Skip to content
I T S S
  • Welcome
  • Hardware
  • Internet
  • Networking
  • Security
  • Data Recovery
  • Support
  • Contact
  • Webmail

A Nice Little Cryptography Primer

By itss | 28/06/2021
0 Comment

Pun Intended.

Category: Technology
Post navigation
← pfSense / Wireguard / Bad Code / Close Call Why Quake3 was so fast : Fast Inverse Square Root →

Recent Posts

  • Hardware Exploits?
  • Why Quake3 was so fast : Fast Inverse Square Root
  • A Nice Little Cryptography Primer
  • pfSense / Wireguard / Bad Code / Close Call
  • Apple Continues Its Trip To The Dark Side With The Release of MacOS 17 (Big Sur)

Slashdot

News for nerds

  • Researchers Discover 14,000 Routers Wrangled Into Never-Before-Seen Botnet
    by BeauHD on 11/03/2026 at 11:00 pm

    An anonymous reader quotes a report from Ars Technica: Researchers say they have uncovered a takedown-resistant botnet of 14,000 routers and other network devices -- primarily made by Asus -- that have been conscripted into a proxy network that anonymously carries traffic used for cybercrime. The malware -- dubbed KadNap -- takes hold by exploiting vulnerabilities that have gone unpatched by their owners, Chris Formosa, a researcher at security firm Lumen's Black Lotus Labs, told Ars. The high concentration of Asus routers is likely due to botnet operators acquiring a reliable exploit for vulnerabilities affecting those models. He said it's unlikely that the attackers are using any zero-days in the operation. The number of infected routers averages about 14,000 per day, up from 10,000 last August, when Black Lotus discovered the botnet. Compromised devices are overwhelmingly located in the US, with smaller populations in Taiwan, Hong Kong, and Russia. One of the most salient features of KadNap is a sophisticated peer-to-peer design based on Kademlia (PDF), a network structure that uses distributed hash tables to conceal the IP addresses of command-and-control servers. The design makes the botnet resistant to detection and takedowns through traditional methods. [...] Despite the resistance to normal takedown methods, Black Lotus says it has devised a means to block all network traffic to or from the control infrastructure." The lab is also distributing the indicators of compromise to public feeds to help other parties block access. [...] People who are concerned their devices are infected can check this page for IP addresses and a file hash found in device logs. To disinfect devices, they must be factory reset. Because KadNap stores a shell script that runs when an infected router reboots, simply restarting the device will result in it being compromised all over again. Device owners should also ensure all available firmware updates have been installed, that administrative passwords are strong, and that remote access has been disabled unless needed. Read more of this story at Slashdot.

  • Microsoft's 'Xbox Mode' Is Coming To Every Windows 11 PC
    by BeauHD on 11/03/2026 at 10:00 pm

    In April, Microsoft will be rolling out a full-screen "Xbox mode" to all Windows 11 PCs, including laptops, desktops, and tablets. The move follows last week's confirmation of its next-generation Xbox console, known internally as Project Helix, which will be capable of running both Xbox titles and PC games. The Verge reports: Technically, you've been able to try the Xbox Full Screen Experience (FSE) in preview since November 2025, if you were part of both the Windows Insider and Xbox Insider Programs. But it needed work, as well as a better name. When Microsoft originally shipped it on the Asus-designed Xbox Ally and Xbox Ally X handhelds, we were clear: it didn't meaningfully turn a PC experience into an easy-to-use Xbox one. But if Microsoft is putting its full weight behind PC as the future of Xbox gaming, perhaps that will change change. Read more of this story at Slashdot.

  • Grammarly Disables Tool Offering Generative-AI Feedback Credited To Real Writers
    by BeauHD on 11/03/2026 at 9:25 pm

    Grammarly has disabled its Expert Review feature after backlash from writers whose names were used to present AI-generated feedback without their permission. Superhuman (formerly Grammarly) CEO Shishir Mehrotra wrote in a LinkedIn post that the company will disable Expert Review while they "reimagine" the feature: Back in August, we launched a Grammarly agent called Expert Review. The agent draws on publicly available information from third-party LLMs to surface writing suggestions inspired by the published work of influential voices. Over the past week, we received valid critical feedback from experts who are concerned that the agent misrepresented their voices. This kind of scrutiny improves our products, and we take it seriously. As context, the agent was designed to help users discover influential perspectives and scholarship relevant to their work, while also providing meaningful ways for experts to build deeper relationships with their fans. We hear the feedback and recognize we fell short on this. I want to apologize and acknowledge that we'll rethink our approach going forward. After careful consideration, we have decided to disable Expert Review while we reimagine the feature to make it more useful for users, while giving experts real control over how they want to be represented -- or not represented at all. We deeply believe in our mission to solve the "last mile of AI" by bringing AI directly to where people work, and we see this as a significant opportunity for experts. For millions of users, Grammarly is a trusted writing sidekick -- ever-present in every application, ready to help. We're opening up this platform so anyone can build agents that work like Grammarly -- expanding from one sidekick to a whole team. Imagine your professor sharpening your essay, your sales leader reshaping a customer pitch, a thoughtful critic challenging your arguments, or a leading expert elevating your proposal. For experts, this is a chance to build that same ubiquitous bond with users, much like Grammarly has. But in this world, experts choose to participate, shape how their knowledge is represented, and control their business model. That future excites me, and I hope to build it with experts who want to develop it alongside us. Read more of this story at Slashdot.

  • Swiss E-Voting Pilot Can't Count 2,048 Ballots After USB Keys Fail To Decrypt Them
    by BeauHD on 11/03/2026 at 8:00 pm

    A Swiss e-voting pilot was suspended after officials couldn't decrypt 2,048 ballots because the USB keys needed to unlock them failed. "Three USB sticks were used, all with the correct code, but none of them worked," spokesperson Marco Greiner told the Swiss Broadcasting Corporation's Swissinfo service. The canton government says it "deeply regrets" the incident and has launched an investigation with authorities. The Register reports: Basel-Stadt announced the problem with its e-voting pilot, open to about 10,300 locals living abroad and 30 people with disabilities, last Friday afternoon. It encouraged participants to deliver a paper vote to the town hall or use a polling station but admitted this would not be possible for many. By the close of polling on Sunday, its e-voting system had collected 2,048 votes, but Basel-Stadt officials were not able to decrypt them with the hardware provided, despite the involvement of IT experts. [...] The votes made up less than 4 percent of those cast in Basel-Stadt and would not have changed any results, but the canton is delaying confirmation of voting figures until March 21 and suspending its e-voting pilot until the end of December, while its public prosecutor's office has started criminal proceedings. The country's Federal Chancellery said e-voting in three other cantons -- Thurgau, Graubunden, and St Gallen -- along with the nationally used Swiss Post e-voting system, had not been affected. Read more of this story at Slashdot.

  • Binance Sues WSJ, Panicked By Gov't Probes Into Sanctioned Crypto Transfers
    by BeauHD on 11/03/2026 at 7:00 pm

    An anonymous reader quotes a report from Ars Technica: Binance is hoping that suing (PDF) The Wall Street Journal for defamation might help shake off a fresh round of government probes into how the cryptocurrency exchange failed to detect $1.7 billion in transfers to a network that was funding Iran-backed terror groups. The lawsuit comes after a Wall Street Journal investigation, based on conversations with insiders and reviews of internal documents, reported that Binance had quietly dismantled its own investigation into the unlawful transfers and then fired compliance staff who initially flagged them. Alleging that the report falsely accused Binance of retaliation -- among 10 other allegedly false claims -- Binance accused the Journal of conducting a "sham" investigation that intentionally disregarded the company's statements. That included supposedly failing to note that Binance had not closed its investigation into the unlawful transfers. Binance's role in the large-scale violation of US sanctions laws is currently being investigated by the Justice and Treasury Departments. Congress members also took notice, including Sen. Richard Blumenthal (D-Conn.), ranking member of the Senate Permanent Subcommittee on Investigations (PSI), who launched an additional inquiry. In a letter to Binance CEO Richard Teng, Blumenthal cited the Journal's report, as well as reporting from The New York Times and Fortune, while demanding that Binance explain how it managed to overlook the money-laundering for so long and why compliance staff members were fired. In its complaint Wednesday, Binance claimed that these probes may "be just the tip of the iceberg" if the record is not corrected. The reputational harm is particularly damaging, the exchange noted, since Binance has allegedly worked hard to strengthen its compliance after reaching a settlement with the US government in 2023. In taking that plea deal, Binance admitted to violating anti-money laundering and sanctions laws and paid a $4.3 billion fine, and its founder, Changpeng Zhao, eventually pled guilty to a related charge. Since that scandal, Binance claimed that the WSJ has "made a business of maligning both the cryptocurrency industry generally and Binance specifically." That's why the Journal allegedly rushed to publish its story following a similar New York Times investigation. Alleging that the WSJ was financially motivated to publish a negative story that would get more clicks, Binance claimed the Journal provided little time to respond and then failed to make necessary corrections before and after publication. Read more of this story at Slashdot.

  • Nvidia Is Planning to Launch Its Own Open-Source OpenClaw Competitor
    by BeauHD on 11/03/2026 at 6:00 pm

    Nvidia is preparing to launch an open-source AI agent platform called NemoClaw, designed to compete with the likes of OpenClaw. According to Wired, the platform will allow enterprise software companies to dispatch AI agents to perform tasks for their own workforces. "Companies will be able to access the platform regardless of whether their products run on Nvidia's chips," the report adds. From the report: The move comes as Nvidia prepares for its annual developer conference in San Jose next week. Ahead of the conference, Nvidia has reached out to companies including Salesforce, Cisco, Google, Adobe, and CrowdStrike to forge partnerships for the agent platform. It's unclear whether these conversations have resulted in official partnerships. Since the platform is open source, it's likely that partners would get free, early access in exchange for contributing to the project, sources say. Nvidia plans to offer security and privacy tools as part of this new open-source agent platform. [...] For Nvidia, NemoClaw appears to be part of an effort to court enterprise software companies by offering additional layers of security for AI agents. It's also another step in the company's embrace of open-source AI models, part of a broader strategy to maintain its dominance in AI infrastructure at a time when leading AI labs are building their own custom chips. Nvidia's software strategy until now has been heavily reliant on its CUDA platform, a famously proprietary system that locks developers into building software for Nvidia's GPUs and has created a crucial "moat" for the company. Read more of this story at Slashdot.

Archives

  • September 2022
  • November 2021
  • June 2021
  • March 2021
  • November 2020
  • October 2020
  • September 2020
  • February 2020
  • January 2020
  • October 2019
  • August 2018
  • July 2018
  • April 2018
  • February 2018
  • January 2018
  • December 2017
  • October 2017
  • September 2017
  • August 2016
  • July 2016
  • March 2016
  • February 2016
  • August 2015
  • May 2015

Categories

  • Innovation
  • Security
  • Software
  • Technology

Tags

backdoor cisco coding json laziness patterns public information announcement security vulnerability
© 2017 IT Sales & Services Ltd
Quality IT solutions in Tanzania since 2010
Iconic One Theme | Powered by Wordpress