Great post by Mark Dastmalchi-Round. I too have a love/hate relationship (mostly hate) with middleboxes/TLS inspection and the bad security practices we're training our users to follow. www.markround.com/blog/2025/12...

Internships in MPC available, for both recent PhD graduates and current PhD students... mpcinthewild.github.io This is a project funded by the Zama Cryptanalysis Grant program

Great post: “[T]his makes our job predicting the future of which [cryptographic] algorithm is likely to break and which ones are likely to last, very, very hard. We are not looking at nice, predictable trends, but instead are mostly looking at a process that jumps in huge steps every few decades.”

COVID Vaccines Slashed Kids’ ER Visits by 76 Percent, Study Finds www.scientificamerican.com/article/covi...

Mass exodus of veteran senior leaders at Apple, including Jony Ive and the creators of many major products, over to OpenAI. Also, Tim Cook is rumored to be retiring soon, with his successor to be 25-year veteran John Ternus who currently reports to Cook.

This thread is eye opening and hysterical. AI is still in its infancy when it comes to security and safety.

New, by me at this.weekinsecurity.com: Router maker TP-Link faces a potential U.S.-wide ban over its alleged links to China. In my latest analysis, I dive into why a TP-Link ban is unlikely to make America meaningfully safer from Chinese cyberthreats (or anywhere). Please share!

One of the coolest videos I've seen in a while. v.redd.it/porl3bihlh3g1

Sebastian says happy Tuesday

We're looking at places to stay in January and came across this in the notes for one listing. Big selling point for the wife & kids.

this reminds me of the macedonian fake news industry

This guy is my current muse on Instagram. One of the most nerdy happy niche accounts I've ever come across. www.instagram.com/reel/DQy3OcW...

This post-mortem and the accompanying full technical report from Anthropic is a fascinating glimpse into how rapidly hackers are using commercial AI services (here, Claude) to do recon & launch successful attacks on victim orgs. www.anthropic.com/news/disrupt...

just a typical wednesday over here. you?

This discussion with @stevevladeck.bsky.social should be heard by anyone trying to make sense of Justice Ketanji Brown's ruling on the SNAP case yesterday. Vladeck makes a convincing argument that Brown Jackson pulled a ninja-level legal maneuver to expedite a ruling with the best possible outcome.

“[T]he real power of the campaign came from voters who rallied around a set of simple beliefs: that every person deserves a home; that child care should be free; that elections shouldn’t be bought; that racial diversity is a strength worth defending; that working people matter…”

I sure would appreciate it if you spent about 20 seconds of your Friday signing up to get my writing sent straight to you. It's free, it's fun (sometimes), and it would mean a lot: dansinker.com/follow/

I'll make this even more simple: Many (most?) of us in the security engineering world who have taken even a cursory look at this browser would advise colleagues & friends to avoid it at all costs. It's a privacy and product security dumpster fire.

The password to the Louvre’s video surveillance system was “Louvre,” according to a museum employee

U.S. Army advising troops stationed in Germany to go to German food banks during shutdown. “Running list of German support organizations for your kit bags: - Tafel Deutschland - Foodsharing e.V. - Essen für ” web.archive.org/web/20251105...

I had a bug in my new ML-DSA implementation that caused Verify to reject all signatures. I gave up after half an hour. On a whim, I threw Claude Code at it. Surprisingly (to me!) it one-shotted it in 5 minutes. A small case study of useful AI tasks that aren't generating code that requires review.

Nice sunset at the barn outside Barcelona

We're pleased to announce the final lineup for Black Hat Europe '25. Terrific security research spanning 21 tracks. In a separate thread, I'll highlight a few of my favorites. www.blackhat.com/eu-25/briefi...

Microsoft Azure challenges AWS for downtime crown

I'm surprised and encouraged by my new replacement for Chrome and Safari with @kagi.com's browser Orion and its search engine. On the first couple of searches it managed to unsurface content that was exactly what I wanted, including some things I wrote/said years ago that I'd completely forgotten.

Seeing some disturbing early research around ChatGPT's new Atlas web browser. I strongly recommend caution against using it, particularly to interact with any web sites holding sensitive data.

Here's a pic of our dog before a proper grooming, looking rather punk and intimidating. And an after. Enjoy.

One of the things that got drilled into my head working with field clinics in remote developing areas is: Design local systems for as much autonomy as possible and don't ever assume good (or ANY) connectivity for basic operations.

stop scrolling and post two characters that bring you happiness

This is at once one of the most gobsmacking examples of utter incompetence I've read to date coming from the current administration, and yet also a fascinating train wreck of hilarity.

them: "Your required training is due. Please complete it today." 3rd-party training system: “nope nope nope server error please try again later” me: fine time for a nice cup of chai.

Amazon is still working to recover from a major service outage in US-East that started around 2 am ET. Thousands of sites affected, including several large European banks. “The UK government has said it is in contact with Amazon over Monday’s outage.” health.aws.amazon.com/health/status

Oh wow

The top of two prominent newspapers’ mobile editions right now—and the reason that, despite growing up in New York, I always read @theguardian.com first (and rarely open @nytimes.com):

Since I did it in June, I'll do a quick thread of images from the No Tyrants* rally, again at the US embassy in London, 18 October 2025 *Instead of No Kings, because that would be churlish for a bunch of Americans who've been welcome in this kingdom #NoTyrants #NoTyrantsLondon #NoKings

It’s going to take ages to pay all these people

CNN talking about the possibility of violence as a guy in a giraffe costume waddles by

Lisboa, Portugal. One world, one fight.

Boston. Wow.

“A clear visual clue that the photograph was not taken in Portland was that the first officer’s shield is marked “Policia”, the Spanish or Portuguese word for police.” www.theguardian.com/us-news/2025...

Look at this turnout in Charlotte! #NoKings (via Marco Foster/Threads)

South Korea: #NoKings! Thousands of people came to show support to the US democracy!

#NoKings Miami!

#NOKINGS New York City, NY

I just want to live in a world where my thermostat can't have security vulnerabilities

This is a friendly reminder that the call for contributed talks to Real World Crypto in Taipei 2026 is open until October 10. We are looking for interesting talks bridging cryptography and its real-world use! Also it’s a great way to meet new people! rwc.iacr.org/2026/contrib...

“So Kenn, what line of work are you in?”

For the 8th time, the Senate votes to reject the Republican-led government funding bill. The count is 49-45; with six senators missing the vote. Not a single senator has switched their vote since pre-shutdown. The Senate will vote on it again for a 9th time tomorrow afternoon

Thousands of posts from a private Young Republican Telegram chat reveal a culture of casual racism/antisemitism, rape jokes and celebration of Hitler/Nazism. Some of the ringleaders are below: We live in a world where 4chan types now occupy positions of real power. www.politico.com/news/2025/10...