The headline was bit sensationalist. So, I shortened it.

> A video summary by Faan Rossouw of the Malware of the Day - XenoRAT///

> 🔗 Blog post located here: https://www.activecountermeasures.com/malware-of-the-day-xenorat/

> Backdoor found in xz liblzma specifically targets the RSA implementation of OpenSSH. Story still developing.https://openwall.com/lists/oss-security/2024/03/2...

AI summary of transcript:

> groundbreaking exploration into transmitting LoRaWAN signals via unconventional means—utilizing microcontrollers lacking native radio functionalities. By tweaking GPIO pins on devices like the CH32V203, ESP32-S2, and ESP8266, OP demonstrates how to generate RF signals strong enough to communicate with commercial LoRaWAN gateways and access the internet. This method deviates from traditional approaches that rely on specific radio chips or RF capabilities. The experiment not only surpasses expectations in terms of signal transmission distance but also showcases a novel blend of ingenuity and technical prowess. Through this project, the resilience and adaptability of LoRa technology are put on full display, proving its capability to facilitate long-range communications under inventive conditions. The venture into RF technology and signal generation through hardware manipulation opens new avenues for utilizing microcontrollers in ways previously deemed impractical, marking a significant achievement in the field.

Hosky speaks at length about selective disclosure regimes using Midnight.

Privacy protocol closed devnet opens up soon.

DO NOT try this EVER.

The feds will show up at your house and arrest you in less than 30 minutes.

> Welcome to the Advanced Meshtastic Series. We'll be getting into some of the more advanced things you can do with Meshtastic.

> Programs aren't capable of generating true random numbers, so how can we? Are they even useful? Dr Valerio Giuffrida demonstrates how to get a true random number from most computers.

I just learned about this podcast today. Enjoy!

In this talk we will discuss the radio jailbreaking journey that enabled us to perform the first public disclosure and security analysis of the proprietary cryptography used in TETRA (Terrestrial Trunked Radio): a European standard for trunked radio globally used by government agencies, police, prisons, emergency services and military operators. Besides governemental applications, TETRA is also widely deployed in industrial environments such as factory campuses, harbor container terminals and airports, as well as critical infrastructure such as SCADA telecontrol of oil rigs, pipelines, transportation and electric and water utilities. For over two decades, the underlying algorithms have remained secret and bound with restrictive NDAs prohibiting public scrutiny of this highly critical technology. As such, TETRA was one of the last bastions of widely deployed secret proprietary cryptography. We will discuss in detail how we managed to obtain the primitives and remain legally at liberty to publish our findings.

Part 2

Part 3

Part 4

> The motivation for Formal Verification > Security of smart contracts is still a crucial challenge: we all remember the DAO, parity hacks, a bunch of smaller attacks and the most recent delayed hard fork. We would like to see the future in which we can be way more confident about our code. > > Depending how you count, event over a half a billion dollars (by today’s Ethereum evaluation), was lost in a couple of biggest smart contract hacks. > > What about if behind every responsible piece of code stands pure solid mathematics instead of personal conviction of developers? With formal verification tools for Ethereum finally maturing, it is now not only possible but also practical. > > In this and following post we will be getting step by step into the world of K-framework, which allows to formally verify EVM smart contracts.

> Spies used to meet in the park to exchange code words, now things have moved on - Robert Miles explains the principle of Public/Private Key Cryptography > > note1: Yes, it should have been 'Obi Wan' not 'Obi One' :) > note2: The string of 'garbage' text in the two examples should have been different to illustrate more clearly that there are two different systems in use.

> Sipeed Lichee Pi 4A RISC-V SBC review and Debian demo. This is the first RISC-V computer I’ve tested that's provided a usable desktop computing experience right out of the box. End-user RISC-V is starting to arrive! :) > > You can learn more about the Lichee Pi 4A on its web page here: > https://sipeed.com/licheepi4a > > And the board has excellent documentation here: > https://wiki.sipeed.com/licheepi4a.html > > Note that the hardware I used in this video was purchased from AliExpress: > https://www.aliexpress.com/item/10050... > > I have reviewed four previous RISC-V SBCs, including the StarFive VisionFive 2, which also (after some messing around) provides a good desktop experience: > > > • VisionFive 2: RISC-V Quad Core Low Co... > > I also have an 2023 update on RISC-V developments here: > > > • RISC-V 2023 Update: From Embedded Com... > > And my general introduction to RISC-V is here: > > > • Explaining RISC-V: An x86 & ARM Alter... > > For additional ExplainingComputers videos and other content, you learn about becoming a channel member here: > > > / @explainingcomputers > > More videos on computing and related topics can be found at: > > > / @explainingcomputers > > You may also like my ExplainingTheFuture channel at: > > / @explainingthefuture > > Chapters: > 00:00 Introduction > 00:45 Unboxing > 03:33 Specifications > 07:26 First Boot > 10:37 Debian Demo > 18:10 Another Milestone

> Slides - https://authress.io/l/codemotion > > Conference: > Codemotion Madrid 2023 > https://talks.codemotion.com/why-you-...

Can someone recommend a more secure method? I've been told many times that using git for secret management would present a potential vulnerability.