Skip to content
I T S S
  • Welcome
  • Hardware
  • Internet
  • Networking
  • Security
  • Data Recovery
  • Support
  • Contact
  • Webmail

A Nice Little Cryptography Primer

By itss | 28/06/2021
0 Comment

Pun Intended.

Category: Technology
Post navigation
← pfSense / Wireguard / Bad Code / Close Call Why Quake3 was so fast : Fast Inverse Square Root →

Recent Posts

  • Hardware Exploits?
  • Why Quake3 was so fast : Fast Inverse Square Root
  • A Nice Little Cryptography Primer
  • pfSense / Wireguard / Bad Code / Close Call
  • Apple Continues Its Trip To The Dark Side With The Release of MacOS 17 (Big Sur)

Slashdot

News for nerds

  • Thieves Busted After Stealing a Cellphone from a Security Expert's Wife
    by EditorDavid on 14/09/2025 at 7:34 am

    They stole a woman's phone in Barcelona. Unfortunately, her husband was security consultant/penetration tester Martin Vigo, reports Spain's newspaper El Pais. "His weeks-long investigation coincided with a massive two-year police operation between 2022 and 2024 in six countries where 17 people were arrested: Spain, Argentina, Colombia, Chile, Ecuador, and Peru...." In Vigo's case, the phone was locked and the "Find my iPhone" feature was activated... Once stolen, the phones are likely wrapped in aluminum foil to prevent the GPS from tracking their movements. "Then they go to a safe house where they are gathered together and shipped on pallets outside of Spain, to Morocco or China." This international step is vital to prevent the phone from being blocked if the thieves try to use it again. Carriers in several European countries share lists of the IMEIs (unique numbers for each device) of stolen devices so they can't be used. But Morocco, for example, doesn't share these lists. There, the phone can be reconnected... With hundreds or thousands of stored phones, another path begins: "They try to get the PIN," says Vigo. Why the PIN? Because with the PIN, you can change the Apple password and access the device's content. The gang had created a system to send thousands of text messages like the one Vigo received. To know who to target with the bait message, the police say, "the organization performed social profiling of the victims, since, in many cases, in addition to the phone, they also had the victim's personal belongings, such as their ID." This is how they obtained the phone numbers to send the malicious SMS... Each victim received a unique link, and the server knew which victim clicked it... With the first click, the attackers would redirect the user to a website they believed was credible, such as Apple's real iCloud site... [T]he next day you receive another text message, and you click on it, more confidently. However, that link no longer redirects you to the real Apple website, but to a flawless copy created by the criminals: that's where they ask for your PIN, and without thinking, full of hope, you enter it... "The PIN is more powerful than your fingerprint or face. With it, you can delete the victim's biometric information and add your own to access banking apps that are validated this way," says Vigo. Apple Wallet asks you to re-authenticate, and then everything is accessible... In the press release on the case, the police explained that the gang allegedly used a total of 5,300 fake websites and illegally unlocked around 1.3 million high-end devices, about 30,000 of them in Spain. Vigo tells El Pais that if the PIN doesn't unlock the device, the criminal gang then sends it to China to be "dismantled and then sent back to Europe for resale. The devices are increasingly valuable because they have more advanced chips, better cameras, and more expensive materials." To render the phone untraceable in China, "they change certain components and the IMEI. It requires a certain level of sophistication: opening the phone, changing the chip..." Read more of this story at Slashdot.

  • Is Perl the World's 10th Most Popular Programming Language?
    by EditorDavid on 14/09/2025 at 3:34 am

    TIOBE attempts to calculate programming language popularity using the number of skilled engineers, courses, and third-party vendors. And the eight most popular languages in September's rankings haven't changed since last month: 1. Python 2. C++ 3. C 4. Java 5. C# 6. JavaScript 7. Visual Basic 8. Go But by TIOBE's ranking, Perl is still the #10 most-popular programming in September (dropping from #9 in August). "One year ago Perl was at position 27 and now it suddenly pops up at position 10 again," marvels TIOBE CEO Paul Jansen. The technical reason why Perl is rated this high is because of its huge number of books on Amazon. It has 4 times more books listed than for instance PHP, or 7 times more books than Rust. The underlying "real" reason for Perl's increase of popularity is unknown to me. The only possibility I can think of is that Perl 5 is now gradually considered to become the real Perl... Perl 6/Raku is at position 129 of the TIOBE index, thus playing no role at all in the programming world. Perl 5 on the other hand is releasing more often recently, thus gaining attention. An article at the i-Programmer blog thinks Perl's resurgence could be from its text processing capabilities: Even in this era of AI, everything is still governed by text formats; text is still the King. XML, JSON calling APIs, YAML, Markdown, Log files..That means that there's still need to process it, transform it, clean it, extract from it. Perl with its first-class-citizen regular expressions, the wealth of text manipulation libraries up on CPAN and its full Unicode support of all the latest standards, was and is still the best. Simply there's no other that can match Perl's text processing capabilities. They also cite Perl's backing by the open source community, and its "getting a 'proper' OOP model in the last couple of years... People just don't know what Perl is capable of and instead prefer to be victims of FOMO ephemeral trends, chasing behind the new and shiny." I'd be curious what Slashdot's readers say. (Share your experiences in the comments if you're still using Perl -- or Raku...) Perl's drop to #9 means Delphi/Object Pascal rises up one rank, growing from 1.82% in August to 2.26% in September to claim September's #9 spot. "At number 11 and 1.86%, SQL is quite close to entering the top 10 again," notes TechRepublic. (SQL fell to #12 in June, which the site speculated was due to "the increased use of NoSQL databases for AI applications.") But TechRepublic adds that the #1 most popular programming language (according to TIOBE) is still Python: Perl sits at 2.03% in TIOBEâ(TM)s proprietary ranking system in September, up from 0.64% in January. Last year, Perl held the 27th position... Pythonâ(TM)s unstoppable rise dipped slightly from 26.14% in August to 25.98% in September. Python is still well ahead of every other language on the index. Read more of this story at Slashdot.

  • 'Dragonfly' Mission to Saturn's Moon Titan: Behind Schedule, Overbudget, Says NASA Inspector General
    by EditorDavid on 14/09/2025 at 1:34 am

    After its six-year journey to Saturn's moon Titan, Dragonfly's rotorcraft lander "will fly like a large drone," explains its web page, spending three years sampling multiple landing sites to characterize Titan's habitability and look for "precursors of the origin of life." "However, the project has undergone multiple replans impacting cost and schedule, resulting in a life-cycle cost increase of nearly $1 billion and over 2 years of delays," according to an announcement from NASA's Inspector General. From the Inspector General's report: The cost increase and schedule delay were largely the result of NASA directing [Johns Hopkins University] Applied Physics Laboratory to conduct four replans between June 2019 and July 2023 early in Dragonfly's development. Justifications for these replans included the COVID-19 pandemic, supply chain issues, changes to accommodate a heavy-lift launch vehicle, projected funding challenges, and inflation." But its higher-than-expected life-cycle cost over $3 billion "will continue to absorb an increasing proportion of the Planetary Science Division's total budget," meaning Dragonfly's increased cost (and "additional budget constraints") have "contributed to a gap of at least 12 years in New Frontiers [planetary science] mission launches, and will jeopardize future priorities outlined in the National Academies of Sciences, Engineering, and Medicine's (National Academies) decadal surveys." Yet a NASA press release notes the mission "has cleared several key design, development and testing milestones and remains on track toward launch in July 2028." Its software-defined radio has been completed, and the part of the spectrometer which analyzes Titan's chemical components for "potentially biologically relevant" compounds (as well as structural and thermal testing of the lander's insulation). "The mission is scheduled to launch in July 2028 on a SpaceX Falcon Heavy launch vehicle from NASA's Kennedy Space Center in Florida." Thanks to long-time Slashdot reader schwit1 for spotting this news on the space/science blog "Behind the Black". Read more of this story at Slashdot.

  • More Return-to-Office Crackdowns, with 61.7% of Employees Now in Office Full-Time
    by EditorDavid on 13/09/2025 at 11:18 pm

    Paramount and Comcast's NBCUniversal are joining Microsoft in telling employees "they could face consequences if they don't return to the office more frequently," reports the Washington Post: NBCUniversal sent a memo to its employees telling them to return to the office four days a week starting in January [with the option to work remotely on Fridays]. Last week, Paramount told employees to return five days a week, with the first group starting in January. Both Paramount and NBCUniversal said they would offer severance packages to eligible employees who are unwilling or unable to make the switch... Companies have been cracking down on flexible work for the past several years, with Goldman Sachs being one of the first to implement a five-day office policy. Since then, others have joined in including Amazon, AT&T, JPMorgan Chase and the federal government... Overall, the number of people working full time in office hasn't changed much over the past couple of years. About 61.7 percent of salaried employees worked from an office full time in August, according to data from university researchers Jose Maria Barrero, Nicholas Bloom and Steven J. Davis, who are studying the matter. That is down one percentage point from August 2024, their research shows. During the same period, the amount of people working remotely dropped two percentage points and those working hybrid schedules increased three points. While most of the big office pushes are coming from some of the largest employers in the nation, the majority of companies in the United States aren't requiring full-time office work, said Brian Elliott [publisher of the Flex Index, which tracks flexible policies, and CEO]. And about half of U.S. workers are employed by smaller companies, he added. Some companies are capitalizing on the mandates, using flexible policies as a way to poach talent from their competitors, he said.... Some employers are using office mandates to purposely shed workers. An August report from the Federal Reserve Bank shows that "multiple districts reported reducing headcounts through attrition — encouraged, at times, by return-to-office policies and facilitated, at times, by greater automation, including new AI tools." Still, with fewer job openings in the market, some employees will have to comply with office mandates. Announcing their return-to-office mandates, employers gave the following reasons: "In-person collaboration is absolutely vital to building and strengthening our culture and driving the success of our business. Being together helps us innovate, solve problems, share ideas, create, challenge one another, and build the relationships that will make this company great." -- Paramount CEO David Ellison (in a memo to staff) "It has become increasingly clear that we are better when we are together. As we have all experienced, in-person work and collaboration spark innovation, promote creativity, and build stronger connections." -- Adam Miller, NBCUniversal chief operating officer (in a memo to staff) Read more of this story at Slashdot.

  • Hollow Knight Sequel 'Silksong' Crashed Game Stores, as $20 Price Irks Competitors
    by EditorDavid on 13/09/2025 at 10:18 pm

    Last week Steam and other major storefronts crashed, reports the Guardian, including Nintendo's eShop, PlayStation Store and Microsoft Store. They were all "unable to cope with the demand for Hollow Knight: Silksong, the long-awaited sequel to the critically acclaimed 2017 indie hit Hollow Knight." (which had sold 15 million copies): SilkSong's release triggered widespread outages, with thousands of users reporting issues trying to buy the game in the first few hours of its release. Many were unable to complete purchases, with error messages persisting for almost three hours after the launch... Despite the technical hiccups, within 30 minutes of going live Steam reported more than 100,000 active players, suggesting many had managed to secure their copies. Aftermath says the "bug-tastic" phenomenon displaced everything except Counter-Strike 2 and Dota 2 on Steam's list of most-played games. The Guardian notes that "At least seven other new games have delayed their launch in the past two weeks to avoid a clash..." "People have been spamming the chat and the comments of every single game showcase or news event with the words 'Where's Silksong?' for years," writes the Guardian's video games editor: I've never seen another indie game achieve this level of notoriety before it was even released... As VGC points out, Atari released a similar game on the same day as Silksong (Adventure of Samsara) and it had only 12 concurrent players on Steam. They add that "the hype is justified". Eurogame called Silksong "beautiful, thrilling and cruel." PC Game said Silksong "glows with a level of precision and imagination that's hard to find anywhere else" and "will beat you, burn you, rub your face in the dirt, and then dazzle you with another piece of a haunted clockwork world." But at least some of the demand also came from the game's low price of $20 in the U.S., suggests Slashdot reader UnknowingFool (with variable regional pricing). "At 5.2M wishes, it was the most wish listed game on Steam. In Brazil, the local price was 74.95 Brazil Real or 13.94 USD." In the age of $70+ AAA games with additional costs, not everyone celebrated the consumer friendly price. Some independent game developers have expressed concern that their games may not sell as well compared to Silksong and cannot afford to charge less. From ScreenRant: Hollow Knight: Silksong's unbelievably low price point of just $19.99 is exceptionally good value for the consumer. It is an incredibly lengthy game that is only marginally more expensive than its predecessor... it is proving to be a source of controversy for other indie developers who believe it will distort players' expectations. Read more of this story at Slashdot.

  • Could Heart Attacks Be Triggered By Infections?
    by EditorDavid on 13/09/2025 at 8:34 pm

    Finland's second-largest university has announced new research suggesting that heart attacks could be an infectious disease. [T]he research found that, in coronary artery disease, atherosclerotic plaques containing cholesterol may harbor a gelatinous, asymptomatic biofilm formed by bacteria over years or even decades. Dormant bacteria within the biofilm remain shielded from both the patient's immune system and antibiotics because they cannot penetrate the biofilm matrix. A viral infection or another external trigger may activate the biofilm, leading to the proliferation of bacteria and an inflammatory response. The inflammation can cause a rupture in the fibrous cap of the plaque, resulting in thrombus [blood clot] formation and ultimately myocardial infarction... "Bacterial involvement in coronary artery disease has long been suspected, but direct and convincing evidence has been lacking," explains professor Pekka Karhunen [who led the study with researchers from the UK and Finland]. "Our study demonstrated the presence of genetic material — DNA — from several oral bacteria inside atherosclerotic plaques." The findings were validated by developing an antibody targeted at the discovered bacteria, which unexpectedly revealed biofilm structures in arterial tissue. Bacteria released from the biofilm were observed in cases of myocardial infarction. The body's immune system had responded to these bacteria, triggering inflammation which ruptured the cholesterol-laden plaque. The observations pave the way for the development of novel diagnostic and therapeutic strategies for myocardial infarction. Furthermore, they advance the possibility of preventing coronary artery disease and myocardial infarction by vaccination. "The research is part of an extensive EU-funded cardiovascular research project involving 11 countries..." Read more of this story at Slashdot.

Archives

  • September 2022
  • November 2021
  • June 2021
  • March 2021
  • November 2020
  • October 2020
  • September 2020
  • February 2020
  • January 2020
  • October 2019
  • August 2018
  • July 2018
  • April 2018
  • February 2018
  • January 2018
  • December 2017
  • October 2017
  • September 2017
  • August 2016
  • July 2016
  • March 2016
  • February 2016
  • August 2015
  • May 2015

Categories

  • Innovation
  • Security
  • Software
  • Technology

Tags

backdoor cisco coding json laziness patterns public information announcement security vulnerability
© 2017 IT Sales & Services Ltd
Quality IT solutions in Tanzania since 2010
Iconic One Theme | Powered by Wordpress