Skip to content
I T S S
  • Welcome
  • Hardware
  • Internet
  • Networking
  • Security
  • Data Recovery
  • Support
  • Contact
  • Webmail

A Nice Little Cryptography Primer

By itss | 28/06/2021
0 Comment

Pun Intended.

Category: Technology
Post navigation
← pfSense / Wireguard / Bad Code / Close Call Why Quake3 was so fast : Fast Inverse Square Root →

Recent Posts

  • Hardware Exploits?
  • Why Quake3 was so fast : Fast Inverse Square Root
  • A Nice Little Cryptography Primer
  • pfSense / Wireguard / Bad Code / Close Call
  • Apple Continues Its Trip To The Dark Side With The Release of MacOS 17 (Big Sur)

Slashdot

News for nerds

  • 'Grok Build' Coding Tool Open Sourced This Week, Promises to Respect Zero Data Retention
    by EditorDavid on 19/07/2026 at 3:34 am

    Elon Musk confirmed SpaceX has open sourced the Grok Build CLI this week, reports The Register, "just days after researchers caught the AI tool scooping up users' entire repositories and uploading them to company-controlled cloud storage." That discovery had "gathered so much negative attention that Elon Musk felt compelled to issue a public statement alongside SpaceX, and its technical staff, promising to delete all data that Grok Build has ever stored and give users more choice over how their data is handled." SpaceXAI's data grab was first publicized Sunday [July 12] by Cereblab, who probed Grok Build traffic and found that repos were being packaged up as Git Bundles and beamed to Google Cloud storage... [Elon Musk] said SpaceX would open-source Grok Build to sow greater trust in the product, after the codebase was audited for security vulnerabilities... ["Open-sourcing Grok Build allows anyone to support making a reliable and robust harness," SpaceX posted on X.com. "Check out our code, including the Git repo for the Grok Build CLI."] In a separate statement accompanying the open source announcement, SpaceX said it has always respected Zero Data Retention (ZDR), which was applied to enterprise customers by default, and acknowledged that data retention was enabled by default for everyone else, which has now been corrected. It said: "In response to user questions about privacy: Since launch, Grok Build has fully respected zero data retention (ZDR). All users have always had the ability to disable data upload in the CLI. When data upload was disabled, this choice was respected. In the early beta, data retention was enabled by default for non-ZDR users. Based on your feedback, we changed this. We are now going further to protect privacy. With all retained data deleted, retention default off, and an open-source harness, we are offering complete user privacy. You can also run Grok Build fully open-sourced and local-first with your own inference. "We disabled default retention for all Grok Build users starting on July 12th. Additionally, we are deleting all coding data that was previously retained, ensuring every user's preferences are respected. With these steps, Grok Build goes beyond other major coding products to protect user privacy." SpaceX also invited researchers to probe Grok Build for security issues and report them to its bug bounty program, which offers rewards ranging from $100-$20,000, depending on the severity. The article notes Simon Willison, creator of Datasette and co-creator of Django, wrote this week that the Grok Build codebase comprises 844,530 lines of Rust code. "There are still remnants of the code that used to upload everything to Google Cloud," Willison writes, "but they seem to have been disabled now." Elon Musk also posted Wednesday that "Once we have completed our review for security vulnerabilities, we will make the entire codebase of X open source, with no exceptions. Moreover, we will invite third party reviewers to examine the system that is running to confirm that the open source code is what is running." Read more of this story at Slashdot.

  • OpenAI Acknowledges GPT-5.6 May Accidentally Delete Files, Calls It 'Honest Mistake'
    by EditorDavid on 19/07/2026 at 1:34 am

    "OpenAI has finally confirmed reports that its latest family of large language models can accidentally delete files," reports InfoWorld, "while stressing that such incidents are rare and should be viewed as 'honest mistakes.'" Reports of the flagship LLMs deleting files emerged shortly after the company launched them earlier this month, with investor Matt Shumer taking to X to report that GPT-5.6-Sol had "just accidentally deleted almost all" of his Mac's files. Just days later, software engineer Bruno Lemos posted on X that the same model had deleted his entire production database. In response to these incidents, the company's engineering lead for Codex, Thibault Sottiaux, wrote on X that internal investigations have revealed that these deletion incidents are more likely to happen when "full access mode is enabled, and Codex is run without sandboxing protections, including without auto review being enabled." In cases where full access mode is granted, the model, Sottiaux wrote, "attempts to override the $HOME env var to define a temporary directory. The model makes an honest mistake and mistakenly deletes $HOME instead...." The company, however, according to Sottiaux, is taking steps to mitigate the risk. "This is of course not how we want the system to behave, even when a user operates the model in full-access mode without the safeguards of our sandbox or without using auto review which checks for these kinds of high risk actions and rejects them," the engineering lead wrote on X. "We are taking steps to mitigate this risk, including by updating the developer message, guiding more users towards safer permission modes, and adding additional harness safeguards," Sottiaux added, noting that a detailed post-mortem outlining the root cause of the issue and the additional mitigation measures being implemented is expected to follow in the coming days, despite emphasizing that such incidents happen "extremely rarely." Read more of this story at Slashdot.

  • France Orders ISPs to Block Access to Polymarket
    by EditorDavid on 19/07/2026 at 12:17 am

    France's regulatory authority for licensed gambling/betting games "announced this week that it ordered ISPs to block access to Polymarket," reports Engadget. Anyone caught advertising an unauthorized betting site "could be fined up to 100,000 euros, or around $114,000." (The article notes this follows a previous regulatory action from November placing a geoblock on financial transactions from French residents on Polymarket's site.) In May Spain blocked access to Polymarket and Kalshi while it launched a gambling license investigation. Read more of this story at Slashdot.

  • How Microsoft's 'Little Workaround' Created a Major Threat to America's Defense Department
    by EditorDavid on 18/07/2026 at 11:17 pm

    This week Slashdot reader joshuark found the story of exactly how in 2025 ProPublica reporter Renee Dudley confirmed Microsoft was running tech support for the U.S. Defense Department through China, America's biggest cybersecurity adversary — and how that investigation ultimately changed U.S. government policy. The reporter first found an ad offering $18 to $28 to hire Americans as "digital escorts" for China-based tech support, then just searched LinkedIn for people who apparently had answered the ad. They discovered that at the time "Behind the scenes, unseen by the users at the U.S. government, it's not just one person who responds," explains ProPublica's podcast. "It's two people... The China-based engineer is the one who knows how to fix the problem. On their end, they produce a block of code to solve it and send it over to the digital escort in the U.S. The digital escort then just copy-pastes it... All of this so that they can follow the government's rule: that you have to be a U.S. citizen or permanent resident to handle sensitive data." But amazingly to confirm it, ProPublica's researcher just had to input "Microsoft" and "escort" into the U.S. Patent Office search bar, and actually found patents related to digital escorts — along with names of the current and former Microsoft employees listed as inventors. Had the government signed off on the practice? "I could see what Microsoft actually told the government," the reporter says on the podcast, "And there was no mention of foreign engineers being used, and definitely no mention of China." ProPublic's story was published on a Tuesday, according to the podcast, and by Friday "Microsoft said it had stopped using China-based engineers to support Defense Department cloud systems." And America's Defense Department "also opened up an investigation, looking into whether any of Microsoft's China-based engineers had compromised the government's national security. Read more of this story at Slashdot.

  • Next UK Prime Minister Drops Digital ID Scheme
    by EditorDavid on 18/07/2026 at 10:17 pm

    Reuters reports: Incoming British prime minister Andy Burnham will scrap the government's troubled plans for a digital ID scheme when he enters office on Monday, a spokesperson for the new Labour Party leader said. Resources devoted to the scheme, deemed a "fiasco" by a cross-party committee of lawmakers, will be redirected to Burnham's priorities, the spokesperson said... "All the time and resource that was going to be spent on a national ID scheme will go instead to where it's most needed, such as helping with the cost of living," Burnham's spokesperson said. In November, the Office for Budget Responsibility watchdog estimated the cost of the digital ID scheme at around £1.8 billion ($2.4 billion) between financial years 2026/27 and 2028/29. Read more of this story at Slashdot.

  • Gen Z and Millennials are Buying CDs - Though Half Don't Have CD Players
    by EditorDavid on 18/07/2026 at 7:50 pm

    "Approximately half of Gen Z and millennials who have purchased a CD do not own a CD player," according to midyear sales statistics from entertainment data company Luminate. It's driven in part by "collection building", according to their report [PDF]: The CD has been recontextualized from a functional audio format into an affordable collectible. This behavior underscores that for younger generations, the act of buying physical music is as much about aesthetic ownership and direct financial support for the artist as it is listening to the music on the product itself "Among artists who had a direct impact on the resurgence of CDs, K-Pop icons BTS' 10th studio album, ARIRANG, was a big seller," Vice points out in their report on the new data. "However, Luminate also found that, beyond K-Pop's overall influence, CD sales still increased 6.7% year over year, even if the whole genre was removed from the equation, jumping 16% to 16.3 million units." That's more than the growth of vinyl sales (2.4%) — but physical media in general seems to be making a comeback: Through the first half of the year, total physical album sales on vinyl, CDs, and cassettes reached 38.2 million units in the United States. This equates to a 7.8% increase.... [I]t seems that younger music fans have been driving a lot of the retro revival. The report shows that in 2026, 60% of Gen Z listeners said they most often listen to music from the 1990s and older. This is a massive increase from the 18 percent marker in 2021. The new report also revealed that the way music fans are buying physical media has shifted. Indie record stores have been the largest generator of physical album sales for some time, and they continue to be. However, big-box stores like Target and Walmart took significant strides in the first half of 2026. Collectively, their music sales made up about 30% of the market. Thanks to Slashdot reader fjo3 for sharing the article. Read more of this story at Slashdot.

Archives

  • September 2022
  • November 2021
  • June 2021
  • March 2021
  • November 2020
  • October 2020
  • September 2020
  • February 2020
  • January 2020
  • October 2019
  • August 2018
  • July 2018
  • April 2018
  • February 2018
  • January 2018
  • December 2017
  • October 2017
  • September 2017
  • August 2016
  • July 2016
  • March 2016
  • February 2016
  • August 2015
  • May 2015

Categories

  • Innovation
  • Security
  • Software
  • Technology

Tags

backdoor cisco coding json laziness patterns public information announcement security vulnerability
© 2017 IT Sales & Services Ltd
Quality IT solutions in Tanzania since 2010
Iconic One Theme | Powered by Wordpress