@fj@mastodon.social
@fj@mastodon.social avatar

fj

@fj@mastodon.social

Cryptographic & Security Engineering at Apple.
Previously: Lead iOS Developer https://mastodon.world/@signalapp

Tooting on all things #cryptography, #security, #climate, European #aerospace, #energy and #mobility

This profile is from a federated server and may be incomplete. Browse more on the original instance.

fj, to random
@fj@mastodon.social avatar

doesn't authenticate, doesn't validate, and doesn't provide reliable provenance information. It can easily be used to create forgeries. With the BBC, we have now seen C2PA used by a media outlet to support an unproven verification claim” https://www.hackerfactor.com/blog/index.php?/archives/1024-IEEE,-BBC,-and-C2PA.html

fj, to random
@fj@mastodon.social avatar

Facial recognition is everywhere nowadays.
Now even my Saturday morning coffee routine involves unlocking the Oat milk with CartonID.

fj,
@fj@mastodon.social avatar

@denbib Yes!

Edent, (edited ) to random
@Edent@mastodon.social avatar

I need to store the hash of a file.

For various boring reasons, I only have 128 bits of space. This cannot be changed.

Is it better to use MD5, or truncate the output of SHA-256 / 512 ?

Please argue in the replies.

fj,
@fj@mastodon.social avatar

@Edent MD5 does not have 128-bit security (collision complexity at 2^24).
https://www.win.tue.nl/hashclash/On%20Collisions%20for%20MD5%20-%20M.M.J.%20Stevens.pdf

Whereas a SHA-256 truncated hash would provide a value closer to that bound.

fj, to random
@fj@mastodon.social avatar

I don't know why you would still use a DECT phone in 2024 over an IP-based solution.

The DECT Standard Cipher (DSC) is yet another ETSI standard that is so cryptographically broken:
“The experimental result shows that DSC can be broken on a common PC within about 44.97 seconds in the multiple related key setting.”

An AES-based DSC2 exists, but even aside of the lack of support for it, I'm honestly not sure it addresses all the protocol-level concerns.
https://eprint.iacr.org/2024/404

fj,
@fj@mastodon.social avatar

@axx 💯

Just be aware of the lack of confidentiality of your communications :)

fj, (edited ) to random
@fj@mastodon.social avatar

AfD & Partij voor de Vrijheid, same bullshit.
https://mastodon.social/

fj, to random
@fj@mastodon.social avatar

When Thomas Oliver and Kyu-Hwan Lee used machine learning techniques to predict the ranks of elliptic curves with high accuracy, they noticed hidden oscillations reminiscent of bird murmurations. That pattern was not noticed by mathematicians before, and an explicit formula for those was found by Nina Zubrilina.

https://www.quantamagazine.org/elliptic-curve-murmurations-found-with-ai-take-flight-20240305/

image/jpeg

fj,
@fj@mastodon.social avatar

@wklj Not sure! Summoning bird expert @jacquesf

fj, to random
@fj@mastodon.social avatar

🧐 Looking at Meta's DMA announcement illustration, there's a whole market for stock photos of doing random actions in the Brussels neighbourhood with the European Institution.

Stock photos websites are so ready for the 🇪🇺🍟 European Sovereign Fries Act and the Digital Hitchhiking Act

image/jpeg
image/jpeg
image/jpeg

marius, to random
@marius@kiessling.social avatar

@fj Lovely new profile picture!

fj,
@fj@mastodon.social avatar

@marius 🙏☺️

fj, (edited ) to random
@fj@mastodon.social avatar

When American supremacy in sub-sonic jetliners appeared stronger than ever, the Brits were giving up on what appeared to be a lost cause.

Even the Pompidou government was about to remove its support for Airbus after a meeting in London in 1968.
But a management change at Sud Aviation reshuffled the cards and Henri Ziegler and his team saved the Airbus project. Fascinating story!
https://bookwyrm.social/user/fj/comment/3987706

fj,
@fj@mastodon.social avatar

If you want some insightful excerpts and comments from books I’m reading, I tend to post those on my Bookwyrm profile which has an ActivityPub feed: @fj

fj, to random
@fj@mastodon.social avatar

NSO Group has been ordered by a US court to hand its code for Pegasus and other spyware products to WhatsApp as part of the company’s ongoing litigation
https://www.theguardian.com/technology/2024/feb/29/pegasus-surveillance-code-whatsapp-meta-lawsuit-nso-group

fj, (edited ) to random French
@fj@mastodon.social avatar

J’avais pas reçu le mémo que Jean-Baptiste Kempf de @videolan était le CTO de Scaleway.

fj,
@fj@mastodon.social avatar

@taziden Communication reçue de Scaleway:

“Demandez un rendez-vous avec notre CTO, Jean-Baptiste Kempf, via votre CSM, ou alternativement, en utilisant l'adresse e-mail contact@scaleway.com”

fj, to random
@fj@mastodon.social avatar

Bitcoin, less efficient than ever per block.
Consuming a broader percentage of USA electricity every year.

> “we estimate electricity usage from Bitcoin mining based in the United States to range from 25 TWh to 91 TWh. That estimate represents 0.6% to 2.3% of all United States electricity demand in 2023”

https://www.eia.gov/todayinenergy/detail.php?id=61364

Khrys, to random French
@Khrys@mamot.fr avatar

Paris : les métros ne s'arrêteront plus en cas de malaise voyageur, pour "améliorer la régularité des lignes avant les JO", justifie le vice-président d'Île-de-France Mobilités

https://www.francetvinfo.fr/france/ile-de-france/paris-les-metros-ne-s-arreteront-plus-en-cas-de-malaise-voyageur-pour-ameliorer-la-regularite-des-lignes-avant-les-jo-justifie-le-vice-president-d-ile-de-france-mobilites_6392215.html

Valérie Pécresse, présidente de la région et d'Île-de-France Mobilités a indiqué qu'à partir du mois de juin, en cas de malaise voyageur les conducteurs de métros pourraient repartir sans attendre l'arrivée des secours à quai.

C'est quand même vachement pratique, les JO

fj,
@fj@mastodon.social avatar

@Khrys Par ailleurs, Valérie Pécresse précise aussi que les règles de la course relais changeront pour permettre les départs sans devoir attendre le bâton témoin, cela afin de minimiser l’impact des grèves et des retardataires

fj, to random
@fj@mastodon.social avatar

Big day for French Tech with the announcement of the Renault R5 EV as well as the Large Mistral Model.

I asked Mistral about what options a french car should come up with and it did think of the R5's "porte-baguette”, and has a few more suggestions for Renault.

image/jpeg
image/jpeg

fj, to random
@fj@mastodon.social avatar

Au Large!
Large is a new cutting-edge text generation model. It reaches top-tier reasoning capabilities. It can be used for complex multilingual reasoning tasks, including text understanding, transformation, and code generation. Mistral Large has native multi-lingual capacities. It strongly outperforms LLaMA 2 70B on HellaSwag, Arc Challenge and MMLU benchmarks in French, German, Spanish and Italian.”
https://mistral.ai/news/mistral-large/

fj, to random
@fj@mastodon.social avatar

💬🔒⚛️ Delighted to announce iMessage PQ3, our formally-verified protocol for end-to-end encryption that provides the strongest post-quantum protections against “Harvest Now, Decrypt Later” attackers by not only performing a quantum-secure key establishment, but also performing post-quantum ongoing rekeying.

Support for PQ3 will start to roll out with the public releases of iOS 17.4, iPadOS 17.4, macOS 14.4, and watchOS 10.4
https://security.apple.com/blog/imessage-pq3/

fj,
@fj@mastodon.social avatar

iMessage PQ3’s announcement is accompanied by two external security reviews of the protocol.

Douglas Stebila (University of Waterloo) focused on so-called game-based proofs (1), while David Basin, @felixlinker and Ralf Sasse (ETH Zürich) worked on symbolic evaluation of the protocol using Tamarin (2).

📝 1: https://security.apple.com/assets/files/Security_analysis_of_the_iMessage_PQ3_protocol_Stebila.pdf
📝2: https://security.apple.com/assets/files/A_Formal_Analysis_of_the_iMessage_PQ3_Messaging_Protocol_Basin_et_al.pdf

fj, to random
@fj@mastodon.social avatar

If it doesn't come from the Tor country of CloudFlare, it's not an IP anonymity network, it's just a sparkling VPN.

wingo, to random

astronomy : astrology :: cryptography : cryptology. also, this paper appears to be about the cryptic properties of crystal https://eprint.iacr.org/2024/260? i rest my case ur hono(u)r

fj,
@fj@mastodon.social avatar

@wingo Unfortunately, CRYSTALS-Kyber is getting renamed by NIST to ML-KEM and the academic literature is likely going to start reflecting that :(

fj, to Dubai
@fj@mastodon.social avatar

Londongrad has defected to the capital of Russian oil trading and money laundering, .

“Dubai by contrast, they say, has sold twice as many £15 million homes compared to London in the last year. The city “appeals due to less state scrutiny into finances and sources of wealth,” the report concludes."

https://www.bloomberg.com/news/articles/2023-12-02/london-property-market-slows-while-dubai-real-estate-gains-ground?srnd=premium-europe

fj,
@fj@mastodon.social avatar

"UAE banks began to tighten their policy towards clients with Russian citizenship in the autumn of 2023. A bank in Hong Kong had to be added to the payment chain, but since February 2024 it has stopped participating in the scheme, and payments are now made in ."
https://www.pravda.com.ua/eng/news/2024/02/19/7442486/

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • kavyap
  • DreamBathrooms
  • thenastyranch
  • magazineikmin
  • khanakhh
  • InstantRegret
  • Youngstown
  • ngwrru68w68
  • slotface
  • rosin
  • tacticalgear
  • mdbf
  • Durango
  • JUstTest
  • modclub
  • osvaldo12
  • ethstaker
  • cubers
  • normalnudes
  • everett
  • tester
  • GTA5RPClips
  • Leos
  • cisconetworking
  • provamag3
  • anitta
  • lostlight
  • All magazines
    •