A Dutch bank (Triodos Bankieren NL) has added explicit support for GrapheneOS and will be testing it going forward: github.com/PrivSec-dev/ba… They join a growing number of banking apps actively permitting users to use a much more secure device instead of trying to ban it instead.

Seriously considering just disabling our old forums (that were already in archived/read-only mode) entirely for good, the AI scrapers are completely out of control.

Latest ranking of cybersecurity conferences and journals by Google Scholar - scholar.google.com/citations?view… All 13 cybersecurity conferences in the Google list are also in the list of top 15 - jianying.space/conference-ran… #cybersecurity, #ranking

Seems like a good change to me: googleprojectzero.blogspot.com/2025/07/report… I was just wondering yesterday why years ago it seemed like P0 was pushing the industry forward wrt this vs lately it seemed like it settled back into just doing whatever upstream Linux wanted

2/ ipv4.games is a website I run which lets you compete for control of the IPv4 address space. If you can get a computer connected to the Internet to send an HTTP or HTTPS request to my website, then you can claim that computer's IP.

This was a very good read: usenix.org/conference/use…

At #USENIXSecurity? Then check out: Studying the Use of CVEs in Academia, won distinguished paper award usenix.org/conference/use… Discovering and Exploiting Vulnerable Tunnelling Hosts, won most innovative research Pwnie@DEFCON usenix.org/conference/use… Big thanks to co-authors!!

Cool job at NLnet : nlnet.nl/foundation/job…

When using WPA2, an adversary can passively decrypt frames (after capturing the handshake during the connection process). With WPA3, the attacker can still create a rogue AP with the same name and password. So attacks remain possible, just requires executing a few more scripts.

You too can crash today's 6.12.43 LTS kernel thanks to a stable maintainer's AI slop. All you need is CAP_SYS_RESOURCE, modern systemd, and this: 40 b7 40 c1 e7 18 83 ef 08 57 57 31 ff 40 b7 07 31 c0 b0 a0 48 89 e6 0f 05 5e ff ce 31 ff b0 21 0f 05 Look at all this extra space!

🔥 So, at DEF CON there was a talk about deobfuscation: VMDragonSlayer by Agostino Panico @localhost. The author released the code and there's clearly huge amounts of AI slop.🤖 Now, WE WENT TO THE TALK and spoke with the speaker after the talk. 🧵

Bypassing TLS Verification on Nintendo Switch by Yannik Marchand reversing.live/sslbypass.html

Just so everyone is aware about ExpressVPN, PIA and others:

A while ago I taught an Android programming class. If Google's plan to demand government ID from programmers for the privilege of running their programs on Android is realized, I don't think I'll ever teach one again. I wouldn't want to endorse such a platform to the students.

90% of the time you don’t need a DevOps guy. You need a C++ guy, a SQL guy, and one fat server with a lot of ram. StackOverflow used to run on *one* SQL Server with a hot spare. Peaked Alexa Rank #36, 10+ Million visits a day.

How long until they start injecting subtle ads into LLM responses (or purposely biasing training data to promote products)

🚀 Exciting update: I'll be graduating in ~6 months with a PhD in Computer Science (Cybersecurity) from UC Riverside. I’m actively exploring full-time researcher roles—focused on networking, security, wireless, cryptography, and protocol design/attacks. 🏆 My work has led to: •

Yes! SQLite is *completely* different than PG or MySQL. With a client/server db, you want a small number of large queries to reduce network overhead. With an embedded db, you want a large number of small queries to maximize indexes and in-memory data.