2023-12-20
This is incredibly good work and a great find! For users: You should update your SSH packages when they are available but don't risk your availability by being “drop everything” hasty. Thanks to defense in depth in the protocol this isn't as serious as prior issues in TLS/SSL.
Ars Technica
Researchers detail a MITM attack on SSH that can break the integrity of the protocol, the first “practical attack of its kind”; fixes face compatibility issues
SSH is an internet standard that provides secure access to network services … Connor Jones / The Register : SSH shaken, not stirred by Terrapin vulnerability Terrapin Attack : Terr...
2022-06-22
This is great cryptographic research, but the finger-wagging tone of that article feels very counterproductive to real-world security. Mega made a mistake in how they implemented e2e cryptography and fixed it. But overall we all want more of this kind of work. https://twitter.com/...
Ars Technica
Researchers detail fundamental cryptography flaws in MEGA's end-to-end encryption scheme that could let the cloud storage service decipher stored files
Fundamental flaws uncovered in Mega's encryption scheme show service can read your data. — In the decade since larger … Source: MEGA: Malleable Encryption Goes Awry .
2021-07-02
We have two new leadership principles at Amazon today. “Strive to be Earth's Best Employer” (which includes leading with empathy) and “Success and Scale Bring Broad Responsibility”. We use our LPs every day. Excited for how they translate into practice. https://www.aboutamazon.com/ ...
Bloomberg
Days before Bezos steps aside, Amazon adds two points to its 14 corporate values, requiring staff to consider welfare of coworkers and society at large
We're grateful to Amazonians around the world who uphold … Insider : 10 Things in Tech: Bezos' exit, Robinhood IPO, SpaceX glass dome PYMNTS.com : Amazon Adds Two Leadership Princi...