15
2
Privilege Escalation in Fedora Linux: Exploiting ABRT for Root (initblog.com)
142
How I discovered a hidden microphone on a Chinese NanoKVM (telefoncek.si)
65
CharlotteOS – An Experimental Modern Operating System (github.com/charlotte-os)
1
A Flaw with the Security Level Slider in Tor Browser (privacyguides.org)
4
Ask HN: Is archive.today/is/md/etc. compromised?
1
A deep dive into Cellebrite: Android support as of February 2025 (osservatorionessuno.org)
3
Reversing Samsung's H-Arx Hypervisor Framework (Part 1) (dayzerosec.com)
1
OpenPaX – open-source alternative to GrSecurity Kernel Patch (github.com/edera-dev)
2
Secureblue: A Security-Focused Desktop and Server Linux Operating System (secureblue.dev)
2
Practical HTTPS Interception: 20 Years of SSL/TLS Interception (thc.org)
2
Trivalent – A Hardened Chromium for Desktop Linux inspired by Vanadium (github.com/secureblue)
3
IVPN acquires Safing, operator of Portmaster and the SPN network (ivpn.net)
1
Secureblue Goes Sudoless (github.com/secureblue)
2
State of the Web App: Current Woes and Promising Futures (privacyguides.org)
1
Hardened-Chromium: A hardened Chromium for desktop Linux inspired by Vanadium (github.com/secureblue)
1
Stagex – container-native, full-source bootstrapped, and reproducible toolchain (codeberg.org)
11
Law enforcement agencies undermine Tor anonymisation (ndr.de)
12
You Can't Spell WebRTC Without RCE – Part 1 (margin.re)
2
The secret TrueCrypt security audit [pdf] (2019) (frab.riat.at)
1
Collision Attacks on Galois/Counter Mode (GCM) (iacr.org)
10
Not So Secret: Analysis of KakaoTalk's Chat E2EE Feature (stulle123.github.io)
29
Avoid ISP Routers (routersecurity.org)
7
The Snowden files: where are they and where should they end up? (electrospaces.net)
2
Windows API that lets you disable Defender (infosec.exchange)
1
Practical Attack on Steghide (daniellerch.me)
1
Deanonymization of the Dero Network (gist.github.com)
2
SimpleX: Redefining Privacy by Making Hard Choices (simplex.chat)
1
Haveno – Decentralized crypto-fiat exchange built on Tor and Monero (haveno.exchange)
13
All Linux distros using fwupd package open web server on 0.0.0.0:27500 (github.com/fwupd)
13
Breaking Signal Messenger's Post-Compromise Security Through a Malicious Device [pdf] (iacr.org)
1
XZ Utils Made Me Paranoid (trustedsec.com)
8
Novel attack against virtually all VPN apps neuters their entire purpose (arstechnica.com)
293
DNS traffic can leak outside the VPN tunnel on Android (mullvad.net)
1
Full-Chain Membership Proofs (FCMP) – The Next Generation of Monero's Privacy (getmonero.org)
2
Research paper tests how many Arch Linux packages are reproducible (fosspost.org)
0
ShredOS – Secure Disk Erasure/Wipe (github.com/partialvolume)
2
How did Facebook Spy on Encrypted Traffic from a Mobile VPN App? (doubleagent.net)
130
Personal VPN services are snake oil (httpscolonforwardslashforwardslashwwwdo...
5
You shouldn't use a commercial VPN: Amateur hour with Windscribe (gergelykalman.com)
2
Breaking E2EE in Nextcloud [pdf] (iacr.org)
3
Why do Group Policy settings require me to have a degree in philosophy? (2011) (microsoft.com)
1
Identifying Secure Software (jermanuts.vercel.app)
33
Flatpak builds are not reproducible and why that's a practical problem (2022) (ranfdev.com)
1
Verifpal: New Software for Verifying the Security of Cryptographic Protocols (verifpal.com)
1
Mostr: A bridge between Nostr and the Fediverse (gitlab.com/soapbox-pub)
4
Shufflecake: Plausible Deniability For Multiple Hidden Filesystems on Linux (shufflecake.net)
1
TrueCrypt's Plausible Deniability Is Theoretically Useless (2013) (defuse.ca)
1
Flathub is insecure for distributing cryptocurrency software? (github.com/feather-wallet)
4
End-to-End Encryption in Web Apps (cronokirby.com)
2
Kryptor: Simple, modern, and secure file encryption and signing tool (kryptor.co.uk)
3
On Monero's Ring Signatures (cronokirby.com)
1
The Fortunes of Monero (bitfinex.com)
3
GpgFrontend: Open-source, Cross-platform GnuPG Front end
1
Feather Wallet: A free Monero desktop wallet (featherwallet.org)
24
Identifying Software (guix.gnu.org)
2
Element R: our new unified crypto implementation (element.io)
3
Deterministic Password Managers Revisited (samuellucas.com)
1
Speranza: Enhancing software signing with privacy and usability (chainguard.dev)
2
Default" Cheat Engine download bundled with adware (github.com/cheat-engine)
1
Disclosing a Signal Desktop UI Redressing Issue (blodeuweddlabs.com)
1
Voip.ms sends ID documents over plaintext email (listed.to)
13
A new aspect of Google's spying (michaelhorowitz.com)
1
On the Insecurity of Software Bloat (schneier.com)
2
No safety in numbers: traffic analysis of sealed-sender groups in Signal (arxiv.org)
2
Pagefind: Low Bandwidth Static Search Library (pagefind.app)
1
Are a Mix of Non-English Passwords More Secure? (passwordbits.com)
2
Users of Open-Protocol Networks Must Defend Them Against Corporate Capture (cheapskatesguide.org)
2
Redesign of Tox's Cryptographic Handshake (tox.chat)
3
Can You Trust Your Phone? (trustinghardware.com)
1
Brute Force Cryptanalysis (johndcook.com)
2
BasedFlare – Sovereign Solutions for DNS, CDN, WAF, and DDoS Mitigation (basedflare.com)
5
Confronting Briar with Disasters (dorfbrunnen.eu)
4
Mullvad Uses Gmail (simplifiedprivacy.com)
1
The Dangers of Data Removal Service Doxxing (inteltechniques.com)
2
Hey Signal! Great Encryption Needs Great Authentication (2021) (sequoia-pgp.org)
1
Hyperbacked – Encrypted QR using Shamir's Secret Sharing (github.com/twometer)
1
Tinfoil Chat – Onion-routed, endpoint secure messaging system (github.com/maqp)
57
Fail2ban Sucks (2020) (j3s.sh)
2
Extirpater – Free Space Eraser For Android (gitlab.com/divested-mobile)
1
Attack Techniques: Steganography (textslashplain.com)
9
Guidance on implementing cryptography as a developer (github.com/samuel-lucas6)
82
Reasons to Prefer Blake3 over Sha256 (peergos.org)
3
A GUI for Yt-dlp written in Rust (github.com/bksalman)
2
Proof of Work Captchas (brave.com)
2
The Internet Censorship Bibliography (nymity.ch)
2
Peergos: P2P, secure file storage, social network and application protocol (peergos.org)
2
CyberGhostVPN – The story of finding MitM, RCE, LPE (mmmds.pl)
3
DHL Sucks (njal.la)
1
Secure the Border and Build the Wall (Access Control on Unix-Like OSes) (nixers.net)
1
Understanding Immutable Linux OS (kairos.io)
2
Bitwarden PINs can be brute-forced (ambiso.github.io)
1
Bitwarden PINs can be brute-forced (ambiso.github.io)
1
IVPN infrastructure security audit concluded (ivpn.net)
4
DHL Sucks (njal.la)
2
Weakness in Signal's Sealed Sender (2022) (usenix.org)
1
Sandboxie should be avoided (2019) (malwaretips.com)
3
Comparison of VPN Protocols (ivpn.net)
1
On Open-source Firmware (2019) (acm.org)
1