This is completely nuts... they really want to unleash a security and privacy nightmare. The irony is that it does respect DRM content on the other hand, we can see where the priorities are.

Ever wondered about the state of the art in password cracking? This is not an easy read but a good reference.

An alternative to the venerable sudo coming with systemd. Looks like it has interesting properties.

Maybe a bit dry, but gives a good idea of how a fuzz testing harness works. And also how it can be tweaked.

Interesting study on the brute force attacks against SSH. It gives plenty of insights and leads to a potential approach to detect most of them.

The title says it all. This article is a nice introduction to certificates, how they work, how the trust model is setup, etc.

Interesting article, shows quite well the complexities of D-Bus and Polkit. Unsurprisingly such complexity easily leads to mistakes which can compromise security. This then hints to interesting things to keep in mind when you have to deal with D-Bus and Polkit.

Definitely a good idea, we'd need several such institutes across the world. Would governments be willing to try this?

You think the xz vulnerability was a one time event? Think again, this kind of bullying with ulterior motives happen regularly to critical projects.

Excellent post showing unhealthy consumer/maintainer dynamics in FOSS projects. This particular example was instrumental in getting the xz backdoor in place.

You should be mindful of the dependencies you add. Even more so when the name of the dependency has been proposed by a coding assistant.

Good analysis of the backdoor recently discovered in xz. Really a bad situation. Luckily it was probably detected before it could do any real damage. What's especially striking is the amount of patience it required, it's really been put in place over a long stretch of time to reduce chances of detection.

Those were nasty, good they've been patched already.

This is bad. Unlocking many doors is just a couple of taps a way if you're already a guest.

A trip down memory lane when such attacks were indeed common. Nowadays, we know better though.

Interesting explanation of the guarantees such a system must provide and their consequences.

Definitely this, the software bloat directly impacts the attack surface of what gets shipped. Even though this is far from a panacea in terms of security, it's time for people to critically examine their dependencies also for other reasons.

Indeed, not all security issues are due to memory related problems. It's 20% of the security issues. This is of course massive, but there's still 80% of the security issues coming from wrong authentication, appliances and so on.

The infotainment systems on car are not as locked down as one might think. Another proof of it.

Interesting vulnerability, not all vendors are impacted though. GPU memory leaks can have unforeseen impacts.