sweatshirt."] Parra spent nearly one month behind bars, missing Thanksgiving and other special events with his family, before the assault with a firearm and evasion charges were dropped. Parras says he was incarcerated with actual murderers, according to the article, and Parra and Beltran are now preparing to sue the city, seeking $1.5 million each in damages for civil rights violations and negligence. Their claim notes they'd driven past several other Flock cameras which officers could've used to corroborate their story (not to mention location data on their cell phones). Meanwhile, the article also notes that last month the Institute for Justice "identified at least 17 cases in the United States of officers allegedly using Automated License Plate Reader technology to keep tabs on partners, exes, and strangers who had caught their eye..." Read more of this story at Slashdot.

  • Prada Unveils 'Liquid Cooling' Inner-Layer Garment for NASA's Moon Astronauts with Knitted-In Ventilation Tubes
    by EditorDavid on 07/06/2026 at 11:27 pm

    Italian fashion house Prada "unveiled on Sunday the inner-layer garment set to be worn by NASA astronauts heading to the moon," reports Reuters. "The body-hugging suit, created in collaboration with Houston-based space infrastructure developer Axiom Space, features ventilation tubes knitted into the garment." Expertise for developing space exploration products "can come from lots of seemingly unrelated industries," said Jonathan Cirtain, CEO of Axiom Space... The new product follows Prada's splashy foray into space fashion in 2024 with the unveiling of a spacesuit that is expected to be used for NASA's anticipated Artemis 4 moon landing in 2028... Other fashion and apparel companies have jumped on the space bandwagon. Under Armour has partnered with spaceflight company Virgin Galactic to create space apparel, while Columbia Sportswear has worked with space exploration company Intuitive Machines on space fabric technology. The new "Liquid Cooling and Ventilation Garment" was displayed on a mannequin at an event at Prada's Manhattan store. Read more of this story at Slashdot.

  • Black Market Tinkerers on Facebook Marketplace Offer to Hide 'Recording Lights' on Meta Smartglasses
    by EditorDavid on 07/06/2026 at 10:17 pm

    People are disabling the "recording light" on Meta's Ray-Ban smartglasses — "by my count, thousands of people," says tech journalist Joanna Stern in a new video report: STERN: "They're hiring people on Facebook Marketplace to drill out the light for as much as $100. According to our reporting, folks are offering this service in at least 30 states — despite Meta's attempts to stop it... In most states, we found multiple listings. In the New York and New Jersey area alone there were 23 listings." Stern watched a man in New Jersey disable and then conceal the light with a drill and dental probe in a New Jersey garage (a skill he learned watching YouTube and TikTok videos). He said the same day he'd already been contacted by eight more interested customers, and Stern also found at least 10 other people willing to do the same thing, just in New Jersey. "But what we found is they're all over the country." Meta sold 7 million smartglasses in 2025, but a Meta spokesperson insisted to the videomaker that a "majority" of their smartglasses owners aren't blocking the recording light. And furthermore, they added "We aggressively target anyone advertising tampering tools, have removed thousands of violating ads and Marketplace listings for these services, and pursue legal action when appropriate." (The reporter acknowledges "many" of the Marketplace ads disappeared after they brought them to Meta's attention — and Meta also said they were working with other retailers and sellers to take down listings for smartglasses-tampering parts.) The reporter also heard from one journalist who said they'd used it so they could record the activities of federal immigration agents without being targeted. "Others told me they just don't want people asking questions when they're recording." (There's video of one young man saying "It's already difficult enough to film in public. I don't want to have a blinking light on my face.") Tampering with smartglasses isn't illegal — though it is against Meta's Terms of Service, and could void your warranty. But a lawyer in the report says recording others without consent may be illegal, depending on a wide range of "jurisdictional nuances" like whether you live in an all-party consent state or a one-party consent state. "This seems to be our new reality," the report concludes: "more cameras, more microphones everywhere, and less certainty about who and what is recording." (Tech blogger John Gruber offered this assessment. "Using a Meta platform to find people to hack a Meta device so you can surreptitiously record strangers. So perfectly Meta.") Stern's report points out that "People are trying to fight back. Apps have popped up that use Bluetooth to scan for nearby camera glasses." (In the video one app-maker wonders why Meta isn't offering the same service themselves. "There are technical solutions to these problems.") Ironically, when I watched the report on YouTube, it was preceded by... an ad for Meta's Ray-Ban AI smartglasses. Read more of this story at Slashdot.

Archives

  • September 2022
  • November 2021
  • June 2021
  • March 2021
  • November 2020
  • October 2020
  • September 2020
  • February 2020
  • January 2020
  • October 2019
  • August 2018
  • July 2018
  • April 2018
  • February 2018
  • January 2018
  • December 2017
  • October 2017
  • September 2017
  • August 2016
  • July 2016
  • March 2016
  • February 2016
  • August 2015
  • May 2015

Categories

  • Innovation
  • Security
  • Software
  • Technology

Tags

backdoor cisco coding json laziness patterns public information announcement security vulnerability
© 2017 IT Sales & Services Ltd
Quality IT solutions in Tanzania since 2010
Iconic One Theme | Powered by Wordpress