Feed cleverhans-blog [copy] http://www.cleverhans.io/feed.xml has loading error: cURL error 22: The requested URL returned error: 404
Feed Security (b)log [copy] http://securityblogru.livejournal.com/data/rss has loading error: cURL error 22: The requested URL returned error: 403 Forbidden
Feed [bodyawm] Богдан [copy] https://habr.com/ru/rss/users/bodyawm/articles/?fl=ru has loading error: cURL error 22: The requested URL returned error: 404
On Microsoft’s Lousy Cloud Security
ProPublica has a scoop:
In late 2024, the federal government’s cybersecurity evaluators rendered a troubling verdict on one of Microsoft’s biggest cloud computing offerings.
The tech giant’s “lack of proper detailed security documentation” left reviewers with a “lack of confidence in assessing the system’s overall security posture,” according to an internal government report reviewed by ProPublica.
Or, as one member of the team put it: “The package is a pile of shit.”
For years, reviewers said, Microsoft had tried and failed to fully explain how it protects sensitive information in the cloud as it hops from server to server across the digital terrain. Given...
«Потребительская корзина»: игра на табло покупателя
Однажды на онлайн-барахолке мне на глаза попался так называемый «дисплей покупателя» — алфавитно-цифровое табло, которое стоит на кассе и показывает текущий товар в чеке и сумму покупки. Это был старый экземпляр, с красивым зелёным VFD-дисплеем, да и стоил он копейки. Пройти мимо я не смог. Ну а потом, как и многие обладатели очумелых ручек до меня, захотел сделать какую-нибудь самоделку на его основе.
Конечно, можно было бы засунуть туда ESP-шку и сделать погодную станцию, часы, или транслировать уведомления о новых сообщениях в ТГ и WhatsApp. Это всё, безусловно, по-своему интересно. Но самым большим моим увлечением являются игры. И поэтому я решил...
Hyperliquid outperforms other major coins, eyes further gains
Key takeaways
HYPE is up 10% in the last 24 hours, outperforming the other major cryptocurrencies. The coin could surge towards the $50 psychological level in the near term. Hyperliquid (HYPE) nears $40 as US-Iran ceasefire boosts market sentimentHYPE, the native coin of the Hyperliquid DEX, is approaching the $40 mark on Wednesday, extending its recovery linked to the US-Iran ceasefire.
Retail demand for HYPE continues to rise, driving increased futures Open Interest amid a broader market rally. Technically, HYPE has broken out of a falling channel pattern on the 4-hour chart, signaling a bullish near-term outlook.
Throughout the US-Iran conflict, Hyperliquid showed resilience, with...
Python Supply-Chain Compromise
This is news:
A malicious supply chain compromise has been identified in the Python Package Index package litellm version 1.82.8. The published wheel contains a malicious .pth file (litellm_init.pth, 34,628 bytes) which is automatically executed by the Python interpreter on every startup, without requiring any explicit import of the litellm module.
There are a lot of really boring things we need to do to help secure all of these critical libraries: SBOMs, SLSA, SigStore. But we have to do them.
GPN24: Update zu Finanzierung, Merchandise und Call for Participation
Die GPN24 findet statt
Dank der großartigen Unterstützung der Community können wir auch dieses Jahr die GPN veranstalten. Wir bedanken uns sehr herzlich bei allen, die mit ihren Spenden diese Veranstaltung ermöglichen. Der aktuelle Stand der Spenden-Kampagne ist auf donate.gulas.ch zu finden. Das Ziel 80.000 € haben wir geknackt, damit ist die GPN24 gesichert. Weitere Unterstützung werden wir in eine noch schönere GPN, die nächsten Veranstaltungen und das GPN-Lager investieren.
Alle Plätze für die Veranstaltung sind bereits durch Anmeldungen vergeben. Vor Ort stellen wir für Besuchende aus dem Karlsruher Einzugsgebiet noch begrenzt kostenlose Tagespässe zur Verfügung.
Wir informieren über die Verfügbarkeit der Tagespässe während...
Announcing the Juan Benet Podcast: Launching With First Guest Max Hodak, CEO of Science Corp
Juan Benet Podcast launches with Max Hodak on neurotech, brain interfaces, Fast R&D, and more.
Cybersecurity in the Age of Instant Software
AI is rapidly changing how software is written, deployed, and used. Trends point to a future where AIs can write custom software quickly and easily: “instant software.” Taken to an extreme, it might become easier for a user to have an AI write an application on demand—a spreadsheet, for example—and delete it when you’re done using it than to buy one commercially. Future systems could include a mix: both traditional long-term software and ephemeral instant software that is constantly being written, deployed, modified, and deleted.
AI is changing cybersecurity as well. In particular, AI systems are getting better at finding and...
Hong Kong Police Can Force You to Reveal Your Encryption Keys
According to a new law, the Hong Kong police can demand that you reveal the encryption keys protecting your computer, phone, hard drives, etc.—even if you are just transiting the airport.
In a security alert dated March 26, the U.S. Consulate General said that, on March 23, 2026, Hong Kong authorities changed the rules governing enforcement of the National Security Law. Under the revised framework, police can require individuals to provide passwords or other assistance to access personal electronic devices, including cellphones and laptops.
The consulate warned that refusal to comply is now a criminal offense. It also said authorities have expanded...
New Mexico’s Meta Ruling and Encryption
Mike Masnick points out that the recent New Mexico court ruling against Meta has some bad implications for end-to-end encryption, and security in general:
If the “design choices create liability” framework seems worrying in the abstract, the New Mexico case provides a concrete example of where it leads in practice.
One of the key pieces of evidence the New Mexico attorney general used against Meta was the company’s 2023 decision to add end-to-end encryption to Facebook Messenger. The argument went like this: predators used Messenger to groom minors and exchange child sexual abuse material. By encrypting those messages, Meta made it...
Google Wants to Transition to Post-Quantum Cryptography by 2029
Google says that it will fully transition to post-quantum cryptography by 2029. I think this is a good move, not because I think we will have a useful quantum computer anywhere near that year, but because crypto-agility is always a good thing.
Slashdot thread.