periodic reminder about privacy services:
no one is going to go to prison for the privilege of being your mailserver admin/vpn host/etc.
another year at the #Troopers26 CTF brings some neat new tricks to bytewitch, my universal weird-blob decoding tool (now home at https://bytewitch.boo š»):
quickly apply byte-level preprocessing (xor, and, arithmetic) and specify payloads by mixing and matching arbitrary number notations (binary, ternary, hex, whatever)
also, the randomness analysis now flags patterns indicating repeated-key xor and similar obfuscations (in tryhard mode only, for now)
now back to my actual work...
So, 2006 called and said, āHey, you should start a blog!ā And since Iām at it, I thought, why not launch a newsletter too? š
Here is the link to my first blog post: https://www.voltpaperscissors.com/tipsandtricks/playing-with-the-sun
And here for the newsletter sign-up: https://www.voltpaperscissors.com/newsletter-signup-standalone/
The reasoning is simple: "Social" media (Mastodon aside) has turned into something I donāt want to be part of, so Iād better set myself up for something independent.
@Javvad employees figured out tool use for effective problem solving long ago - we call it "Shadow IT"
@hrbrmstr I mean, why not use GLM 5.2 in the meantime? https://www.provos.org/p/qemu-escape-glm-5-2/
#ElonMusk is a murderer, and now he's lying about it. https://www.commondreams.org/news/musk-dead-children-usaid
Today I released C1B, the most personal app Iāve ever built.
Earlier this year, my father was diagnosed with lymphoma, and my family quickly outgrew our binders, Notes, spreadsheets, and group chats trying to coordinate his care.
C1B grew out of that experience. C1B is a caregiving log that helps families keep track of everything related to the ongoing care of a loved one.
ā¤ļø https://c1b.app
1.2 billion downloads ran through pyca/cryptography last month. Nearly every Python app that touches crypto depends on it. If it doesn't ship post-quantum primitives, the Python ecosystem can't migrate.
We helped add ML-DSA (FIPS 204) for signatures and ML-KEM (FIPS 203) for key exchange to the library. Install and migration details in the blog. https://blog.trailofbits.com/2026/06/30/shipping-post-quantum-cryptography-to-python/
"France is currently glowing red with heat. Not metaphorically. Literally. Land surface temperatures in parts of the country have been recorded at levels more commonly associated with the Sahara Desert.
France. The country of vineyards, alpine villages, stone farmhouses, rivers, forests and temperate European summers. Looking like the Sahara. That should stop us in our tracks.
The real story isnāt that France is having a heatwave. Itās that climate change is making places behave like somewhere else. Places are beginning to lose the climate that shaped their buildings, their farms, their infrastructure, their ecosystems, their communities, cultures and expectations of normal life.
France isnāt built for the Sahara. Its schools, homes, hospitals, railways, power stations and aged-care facilities werenāt designed for repeated extreme heat. Its rivers werenāt meant to run so hot that nuclear power stations have to reduce output because cooling water is too warm. Its classrooms werenāt meant to become dangerous places for children to sit exams."
https://www.lyrebirddreaming.com/post/france-is-hotter-than-the-sahara-this-is-everyone-s-warning
Following recent news, we have cancelled Mullvad's sponsorship of EMF 2026.
If you'd like to contribute to make up for the lost income, you can still sponsor EMF through our ticket shop:
Ireland is a wholly owned lapdog of Big Tech -- taking advantage of a cynical system that enriches one tiny nation at the expense of everyone else, especially in the US and the EU. It's pure corruption. Why do the many, many losers in this arrangement let it go on? https://www.theguardian.com/commentisfree/2026/jun/30/ireland-big-tech-lapdog-eu-presidency-digital-sovereignty
@aristot73 hot take: marketing is at the heart of infosec problems.
Google is apparently testing a new reCAPTCHA method that prompts you to turn on your device's camera to prove you are human by scanning your hands.
I assume this will eventually be mandatory, just like the current reCAPTCHA.
https://reclaimthenet.org/googles-new-recaptcha-wants-your-camera-access-and-21-points-of-your-hand