Going to spend the day in a team mixing competition with two of my fellow recent Blackbird Academy grads up against teams from 4 or 5 of the local university and tech school audio programs. Should be fun. I am getting two t-shirts out of this.

Géopolitique
La Russie renforcera son soutien militaire à l’Alliance des Etats du Sahel
https://www.agenceecofin.com/actualites/0404-127276-la-russie-renforcera-son-soutien-militaire-a-l-alliance-des-etats-du-sahel
#géopolitique #Afrique #Russie #Sahel #AES #militaire #économie #diplomatie #France #USA

Today:
- professional development reading
- building out the home page some more
- dig into #AES documentation standards for mixing
- pre-production for an acoustic set week after next
- pre-production for next #VoidConspiracy project
- practice mixes

Let's see how much of that I actually get to.

I just published two cryptography attacks on Uppy Companion, a tool for downloading/uploading documents from various cloud storage providers.

https://github.com/transloadit/uppy/issues/5705

https://github.com/transloadit/uppy/issues/5706

These attacks allow the recovery of the access tokens/refresh tokens of the various cloud provider, enabling an attacker having access to a stolen encrypted cookie value to get access to the cloud storage.

Once again, people: do not roll your own crypto!
Using plain AES-CBC, deriving secrets with SHA256 and the sign-then-encrypt paradigm are not best practices.

So you thought AES-CBC was safe from decrypting? Ask your nearest Padding Oracle for another opinion!

..bin weiter am Basteln. Damit die weltweite Bestenliste auch sicher vor Betrügern ist, muss ich die Bestzeiten und deren Übertragung verschlüsseln. Aber der #AES Schlüssel muss ja irgendwie in der App versteckt sein (oder erzeugt werden). Also generiere ich mir den immer bei Bedarf durch eine Unmenge Funktionen die mir Zahlen generieren und miteinander verknüpfen. Den Obfuskator habe ich aktiviert. Ich glaube, damit bin ich sicher, es könnte aber auch Gegenstimmen geben

10 Years ago, 144 Views https://youtu.be/BM1eWRwZDcA?t=3555 #hacking #aes #fpga #twitter #opensource

"What makes this attack particularly concerning is its practicality in real-world scenarios. Unlike previous attacks against full-disk encryption requiring precise file location knowledge, CrashXTS succeeds through controlled randomization of encrypted data."

Benutzt die #Verschlüsselung unter #Linux nicht auch #XTS?

#AES #LUKS
https://www.cyberkendra.com/2025/01/microsoft-patches-critical-bitlocker.html

Quite a claim!

"Our evaluations indicate that our IMC-based AES approach outperforms state-of-the-art methods, achieving speed factor improvements of up to 19.7 at equivalent energy efficiency."

#cryptography
#CryptographicComputation
#aes

https://royalsocietypublishing.org/doi/full/10.1098/rsta.2023.0396?af=R

Some #ARM / #ARM64 magicians here?
I'd like to verify that the used intrinsics in #DotNet / #CSharp are functionally identical to a reference implementation I've ported to C# as I am running into test failures I can't explain.
Specifically around PMULL.1Q and PMULL2.1Q.

"Le Togo va-t-il rejoindre l'AES, l'Alliance des États du Sahel, formée par le Mali, le Niger et le Burkina Faso ? « Ce n'est pas impossible », a déclaré jeudi dernier Robert Dussey, le ministre togolais des Affaires étrangères, à la chaîne de télévision VoxAfrica. Pourquoi le régime du président Faure Gnassingbé caresse-t-il ce projet ? Est-ce pour des raisons politiques ou économiques ?"

https://www.rfi.fr/fr/podcasts/le-grand-invit%C3%A9-afrique/20250121-th%C3%A9odore-holo-il-y-a-un-int%C3%A9r%C3%AAt-%C3%A9conomique-et-politique-pour-le-togo-d-int%C3%A9grer-l-aes

#ESO:
"
..dunkelste + klarste Himmel d. Welt .. durch .. industrielles Megaprojekt gefährdet
"
"Am 24.12. reichte AES Andes, .. Tochtergesellschaft d. US-.. Energieversorgers AES Corporation, ein Projekt f. ..riesigen Industriekomplex zur Umweltverträglichkeitsprüfung ein. .. Komplex bedroht d. makellosen Himmel über d. Paranal-Observat..."

https://www.eso.org/public/germany/news/eso2501/?nolang

10.1.2025

GitHub - PrivateBin/PrivateBin: A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES. https://github.com/PrivateBin/PrivateBin #self-hosted #OpenSource #encryption #knowledge #pastebin #privacy #GitHub #online #server #zero #aes

#Heise:
".. Funk d. NATO m. Halfloop-Verschlüsselung ist unsicher"

"..Halfloop-Verschlüsselungsalgorithmus, d. ein wichtiges Protokoll zum automatischen Verbindungsaufbau schützen soll, .. gebrochen."

".. reichen 2h .. Funkverkehr aus, um d. geheimen Schlüssel wiederherzustellen, Teilnehmer auszumachen u. mitzuhören."

".. warnen davor, Halfloop weiter zu nutzen."

https://www.heise.de/news/38C3-Kurzwellen-Funk-der-NATO-mit-Halfloop-Verschluesselung-ist-unsicher-10221035.html

28.12.2024

NIST proposes standardizing a wider variant of AES encryption - The National Institute of Standards and Technology (NIST) seeks public i... - https://cointelegraph.com/news/nist-proposes-standardizing-aes-encryption #advancedencryptionstandard #post-quantumsecurity #quantumcomputers #encryption #aes

Desde el 6 de noviembre sin Ayudas de Emergencias Social y denuncia frente al Gobierno Vasco de Bilbo ante los recortes de Lanbide que vulneran los derechos humanos
Nuevas movilizaciones de nuestras compas de #BerriOtxoak denunciando los recortes en las #AES en #Barakaldo y los recortes en la #RGI y la #criminalización de las personas pobres por parte de #Lanbide y #Gobiernovasco

Leer y compartir: https://www.coordinacionbaladre.org/noticia/6-noviembre-ayudas-emergencias-social-denuncia-frente-gobierno-vasco-bilbo-ante-recortes

I'm a simple non-binary goblin, I support all #socialist projects regardless of tendency.

This is why you'll see me giving spirited defences of #Rojava / #AANES, the #Zapatistas, but also what #MarxistLeninists often call #AES states (#ActuallyExistingSocialism) like #vietnam and #china. The "critical" in critical support is for criticism, not to signify importance.

I've read unbiased information about all of them, and I firmly believe they are #anticapitalist in spirit, with varying levels of success and implementation in practice.

For the first time, researchers have #cracked #RSA and #AES encryption

Chinese scientists demonstrate that D-Wave #quantum computers can break RSA encryption, highlighting the urgent need for new cryptographic solutions. Recent advances in quantum computing have sent shockwaves through the cybersecurity community. A team of Chinese researchers led by Wang Chao from Shanghai University (https://en.shu.edu.cn/) has shown that D-Wave quantum annealers can break encryption methods that protect global sensitive data.

https://www.linkedin.com/feed/update/urn:li:activity:7272003567744344067

More cool #snk #neogeo #gaming #laserdiscs. I really have a soft spot for these play through videos. Kind of a proto-twitch but on #ld. #worldheroes #worldheroes2 #fightershistorydynamite #karnovsrevenge #mvs #aes