Skip to main content


[Foreshadow: Breaking the Virtual Memory Abstraction with Transient Out-of-Order Execution](https://foreshadowattack.eu/)

#foreshadow #intel #hardware #security

-another mega bug brought to you by INTEL!




[Frank Abagnale: "Catch Me If You Can" | Talks at Google - YouTube](https://www.youtube.com/watch?v=vsMydMDi3rI)

#security #mustwatch #talks

"For Google's Security and Privacy Month, we are honored to present the real Frank Abagnale, Renowned Cybersecurity And Fraud Prevention Expert, Bestselling Author & Subject of Catch Me If You Can. His transformation from one of the world’s most notorious con men to an international cybersecurity expert trusted by the FBI has been mythologized in film and literature – but the takeaways he shares are the real deal. Frank's contributions to the world of security are immeasurable. He has become a hero to hundreds of public and private sector organizations for his indispensable counsel and strategic insight on safeguarding information systems and combating cyber-fraud. With an eye on the latest techniques developed by high-tech criminals to deceive and defraud, Frank leaves audiences with a deep understanding of today’s evolving security landscape, and more importantly, a vision of how to make the world a safer place."




[The Ken Thompson Hack](http://wiki.c2.com/?TheKenThompsonHack)

"In 1984 KenThompson was presented with the ACM TuringAward. Ken's acceptance speech Reflections On Trusting Trust (http://cm.bell-labs.com/who/ken/trust.html) describes a hack (in every sense), the most subversive ever perpetrated, nothing less than the root password of all evil.

Ken describes how he injected a virus into a compiler. Not only did his compiler know it was compiling the login function and inject a backdoor, but it also knew when it was compiling itself and injected the backdoor generator into the compiler it was creating. The source code for the compiler thereafter contains no evidence of either virus.

Ken wrote, In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program gets lower, these bugs will be harder and harder to detect. A well installed microcode bug will be almost impossible to detect."

#floss #security #unix #computerhistory




[Why Isn’t Telegram End-to-End Encrypted by Default? – Telegraph](http://telegra.ph/Why-Isnt-Telegram-End-to-End-Encrypted-by-Default-08-14)

"I've been getting this question more often this year. It's based on the wrong assumption that some other popular messaging apps such as WhatsApp are "end-to-end encrypted by default", while Telegram is not. This post is intended to disprove this myth that has been so carefully crafted by Facebook/WhatsApp marketing efforts. Let’s start from the basics."

#openweb #privacy #security #signal #telegram #whatsapp


This website uses cookies to recognize revisiting and logged in users. You accept the usage of these cookies by continue browsing this website.