How often do you get a 75x speedup on a real workload in a compiler? Not often!
Here's the story of one in SpiderMonkey: https://spidermonkey.dev/blog/2024/10/16/75x-faster-optimizing-the-ion-compiler-backend.html
Fuck Microsoft and Fuck Nadella.
As expected, the 24H2 update installed 'Recall', it can't be uninstalled.
To disable the Microcoft spyware, run this as admin
C:\Windows\System32>Dism /Online /Disable-Feature /Featurename:Recall
Can't vouch that all the people you share your screen, code, IP, private details, will disable theirs. consider NOT sharing anything ever again.
Sandbox escape from extensions due to insufficent checks in chrome.devtools.inspectedWindow.reload and chrome://policy (reward: $20000) http://crbug.com/338248595
I'm amazed that there has been zero coverage of this:
EU's new Product Liability Directive got voted through last thursday.
No later than two years from now, software, stand-alone, cloud or embedded are subject to "no-fault liability" (ie: doesn't matter how or why, only that it is defective.)
Here's the directive:
https://data.consilium.europa.eu/doc/document/PE-7-2024-INIT/en/pdf
Gentlemen, start your panic…
PS: Yes, there is a FOSS exemption, but only "outside commercial activity". (Ie: The guy in Nebraska but not RedHat)
Breaking News: The threat actor known as "USDoD" (aka "EquationCorp" and other monikers") has been arrested by Brazilian Federal Police. USDoD is probably best known for his attacks on #InfraGard, Airbus, and his role in the recent National Public Data breach.
Media coverage indicates he was arrested this morning: https://g1.globo.com/politica/noticia/2024/10/16/pf-prende-hacker-de-33-anos-suspeito-de-invadir-sistemas-e-vazar-dados-de-policiais.ghtml
Proud to start sharing Google's strategy for tackling our remaining memory safety challenges: https://security.googleblog.com/2024/10/safer-with-google-advancing-memory.html
It's high level, but it outlines the long-term strategy. We'll be sharing more detailed posts in this series.
Google Chrome security advisory: Stable Channel Update for Desktop
New Google Chrome version 130.0.6723.58/.59 for Windows, Mac and 130.0.6723.58 for Linux has 17 security fixes, 13 externally reported. No mention of exploitation, and nothing sticks out.
Alternatives to @noscript for #chrome recommended by #google's store:
2 #adblockers and 2 trojans.🤨
https://chromewebstore.google.com/detail/doojmbjmlfjjnbmnoijecmcbfeoakpjm/related-recommendations
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
Hot off the press!
#cisa #cisakev #kev #knownexploitedvulnerabilitiescatalog #vulnerability #cve #eitw #activeexploitation #zeroday #CVE_2024_30088 #CVE_2024_9680 #CVE_2024_28987 #solarwinds #mozilla #firefox #microsoft #windows #kernel
Microsoft: Microsoft Digital Defense Report 2024
Microsoft has a 114 page PDF report covering the evolving cyber threat landscape: threat actors and their motivations, nation state threats, ransomware, fraud, identity and social engineering, and DDoS attacks. There's also Microsoft-specific recommendations as part of Secure Future Initiative. Of course, no annual threat intel report would be complete without artificial intelligence ✨. From AI-enabled cyber attacks to influence operations, and god forbid using AI for cybersecurity. There's a section on how governments and industry are approaching and advancing global AI security. This report also includes perspectives from different countries.
#microsoft #securefutureinitiative #AI #cyberespionage #ransomware #digitaldefensereport #threatintel #cybersecurity #infosec #cyberthreatintelligence #CTI
Absolutely wild how many companies are adopting AI notetaking apps for meetings.
Y'all'er just chill sending your planning, product direction and revenue details to some random third party in exchange for them doing the low value task of halfassing note taking for you?
Claims of Chinese researchers breaking "military grade encryption" with a quantum computer are totally overblown. They attacked a trivial 22 bit key and used a quantum annealing architecture. Still not cryptographically relevant and not a quantum computer. Still not breaking RSA!