Lightnews — Scholar-powered news

Reposted by aurelsec

Aurore Fass @aurore-fass.bsky.social · 21h

Last chance to (self-) nominate for USENIX Security'26 Artifact Evaluation Committee!
You should expect a low load of ~1 artifact for functionality/reproducibility assessments per cycle (max 3 for the whole year).

Please support Open Science and fill the form by Oct 17: forms.gle/WoYRX4govNY1... 🚀

(Self-)Nomination for the USENIX Security '26 Artifact Evaluation Committee (AEC)

For the seventh year, USENIX Security allows the evaluation of artifacts that support a paper: software, hardware, evaluation data and documentation, raw measurement data, raw survey results, mechaniz...

forms.gle

7 7

aurelsec @aurelsec.bsky.social · 6d

Merci pour le post :)

1

Reposted by aurelsec

Hervé Schauer @herve-schauer.bsky.social · 6d

À #SecSea2k5 Aurélien Francillon d'Eurecom relate les expériences hallucinantes d'écoutes en reconnectant avec les documents NSA déclassifiés en parallèle 😁
✅ Bluetooth 😧
✅ JTAG fait tout fuiter "quand le 𝑗𝑖𝑡𝑡𝑒𝑟 révèle le calcul de la puce" 👏🏻
Génial 👍🏻

1 3 7

Reposted by aurelsec

Electronic Frontier Foundation @eff.org · 10d

The Danish Presidency is pushing a dangerous proposal in the EU that would allow the government to scan all our private communications. www.eff.org/deeplinks/2...

Chat Control Is Back on the Menu in the EU. It Still Must Be Stopped

The European Union Council is once again debating its controversial message scanning proposal, aka “Chat Control,” that would lead to the scanning of private conversations of billions of people. Chat

www.eff.org

1 77 120

Reposted by aurelsec

Suzanne Smalley @suzannesmalley.bsky.social · 10d

Signal to leave EU rather than comply w/ Chat Control, which would scan all messages sent over end-to-end encrypted platforms. Vote on Chat Control's future Oct 14. Germany is the swing vote. Officials there opposed the measure in past but new govt silent re position
therecord.media/signal-calls...

Signal calls on Germany to vote against ‘Chat Control,’ saying it would leave EU market

The head of the Signal Foundation raised concerns around Germany now refusing to say whether it will support Chat Control in an upcoming vote.

therecord.media

13 21

aurelsec @aurelsec.bsky.social · 10d

Source: American Cryptology During the Cold War, 1945-1989 Book III: Retrenchment and Reform, 1972-1980 (declassified)
archive.org/details/cold...
Which I found thanks to this nice article by @hashbreather.bsky.social
blog.cr.yp.to/20251004-wea...

cr.yp.to: 2025.10.04: NSA and IETF

blog.cr.yp.to

aurelsec @aurelsec.bsky.social · 10d

Interesting story how DES 56 became a 56-bit key algorithm (while having a 64-bit block size):
"NSA tried to convince IBM to reduce the length of the key from 64 to 48 bits. Ultimately, they compromised on a 56-bit key."

1 2 3

Reposted by aurelsec

Nicolas Henin 🇪🇺💙💛 @nicolashenin.net · 10d

Archives du 26 juillet 2024 : Emmanuel Macron écarte l'option d'un gouvernement mené par @luciecastets.bsky.social au nom de "la stabilité institutionnelle".

Emmanuel Macron écarte l'option d'un gouvernement de gauche au nom de "la stabilité institutionnelle" | TF1 INFO

[VIDÉO] Emmanuel Macron a exclu lundi soir l'idée de nommer un Premier ministre issu du Nouveau Front populaire. Les représentants de l'alliance de gauche dénoncent "un coup de force" et appellent à u...

www.tf1info.fr

52 710 1.4K

aurelsec @aurelsec.bsky.social · 17d

Tomorrow at 6:30 PM the EU Green Parliament group holds a webinar on #ChatControl
act.greens-efa.eu/chatcontrol

Stop Chat Control: Why scanning all our private messages is a very bad idea

🔴 Webinar - Tue 30 Sep 18.30h CEST

act.greens-efa.eu

4 4

Reposted by aurelsec

Natanael, Tech janitor @natanael.bsky.social · 23d

"Bad news: The proposal is going forward to be voted on on October 14th, and there's still no blocking minority achieved, as Germany reverted its position to undecided.

Good news: There is still time to fight back!"

Shut this monstrosity down NOW

The battle to stop Chat Control continues, act now!

Unfortunately, the battle against Chat Control continues this month. For human rights, for civil liberties, for safety, and for democracy, this privacy-wrecking proposal must be stopped. We need your ...

www.privacyguides.org

10 11

Reposted by aurelsec

EURECOM Library @eurecom-library.bsky.social · Sep 16

Le projet de loi pour espionner vos conversations privées #WhatsApp revient sur la table, l’opposition se mobilise 01net.com/actualites/l... via @01net.com
#EURECOM
@aurelsec.bsky.social

Le projet de loi pour espionner vos conversations privées WhatsApp revient sur la table, l'opposition se mobilise

Le projet de règlement européen CSAR (appelé « chatcontrol » par ses opposants, pour « contrôle des conversations ») revient sur le devant de la scène, et les scientifiques tirent (à nouveau) la sonne...

01net.com

1 2

Reposted by aurelsec

Phrack Zine @phrack.org · Aug 18

At long last - Phrack 72 has been released online for your reading pleasure!

Check it out: phrack.org

The table of contents for Phrack 72 from phrack.org

61 120

Reposted by aurelsec

Travis Campbell @hcoyote.bsky.social · Aug 18

Phrack 72 released today. phrack.org/issues/72/1

It got me thinking. I first read Phrack back in the 90's as I started hanging out on IRC (maybe '93 or '94?), as I was learning about FreeBSD and later, Linux. It must have been Phrack 43-45 where I started.

What a wild ride on the Internet.

.:: Phrack Magazine ::.

Phrack staff website.

phrack.org

1 5 7

Reposted by aurelsec

pinkflawd.bsky.social @pinkflawd.bsky.social · Aug 18

I reverse engineered Lockbit's Linux ESXi variant, also explaining how I did some of the steps! For the fun of it, cause reverse engineering is lots of fun. Enjoy!
hackandcheese.com/posts/blog1_...

1 5 11

Reposted by aurelsec

pinkflawd.bsky.social @pinkflawd.bsky.social · Aug 14

@blackhoodie.bsky.social will be at @sec-t.bsky.social on September 10th with a training on Linux Malware Reverse Engineering, for women by women! We have very few seats left 😁 blackhoodie.re/SecT2025/

9 12

Reposted by aurelsec

wootsecurity.bsky.social @wootsecurity.bsky.social · Jul 17

Discounted early bird registration for WOOT '25 is still open until Monday - www.usenix.org/conference/w... - join us in Seattle on Aug 11/12 (right before USENIX Security) for talks and discussions on great cutting-edge offensive security research. Full program at www.usenix.org/conference/w...

WOOT '25 Technical Sessions

www.usenix.org

1 5 3

Reposted by aurelsec

Mathy Vanhoef @vanhoefm.bsky.social · Jul 12

Our research on open tunneling servers got nominated for the Most Innovative Research award :)

The work will be presented by Angelos Beitis at Black Hat and also at USENIX Security

Brief summary and code: github.com/vanhoefm/tun...
Paper: papers.mathyvanhoef.com/usenix2025-t...

6 6

Reposted by aurelsec

Nain Portekoi @nainportekoi.bsky.social · Jul 9

Une pétition vient d'être lancée sur le site de l'AN pour demander au gouvernement français d'arrêter d'utiliser X pour ses communications officielles.
Je l'ai évidemment signée.
Avec toi ?
(Et on fait tourner l'info)
petitions.assemblee-nationale.fr/initiatives/...

Cesser d'utiliser X (anciennement Twitter) pour les communications officielles du gouvernement - Cesser d'utiliser X (anciennement Twitter) pour les communications officielles du gouvernement - Platef...

Cessez d'utiliser cette plateforme comme l'un des principaux porte-parole des communications officielles en France. Il existe des alternatives bien mieux modérées et régulées, et il est même possible ...

petitions.assemblee-nationale.fr

12 79 140

aurelsec @aurelsec.bsky.social · Jul 7

Détecter les contenus pédocriminels en ligne : quelles options techniques ? Quels risques pour la vie privée ?
theconversation.com/detecter-les...

Détecter les contenus pédocriminels en ligne : quelles options techniques ? Quels risques pour la vie privée ?

Peut-on détecter automatiquement les contenus pédopornographiques en ligne sans ouvrir la voie à la surveillance de masse ?

theconversation.com

Reposted by aurelsec

Henry Mance @henrymance.ft.com · Jun 20

Huge implications from this: Microsoft cut off the email of the chief prosecutor of the International Criminal Court, because of his work on Israel www.nytimes.com/2025/06/20/t...

40 710 1.3K

Reposted by aurelsec

wootsecurity.bsky.social @wootsecurity.bsky.social · Jun 19

Zonenberg et al. extract its one-time programmable memory through passive voltage contrast 🔬 using a focused ion beam ⚡: www.usenix.org/conference/w...

Extraction of Secrets from 40nm CMOS Gate Dielectric Breakdown Antifuses by FIB Passive Voltage Contrast | USENIXusenix_logo_notag_white

www.usenix.org

1 2

Reposted by aurelsec

wootsecurity.bsky.social @wootsecurity.bsky.social · Jun 19

Two winners of the RP2350 Hacking Challenge will present their results at WOOT!

Muench et al. break its secure boot guarantees through voltage, electromagnetic, and laser fault injection 💥 techniques: www.usenix.org/conference/w...

Security through Transparency: Tales from the RP2350 Hacking Challenge | USENIXusenix_logo_notag_white

www.usenix.org

1 3 7

Reposted by aurelsec

Daniel Klischies @dklischies.bsky.social · May 28

Our OffensiveCon talk on stateful baseband emulation (and how improper string handling led to baseband RCE) is available on YouTube: youtu.be/zoAITq7jUM8. It has been a pleasure; awesome conference, brilliant people. Slides and paper: www.danielklischies.net/research/bas...

OffensiveCon25 - Daniel Klischies and David Hirsch

YouTube video by OffensiveCon

youtu.be

3 9

Reposted by aurelsec

Ars Technica @arstechnica.com · May 14

Since mid-2024, Google has refused to reinstate the access Nextcloud needs for uploading and syncing other file types to its host-your-own cloud platform.

“Google wanted that”: Nextcloud decries Android permissions as “gatekeeping”

Without full file access, it’s kind of hard to use your own cloud.

arstechnica.com

9 28

Reposted by aurelsec

Clémentine Maurice @bloody-tangerine.bsky.social · May 14

Haven't seen this on Bluesky yet: S&P 2027 will take place in Montreal, Canada!

2 17 29