Toots for jaromil@mastodon.social account

Written by J @ Dyne.org on 2025-01-28 at 15:33

Everybody knows that the dice are loaded

Everybody rolls with their fingers crossed

Everybody knows the war is over

Everybody knows the good guys lost

Everybody knows the fight was fixed

The poor stay poor, the rich get rich.

That's how it goes. Everybody knows.

Everybody knows that the boat is leaking

Everybody knows that the captain lied

... - Leonard Cohen

=> View attached media

=> More informations about this toot | View the thread

Written by J @ Dyne.org on 2025-01-28 at 08:09

Exploiting the Fiat-Shamir vulnerability one can steal all the assets of a ZK-rollup, submitting a proof for an invalid state transition.

https://eprint.iacr.org/2025/118

One more known attack on zero-knowledge circuits, like 00 and Frozen Heart on PLONK and the Last Challenge on KZG-based SNARK.

https://eprint.iacr.org/2025/118

=> More informations about this toot | View the thread

Written by J @ Dyne.org on 2025-01-24 at 17:01

Looking at what is being developed today, the lesson hasn't been learned: we are thinking about strengthening the algorithms and applying cryptographic agility, while overlooking looming architectural issues inherited by legacy systems, placing more trust in stronger hardware than smarter design.

=> More informations about this toot | View the thread

Written by J @ Dyne.org on 2025-01-24 at 17:00

Throwback: the Crowdstrike BSOD https://news.dyne.org/worldwide-outage-2024-early-reflections-on-the-crowdstrike-bsod/ 6 months ago a worldwide outage of vital infrastructure was caused by a centralized software architecture failure. Resilience and decentralization anyone?

https://news.dyne.org/worldwide-outage-2024-early-reflections-on-the-crowdstrike-bsod/

=> More informations about this toot | View the thread

Written by J @ Dyne.org on 2025-01-23 at 16:57

2024 recap on electoral manipulations operated through social media https://www.friendsofeurope.org/insights/critical-thinking-democracy-at-risk-media-warfare-and-the-role-of-technology-in-modern-elections/ let it be useful to break some spell and prepare for the future.

https://www.friendsofeurope.org/insights/critical-thinking-democracy-at-risk-media-warfare-and-the-role-of-technology-in-modern-elections/

=> More informations about this toot | View the thread

Written by J @ Dyne.org on 2025-01-21 at 14:29

In a few weeks, we will release a major update of tomb, the file encryption tool I wrote two decades ago as a private backup script, popular among activists in war zones, US Army operatives and veterans. Among the highlights is the fact that tombs made twenty years ago can still be opened with the latest version, today. Curious to try it? your distro has it! works on WSL2 and can encrypt volumes in the cloud.

apt-get install tomb; man tomb

https://toot.community/@dyne/113866470642029687

=> More informations about this toot | View the thread

Written by J @ Dyne.org on 2025-01-20 at 18:15

Qui la notizia sul fatto quotidiano https://www.ilfattoquotidiano.it/2025/01/19/cesena-hacker-giovane-voti-pagella-rotte-petroliere-mediterraneo-denuncia-procura-bologna/7843101/

=> More informations about this toot | View the thread

Written by J @ Dyne.org on 2025-01-20 at 18:15

4. Qui il problema non e' un quindicenne bravo e con tutto il tempo del mondo, ma la debolezza delle tecnologie e la superficialità di impiego secondo interessi economici che tralascia qualità e trasparenza. L'applicazione di crittografia e software libero sono importanti.

=> More informations about this toot | View the thread

Written by J @ Dyne.org on 2025-01-20 at 18:14

3. Il "Sistema di Identificazione Automatica" (AIS) usato per le rotte è un protocollo in chiaro (senza crittografia) e particolarmente debole: deviare imbarcazioni civili e' semplice una volta ottenuto l’accesso ad una fonte di informazioni considerata vera dal sistema di navigazione.

=> More informations about this toot | View the thread

Written by J @ Dyne.org on 2025-01-20 at 18:13

2. La digitalizzazione crea sempre debiti tecnici: in contesti con poche risorse diviene sempre un problema gestirla. Scuole, ospedali e simili enti pubblici sono gia' messi in ginocchio da tagli e ritmi di lavoro estenuanti. Questi debiti si scontano sul piano della sicurezza.

=> More informations about this toot | View the thread

Written by J @ Dyne.org on 2025-01-20 at 18:12

1. Succede spesso che ragazzini con pochi mezzi possano bucare sistemi importanti. Nel giudicare queste azioni bisogna valutare anche la proporzionalita' delle risorse investite per mantenere sicuri i sistemi e l'eventuale negligenza di chi ce l'ha in carico.

=> More informations about this toot | View the thread

Written by J @ Dyne.org on 2025-01-20 at 18:11

Stasera al #TG1 delle otto condivido una riflessione sul caso del giovane hacker di Cesena: un adolescente che con talento ha forzato il registro dei voti a scuola e la rotta di alcune navi (link nei commenti) e condivido qui sui social altri dettagli importanti...

=> View attached media

=> More informations about this toot | View the thread

Written by J @ Dyne.org on 2025-01-11 at 16:57

Trusted Execution Environments (TEE) are a deceiving mistake for digital trust architectures. Crucial cryptography relies on them so often when at most they should be used to secure video game lobby chats.

=> More informations about this toot | View the thread

Written by J @ Dyne.org on 2025-01-10 at 12:39

English translation of the NRC article about my evaluation of EUDI's problems:

https://www.reddit.com/r/privacy/comments/1hkphm2/in_the_rush_to_reduce_the_power_of_big_tech_and/

original post: https://mastodon.social/@jaromil/113701122430851597

link to paywalled article:

https://www.nrc.nl/nieuws/2024/12/22/europese-digitale-identiteit-is-straks-niet-veilig-genoeg-waarschuwen-experts-a4877532

=> More informations about this toot | View the thread

Written by J @ Dyne.org on 2025-01-08 at 08:05

Join nostr and follow Dyne for the real thing https://start.njump.me?s=npub1sq0hdfr87je2uyc33av0tq73c53jsaygsxtp074k9hqldemg84rsa4ap0j

=> View attached media

=> More informations about this toot | View the thread

Written by J @ Dyne.org on 2024-12-27 at 14:16

Human imagination is still the best

https://mastodon.cloud/@slashdot/113724433197471635

=> More informations about this toot | View the thread

Written by J @ Dyne.org on 2024-12-27 at 09:48

I can't stop watching this 🤩 perhaps that's why I wrote a minimalistic tiling manager based on the golden ratio

(🤏 link in comment)

=> View attached media

=> More informations about this toot | View the thread

Written by J @ Dyne.org on 2024-12-27 at 09:48

https://github.com/jaromil/dotfiles/blob/master/bin/tile-goldratio uses only zsh, awk and wmctrl and is part of my dotfiles setup

=> More informations about this toot | View the thread

Written by J @ Dyne.org on 2024-12-23 at 08:10

In dit NRC-artikel deel ik mijn ernstige zorgen over de risico's en zwakheden van de Europese digitale identiteits portemonnee.

[EN] In an article in the Dutch national newspaper NRC today, I share my serious concerns about the risks and weaknesses of the European digital identity wallet.

[#]privacy #cybersecurity #digitalidentity

=> View attached media

=> More informations about this toot | View the thread

Written by J @ Dyne.org on 2024-12-19 at 10:09

PR Bad cuz AI cant read

https://github.com/MicrosoftDocs/WSL/pull/2021#issuecomment-2546627586

=> More informations about this toot | View the thread

=> This profile with reblog | Go to jaromil@mastodon.social account