Seeing this hack was so humiliating as an American. It was a combination of “are we the baddies” and “wait if we are the bad guys, why didn’t we at least make sure the Imperial Walkers have better traction control and balance.”

twitter.com/matthew_d_green/st

Congress is pushing again on the Juniper hack. This is the 2015 breach where unknown attackers broke into Juniper and re-purposed what appeared to be a design backdoor in order to spy on Juniper’s customers. reuters.com/article/us-juniper

twitter.com/matthew_d_green/st

RT @secparam@birdsite.link
Academics in Cryptography/Security : have you heard of either COINTELPRO or the Church Committee?

twitter.com/secparam/status/12

RT @secparam@birdsite.link
Facebook paid for an zeroday against Tails, the privacy focused OS used by activists, to nail a horrific child predator. They gave it to the FBI. Queue moral debate over ends vs means. But here's the thing, after it was done they never fixed the bug. vice.com/en_us/article/v7gd9b/

twitter.com/secparam/status/12

RT @0xMatt@birdsite.link
Researchers in academia spend half a year developing a proof of concept and another half a year in disclosure embargo to make sure the fixes arrive before the exploits. If them doing gimmicky marketing is what advances their academic career, it's a reasonable trade-off IMO.

twitter.com/0xMatt/status/1270

I’m really looking for explicit threats, either informal ones or actual formal legal threats. Chilling effects are interesting, too. If you don’t want to respond on Twitter, just google my name for my email. Thank you.

twitter.com/matthew_d_green/st

Are you a security researcher, and has any company/vendor threatened you with the specter of DMCA/1201 litigation (“circumvention”/distribution) in the period 2017-2020? Or do you know anyone who was?

twitter.com/matthew_d_green/st

RT @giuliacfanti@birdsite.link
Happy Tuesday. Today’s paper is called “Privacy-Utility Tradeoffs in Routing Cryptocurrencies”, by Weizhao Tang, @WeinaWeinaWang, Sewoong Oh, and yours truly. @ACMSigmetrics

twitter.com/giuliacfanti/statu

RT @senykam@birdsite.link
The intellectual contribution of Indian students, professors & engineers to Computer Science (and many other fields) in the US is immeasurable. A 25% drop in enrollments is really distressing news: qz.com/india/1866355/indians-f

twitter.com/senykam/status/127

RT @andrewaydin@birdsite.link
Pay attention to what’s happening in Georgia today. Voting machines are broken, people are standing in line for hours, and state election officials are largely silent. This what November will look like and we need to begin preparing now.

twitter.com/andrewaydin/status

RT @ZbayApp@birdsite.link
In 2017, my activist organization @fightfortheftr was targeted by the hacking-for-hire firm covered today in Reuters. Since Zbay (my new project) is partly inspired by this experience, I thought I'd share some thoughts here... reuters.com/article/us-india-c

twitter.com/ZbayApp/status/127

RT @lambdafu@birdsite.link
Another signature spoof using GPG, this time through the "safer" GPGME API. Great work, Justin, and congrats! twitter.com/justinsteven/statu

twitter.com/lambdafu/status/12

RT @feministPLT@birdsite.link
Oh look, another another complete break of SGX. What a surprise, I never would have seen that coming, again. sgaxe.com/ twitter.com/feministPLT/status

twitter.com/feministPLT/status

RT @signalapp@birdsite.link
Signal iOS now includes a new feature that makes it possible to switch to a brand-new iPhone or iPad while securely transferring Signal information from your existing iOS device.

signal.org/blog/ios-device-tra

twitter.com/signalapp/status/1

Seems like @github has flagged the @SGAxe_AaaS bot somehow, which is blocking its tweets. Hey @github, stop messing with academic research.

twitter.com/matthew_d_green/st

RT @hdevalence@birdsite.link
uncomfortable thought: if SGX is helping secure the signal passcode service, and people reuse their ios passcode for signal, what impact does this have on their device security?

twitter.com/hdevalence/status/

RT @hdevalence@birdsite.link
so describing the role of SGX as “purely additive” seems like a motte-and-bailey maneuver. it’s not like Signal tells their users that they have to choose a 128 bit passcode to have security, after all.

twitter.com/hdevalence/status/

Counting the minutes until Twitter deletes the SGX attestation twitter bot. Counting the days until Intel revokes its signing keys ;)

twitter.com/matthew_d_green/st

Birdsite.link

birdsite.link is one server in the network