Thoughts on the XZ Utils Backdoor
The open-source community narrowly avoided a major security crisis with the discovery of a critical vulnerability (CVE-2024-3094) and backdoor that was discovered in XZ Utils, a data compression library used by many Linux distributions. XZ Utils provides a collection of command-line tools and libraries for lossless data compression using the LZMA algorithm. The most prominent […]
Crypto King Sentenced: FTX scandal leads to accountability
FTX, once a leading cryptocurrency exchange, crumbled in November 2022 after a massive fraud orchestrated by its founder, Sam Bankman-Fried (SBF). SBF diverted billions of dollars in customer funds for personal use, risky investments, and political donations. The house of cards began to topple when reports surfaced about FTX’s close ties to Alameda Research, a […]
ICANN Proposes a dedicated .internal TLD for internal networks
The organization that governs domain names on the internet, ICANN (Internet Corporation for Assigned Names and Numbers), is proposing a new type of top level domain (TLD) specifically designed for internal use within organizations. Unlike the familiar .com or .org suffixes, this new TLD, called “.INTERNAL,” would never be accessible from the public internet, similar […]
France’s floored proposal to block websites using browser-based methods
The French government has proposed a dystopian security measure to block websites inside the browser and hopes to compel browser providers like Mozilla and Google to implement a solution to enable this capability. Article 6 of the proposed SREN Bill would compel browser providers to block websites based on a government-provided list, aiming to combat […]
New Dutch Intelligence law aims to remove safeguards for hacking non-targets
The Netherlands Government has proposed a law to enable law enforcement and intelligence agencies to not only intercept communications of a specific hacking group but also the victims of that group. For instance, if a hacking group targeted your computer and there’s a warrant against that group, Dutch services can automatically monitor your communications without […]
Reflecting on the 10th Anniversary of the Snowden revelations
The Snowden revelations, which started 10 years ago today, exposed a vast, far-reaching, and complex system of surveillance capabilities built and operated by intelligence agencies, primarily the National Security Agency (NSA) and its partners known as the Five Eyes. These revelations had a profound impact on public understanding of government surveillance, privacy rights, and the balance between national security and civil liberties.
The Collapse of Silicon Valley Bank: Understanding your risk exposure
Silicon Valley Bank, founded in 1983 and was the 16th largest bank in US, collapsed on Friday after failing to raise capital. This is the largest bank failure since the 2008 financial crisis. Silicon Valley Bank (SVB) was the bank of choice for venture capital and startups, and was where startups would park their money […]
On the “sophisticated” tracking device found in the vehicle of Eskom’s CEO
Several media outlets including the Sunday Times and News24 recently reported that a “sophisticated tracking device” was found under the driver’s seat in the car of Andre de Ruyter, the CEO of Eskom, South Africa’s troubled power utility provider. De Ruyter hired a firm to investigate the origins and capabilities of the device said that […]
Anomalous BGP announcements and the massive Facebook outage
Earlier today, Facebook experienced a 6 hour long outage that took out several services including Facebook, WhatsApp and Instagram. This is the not the first time that Facebook has had a significant outage, in 2015, Instagram’s TLS certificate expired, a software bug caused an outage in 2016 and in 2019, a server misconfiguration caused a […]
Apple betrays its values with privacy invasive Content Scanning Technology
Earlier this month, Apple announced three new “Child Safety” initiatives: First, new communication tools will enable parents to play a more informed role in helping their children navigate communication online. The Messages app will use on-device machine learning to warn about sensitive content, while keeping private communications unreadable by Apple. Next, iOS and iPadOS will […]