Await | Writing an OS in Rust In this post we explore cooperative multitasking and the async/await feature of Rust. We take a detailed look how async/await works in Rust, including…
Hardware Solutions To Highly-Adversarial Environments - Whitebox Crypto vs TPM vs TEE vs Secure Enclaves vs Secure Elements vs HSM vs CloudHSM vs KMS If at some point you realize that doing cryptography means having to manage long-term keys, it means you’re standing in the world of key management. Makes sense right? In these lands, you are going to run into scenarios where attackers can be quite close ...
The Hardest Program I've Ever Written – journal.stuffwithstuff.com The hardest program I’ve ever written, once you strip out the whitespace, is 3,835 lines long. That handful of code took me almost a year to write. Granted, that doesn’t take into account the code that didn’t make it. The commit history shows that I delet...
New grad vs senior dev A student who I used to tutor in CS occasionally sent me a meme yesterday which showed “NEW GRAD vs SENIOR DEVELOPER”; the new grad is all caps yelling NO! YOU CAN’T JUST USE BRUT…
Released: Microsoft.Data.SqlClient 2.0 Preview 2 The SqlClient team is moving forward with continuous updates and improvements to the Microsoft.Data.SqlClient data provider for SQL Server. Our plan is to provide GA releases twice a year with two preview releases in between. This cadence should provide t...
Speeding up Linux disk encryption Encrypting data at rest is vital for Cloudflare with more than 200 data centres across the world. In this post, we will investigate the performance of disk encryption on Linux and explain how we made it at least two times faster for ourselves and our cust...
Unsure Calculator The Unsure Calculator is an online tool that lets you calculate with numbers you’re not sure about.
0 to 100: Learning to Code with Kotlin - Marcus Eisele - Developer and Blogger Software Engineering and other tech
Software Engineer - Jobs at Apple Apply for a Software Engineer job at Apple. Read about the role and find out if it’s right for you.
How Tailscale works People often ask us for an overview of how Tailscale works. We’ve been putting off answering that, because we kept changing it! But now things have started to settle down. Let’s go through the entire Tailscale system from bottom to top, the same way we bu...
Scott Helme Security researcher, entrepreneur and international speaker who specialises in web technologies. Creator of report-uri.com and securityheaders.com
Specification by Example, 10 years later It's now been ten years since I submitted the final manuscript of Specification by Example to the publisher. During the last two months, I've been conducting...
MacBook Air MacBook Air features a Retina display, new Magic Keyboard, Touch ID, up to 2x faster performance, and all-day battery life.
EARN IT bill is aiming at destroying encryption. We must take action now. US cryptography experts agree that EARN IT would immensely harm everybody's security online.
Async ValueTask Pooling in .NET 5 | .NET Blog The async/await feature in C# has revolutionized how developers targeting .NET write asynchronous code. Sprinkle some async and await around, change some return types to be tasks, and badda bing badda boom, you’ve got an asynchronous implementation. In th...
US Politicians Want to Ban End-to-End Encryption on Messaging Services like Telegram and Whatsapp - Bitcoin News Under the guise of fighting against online child pornography, American politicians are trying to effectively ban end-to-end encryption on all
MakerDAO gets stress tested as ETH price plummets In the midst of extreme market-wide turmoil, MakerDAO is facing one of its biggest challenges to date. The main form of collateral in the system, Ether, has dropped over 30% in a 24-hour timeframe marking one of the worst days in its short history. This h...
The Difference Between API Gateways and Service Mesh - Cloud Native Computing Foundation Guest post originally published on Kong’s blog by Marco Palladino, co-founder and CTO, Kong Why API Management and Service Mesh are Complementary Patterns for Different Use Cases Note: The goal...
Cryptographic Signatures, Surprising Pitfalls, and LetsEncrypt The Let's Encrypt Accident On August 11th, 2015, Andrew Ayer posted the following email to the IETF mailing list: I recently reviewed draft-barnes-acme-04 and found vulnerabilities in the DNS, DVSNI, and Simple HTTP challenges that would allow an attacke...
Keybase Keybase is for keeping everyone's chats and files safe, from families to communities to companies. MacOS, Windows, Linux, iPhone, and Android.
EARN IT is a direct attack on end-to-end encryption Yesterday a bipartisan group of U.S. Senators introduced a new bill called the EARN IT act. On its face, the bill seems like a bit of inside baseball having to do with legal liability for informati…
Intel x86 Root of Trust: loss of trust The scenario that Intel system architects, engineers, and security specialists perhaps feared most is now a reality. A vulnerability has ...
Enhancing Pwned Passwords Privacy with Padding Since launching version 2 of Pwned Passwords with the k-anonymity model just over 2 years ago now, the thing has really gone nuts (read that blog post for background otherwise nothing from here on will make much sense). All sorts of organisations are empl...
The growth of command line options, 1979-Present My hobby: opening up McIlroy’s UNIX philosophy on one monitor while reading manpages on the other.
Re: SMB over QUIC: Files Without the VPN yes the plan is to bring it to Azure Files too. Makes perfect sense there
Relating Natural Language Aptitude to Individual Differences in Learning Programming Languages This experiment employed an individual differences approach to test the hypothesis that learning modern programming languages resembles second “natural” language learning in adulthood. Behavioral and neural (resting-state EEG) indices of language aptitude...
WireGuard Gives Linux a Faster, More Secure VPN The virtual private network software from security researcher Jason Donenfeld wins fans with its simplicity and ease of auditing.
Technical Details of Why Cloudflare Chose AMD EPYC for Gen X Servers Looking back at this week's posts on the design, specifications, and performance of Cloudflare’s Gen X servers using AMD EPYC CPUs.
zkMesh A monthly newsletter sharing the latest in decentralised privacy-preserving technologies, privacy protocol development and Zero Knowledge systems
The Art of Zero Knowledge: Zero-Knowledge Proofs for Set Membership | ZKProof Standards Last year I wrote about why booking too far in advance can be dangerous for your business, and this concept of margin so eloquently captures what I had recognized had been my problem: I was so booked up with clients that I wasn’t leaving any margin for er...
CppCon 2014: Chandler Carruth "Efficiency with Algorithms, Performance with Data Structures" http://www.cppcon.org — Presentation Slides, PDFs, Source Code and other presenter materials are available at: https://github.com/CppCon/CppCon2014 -- Why do you write C++ code? There is a good chance it is in part because of concerns about the performanc...
An Intuitive Guide to Linear Algebra – BetterExplained Despite two linear algebra classes, my knowledge consisted of “Matrices, determinants, eigen something something”.
It’s 2020. Is your code ready for leap day? "2020 is the start of a new decade – or does it start in 2021?" That was the debate on social media as we crossed over into the new year. There was also a lot of talk about remembering Y2K twenty years later, which inevitably led to speculation about how ...
If I send a plaintext e-mail using Gmail to somebody, including my PGP public key block, is that secure? I've been trying to figure out "practical encryption" (AKA "PGP") for many years. As far as I can tell, this is not fundamentally flawed: I know Joe's e-mail address: cool_joe@gmail.com. I have a ...
How can I create a password protected .zip file in Windows 10? Winzip claims that it can create a password protected zip on Windows 10, but the Winzip installer fails part way during the installation on Win10. https://www.winzip.com/win/en/downwz.html Is the...
The Zen of Go | Dave Cheney This article was derived from my GopherCon Israel 2020 presentation. It’s also quite long. If you’d prefer a shorter version, head over to the-zen-of-go.netlify.com.
A Simple Range Proof From Polynomial Commitments - HackMD $$ \def\Fp{\mathbb{F}_p} \def\FF{\Fp^{\scriptscriptstyle{(<n)}}[X]} \def\com{\mathbf{com}} \def\ran
microsoft/electionguard ElectionGuard is a set of open source software components that can be used to create and publish end to end veriable elections as well create a publishable artifact for ballot comparison audits. -...
TimeSnapper, automatic screenshot software, auto screen capture TimeSnapper is an Automatic Screenshot Journal. Play back your week just like a movie. Track time and get a productivity scorecard with a grade for each day! Use it to improve yourself
hassio-addons/addon-ssh SSH & Web Terminal - Home Assistant Community Add-ons - hassio-addons/addon-ssh
Source Code | OpenVPN Interested in the OpenVPN source code? We offer several different kinds of development builds and snapshots available. Learn about your options here.
A Brief Intro to Clean Architecture, Clean DDD, and CQRS A brief explanation of Clean Architecture, Clean Domain-Driven Design, and Command/Query Responsibility Segregation.
Fundamental Concepts for Elastic Jobs in Azure SQL Database Elastic Jobs are currently in public preview. The feature is ready and we are preparing to make it officially generally available. No whitelisting or extra steps are required to get started. In my previous post, I explained what Elastic Jobs are and w...
Messaging Layer Security: Towards a New Era of Secure Group Messaging This talk will provide an introduction to message encryption protocols and describe the current ecosystem, including why it's still not a solved problem in the corporate setting. While personal messaging systems have been adopting Signal, corporate messag...
Cryptologie Hey ! I'm David, a security engineer at Facebook. This is my blog about cryptography and security and other related topics that I find interesting.
Update on our new and upcoming security keys Our current suite of products (Solo C, Solo A, Solo Tap A, Solo Tap C, Somu) make up the first generation of products that Solokeys has released, starting with our initial Kickstarter campaign. Now we’re getting ready to release a new generation of pro...
Latacora - Stop Using Encrypted Email Email is unsafe and cannot be made safe. The tools we have today to encrypt email are badly flawed. Even if those flaws were fixed, email would remain unsafe. Its problems cannot plausibly be mitigated. Avoid encrypted email. Technologists hate this argum...
dwmkerr/hacker-laws 💻📖 Laws, Theories, Principles and Patterns that developers will find useful. #hackerlaws - dwmkerr/hacker-laws
Real-World Cryptography Contains one of the most understandable introductions to cryptography I have ever read.
google/tink Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse. - google/tink
damienbod/AspNetCoreCertificates Certificate Manager in .NET Core for creating and using X509 certificates - damienbod/AspNetCoreCertificates
Serious Cryptography | No Starch Press Serious Cryptography is a practical guide to the past, present, and future of cryptographic systems and algorithms.
draft-ietf-mls-architecture-04 - The Messaging Layer Security (MLS) Architecture [Docs] [txt|pdf|xml|html] [Tracker] [WG] [Email] [Diff1] [Diff2] [Nits] Versions: (draft-omara-mls-architecture) 00 01 02 03 04
Dino 0.1 Release - Dino. Communicating happiness. Dino is a modern open-source chat client for the desktop. It focuses on providing a clean and reliable Jabber/XMPP experience while having your privacy in mind.
Searching For New Adventures In Software Development As I write this post, its the first time in over a decade that I am not employed. Please don’t feel bad for me. I am privileged enough to take a well-deserved break from the hustle and bustle of everyday software development. As I sit here with my two dog...
Sungrow Crabby With Researcher Over Security Vulnerability Disclosure A Brisbane researcher has alleged serious security vulnerabilities in a Sungrow inverter. Sungrow are not happy with him.
Building personal search infrastructure for your knowledge and code | beepb00p Overview of search tools for desktop and mobile; using Emacs and Ripgrep as desktop search engine
Authentication, What The Fuck? Authentication is an overloaded word in cryptography. In the context of cryptographic primitives like message authentication codes (MACs) and authenticated encryption with associated data (AEAD), authentication really refers to authenticity or integrity. ...
How to write a simple operating system in assembly language This document shows you how to write and build your first operating system in x86 assembly language. It explains what you need, the fundamentals of the PC boot process and assembly language, and how to take it further. The resulting OS will be very small ...
v5.8 Release Notes Happy New 2020 All! Hope everyone’s had an enjoyable and relaxing break over the holidays and are re-energized to usher in the new decade.
The Curious Case of WebCrypto Diffie-Hellman on Firefox - Small Subgroups Key Recovery Attack on DH tl;dr Mozilla Firefox prior to version 72 suffers from Small Subgroups Key Recovery Attack on DH in the WebCrypto 's API. The Firefox's te...
.NET Core, .NET 5; the exodus of .NET Framework? tl,dr; opinion: ongoing .NET Framework support for F/OSS libraries may quickly start evaporating, and this should be a consideration in migr...
On Privacy versus Freedom | Matrix.org A few years ago, back when Matrix was originally implementing end-to-end encryption, we asked Moxie (the project lead for Signal) whether he’d ever consider connecting Signal (then TextSecure) to Matrix. After all, one of Matrix’s goals is to be an inter...
Vim cryptmethod is not authenticated · Issue #638 · vim/vim When using cryptmethod=blowfish2, the saved ciphertext is not authenticated with a message authentication code ("MAC tag"). Consider saving "Lorem ipsum dolor sit amet, consectetur a...
Google gives up on US carriers, will roll out its own RCS chat system After the carriers shun Google RCS, Google rolls its own service out to the US.
.NET R&D Digest (November – December, 2019) This year was huge for .NET community. We hit .NET Core 3.0 with all it’s goodies just to find out that .NET Framework 4.8 will be the last framework release. We saw a glimpse of future called .NET…
Signal >> Blog >> Technology Preview for secure value recovery At Signal, we want to make privacy simple. From the beginning, we’ve designed Signal so that your information is in your hands rather than ours. Technologies like Signal Protocol secure your messages so that they are never visible by anyone but you and th...
Difference between shamir secret sharing (SSS) vs Multisig vs aggregated signatures (BLS) vs distributed key generation (dkg) vs threshold signatures That title is a mouthful! But so is the field. Let me introduce the problem: Alice owns a private key which can sign transactions. The problem is that she has a lot of money, and she is scared that someone will target her to steal all of her funds. Crypto...
Zero allocation code in C# and Unity - Seba's Lab The home of Svelto ECS and advanced Unity C# articles
How to generate random numbers using water bubbles BubblesRNG - This was my final project I submitted as part of my reading the B.Sc. Computing and Information Systems degree at Goldsmith, University of London. The camera take snapshots of the water surface at regular intervals and detects bubbles (circl...
tmds/Tmds.Ssh .NET SSH client library. Contribute to tmds/Tmds.Ssh development by creating an account on GitHub.
oqtane/oqtane.framework Modular Application Framework for Blazor. Contribute to oqtane/oqtane.framework development by creating an account on GitHub.
Data breach disclosure 101: How to succeed after you've failed Organisations don't plan to fail. Probably the closest we get to that in the security space is password hashing, which for all intents and purposes is an acknowledgement that one day, you may well lose them. But organisations rarely plan for how they shou...
Amazon.com: Synology 5 bay NAS DiskStation DS1019+ (Diskless): Computers & Accessories Buy Synology 5 bay NAS DiskStation DS1019+ (Diskless): Everything Else - Amazon.com ✓ FREE DELIVERY possible on eligible purchases
Why IVPN - What makes IVPN the best privacy protection service Not all VPN services put your privacy first, but IVPN’s only focus is providing protection for your private data. Learn who we are and what we stand for.
GateHub Investigation - Final Statement Our Security Team has concluded an extensive forensic investigation into the recent cyber attack on GateHub.
Stop surveillance and preserve your privacy with IVPN Corporations and governments are tracking the moves you make online - and not for your benefit. Free yourself from pervasive monitoring by using IVPN on all your devices.
Isogeny crypto A long time ago, when pairing-based cryptography was new, cryptographers who did not fully understand the mathematics of pairings would sometimes make mistakes. They would assume that everything th…
Homepage | ZKProof Standards ZKProof is an open-industry academic initiative that seeks to mainstream zero-knowledge proof (ZKP) cryptography through an inclusive, community-driven standardization process that focuses on interoperability and security.
dotnet/SqlClient Microsoft.Data.SqlClient provides database connectivity to SQL Server for .NET applications. - dotnet/SqlClient
Real World Crypto 2020 Program All the talks will take place in Alfred Lerner Hall at Columbia University.
Thoughts on DNS-over-HTTPS Type in your web browser’s address bar and hit enter. What happens? Before connecting to the example.com server, your browser must convert “example.com” to the network address at …
x86/x64 SIMD Instruction List (SSE to AVX512) This site may be unaccessible due to server maintenance from 2/19/2020, 9:00:00 AM to 2/19/2020, 11:30:00 AM (in your local time).
bye: FTP Support Is Going Away Support for the venerable FTP protocol is being removed from Chromium. Standardized in 1971, FTP is not a safe protocol for the modern internet. Its primary defect is lack of support for encryption…
Verzekeraar Allianz informeert klanten over datalek - Security.NL Verzekeringsmaatschappij Allianz Global Assistance heeft klanten geïnformeerd over een datalek dat een maand geleden al in het ...
Commas in big numbers everywhere: An OpenType adventure My job involves a lot of staring at large numbers, mostly latencies innanoseconds, and picking out magnitudes like microseconds. I noticedmyself constantly c...
Competitive Pest Services Data Breach: What Happened and How We Plan to Fix It - Competitive Pest Control Recently we discovered that some data from all of our clients was compromised. This discovery came about when customers contacted us to advise they were approached by a third party. We’d like to thank...
OceanLibrary/Ocean Cross-platform library that provides API's for WPF, Blazor, Xamarin, UWP, WebApi, Silverlight, and .NET Class Libraries. The Ocean Library has builds for .NET Framework, .NET Standard 2.0 and ....
Resistance - The First Anonymous DEX and Privacy-Oriented Blockchain Resistance is an anonymous, decentralized exchange and privacy-oriented blockchain that combines Proof of Work and Proof of Research for block rewards.
A detailed look at Ubuntu’s new experimental ZFS installer Let's take a sneak ZFS peek under the hood of Ubuntu Eoan Ermine's latest build.
Intel 545s 2.5" 256GB SATA III 64-Layer 3D NAND TLC Internal Solid State Drive (SSD) SSDSC2KW256G8X1 - Newegg.com Buy Intel 545s 2.5" 256GB SATA III 64-Layer 3D NAND TLC Internal Solid State Drive (SSD) SSDSC2KW256G8X1 with fast shipping and top-rated customer service. Newegg shopping upgraded ™
“Stubs” in the .NET Runtime As the saying goes: “All problems in computer science can be solved by another level of indirection”- David Wheeler
Breaking change proposal: StringInfo and TextElementEnumerator to support extended grapheme clusters · Issue #30955 · dotnet/runtime Proposal The StringInfo class (see MSDN docs) and TextElementEnumerator class provide APIs to get information about single display characters (sometimes called "graphemes") in a string. T...
Peddle the Pedal to the Metal Howard Chu gives tips and techniques for writing highly efficient and scalable software drawn from decades of experience. The guiding principle is a simple one, and can be applied nearly everywhere. The talk is focused on programming in C.
praeclarum/sqlite-net Simple, powerful, cross-platform SQLite client and ORM for .NET - praeclarum/sqlite-net
beemdevelopment/Aegis A free, secure and open source app for Android to manage your 2-step verification tokens. - beemdevelopment/Aegis
draft-ietf-quic-transport-23 - QUIC: A UDP-Based Multiplexed and Secure Transport [Docs] [txt|pdf|xml|html] [Tracker] [WG] [Email] [Diff1] [Diff2] [Nits] Versions: (draft-ietf-quic-spin-exp) 00 01 02 03 04 05 06 07 08 09 10 11...
PrivacySafe: The Anti-Cloud Appliance Boing Boing is proudly sponsored by Privacy Safe! PrivacySafe is building the anti-cloud. For the first time, you can order a portable, private, and secure IoT storage appliance built on a fully-op…
awslabs/s2n s2n : an implementation of the TLS/SSL protocols. Contribute to awslabs/s2n development by creating an account on GitHub.
Discovering Hard Disk Physical Geometry through Microbenchmarking « Blog Modern hard drives store an incredible amount of data in a small space, and are still the default choice for high-capacity (though not highest-performance) storage. While hard drives have been around since the 1950s, the current 3.5″ form factor (actually...
Why Are You Removing Website Identity, Google and Mozilla? - CA Security Council You can’t have consumer privacy without having strong website identity Today there’s a huge wave toward protecting consumer privacy – in Congress, with the GDPR, etc. – but how can we protect user privacy on the web without establishing the identity of th...
OWASP/CheatSheetSeries The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics. - OWASP/CheatSheetSeries
OpenSSL PRNG is not (really) fork-safe - Martin Boßlet When the patch for Android’s SecureRandom was released last week, I was a little surprised. In addition to fixing the Apache Harmony implementation of SecureRandom, the patch also contained
Firefox and Chrome will remove GUI indicator for Extended Validation certificates (Bulletproof TLS Newsletter Issue #56) Bulletproof TLS Newsletter #56
Thread by @ErrataRob: "Yea, I've got 3 hours to kill here in this airport lounge waiting for the next leg of my flight, so let's discuss the "OSI Model". There's n […]" Thread by @ErrataRob: "Yea, I've got 3 hours to kill here in this airport lounge waiting for the next leg of my flight, so let's discuss the There's no such thing. What they taught you is a lie, and they knew it was a lie, and they didn't care, becau […]"
Why didn't the Romans contribute much to mathematics? | Hacker News Romans aren't the outlier here. Most ancient civilizations had a similar level of accomplishment; a one or two outstanding mathematicians every century, a few practical applications, some new rules of thumb. We did have a dark age, after the Romans after ...
Security Incident - Please Change Your Password Everyone, We've recently received reports of scammers emailing our members with bitcoin extortion attempts. We've identified that hackers were able to download email addresses and encrypted passwords from our database for a number of our users and use t...
Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards — Krebs on Security On Tuesday of this week, one of the more popular underground stores peddling credit and debit card data stolen from hacked merchants announced a blockbuster new sale: More than 5.3 million new accounts belonging to cardholders from 35 U.S. states. Multipl...
EV SSL Certificates Phased Out of New Browser Updates | Venafi Extended validation certificates are slowly being phased out as lack of use (and browser updates hiding their use) roll out. Learn more.
Learn UI Design: The Complete Online Video Course Learn UI Design is a full-length online course on user interface and web design: color, typography, grids, design process, and more. Includes downloadable resources, homework, and a student community.
Gone forEVer! Regular readers will know my view on EV certificates but in the last week there have been 2 very significant announcements from the 2 largest browser vendors in the world. There's a big change coming to a browser UI near you and as big as the change is, m...
Extended Validation Certificates are (Really, Really) Dead Almost one year ago now, I declared extended validation certificates dead. The entity name had just been removed from Safari on iOS, it was about to be removed from Safari on Mojave and there were indications that Chrome would remove it from the desktop i...
Spying on HTTPS When I launched Chrome on Thursday, I saw something unexpected: While most users probably would have no idea what to make of this, I happened to know what it means– Chrome is warning me that …
Online syntax highlighting for the masses! Online syntax highlighting for more than 100 languages, including C#, Java, PHP, Basic, Perl, Python, Pascal, SQL, JavaScript and others including rare and obscure ones!.
Have I Been Pwned Alerts You to Data Breaches Even When the Websites Won’t In our interview with Troy Hunt, founder of Have I Been Pwned find out what to do when your personal information is compromised by a data
Architecture for humans - Ayende @ Rahien I run across the follow on Twitter:for legacy systems/monoliths, if you want to understand the real business processes, look for the fields named: - "Comment...
Add passwords to list of stuff CafePress made hash of storing, says infoseccer. 11m+ who used Facebook 'n' pals to sign in were lucky 11m other leaked users' p-words hashed with SHA-1
Pwnie Awards The Right Honorable Pwnies Judiciary Committee does herewith set forth the following 2019 PWNIES AWARD NOMINATIONS for your perusal and the enablement of the SACRED ANNUAL PWNIES VOTING CEREMONY (candles and Eyes Wide Shut masks not provided).
More on Backdooring (or Not) WhatsApp - Schneier on Security Yesterday, I blogged about a Facebook plan to backdoor WhatsApp by adding client-side scanning and filtering. It seems that I was wrong, and there are no such plans.
ECMAScript 2015 Language Specification – ECMA-262 6th Edition This is the HTML rendering of ECMA-262 6th Edition, The ECMAScript 2015 Language Specification.
Kazakhstan’s HTTPS Interception Censored Planet is a research lab at the University of Michigan that investigates and exposes different types of privacy and security violations in the Internet.
Preparing for TLS 1.2 in Office 365 and Office 365 GCC - Office 365 How to prepare to use TLS 1.2 for all client-server and browser-server combinations in Office 365 and Office 365 GCC after support for TLS 1.0 and 1.1 is disabled.
Digital Driver’s Licenses Could Become a Real Option in Some States Several states have run pilots for digital driver’s licenses, which would allow residents to supplement plastic ID cards with smartphone apps. But as the technology becomes more of a reality, experts are worried about the privacy implications.
CRYPTO-LAB The premiere unicorn in the Post-Quantum Cryptography realm. CRYPTO-LAB's Founders, Investors, Employees, Recommendations, Videos, Deals & Jobs...
Real-World Cryptography Contains one of the most understandable introductions to cryptography I have ever read.
Proving security at scale with automated reasoning - All Things Distributed AWS applies formal verification techniques in innovative ways to cloud security and compliance.
VPS' IP Address will be blocked in Iran and China after using Outline VPN · Issue #193 · Jigsaw-Code/outline-server Recently, Iran and China's firewalls detect Outline VPN protocol then IP address of the server will be blocked after a while ( it depends on volume of traffic between Clients and server ). Unfo...
The Ultra Secure Crypto Storage & Communication Device The DigitalBank Vault: The World's Safest Crypto Storage & Ultra Secure Communication Solution
Security advisory 2019-06-13 | Yubico Security advisory 2019-06-13 – reduced initial randomness on FIPS keys Tracking ID: YSA-2019-02 Summary Who should read this advisory? Customers, IT Managers, or FIPS Crypto Officers who use or manage YubiKey FIPS Series devices. An issue exists in YubiKe...
I wanna go fast: HTTPS' massive speed advantage I tweeted this the other day, and the internet was not pleased: HTTPS is slow. No - wait - is it HTTP that's slow?! https://t.co/T49GG7oCaK pic.twitter.com/cfnYOpXMWc — Troy Hunt (@troyhunt) July 8, 2016 In fact, a bunch of the internet was pre...
Fixing Random, part 34 Last time on FAIC we implemented a better technique for estimating the expected value of a function f applied to samples from a distribution p: Compute the total area (including negative areas) und…
An Experimental Floating-Point Scalar Evolution :: Duskborn — Duskborn Labs is where Neil ‘@sheredom‘ Henning writes up things of interest. The TL;DR - after a conversation at EuroLLVM with Steve Canon about how LLVM is missing scalar evolution analysis for floating-point, I've spent some spare time hacking on a new LLVM analysis pass - fpscev (Floating-Point SCalar EVolution) - available her...
dotnet/coreclr CoreCLR is the runtime for .NET Core. It includes the garbage collector, JIT compiler, primitive data types and low-level classes. - dotnet/coreclr
Apple CryptoKit | Apple Developer Documentation Perform cryptographic operations securely and efficiently.
Cryptography and Your Apps - WWDC 2019 - Videos - Apple Developer System frameworks encrypt both data at rest and data in transit in a transparent way for you. This functionality is available by simply...
Accessing UNIX sockets remotely from .NET - Red Hat Developer In this article, we'll show how you can access Linux services remotely from .NET using SSH port forwarding.
Changing my Mind about AI, Universal Basic Income, and the Value of Data – The Art of Research Alan Turing created the Turing Test in 1950,1 Marvin Minsky wrote the first neural network in 1951,2 and arguments about whether AI will destroy us all or lead to technological utopia have been around ever since.
Building Facebook's service encryption infrastructure - Facebook Engineering How we built our service encryption infrastructure to optimize for operability and performance, while satisfying the right security model for each service.
RFC 8548 - Cryptographic Protection of TCP Streams (tcpcrypt) [Docs] [txt|pdf] [draft-ietf-tcpi...] [Tracker] EXPERIMENTAL
Ethical Alternatives & Resources - ethical.net We’ve compiled an open list of resources for ethical living — from browsers to books, TED talks to apps. Click to check it out — or make a contribution!
dotnet/coreclr CoreCLR is the runtime for .NET Core. It includes the garbage collector, JIT compiler, primitive data types and low-level classes. - dotnet/coreclr
Top SSL Certificates Buyer's Guide Keeping web data and transactions secure today relies heavily on securing your communications with S
Using Ed25519 signing keys for encryption @Benjojo12 and I are building an encryption tool that will support SSH keys as recipients. For Ed25519 keys that requires converting points between different elliptic curves. Let's see why and how.
Exploring .NET Core platform intrinsics: Part 4 - Alignment and pipelining Previous posts in the series:
Performance Improvements in .NET Core 3.0 | .NET Blog Back when we were getting ready to ship .NET Core 2.0, I wrote a blog post exploring some of the many performance improvements that had gone into it. I enjoyed putting it together so much and received such a positive response to the post that I did it aga...
Domain Randomization for Sim2Real Transfer If a model or policy is mainly trained in a simulator but expected to work on a real robot, it would surely face the sim2real gap. Domain Randomization (DR) is a simple but powerful idea of closing this gap by randomizing properties of the training enviro...
Your most sensitive data is likely exposed online. These people try to find it Don’t worry. They want it to be safe.
eyeDisk. Hacking the unhackable. Again | Pen Test Partners The story of the "unhackable" USB stick called eyeDisk. Teardown, analysis, and findings. Is it unhackable? TL;DR: Nope, it is very hackable.
ZkVM: a new design for fast, confidential smart contracts Exploring the new blockchain architecture for confidential smart contracts
Thank you Waitrose, now fix your insecure site I had a follower send me a curious question the other day which if I paraphrase, went like this: Hi, I was worried about the security of the Waitrose login form so I contacted them about it. They sent me a response but I’m not sure if it&
Community and Communication going forward Dear Contributors, We have all been observing the developments in the latest thread for the last week. At the Scala Center, we have also reached out to many Scala community veterans, leaders, maintainers, as well as to the leaders of non-Scala communitie...
» Return to Zork The Digital Antiquarian Where should we mark the beginning of the full-motion-video era, that most extended of blind alleys in the history of the American games industry? The day in the spring of 1990 that Ken Williams, founder and president of Sierra On-Line, wrote his latest e...
Do we need effects to get abstraction? Sandy Maguire gave an excellent talk on his latest library: polysemy. I highly encourage you to watch it because Sandy also presents other…
RFC 8551 - Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 Message Specification [Docs] [txt|pdf] [draft-ietf-lamp...] [Tracker] [Diff1] [Diff2] PROPOSED STANDARD
A doorbell company owned by Amazon wants to start producing “crime news” and it’ll definitely end well Because what good is a panopticon if you can't generate some clicks?
mpm guide - niall t.l. niall tl's personal site, with an overview of some projects and a few wee articles.
Twisted Oak As a lean co-operative team of seasoned developers, Twisted Oak is able to offer efficient, flexible remote and on-the-floor development and consulting without any middle-man or excessive administrivia.
AES-NI (.NET) - Outperforming C and OpenSSL - Nicolas Portmann - .NET / Java / Security A blog about C#, .NET, Java, InfoSec and Cryptography.
Peddle the Pedal to the Metal Howard Chu gives tips and techniques for writing highly efficient and scalable software drawn from decades of experience. The guiding principle is a simple one, and can be applied nearly everywhere. The talk is focused on programming in C.
JDK 12 Security Enhancements JDK 12 has been released! Although there are no major security features in this release, there are quite a few smaller enhancements and useful additions. Below, I have enumerated the enhancements which I think are most interesting. I have also grouped the...
Understanding the Limitations of HTTPS A colleague recently forwarded me an article about the hazards of browsing on public WiFi with the question: “Doesn’t HTTPS fix this?” And the answer is, “Yes, generally.…
How to Track Your Kids (and Other People's Kids) With the TicTocTrack Watch Do you ever hear those stories from your parents along the lines of "when I was young..." and then there's a tale of how risky life was back then compared to today. You know, stuff like having to walk themselves to school without adult supervision, crazy ...
Cryptologie Hey ! I'm David, a security engineer at Facebook. This is my blog about cryptography and security and other related topics that I find interesting.
We have discovered and addressed a security breach. (Updated 2019-04-12) | Matrix.org TL;DR: An attacker gained access to the servers hosting Matrix.org. The intruder had access to the production databases, potentially giving them access to unencrypted message data, password hashes and access tokens. As a precaution, if you're a matrix.org...
Website enumeration insanity: how our personal data is leaked I've just wrapped up a couple of Hack Yourself First workshops down closer to home in Australia and true to usual form, attendees found some absolute zinger security implementations. Previous workshops have found various vulnerabilities ranging from reale...
Verified cryptographic provider a triple threat Working toward provably secure online communications requires a strong foundation on which to build protocols. Enter EverCrypt, a fully verified cryptographic provider offering a comprehensive suite of algorithms, agility, and multiplexing capabilities
Scott Helme Security researcher, entrepreneur and international speaker who specialises in web technologies. Creator of report-uri.com and securityheaders.com
Dotnet-Boxed/Templates .NET project templates with batteries included, providing the minimum amount of code required to get you going faster. - Dotnet-Boxed/Templates
BoringTun, a userspace WireGuard implementation in Rust Today we are happy to release the source code of a project we’ve been working on for the past few months. It is called BoringTun, and is a userspace implementation of the WireGuard® protocol written in Rust.
New AMD EPYC-Powered Amazon EC2 M5ad and R5ad Instances | Amazon Web Services Last year I told you about our New Lower-Cost, AMD-Powered M5a and R5a EC2 Instances. Built on the AWS Nitro System, these instances are powered by custom AMD EPYC processors running at 2.5 GHz. They are priced 10% lower than comparable EC2 M5 and R5 inst...
Understanding STIR/SHAKEN Criminals and unscrupulous robocallers often alter or spoof the calling number of their outbound telephone calls in order to deceive the called party. This deception can be as simple as changing the calling number so it appears that a neighbor is calling.
Steam :: Steamworks Development :: Steamworks SDK v1.44 - New Networking APIs For the past few years we have been working on improving the quality of multiplayer experiences in DotA and CS:GO by relaying the traffic and carrying it on our network backbone. This protects our gameservers from denial-of-service attacks and gives playe...
We need to talk about Session Tickets More specifically, TLS 1.2 Session Tickets. Session Tickets, specified in RFC 5077, are a technique to resume TLS sessions by storing key material encrypted on the clients. In TLS 1.2 they speed up the handshake from two to one round-trips. Unfortunatel...
Introduction Sodium is a modern, easy-to-use software library for encryption, decryption, signatures, password hashing and more.
Cybersecurity for the Public Interest - Schneier on Security The Crypto Wars have been waging off-and-on for a quarter-century. On one side is law enforcement, which wants to be able to break encryption, to access devices and communications of terrorists and criminals. On the other are almost every cryptographer an...
kelseyhightower/kubernetes-the-hard-way Bootstrap Kubernetes the hard way on Google Cloud Platform. No scripts. - kelseyhightower/kubernetes-the-hard-way
Kubernetes 1.12: Kubelet TLS Bootstrap and Azure Virtual Machine Scale Sets (VMSS) Move to General Availability Author: The 1.12 Release Team We’re pleased to announce the delivery of Kubernetes 1.12, our third release of 2018! Today’s release continues to focus on internal improvements and graduating features to stable in Kubernetes. This newest version graduates ...
Crypto Canon - Andreessen Horowitz Here’s a list of crypto readings and resources. It's organized from building blocks and basics; foundations (& history); and key concepts -- followed by specific topics such as governance; priv…
Blockchain Governance: Programming Our Future This post describes why blockchain governance design is one of the most important problems out there, its critical components, current…
Field Notes: Devcon3 - Ethereum Developer's Conference - Andreessen Horowitz Editor's Note: These notes, based on talks at the Ethereum Foundation's third annual developer's conference earlier this month, were shared internally over email, as part of our ongoing sharing of …
AI Progress Measurement This pilot project collects problems and metrics/datasets from the AI research literature, and tracks progress on them. You can use this notebook to see how things are progressing in specific subfields or AI/ML as a whole, as a place to report new results...
Microsecond Resolution Time Services for Windows The Windows Timestamp Project provides high resolution timestamp, timekeeping, NTP synchronization, and timer routines for Windows
vivri/Adjective Programming is an exercise in linguistics; spice-up Scala types with Adjective. - vivri/Adjective
On the Security of Password Managers - Schneier on Security There's new research on the security of password managers, specifically 1Password, Dashlane, KeePass, and Lastpass. This work specifically looks at password leakage on the host computer. That is, does the password manager accidentally leave plaintext copi...
Public-Interest Tech at the RSA Conference - Schneier on Security Our work in cybersecurity is inexorably intertwined with public policy and -- more generally -- the public interest. It's obvious in the debates on encryption and vulnerability disclosure, but it's also part of the policy discussions about the Internet ...
Hacking the GCHQ Backdoor - Schneier on Security Last week, I evaluated the security of a recent GCHQ backdoor proposal for communications systems. Furthering the debate, Nate Cardozo and Seth Schoen of EFF explain how this sort of backdoor can be detected:
Evaluating the GCHQ Exceptional Access Proposal - Schneier on Security The so-called Crypto Wars have been going on for 25 years now. Basically, the FBI -- and some of their peer agencies in the UK, Australia, and elsewhere -- argue that the pervasive use of civilian encryption is hampering their ability to solve crimes and ...
El Chapo's Encryption Defeated by Turning His IT Consultant - Schneier on Security Impressive police work:
New Australian Backdoor Law - Schneier on Security Last week, Australia passed a law giving the government the ability to demand backdoors in computers and communications systems. Details are still to be defined, but it's really bad.
Security of Solid-State-Drive Encryption - Schneier on Security Interesting research: "Self-encrypting deception: weaknesses in the encryption of solid state drives (SSDs)":
Cell Phone Security and Heads of State - Schneier on Security Earlier this week, the New York Times reported that the Russians and the Chinese were eavesdropping on President Donald Trump's personal cell phone and using the information gleaned to better influence his behavior. This should surprise no one. Security e...
draft-irtf-cfrg-gcmsiv-09 - AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption [Docs] [txt|pdf|xml|html] [Tracker] [WG] [Email] [Diff1] [Diff2] [Nits] Versions: (draft-gueron-gcmsiv) 00 01 02 03 04 05 06 07 08 09 RFC 8452
Ext4 Disk Layout - Ext4 This document attempts to describe the on-disk format for ext4 filesystems. The same general ideas should apply to ext2/3 filesystems as well, though they do not support all the features that ext4 supports, and the fields will be shorter.
Modern Alternatives to PGP Did your last Yubikey just break? Perhaps you forgot an offline backup password. Maybe you're just tired of living like a spy and never using smartphones. Whatever it is, you're here, and you're finally ready to give up on PGP. That's great! We're here to...
proposal: x/crypto: deprecate unused, legacy and problematic packages · Issue #30141 · golang/go x/crypto is meant to follow the same philosophy as the rest of the Go cryptography standard libraries: safe, useful subsets of widely used and robust primitives and protocols. Some packages in x/cr...
The year in post-quantum crypto The world is finally catching on to the urgency of deploying post-quantum cryptography: cryptography designed to survive attacks by...
Lecture: The year in post-quantum crypto | Friday | Schedule 35th Chaos Communication Congress Version Voltron
CRYPTO 2018: “Middle Ground” Proposals for a Going-Dark Fix On August 19, the CRYPTO 2018 conference on cryptographic research hosted a one-day workshop in Santa Barbara called “Encryption and Surveillance.” The goal of the workshop was to “examine how encryption and related technologies pose both challenges and o...
D. J. Bernstein / Talks 2020.02.06 16:30 60 minutes invited lecture Germany local researchers [horizontal PDF slides] Security Network Munich, Talking Heads. Giesecke + Devrient. "Crypto horror stories." Talk given jointly with Tanja Lange. 2020.01.30 09:30 60 minutes invited...
Security in Times of Surveillance General information Staff Seminars / Courses Project involvement Publications Education Press releases Upcoming / Past events Job opportunities Contact information
https://cr.yp.to/patents.html Preliminary list of patents and patent applications mentioned in NIST PQC submissions:
Round 1 Submissions - Post-Quantum Cryptography | CSRC Official comments on the First Round Candidate Algorithms should be submitted using the 'Submit Comment' link for the appropriate algorithm. Comments from the pqc-forum Google group subscribers will also be forwarded to the pqc-forum Google group list. We...
Selected Areas in Cryptography (SAC) 2018 | University of Calgary | The 25th Conference on Selected Areas in Cryptography (SAC 2018) will take place at the University of Calgary in Alberta, Canada on August 15-17, 2018 and will be preceded by a summer school SAC Summer School (S3), August 13-14, 2018.
Pitching security vs. privacy is asking the wrong question Pitching security vs. privacy is asking the wrong question
libpqcrypto: Intro libpqcrypto is a new cryptographic software library produced by the PQCRYPTO project.
Security in Times of Surveillance General information Staff Seminars / Courses Project involvement Publications Education Press releases Upcoming / Past events Job opportunities Contact information
https://cr.yp.to/lists.html Don't ask for free advice about djbdns if you haven't read the documentation. Third-party commercial support is available for people who don't have time to read and follow instructions.
The ROBOT Attack Return of Bleichenbacher's Oracle Threat - ROBOT is the return of a 19-year-old vulnerability that allows performing RSA decryption and signing operations with the private key of a TLS server.
Unity Labs Publications | Unity The team in Grenoble does research only and their output is papers. We will use this page to share said papers.
Cloud Data Backup for Small Businesses | CrashPlan CrashPlan for Small Business backup software offers the best way to backup & protect business data securely - offsite, onsite & cloud data backup protection.
nucypher/nufhe NuCypher fully homomorphic encryption (NuFHE) library implemented in Python - nucypher/nufhe
RUB-NDS/TLS-Padding-Oracles New TLS Padding Oracles. Contribute to RUB-NDS/TLS-Padding-Oracles development by creating an account on GitHub.
[paper review] A faster, more efficient cryptocurrency MIT Computer Science & Artificial Intelligence Lab just released some new research. The paper is called Vault: Fast Bootstrapping for Cryptocurrencies. From a high level, it looks like a new cryptocurrency. But it is written as a set of techniques to...
Quantum Computing, Capabilities and Limits: An Interview with Scott Aaronson – Gigaom GigaOm CEO Byron Reese recently sat down with Scott Aaronson to discuss Quantum Computing. Aaronson is the David J. Bruton Jr. Centennial…
Database Encryption A paper on (attacking) database encryption was just released by Paul Grubbs, Marie-Sarah Lacharite, Brice Minaud, and Kenneth G. Paterson. Matthew Green just posted an article about it. I don't know much about database encryption, but from my experience t...
Kerckhoffs’ principles – Why should I make my cipher public? As I understand it, the less people know about the internals of my protocol or cipher, the more secure the protocol is. However Kerckhoffs's principle states that A cryptosystem should be secure...
Proxy re-encryption and FHE with NuCypher In this episode, we sit down with Bogdan Opanchuk and John "Tux" Pacific from NuCypher to chat about their threshold proxy re-encryption technology, how the project aims to provide privacy infrastructure, dig into their nuFHE scheme and explore far along ...
Attack of the week: searchable encryption and the ever-expanding leakage function A few days ago I had the pleasure of hosting Kenny Paterson, who braved snow and historic cold (by Baltimore standards) to come talk to us about encrypted databases. Kenny’s newest result is …
Introducing Adiantum: Encryption for the Next Billion Users Posted by Paul Crowley and Eric Biggers, Android Security & Privacy Team Storage encryption protects your data if your phone falls in...
Quantum computing as a field is obvious bullshit I remember spotting the quantum computing trend when I was a larval physics nerdling. I figured maybe I could get in on the chuckwagon if my dissertation project didn’t work out in a big way…
Zcash Counterfeiting Vulnerability Successfully Remediated - Electric Coin Company Eleven months ago we discovered a counterfeiting vulnerability in the cryptography underlying some kinds of zero-knowledge proofs. This post provides details on the vulnerability, how we fixed it and the steps taken to protect Zcash users.
Why Facts Don’t Change Our Minds New discoveries about the human mind show the limitations of reason.
Going old school: how I replaced Facebook with email In November 2017, I deactivated my account on Facebook. I didn’t leave Facebook for moral reasons back then but more because it was starting to feel like a waste of time and valuable brain cy…
» Whither the Software Artist? (or, How Trip Hawkins Learned to Stop Worrying and Love the Consoles) The Digital Antiquarian One of the places we ran the “Can a computer make you cry?” [advertisement] was in Scientific American. Scientific American readers weren’t even playing videogames. Why the hell are you wasting any of this really expensive advertising? You’re competing wi...
» Agrippa (A Book of the Dead) The Digital Antiquarian Is it the actor or the drama Playing to the gallery? Or is it but the character Of any single member of the audience That forms the plot of each and every play?
» The Game of Everything, Part 9: Civilization and Economics The Digital Antiquarian If the tailor goes to war against the baker, he must henceforth bake his own bread.
» The View from the Trenches (or, Some Deadly Sins of CRPG Design) The Digital Antiquarian From the beginning of this project, I’ve worked to remove the nostalgia factor from my writing about old games, to evaluate each game strictly on its own merits and demerits. I like to think that this approach has made my blog a uniquely enlightening wind...
.NET Design Review: GitHub Quick Reviews 00:00:00 - Approved: Obsolete string.Copy(string) method https://github.com/dotnet/corefx/issues/33602#issuecomment-467551787 00:11:51 - Approved: Expose existing BitOps methods https://github.com/dotnet/corefx/issues/35419#issuecomment-467557134 00:26:...
Tuning a Runtime for Both Productivity and Performance Mei-Chin Tsai and Jared Parsons talk about how Microsoft’s .NET team designed the runtime environment to balance convenience, fast startup, serviceability, low latency, and high throughput. For example, services such as JIT compilation, TypeSystem, garbag...
dotnet/coreclr CoreCLR is the runtime for .NET Core. It includes the garbage collector, JIT compiler, primitive data types and low-level classes. - dotnet/coreclr
MVC is too complex to be usable? · Issue #7039 · dotnet/aspnetcore Is your feature request related to a problem? Please describe. I am evaluating MVC. The problem appears to be that MVC is convoluted rocket science but I must be missing something. Please explain w...
Built in options for running async tasks: Running async tasks on app startup in ASP.NET Core - Part 1 In this post I look at the problem of running one-off tasks asynchronously on app startup in ASP.NET Core. I explore the options and discuss pros and cons
Software Tokens Won't Save You A look at the advantages and disadvantages of using software tokens as an authentication factor, focussing on TOTP.
Built in options for running async tasks: Running async tasks on app startup in ASP.NET Core - Part 1 In this post I look at the problem of running one-off tasks asynchronously on app startup in ASP.NET Core. I explore the options and discuss pros and cons