The Summercon community is heartbroken over the loss of Sophia d'Antoine. An inspiring speaker and cherished friend, Sophia d’Antoine's contributions to Summercon and the infosec community were immeasurable. We offer our heartfelt condolences to her family and all who loved her.

R.I.P. Sophia 🥲

❄️ ❤️

The Seiko DATA-2000 (1984) was a smartwatch that came with a removable, external keyboard

The System Shock OST on iTunes has all tracks duplicated with their Sound Blaster 2 Version and this just makes me euphoric.

I've been reverse engineering the xz backdoor this weekend and have documented the payload format and written a proof-of-concept exploit for the RCE. The payloads are signed with an ED448 key, so I patched my own key into the backdoor for testing. :-)

github.com/amlweems/xzbot

No systemd or OS, immutable append only transparency log for all dependencies, single SBOM file, no system() to speak of, single ecosystem for the entire code base.

This doesn’t solve all problems but I feel much more in control.

If you are worried about backdoors think of bugdoors…

Don't touch an AM radio tower—unless you want to scream out in pain while your finger is playing a commercial!

The xz backdoor just got even *more* interesting… (h/t Filippo Valsorda @filippo.abyssdomain.expert )

One of the best infosec events ever created and, for me, a career changing one. I feel so privileged to have presented there 5 times.

Slides of my CanSecWest talk are now published!

This device runs pure bare metal Go code, all reproducible, outmost transparency even if Secure Booted and locked down.

Your SBOM is go.mod and not a single line of C in sight, all memory safe.

Slides: github.com/abarisani/abar…

Last week, Andrea Barisani presented the hardware component of the Armored Witness at CanSecWest. github.com/abarisani/abar…

This work builds on the work we did in the Transparency team at Google to bring cryptographic verifiability to more applications.

This is the team behind

What’s your cybersecurity take that has you feeling like this?

Congratulations! Working with Al (Al Cutter) is even more of a privilege now!

Redis is no longer open source?
I guess they gave up on their key values 🥁