For the third day running, Israel violates Gaza ‘ceasefire’ to maim and murder Palestinians
cross-posted from: ibbit.at/post/80105
Israel has violated the ‘ceasefire’ it agreed with Palestinian militia to bomb, murder and maim Palestinians for the third consecutive day – the first three days of the supposed ceasefire period.
Israel: horrific violations of the ceasefire
On Saturday 11 October, an occupation drone targeted a group of civilians in the Jabalia refugee camp, killing one civilian and seriously injuring several others, including one man left with both lower legs shredded or gone:thecanary.co/wp-content/upload…
Israel thinks – correctly, because of the collaboration of the UK and other western governments – that it can get away with mass the mass slaughter of civilians and daily breaches of its supposed commitments.
It is a rogue and terror state.
Featured image via the Canary
By Skwawkbox
From Canary via this RSS feed
China's Plan to Cripple America's Economy
- YouTube
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.www.youtube.com
Cryptologist DJB Alleges NSA is Pushing an End to Backup Algorithms for Post-Quantum Cryptography
"The problem in a nutshell. Surveillance agency NSA and its [UK counterpart] GCHQ are trying to have standards-development organizations endorse weakening [pre-quantum] ECC+PQ down to just PQ."Part of this is that NSA and GCHQ have been endlessly repeating arguments that this weakening is a good thing... I'm instead looking at how easy it is for NSA to simply spend money to corrupt the standardization process.... The massive U.S. military budget now publicly requires cryptographic "components" to have NSA approval... In June 2024, NSA's William Layton wrote that "we do not anticipate supporting hybrid in national security systems"...
[Later a Cisco employee wrote of selling non-hybrid cryptography to a significant customer, "that's what they're willing to buy. Hence, Cisco will implement it".]
What do you do with your control over the U.S. military budget? That's another opportunity to "shape the worldwide commercial cryptography marketplace". You can tell people that you won't authorize purchasing double encryption. You can even follow through on having the military publicly purchase single encryption. Meanwhile you quietly spend a negligible amount of money on an independent encryption layer to protect the data that you care about, so you're actually using double encryption.
Cryptologist DJB Alleges NSA is Pushing an End to Backup Algorithms for Post-Quantum Cryptography - Slashdot
Cryptologist/CS professor Daniel J. Bernstein is alleging that America's National Security Agency is attempting to influence NIST post-quantum cryptography standards.it.slashdot.org
like this
Nobody gives a shit about NIST if they lose the 1 thing that make them useful : their credibility.
If some credible doubt is shed on them ... then NIST is just an acronym with no power.
That being said IMHO a pragmatic heuristic is spotting "Do what I say, not what I do" and thus if NSA relies on PQ, or hybrid, or something well you can deduce from that they assume whatever solution they do NOT use if then not safe in a useful lifespan (which might be totally different from your threat model).
Edit : did tinker with openquantumsafe.org/about/ in particular github.com/open-quantum-safe so if you have an opinion on that I'd be curious.
About our project
Open-source software for prototyping quantum-resistant cryptographyOpen Quantum Safe
like this
If some credible doubt is shed on them ... then NIST is just an acronym with no power.
Doubt it, given tha NIST has no credibility among researches, only in the general public that ignore their shenanigans:
- NIST already aproved NSA backdoors.
- NIST has extensive record of colaborating with NSA, including following their orders.
- NIST is pushing for unsecure post-quantum algorithms, that may be secure against quantum computers, but weak against normal, modern computers.
NIST doesn't need credibility, it simply needs to pass along NSA's aproval stamp for $next_algorithm, so $next_algorithm becomes a widely used standar.
Pushing for insecure post-quantum algorithms, that may be secure against quantum computers
Eh, I doubt that is how it works. We do not have quantum computers yet, so how we prove security in quantum settings is by specifying the adversary to have specified quantum capabilities, in addition to classical capabilities. Hence, broken under traditional attack means broken under quantum attack.
You can say that new post-quantum schemes are less verified compared to established classical schemes, but that does not mean classical is necessarily more secure.
I think we both agree on the same thing, I comunicated it badly. The better approach is to apply a post-quantun algorithm on top of a classical one, so you are safe against both types of computers. The advantage of this approach is that you need to crack both algorithms at the same time.
NIST seems to prefers a hybrid approach, where a single algorithm is supposedly safe against both classical and quantum computers, leaving you with a single point of failure.
You can always encrypt the payload twice if you want. But really what are you arguing? That every time you encrypt something, you should encrypt it serially with all known encryption algorithms "just in case?" Hell why not do it again just to make sure?
A key component of encryption is efficiency. Most cryptographic processes are going to be occurring billions of times across billions of transactions and involving billions of systems. It's worthwhile for robust encryption algorithms to be efficient and avoid unnecessary calculations unless those calculations demonstrate some advantage. For example PBKDF2, where the multiple rounds of identical encryption convey a demonstrable increase in time to decrypt via brute-force mechanisms. If the standard is 4096 which it was in 2005, you coming along and saying, but why isn't it 4097? The CIA is using >4096, therefore that means that 4096 is insecure! Isn't really understanding why 4096 was chosen to begin with. Additionally no one is stopping you from using one million iterations with key1 and then doing another million rounds with key2.
That's not what I'm trying to say. I'm not saying apply 1000 classical algos on top of 1000 quantum algos. I'm saying that post-quantum needs to be an extra layer, not a replacement.
This is explained further in the first few sentences of the third link I posted: blog.cr.yp.to/20251004-weakene… Note the author is an expert in the topic: en.wikipedia.org/wiki/Daniel_J…
Well I haven't see the arguement for why Quantum resistent encryption would somehow be weaker to traditional cryptographic techniques. I understand that early "quantum encryption" alogrithms were flawed, and it'll probably be a long time before we get the DES of Quantum Encryption. But all that means is that we don't have vetted "strong" quantum encryption techniques yet, and should stick with traditional encryption since quantum encryption isn't worth it yet. If Quantum encryption becomes worthwhile, we shouldn't have "traditional encryption", because it will be obsolete.
If the first cylinder lock was easily bypassed compared to my old reliable wafer lock, then why should I use the cylinder lock at all? Now that cylinder locks are better then wafer locks why should I use a tumbler lock at all? There is no added security by using a wafer lock.
Quantum computers represent a complete paradigmatic. Modern quantum computers beat classical ones on some problems, while still not being able to factor some 2 digit numbers.
A single algorithm would be probable arrive some day, but why risk it right now? The Signal protocol adopted Post-Quantum some years ago. They going for a hybrid, not well tested over several years against classical computers, algorithm, would have been a security disaster.
Quantum Resistance and the Signal Protocol
The Signal Protocol is a set of cryptographic specifications that provides end-to-end encryption for private communications exchanged daily by billions of people around the world.Signal Messenger
Cryptologist DJB Alleges NSA is Pushing an End to Backup Algorithms for Post-Quantum Cryptography
"The problem in a nutshell. Surveillance agency NSA and its [UK counterpart] GCHQ are trying to have standards-development organizations endorse weakening [pre-quantum] ECC+PQ down to just PQ."Part of this is that NSA and GCHQ have been endlessly repeating arguments that this weakening is a good thing... I'm instead looking at how easy it is for NSA to simply spend money to corrupt the standardization process.... The massive U.S. military budget now publicly requires cryptographic "components" to have NSA approval... In June 2024, NSA's William Layton wrote that "we do not anticipate supporting hybrid in national security systems"...
[Later a Cisco employee wrote of selling non-hybrid cryptography to a significant customer, "that's what they're willing to buy. Hence, Cisco will implement it".]
What do you do with your control over the U.S. military budget? That's another opportunity to "shape the worldwide commercial cryptography marketplace". You can tell people that you won't authorize purchasing double encryption. You can even follow through on having the military publicly purchase single encryption. Meanwhile you quietly spend a negligible amount of money on an independent encryption layer to protect the data that you care about, so you're actually using double encryption.
Cryptologist DJB Alleges NSA is Pushing an End to Backup Algorithms for Post-Quantum Cryptography - Slashdot
Cryptologist/CS professor Daniel J. Bernstein is alleging that America's National Security Agency is attempting to influence NIST post-quantum cryptography standards.it.slashdot.org
like this
Technology reshared this.
We fight wars to live in peace, we grow sheep to eat lamb chops, and we keep trust to gain reputation to then spend it. That quote about stones.
Still very good to see someone as famous as Bernstein say this.
But yes, it's weird, TLS allows whatever the software on two sides of the negotiation allow and support. GOST, something Chinese, something you've made yourself. Anything.
Except if there's somehow a vulnerability in TLS hidden in the open, but, eh, that's a bit too conspiracy-minded for a post not discussing TLS itself.
Survivor of 7 October Nova festival attack in Israel found dead
Roei Shalev, 30, whose girlfriend and best friend were killed in front of him at festival, took his own life on Friday night
Archived version: archive.is/newest/theguardian.…
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
The Original Sin of Computing...that no one can fix
- YouTube
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.www.youtube.com
British citizens serving in the IDF can now be tried for war crimes in the UK
Now that the UK has recognised Palestine as a state, this opens legal routes for British members of the IDF to be charged in the UK
Israel-US so-called 'Gaza Humanitarian Foundation' 'vanishes into thin air'
The Gaza Humanitarian Foundation has simply disappeared with the beginning of the supposed 'ceasefire' that Israel has violated
Archived version: archive.is/newest/thecanary.co…
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
NTSB Releases Final Report On Delta 757 Evacuation In Atlanta
The Boeing 757-300 evacuation resulted in eight injuries.
Meta AI adviser spreads disinformation about shootings, vaccines and trans people
Critics condemn Robby Starbuck, appointed in lawsuit settlement, for ‘peddling lies and pushing extremism’
Maga figures back Bukele’s call for Trump to crack down on US judges
Experts say El Salvador president’s intervention comes as Trump is employing tactics used by autocrats abroad
Trump's intervention in Washington prompts calls for its 18-term House delegate to step down
Eleanor Holmes Norton has been an outspoken advocate for the District of Columbia during her 18 terms as the city's delegate in Congress.
UK police make arrests at pro-Palestine march in London
A “small number” of arrests were made Saturday at a pro-Palestine demonstration in London after counter-protesters breached conditions set for the march, leading to a “scuffle between several individuals,” according to Metropolitan Police, Anadolu reports.
https://www.middleeastmonitor.com/20251012-uk-police-make-arrests-at-pro-palestine-march-in-london/
Bangladeshi activist tells of torture in Israeli jails for Gaza aid flotilla; links Western media to genocide
Bangladeshi renowned photographer and rights activist Shahidul Alam said Saturday that Israeli forces attacked the Gaza flotilla he was on and put activists in jail, where they were tortured, Anadolu reports.
Archived version: archive.is/newest/middleeastmo…
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
dflemstr likes this.
Police are asking kids to stop pulling AI homeless man prank
The AI #homelessmanprank has gone viral, causing headaches for law enforcement.
Archived version: archive.is/20251012134133/thev…
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
Police are asking kids to stop pulling AI homeless man prank
The AI homeless man prank has gone viral on TikTok, causing headaches for law enforcement.Terrence O'Brien (The Verge)
China warns US of retaliation over Trump’s 100% tariffs threat
Investors brace for another bout of trade war turmoil as Beijing says it will act if US president fails to back down
Archived version: archive.is/newest/theguardian.…
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
Researchers achieve breakthrough integration of 2D materials on standard silicon chips
Researchers at Fudan University have created a working memory chip just a few atoms thick.
Man Wrongly Imprisoned for Decades Finally Freed—And Gets Immediately Nabbed by ICE
Man wrongfully imprisoned for murder, freed only to be detained by ICE. Family fights for justice. Immigration courts urged to intervene.
Man Wrongly Imprisoned for Decades Finally Freed—And Gets Immediately Nabbed by ICE
ICE is preparing to deport an exonerated man to a country he hasn't set foot in since he was nine months old, his family alleges.brad-reed (Common Dreams)
Any UK-Layout keycaps identical to 8BitDo's C64 Keycaps?
When I first brought it year ago as it the first Mechanical keyboard I own, I only just notice it's a US Layout when I tried to use it which I assume because I got it on Amazon UK, it would be in UK Layout. ~~Note to myself, do few minutes of research before buying it online again.~~
I saw on 8BitDo's subreddit of someone contracting customer service if they sell UK-layout keycaps which they said no. I did tried look one identical to it but it both different colour and also in US-Layout.
Before tells me "Just use US Layout", I tried it and still feels unnatural to me. I really don't want my keyboard picking up some dust but if there's isn't any keycap that both looks identical and in UK, I'm considering maybe getting Keychron Keyboard at some point.
Ben Shapiro in his first year of law school boxing a speed bag
- YouTube
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.www.youtube.com
Indian student captured by Ukraine joined Russian army to avoid drug charges, says mother
Gujarat’s Sahil Majothi joined the Russian army to avoid jail over alleged drug charges.
Archived version: archive.is/20251012034857/bbc.…
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
Russia’s “Stealth” Sub Surfaces in NATO Waters—French Warship Moves In
A French frigate is surveilling a Russian submarine off Brittany, highlighting NATO's commitment to maritime security in the North Atlantic.
Archived version: archive.is/20251012112947/unit…
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
Ukrainian forces liberate Mali Shcherbaky and advance 3.5 km on Zaporizhzhia front
Ukrainian assault units have conducted a successful counteroffensive operation on the Zaporizhzhia front, liberating the settlements of Mali Shcherbaky and Shcherbaky as well as part of Stepove.
Archived version: archive.is/newest/pravda.com.u…
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
For the third day running, Israel violates Gaza 'ceasefire' to maim and murder Palestinians
On the third day of the ceasefire, an Israel drone targeted the Jabalia refugee camp, killing one civilian and seriously injuring others
Archived version: archive.is/newest/thecanary.co…
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
adhocfungus likes this.
Israeli army detains Palestinian child as illegal settlers attack farmers in occupied West Bank
A Palestinian child was detained by the Israeli army in a military raid in the West Bank Saturday evening, as illegal settlers continued assaults in the occupied territory, local media said, Anadolu reports.
Archived version: archive.is/newest/middleeastmo…
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
A tangled web of deals stokes AI bubble fears in Silicon Valley
A tangled web of deals stokes AI bubble fears in Silicon Valley
Some are worried that the rapid rise in the value of AI tech companies may be a bubble waiting to burst.Lily Jamali (BBC News)
like this
Technology reshared this.
It's a bubble all right. Except it bursting will be the result as expected. What we should do is try to first deflate it carefully, and then try to prevent it from just going boom.
Bubbles are not some unexpected crisis, they are basically a system created by people with a lot of power to suck the power others possess to themselves, to have even more power.
One can even call the British empire becoming less official and other colonial ventures drying up as a sequence of bubbles. Notably the European monarchs were not at a loss from it all.
The dotcom bubble sucked this way a lot of money in unclear directions (hedge funds are a thing, to launder such events), then somehow Facebook and Google and Amazon happen, all not very sophisticated things, but with a lot of convenient financing and publicity.
By the way, it's interesting that early concepts of NLS and Xanadu as things similar to the Web all didn't have the ditches requiring a bridge with tolls, speaking metaphorically, that the Web requires, and these big companies occurred as bridges over these ditches exactly. Like - when you have two-sided links, you don't need them. Not only many small places link to one popular place, but also the one popular place links to many small places. This, of course, also requires the system to be message-oriented, not connection-oriented. Otherwise why wouldn't the big place censor out reverse links. Like Usenet.
This would, of course, require globally identifiable objects and versioning, with a tree of versions, so that there could be plenty of versions of the same webpage. (I've always felt Torvalds is sincere when he says Git is his main contribution to humanity as a programmer.)
And links would have to be version-dependent. And links would have to be not part of objects, but associated objects themselves. This way you can have object directories, or fan-in objects (objects A, B and C combine into the object D, or maybe D follows from A, B, and C as a logical statement), or fan-out objects (there's object A, for which there are comments or subscripts B, C and D at some corresponding marks in the A structured text). Or, well, normal links referring to two objects (the exact location, again, of what part of a document is a link is contained in the link object).
This is a bit similar to voting systems, where ranked choice and ability to give a negative vote can change a lot. And this also encourages wide participation.
I just have that feeling that we as a humanity are led on a path of prepared bubbles enriching very specific people creating them and firmly knowing when and how they burst. When these people collect enough power, they might start changing the world in a direction we won't like at all.
OK, dreaming again.
Spellscript: esotoric programming language that's read like a spellbook
GitHub - sirbread/spellscript: esotoric programming language that's read like a spellbook
esotoric programming language that's read like a spellbook - sirbread/spellscriptGitHub
China and Iran Seal Oil-for-Infrastructure Deal to Bypass U.S. Sanctions
China and Iran Seal Oil-for-Infrastructure Deal to Bypass U.S. Sanctions
China has formalized a barter system with Iran, trading infrastructure projects for crude oil to secure supply while skirtingthough not escapingU.S. sanctions.Editorial Dept (OilPrice.com)
like this
Nobel peace prize officials investigate surge in bets for winner
Nobel peace prize officials investigate surge in bets for winner
Bets for Maria Corina Machado spiked on Polymarket gambling site hours before she was awarded prizeLeyland Cecco (The Guardian)
like this
Sodium-ion battery storage station expands in south China
Sodium-ion battery storage station expands in south China
China's first large-scale sodium-ion battery energy storage facility officially entered expanded operation on Wednesday in Nanning city, south China's Guangxi Zhuang Autonomous Region.After the second-phase expansion, the Fulin station can now handleCGTN
like this
Technology reshared this.
ASCII Smuggling Attack Lets Hackers Manipulate Gemini to Deliver Smuggled Data to Users
ASCII Smuggling Attack Lets Hackers Manipulate Gemini to Deliver Smuggled Data to Users
Researchers set out to test leading large language models (LLMs) for resilience against the long-standing ASCII Smuggling technique.Florence Nightingale (CybersecurityNews)
copymyjalopy likes this.
Are you brave or are you a coward?
Do you get pushed around or are you willing to defend those getting pushed if you know it's wrong?
I ask because so many people are soft but not gentle. They demand peace but aren't peaceful. I find them weak. So I want to know. Be honest.
UPDATE: I find it utterly pathetic that people can't take real criticism. Like they are triggered over anything that needs to be said.
like this
It’s a bit of both. I’m a photographer and I like to think of my outfits like photos, especially when I’m going somewhere where I plan to network. I want to present myself as someone with a good sense of style and who knows how to make people look good. So my style is my own, but I try to make sure I look good and fit the vibe of where I’m going.
I recently went to a party focused on some spiritual stuff and to match the vibe I got some 3/4 harem pants, but I got ones with a slightly muted floral pattern to make it my own. I made the rest of my outfit plain and dark to match and really emphasize the new pants. It was a style a bit outside my comfort zone, but was a big hit and I got lots of compliments.
vzqq
in reply to ☆ Yσɠƚԋσʂ ☆ • • •The main issue is that software quality was generally pretty dodgy to start off with. There just isn’t any headroom to trade off.
We’re just don’t know how to reliably write reliable software. We have developed practices to cover risks we deem unacceptable, but things like the halting problem make software verification fundamentally an intractable problem.
☆ Yσɠƚԋσʂ ☆ doesn't like this.
☆ Yσɠƚԋσʂ ☆
in reply to vzqq • • •vzqq
in reply to ☆ Yσɠƚԋσʂ ☆ • • •That’s grade A horse cap.
The only tool we have to guarantee the software works according to the specification is formal verification, and formal methods are a PAIN to use and are extremely limited in scope.
For the rest, the best we can do is “hope you thought of everything” (aka manual and automated testing) and “have a colleague look it over” (aka code reviews).
And that does not even start to tackle the issue that is making sure the spec solves the problem in the first place.
Yes, all the other things you mention are true too. But you were set up for failure from the start by the gods of intractable complexity first.
☆ Yσɠƚԋσʂ ☆ doesn't like this.
☆ Yσɠƚԋσʂ ☆
in reply to vzqq • • •vzqq
in reply to ☆ Yσɠƚԋσʂ ☆ • • •Which is exactly what I just said.
☆ Yσɠƚԋσʂ ☆ doesn't like this.
☆ Yσɠƚԋσʂ ☆
in reply to vzqq • • •NASA's 10 Rules for Developing Safety-Critical Code
Stuart Foster (Perforce Software)