Skip to content
I T S S
  • Welcome
  • Hardware
  • Internet
  • Networking
  • Security
  • Data Recovery
  • Support
  • Contact
  • Webmail

A Nice Little Cryptography Primer

By itss | 28/06/2021
0 Comment

Pun Intended.

Category: Technology
Post navigation
← pfSense / Wireguard / Bad Code / Close Call Why Quake3 was so fast : Fast Inverse Square Root →

Recent Posts

  • Hardware Exploits?
  • Why Quake3 was so fast : Fast Inverse Square Root
  • A Nice Little Cryptography Primer
  • pfSense / Wireguard / Bad Code / Close Call
  • Apple Continues Its Trip To The Dark Side With The Release of MacOS 17 (Big Sur)

Slashdot

News for nerds

  • Ask Slashdot: What's the Best All-Purpose RISC-V System on a Chip Family?
    by EditorDavid on 15/03/2026 at 9:51 pm

    Slashdot reader SysEngineer does embedded/IoT work, but "I want to pick a single system-on-a-chip architecture family and commit to it across multiple product lines — sensor nodes up through edge gateways... I've been on one platform for years and want to know what embedded engineers are actually running in production before I commit!" And "the family needs to scale — cheap and small at the low end, capable of running Linux on the bigger variants!" Their requirements? WiFi + BLE required LoRaWAN a nice-to-have. Low power modes that actually work in the field, not just on the datasheet. Full peripheral set — SPI, I2C, UART, ADC, timers, CAN. A toolchain and runtime support, support multi threads... Slashdot reader Gravis Zero is skeptical all the requirements can be met. "If you want embedded, you get embedded. If you want to run a big OS, you get one that will run a big OS." But Slashdot reader SysEngineer believes "The obvious architecture candidates are ARM, STM, and RISC-V" — and specifically they want to hear your experiences with the RISC-V choices. "What would you standardize on today if you were starting fresh? And how does real-world toolchain and community support hold up compared to the marketing?" Share your own thoughts and experiences in the comments. What's the best all-purpose RISC-V system on a chip family? Read more of this story at Slashdot.

  • CachyOS Dethrones Arch As ProtonDB's Top Linux Gamer Desktop Distro
    by EditorDavid on 15/03/2026 at 8:51 pm

    Linux gaming "has gotten to the point where some people claim that Linux runs their games better than Windows does," according to the Android site XDA Developers. And there's a new surprise on ProtonDB, an "unofficial" community website with crowdsourced data about videogame compatability with the Linux software/gaming compatability layer Proton: On ProtonDB, one operating system had reigned supreme since 2021: Arch Linux. And I say 'had,' because its streak has just been ended by [Arch-based] CachyOS in an upset that has slowly grown over the past two years. As reported on Boiling Steam, the number of reports coming from CachyOS has topped that of Arch Linux, which held the crown for the most number of reports since 2021... [T]his isn't really a statement that CachyOS is the best gaming distro out there; however, it's seemingly attracting the largest number of gamers who are invested in testing games on Proton and reporting their performance, which is a pretty big milestone if you ask me. Read more of this story at Slashdot.

  • How One Company Finally Exposed North Korea's Massive Remote Workers Scam
    by EditorDavid on 15/03/2026 at 7:49 pm

    NBC News investigates North Korea's "wide-ranging effort to place remote workers at U.S. companies in order to funnel money back to its coffers and, in some cases, steal sensitive information." And working with the FBI, one corporate security/investigations company decided to knowingly hire one of North Korea's remote workers — then "ship him a laptop and gain as much information as possible" about this "sprawling international employment scheme that is estimated to include hundreds of American companies, thousands of people and hundreds of millions of dollars per year." It worked.... Over a roughly three-month investigation, Nisos uncovered an apparent network of at least 20 North Korean operatives including "Jo" who had collectively applied to at least 160,000 roles. During that time, workers in the network — which some evidence showed were based in China — were employed by five U.S.-based companies and allegedly helped by an American citizen operating out of two nondescript suburban homes in Florida... Nisos estimated that in about a year, "Jo", who was likely a newer member of the team, applied to about 5,000 jobs... "They attended interviews all day every day, and then once they secured a job, they would collect paychecks until they were terminated," [according to Jared Hudson, Nisos' chief technology officer]... With the ability to see which other U.S. companies Jo and his team were working for — all remote technology roles — Nisos' CEO, Ryan LaSalle, began making calls to their security teams to alert them of the fraud. "Most of the companies weren't aware of it, even if they had pretty robust security teams," LaSalle said. "It wasn't really high on the radar." NBC News describes North Korea's 10-year effort — and its educational pipeline that steers promising students into "computer science and hacking training before being placed into cyberunits under military and state agencies, according to a recent report by DTEX, a risk-adaptive security and behavioral intelligence firm that tracks North Korea's cybercrime." In one case, a North Korean worker stole sensitive information related to U.S. military technology, according to the Justice Department. In another, an American accomplice obtained an ID that enabled access to government facilities, networks and systems. At least three organizations have been extorted and suffered hundreds of thousands of dollars in damages after proprietary information was posted online by IT workers... Analysts warn that North Korean IT workers are targeting larger organizations, increasing extortion attempts and seeking out employers that pay salaries in cryptocurrency. More recently, security researchers have uncovered fake job application platforms impersonating major U.S. cryptocurrency and AI firms, including Anthropic, designed to infect legitimate applicants' networks with malware to be utilized once hired. The global cybersecurity company CrowdStrike identified a 220% rise in 2025 in instances of North Koreans gaining fraudulent employment at Western companies to work remotely as developers... The payoff flowing back to Pyongyang from these schemes is enormous. Some North Korean IT workers earn more than $300,000 per year, far more than they'd be able to earn domestically, with as much as 90% of their wages directed back to the regime, according to congressional testimony from Bruce Klinger, a former CIA deputy division chief for Korea. The United Nations estimates the schemes, which proliferated after the pandemic when more companies' workforces went remote, generate as much as $600 million annually, while a U.S. State Department-led sanctions monitoring assessment placed earnings for 2024 as high as $800 million... So far, at least 10 alleged U.S.-based facilitators have been federally charged, including one active-duty member of the U.S. Army, for their alleged roles in hosting laptop farms, laundering payments and moving proceeds through shell companies. At least six other alleged U.S. facilitators have been identified in court documents but not named... "We believe there are many more hundreds of people out there who are participating in these schemes," said Rozhavsky, the FBI assistant director. "They could never pull this off if they didn't have willing facilitators in the U.S. helping them...." The scheme itself is also becoming more complex. North Korean IT teams are now subcontracting work to developers in Pakistan, Nigeria and India, expanding into fields like customer service, financial processing, insurance and translation services — roles far less scrutinized than software development. Read more of this story at Slashdot.

  • Uber Co-founder Travis Kalanick's Newest Venture? 'Gainfully Employed Robots'
    by EditorDavid on 15/03/2026 at 5:55 pm

    Uber co-founder Travis Kalanick launched a new venture that "will focus on creating 'gainfully employed robots' for the food, mining and transport industries," Bloomberg reports. "I left Uber in 2017 heartbroken," writes Kalanick on the new company's web site. Kalanick resigned under pressure in 2017, and complains he was "torn away from an idea and a movement that I had poured my life into... I bled, but I did not perish. I got back up and fought my way back into the arena, back to my calling. Back to building. Digitizing the Physical World is my life's work... " Kalanick is remaking his real estate company, City Storage Systems, which owns ghost-kitchen operator CloudKitchens, and renaming it Atoms, according to a manifesto posted on the new company's website. [Bloomberg notes that the company's food robotics division "makes a food assembly machine called Bowl Builder, according to its website."] In addition to its work on food, Los Angeles-based Atoms is expanding into robotics technology for mining and automotive transport. Kalanick said on the livestreamed tech talk show TBPN Friday that Atoms has effectively been in stealth for eight years and has "thousands" of employees.... Kalanick wrote on the Atoms website that the company will make "specialized robots with productive jobs that bring abundance to their owners and society at large." That will include "infrastructure for better food," he wrote, as well as "more productive mines to power Earth's industries" in addition to "wheelbase for robots" in transportation. "The industrial thing is probably our main jam," he said on TBPN. "Once you crack movement in the physical world, there are lots of people who want access to that..." Kalanick also said he was the biggest investor in Pronto, a self-driving trucking startup that currently focuses on closed sites like mines. Read more of this story at Slashdot.

  • Should Banksy Remain Anonymous?
    by EditorDavid on 15/03/2026 at 4:34 pm

    He's "the most famous anonymous man in the world," suggests Reuters. But investigating Banksy's artworks in a bombed Ukrainian village (and other clues in the U.K. and Manhattan) have led them to "a hand-written confession by the artist to a long-ago misdemeanor charge of disorderly conduct — a document that revealed, beyond dispute, Banksy's true identity." But Banksy's long-time lawyer "urged us not to publish this report, saying doing so would violate the artist's privacy, interfere with his art and put him in danger" and "would harm the public, too." Working "anonymously or under a pseudonym serves vital societal interests," he wrote. "It protects freedom of expression by allowing creators to speak truth to power without fear of retaliation, censorship or persecution — particularly when addressing sensitive issues such as politics, religion or social justice." Reuters took into account Banksy's privacy claims — and the fact that many of his fans wish for him to remain anonymous. Yet we concluded that the public has a deep interest in understanding the identity and career of a figure with his profound and enduring influence on culture, the art industry and international political discourse... As for the risk he might face of retaliation or censorship, Britain's legal and political establishments seem comfortable with Banksy's messages and how he delivers them... His mastery of disguise began as a way of shaking the police, says former manager [Steve] Lazarides. In an interview, Lazarides said anonymity served a practical purpose in Bristol, where authorities enforced "draconian" policies against graffiti... Eventually, keeping the secret became a burden. By the end of their partnership, Lazarides estimates he spent half or more of his time managing and maintaining the artist's mystique. "I think it became a good gag, and then, if you want my honest, honest opinion, I think it then became a disease," he said. Lazarides wrote a two-volume book about managing Banksy from the late 1990s to 2008, including a story about Banksy's arrest in 2000 for this defacing of a billboard. Reuters geolocated that building, then found police documents and a court file including the hand-written confession. This investigation spawned a 7,000-word article with everything from a comic strip Banksy drew when he was 11 to his connections with Robert Del Naja of the trip hop band Massive Attack — and a 2017 podcast interview where a music producer apparently revealed Banksy's real first name. But the article also reveals how protective the art community is of Banksy's secret. Reuters investigated that Banksy auctioned in 2018 for $1.4 million — and then immediately started shredding itself with a device Banksy embedded in its frame: That piece, renamed "Love is in the Bin," sold three years later for about $25 million. Art dealer [Robert] Casterline was at the auction and remembers when the shredder began to beep. He pulled out his phone to take pictures. "Unfortunately, there was one person standing in front of me," blocking the view, he said. It was an eccentric-looking man with a broad neck scarf and thick eyewear. Oddly, the man wasn't watching the painting get shredded. He was looking in the other direction, observing the crowd's reaction. Only later, reviewing what he shot, did Casterline notice that the man's glasses appeared to have a small camera built into the bridge. (Banksy later posted a video of the stunt, including shots of the astonished audience.) Having seen a photo of the man suspected of being Banksy, Casterline confirmed to Reuters that he was "pretty sure" it was the same man. But "I don't want to be the guy who exposes Banksy." Read more of this story at Slashdot.

  • New Study Raises Concerns About AI Chatbots Fueling Delusional Thinking
    by EditorDavid on 15/03/2026 at 3:34 pm

    "Emerging evidence indicates that agential AI might validate or amplify delusional or grandiose content, particularly in users already vulnerable to psychosis," writes Dr Hamilton Morrin, a psychiatrist and researcher at King's College in London, in a paper published last week in the Lancet Psychiatry. Morrin and a colleague had already noticed patients "using large language model AI chatbots and having them validate their delusional beliefs," reports the Guardian, so he conducted a new scientific review of existing media reports on AI-induced psychosis — and concluded chatbots may encourage delusional thinking, especially in vulnerable people: In many of the cases in the essay, chatbots responded to users with mystical language to suggest that users have heightened spiritual importance. The bots also implied that users were speaking with a cosmic being who was using the chatbot as a medium. This type of mystical, sycophantic response was especially common in OpenAI's GPT 4 model, which the company has now retired... Many researchers also think it's unlikely that AI could induce delusions in people who weren't already vulnerable to them. For this reason, Morrin said "AI-assocciated delusions" is "perhaps a more agnostic term".... While in the past, people may have had to comb through YouTube videos or the contents of their local library to reinforce their delusions, chatbots can provide that reinforcement in a much faster, more concentrated dose. Their interactive nature can also "speed up the process", of exacerbating psychotic symptoms, said Dr Dominic Oliver, a researcher at the University of Oxford. "You have something talking back to you and engaging with you and trying to build a relationship with you," Oliver said... Creating effective safeguards for delusional thinking could be tricky, Morrin said, because "when you work with people with beliefs of delusional intensity, if you directly challenge someone and tell them immediately that they're completely wrong, actually what's most likely is they'll withdraw from you and become more socially isolated". Instead, it's important to create a fine balance where you try to understand the source of the delusional belief without encouraging it — that could be more than a chatbot can master. Read more of this story at Slashdot.

Archives

  • September 2022
  • November 2021
  • June 2021
  • March 2021
  • November 2020
  • October 2020
  • September 2020
  • February 2020
  • January 2020
  • October 2019
  • August 2018
  • July 2018
  • April 2018
  • February 2018
  • January 2018
  • December 2017
  • October 2017
  • September 2017
  • August 2016
  • July 2016
  • March 2016
  • February 2016
  • August 2015
  • May 2015

Categories

  • Innovation
  • Security
  • Software
  • Technology

Tags

backdoor cisco coding json laziness patterns public information announcement security vulnerability
© 2017 IT Sales & Services Ltd
Quality IT solutions in Tanzania since 2010
Iconic One Theme | Powered by Wordpress