aurelsec
Hackademic at S3@eurecom
- Reposted by aurelsecUSENIX WOOT Conference 2026: two submission deadlines this year! - Cycle 1: December 12, 2025 *only one month away* ! - Cycle 2: March 3, 2026 WOOT still has a SoK track and an "Up-and-coming track" (~Industry), CFP for details: www.usenix.org/conference/w...
- Reposted by aurelsecC'est un document sans précédent : les caméras-piétons des gendarmes mobiles engagés à Sainte-Soline en 2023 dévoilent un maintien de l'ordre fascisant où tous les excès sont permis avec les encouragements de la hiérarchie. À partager. www.mediapart.fr/journal/fran...
- Reposted by aurelsecLast chance to (self-) nominate for USENIX Security'26 Artifact Evaluation Committee! You should expect a low load of ~1 artifact for functionality/reproducibility assessments per cycle (max 3 for the whole year). Please support Open Science and fill the form by Oct 17: forms.gle/WoYRX4govNY1... 🚀
- Reposted by aurelsecÀ #SecSea2k5 Aurélien Francillon d'Eurecom relate les expériences hallucinantes d'écoutes en reconnectant avec les documents NSA déclassifiés en parallèle 😁 ✅ Bluetooth 😧 ✅ JTAG fait tout fuiter "quand le 𝑗𝑖𝑡𝑡𝑒𝑟 révèle le calcul de la puce" 👏🏻 Génial 👍🏻
- Reposted by aurelsecThe Danish Presidency is pushing a dangerous proposal in the EU that would allow the government to scan all our private communications. www.eff.org/deeplinks/2...
- Reposted by aurelsecSignal to leave EU rather than comply w/ Chat Control, which would scan all messages sent over end-to-end encrypted platforms. Vote on Chat Control's future Oct 14. Germany is the swing vote. Officials there opposed the measure in past but new govt silent re position therecord.media/signal-calls...
- Interesting story how DES 56 became a 56-bit key algorithm (while having a 64-bit block size): "NSA tried to convince IBM to reduce the length of the key from 64 to 48 bits. Ultimately, they compromised on a 56-bit key."
- Source: American Cryptology During the Cold War, 1945-1989 Book III: Retrenchment and Reform, 1972-1980 (declassified) archive.org/details/cold... Which I found thanks to this nice article by @hashbreather.bsky.social blog.cr.yp.to/20251004-wea...
- Reposted by aurelsecArchives du 26 juillet 2024 : Emmanuel Macron écarte l'option d'un gouvernement mené par @luciecastets.bsky.social au nom de "la stabilité institutionnelle".
- Tomorrow at 6:30 PM the EU Green Parliament group holds a webinar on #ChatControl act.greens-efa.eu/chatcontrol
- Reposted by aurelsec"Bad news: The proposal is going forward to be voted on on October 14th, and there's still no blocking minority achieved, as Germany reverted its position to undecided. Good news: There is still time to fight back!" Shut this monstrosity down NOW
- Reposted by aurelsecLe projet de loi pour espionner vos conversations privées #WhatsApp revient sur la table, l’opposition se mobilise 01net.com/actualites/l... via @01net.com #EURECOM @aurelsec.bsky.social
- Reposted by aurelsecAt long last - Phrack 72 has been released online for your reading pleasure! Check it out: phrack.org
- Reposted by aurelsecPhrack 72 released today. phrack.org/issues/72/1 It got me thinking. I first read Phrack back in the 90's as I started hanging out on IRC (maybe '93 or '94?), as I was learning about FreeBSD and later, Linux. It must have been Phrack 43-45 where I started. What a wild ride on the Internet.
- Reposted by aurelsecI reverse engineered Lockbit's Linux ESXi variant, also explaining how I did some of the steps! For the fun of it, cause reverse engineering is lots of fun. Enjoy! hackandcheese.com/posts/blog1_...
- Reposted by aurelsec@blackhoodie.bsky.social will be at @sec-t.bsky.social on September 10th with a training on Linux Malware Reverse Engineering, for women by women! We have very few seats left 😁 blackhoodie.re/SecT2025/
- Reposted by aurelsecDiscounted early bird registration for WOOT '25 is still open until Monday - www.usenix.org/conference/w... - join us in Seattle on Aug 11/12 (right before USENIX Security) for talks and discussions on great cutting-edge offensive security research. Full program at www.usenix.org/conference/w...
- Reposted by aurelsecOur research on open tunneling servers got nominated for the Most Innovative Research award :) The work will be presented by Angelos Beitis at Black Hat and also at USENIX Security Brief summary and code: github.com/vanhoefm/tun... Paper: papers.mathyvanhoef.com/usenix2025-t...
- Reposted by aurelsecUne pétition vient d'être lancée sur le site de l'AN pour demander au gouvernement français d'arrêter d'utiliser X pour ses communications officielles. Je l'ai évidemment signée. Avec toi ? (Et on fait tourner l'info) petitions.assemblee-nationale.fr/initiatives/...
- Détecter les contenus pédocriminels en ligne : quelles options techniques ? Quels risques pour la vie privée ? theconversation.com/detecter-les...
- Reposted by aurelsecHuge implications from this: Microsoft cut off the email of the chief prosecutor of the International Criminal Court, because of his work on Israel www.nytimes.com/2025/06/20/t...
- Reposted by aurelsecZonenberg et al. extract its one-time programmable memory through passive voltage contrast 🔬 using a focused ion beam ⚡: www.usenix.org/conference/w...
- Reposted by aurelsecTwo winners of the RP2350 Hacking Challenge will present their results at WOOT! Muench et al. break its secure boot guarantees through voltage, electromagnetic, and laser fault injection 💥 techniques: www.usenix.org/conference/w...
- Reposted by aurelsecOur OffensiveCon talk on stateful baseband emulation (and how improper string handling led to baseband RCE) is available on YouTube: youtu.be/zoAITq7jUM8. It has been a pleasure; awesome conference, brilliant people. Slides and paper: www.danielklischies.net/research/bas...
- Reposted by aurelsecSince mid-2024, Google has refused to reinstate the access Nextcloud needs for uploading and syncing other file types to its host-your-own cloud platform.
- Reposted by aurelsecHaven't seen this on Bluesky yet: S&P 2027 will take place in Montreal, Canada!
- Reposted by aurelsec📢 Excited to announce that the results on BaseBridge, our project on improving cellular baseband emulation, are going public this week. Dyon will present at IEEE S&P on Monday 3pm, while David and I will be on stage at @offensivecon.bsky.social on Saturday 11am with even more details! 1/6
- Reposted by aurelsec
Despite misleading marketing, Israeli company TeleMessage, used by Trump officials, can access plaintext chat logs. My findings are based on TM SGNL's source code, and they are corroborated by hacked data micahflee.com/despite-misl... - Reposted by aurelsecI wrote up a detailed analysis of TM SGNL, the unofficial Signal app that senior Trump fascists use to organize their war crimes micahflee.com/tm-sgnl-the-...
- Reposted by aurelsecFor the past while J-P at @newae.com has been working on a major #ChipWhisperer doc refactor - this is now live, check out chipwhisperer.readthedocs.io/en/latest/in... . It moves software, hardware, and even some tricks/tips all into once place using Jupyter Books. Huge improvement in usability!
- Here you are @oflynn.com :)
- Reposted by aurelsec💥Detection method for #symlink #backdoor on #fortinet "we are willing to share it, privately" More than 18k devices compromised Read more: blog.onyphe.io/en/symlink-b...
- Reposted by aurelsecOn est d'accord que...
- Reposted by aurelsec📢 The Internet Archive needs your help. At a time when information is being rewritten or erased online, a $700 million lawsuit from major record labels threatens to destroy the Wayback Machine. Tell the labels to drop the 78s lawsuit. 👉 Sign our open letter: www.change.org/p/defend-the... 🧵⬇️
- Reposted by aurelsecLogiciels espions : 21 pays s’engagent à lutter contre la prolifération des armes numériques
- Reposted by aurelsecAnd pretty please, let's move S&P from San Francisco and NDSS from San Diego. Thanks 😘
- Given problems with scientists entering the USA perhaps moving Crypto from Santa Barbara would be the first step to think about.... www.lemonde.fr/internationa...
- Reposted by aurelsecFinally finished uploading my "Intro to PCB Design" lectures from my class this semester - Part 1 at youtu.be/N544CMR8I-M and rest linked from there. Slides and example project for students to complete at github.com/colinoflynn/... if you want to reuse it! #pcb #pcbdesign #electronics #kicad
- Reposted by aurelsec"Signal would exit the French market before it would comply with this law as written" Meredith Whittaker @meredithmeredith.bsky.social, President of Signal @signal.org
- Reposted by aurelsecMerci @gabrielthierry.bsky.social de revenir sur l'histoire incroyable des #ShadowBrokers en plusieurs parties #MustRead Partie 1 open.substack.com/pub/pwned/p/... Partie 2 open.substack.com/pub/pwned/p/... Partie 3 open.substack.com/pub/pwned/p/...
- Reposted by aurelsecNearly finished! "Modeling and Analyzing Security Protocols with Tamarin: A Comprehensive Guide" (Basin, Cremers, Dreier, and Sasse) will be published by Springer in the near future. I'm very happy to announce that a full draft of our book is now available for download at tamarin-prover.com/book/
- Reposted by aurelsecPetit récap sur les amendements déposés sur la loi narcotrafic : - réintroduction de l'article 8 ter sur les applis chiffrées par Olivier Marleix (LR) www.assemblee-nationale.fr/dyn/17/amend... - mais aussi par Paul Midy (EPR) dans une versionTRES proche : www.assemblee-nationale.fr/dyn/17/amend...
- Reposted by aurelsecPour l'heure, aucun amendement du gouvernement à la #PPLNarcotrafic discutée à partir de lundi ne rétablit feu l'article 8ter (accès aux communications chiffrées). Mais on trouve trois amendements parlementaires, peu ou prou identiques (ça alors !), qui en proposent une version remaniée.
- Reposted by aurelsecChiffrement et «portes dérobées» : sur X, la ministre du Numérique C. Chappaz plaide pour un «équilibre». Mais lequel ? Soit il y a obligation de résultat, soit il n'y en a pas. Et la situation actuelle (obligation de moyens pour les opérateurs + piratage légal) n'est-elle pas un «équilibre» ?
- Reposted by aurelsec
- Reposted by aurelsecOnly a week and a half left for USENIX WOOT '25 conference submissions - deadline March 11 AoE. We’re looking forward to seeing even more of your amazing offensive security papers this year! And still a few days for up-and-coming track (March 4). CfP at www.usenix.org/conference/w...
- Reposted by aurelsecCe dernier propose de permettre aux fournisseurs concernés par l’obligation de créer une porte dérobée d’opposer une impossibilité technique. www.assemblee-nationale.fr/dyn/17/amend... www.assemblee-nationale.fr/dyn/17/amend...
- Reposted by aurelsecPouria Amirshahi (Écologiste & Social) "Ces dispositions entraîneraient alors un affaiblissement généralisé des moyens cryptographiques & reviendrait donc à mettre en danger notre sécurité, comme le formulait Guillaume Poupard, ancien directeur de l’ANSSI" www.assemblee-nationale.fr/dyn/17/amend...
- Reposted by aurelsecEric Bothorel (Ensemble pour la Rép) & d’autres députés du groupe "L’exigence d’un affaiblissement des mécanismes de chiffrement va à l’encontre des principes fondamentaux de sécurité informatique & expose l’ensemble des utilisateurs à des menaces accrues" www.assemblee-nationale.fr/dyn/17/amend...
- Reposted by aurelsecElsa Faucillon (GDR) "la capacité de chiffrer ses communications numériques (...) est (...) l’un des derniers remparts, individuels & collectifs, aux intrusions arbitraires et illégales de nombreux acteurs, étatiques, privés ou criminels" www.assemblee-nationale.fr/dyn/17/amend...
- Reposted by aurelsecAurélien Lopez (RN) et d’autres députés du groupe : « Cet article est donc disproportionné et techniquement hasardeux » www.assemblee-nationale.fr/dyn/17/amend...
- Reposted by aurelsecPaul Molac (Libertés, indépendants, Outre-mer et Territoires) : « Dans une société démocratique, les seuls besoins de l'enquête ne peuvent justifier une telle atteinte aux libertés publiques, cet article doit être supprimé. » www.assemblee-nationale.fr/dyn/17/amend...
- Reposted by aurelsecLes socialistes : « dès lors que la porte dérobée existe, nul ne peut garantir qu’elle ne sera pas utilisée par des réseaux criminels par exemple. » www.assemblee-nationale.fr/dyn/17/amend...
- Reposted by aurelsecLes écologistes : « Les bénéfices à attendre d’une telle mesure pour la lutte contre la criminalité organisée sont donc bien moindres que les risques pour la sécurité qu’elle fait courir » www.assemblee-nationale.fr/dyn/17/amend...
- Reposted by aurelsecPhilippe Latombe (MoDem) : « l’article 8 ter rend la méthode de chiffrement de bout en bout ineffective, affectant gravement la cybersécurité des communications électroniques, au détriment de l’intégrité et de la confidentialité des échanges légitimes » www.assemblee-nationale.fr/dyn/17/amend...
- Reposted by aurelsec9 demandent la suppression pure et simple de cet article. Le groupe LFI-NFP dénonce « une atteinte substantielle aux garanties de cryptologie permettant de protéger les données personnelles ou sensibles ». www.assemblee-nationale.fr/dyn/17/amend...
