Congress should protect cash payment. https://www.eff.org/deeplinks/2020/09/pass-payment-choice-act
"The surprising traits of good remote leaders"
"The problem is that no one taught us to understand. Instead, we are pushed to simply to memorize. To be educated enough to do well on the test, and then to forget what we were taught, because we never actually learned it."
Raccoon Attack: A timing vulnerability in the TLS 1.2 specification.
– The attack only affects DH-based cipher suites or some DHE-based cipher suites.
– OpenSSL 1.1.1, ECDHE-based cipher suites, and TLS 1.3 aren't affected.
– If exploited, attackers could decrypt all TLS-protected network traffic.
"h2c Smuggling: Request Smuggling Via HTTP/2 Cleartext"
"GnuPG 2.2.21 and 2.2.22 (and Gpg4win 3.1.12) has an array overflow, leading to a crash or possibly unspecified other impact, when a victim imports an attacker's OpenPGP key, and this key has AEAD preferences. The overflow is caused by a g10/key-check.c error. NOTE: GnuPG 2.3.x is unaffected. GnuPG 2.2.23 is a fixed version."
"Starting September 1st, 2020, Apple Safari, Google Chrome and Mozilla Firefox will stop recognizing newly generated certificates with validity period more than 398 days."
Disturbing reports that Google Play is threatening to kick out Mastodon apps. See:
App stores have a track record of acting capriciously & are also easy targets for gov't censors (including Trump). This is why alternatives like @fdroidorg are so important for user freedom.
If unfamiliar: F-Droid is a free & open source app you can use to install other Android apps, with focus on free & open source software. Get it here:
"WebBundles Harmful to Content Blocking, Security Tools, and the Open Web"
"The Internet is for End Users"
"Stealing local files using Safari Web Share API"
Mailto: Me Your Secrets. Three attacks on OpenPGP and S/MIME implementations:
The paper describes three attacks on OpenPGP and S/MIME implementations to replace certificates, sign arbitrary messages, or exfiltrate private keys.
"Microsoft Put Off Fixing Zero Day for 2 Years"
"How To Understand Things"