load bearing hardcoded credentials for national security purposes

Happy Birthday to M. C. Escher, born on June 17, 1898, in Leeuwarden, Friesland, the Netherlands.

Like other famous artists such as Michelangelo, Leonardo da Vinci, Raphael, Picasso, Toulouse-Lautrec and Rubens, Escher was left-handed. Escher was forced at school to become ‘double-handed’, which was beneficial for his artform.

More at https://escherinhetpaleis.nl/en/about-escher/escher-today/left-handedness?lang=en
https://www.dailyartmagazine.com/left-handed-artists/
1/n

RE: https://infosec.exchange/@aristot73/116500590393191853

this aged well #exportcontrols

An ecrime group has somehow gained access to 75k Fortinet firewall devices - dubbed Fortibleed

Blog https://www.infostealers.com/article/fortibleed-75000-fortinet-firewalls-compromised-global-enterprises-exposed-claim-your-ethical-disclosure/

Check if your domain is impacted: https://www.hudsonrock.com/fortinet

I’ve verified the data is real. They’ve been dumping the Fortinet config - not sure how yet - and then cracking the passwords it appears. Data is being resold online. #fortibleed

So many calcs so little time.

OMG. Apparently tons of people have been generating secrets on an old server-side key generation website that had incredibly weak entropy. Like, 10 bits or something.

The website was allkeysgenerator[.]com. Here is a dump of 1000 keys generated on it. Searching for the URL finds hundreds of people recommending it for key generation.

Some of these snippets have hundreds of GitHub results.

The exact algorithm is unknown but (see below) It generates extremely predictable strings, you can visually see how the delta from character to character is almost constant. Thanks @dramforever for doing some analysis here. Their script here can generate the vast majority of sequences from this website.

Update: This script generates the entire list from a single seed, and large chunks of another.

I'm certain you can break into production websites using these keys for cookie signing etc.

France to kick out Palantir out of intel service networks

https://www.reuters.com/technology/france-invest-655-mln-ai-set-up-common-chatbot-all-state-services-2026-06-16/

Oh cool, the Firefox Roadmap is public and includes some experimental & upcoming features that people can play with RIGHT NOW.

https://www.firefox.com/en-US/whatsnext/