Dan Goodin
Cybersecurity Reporter, Ars Technica: arstechnica.com/author/dan-goodin/ Hungry for tips. Text me on Signal: DanArs.82. "The world isn’t run by weapons anymore, or energy, or money. It’s run by little 1s and 0s, little bits of data."
- Two security professionals who were arrested in 2019 after performing an authorized security assessment of a county courthouse in Iowa will receive $600,000 to settle a lawsuit they brought alleging wrongful arrest and defamation. arstechnica.com/security/202...
- Reposted by Dan Goodin[Not loaded yet]
- Reposted by Dan Goodin[Not loaded yet]
- Reposted by Dan GoodinConservatives Say Renée Good Was Brainwashed By Bible Into Loving Thy Neighbor theonion.com/conservatives-say-r…
- Reposted by Dan Goodin[Not loaded yet]
- Reposted by Dan Goodin[Not loaded yet]
- Moxie Marlinspike—the engineer who set a new standard for private messaging with the creation of the Signal Messenger—is now aiming to revolutionize AI chatbots in a similar way. arstechnica.com/security/202...
- In 15 minutes, NY AG Letitia James will participate in the Conde Nast union rally supporting the immediate reinstatement of 4 of our colleagues who were illegally fired in a union-busting move. If you're near WTC in Manhattan, please come and show your support.
- Dear @undetectableai.bsky.social: The comments attributed to your CEO, Christian Perry, in the WGCU post borders on quackery. There is 0 evidence AI is doing the things you say it is. Please stop spreading misinformation. Oddly, WGCU in Fort Meyers, Florida, has no removed the story. I wonder why
- ICYMI: 4 Conde Nast employees were illegally fired for exercising permitted speech in our workplace. Tonight, NY AG Letitia James will call out this union-busting move by our management. Please attend. Pls also sign our petition to reinstate our fired colleagues. actionnetwork.org/petitions/te...
- Reposted by Dan Goodin[Not loaded yet]
- Reposted by Dan Goodin[Not loaded yet]
- Reposted by Dan Goodin[Not loaded yet]
- The problem solving required for making Signal quantum safe is as daunting as any in engineering. In less adept hands, mucking about with an instrument this complex could have led to unintended consequences. Yet this upgrade is nothing short of a triumph! arstechnica.com/security/202...
- How long until the FBI opens an investigation into this judge?
- Reposted by Dan Goodin[Not loaded yet]
- Reposted by Dan Goodin[Not loaded yet]
- So long, #disneyplus. I stand for @jimmykimmel.com and for media independence. Also, nothing Jimmy said about the MAGA people politicizing and weaponizing Kirk's assassination was untrue. cc: @jimmykimmellive.bsky.social
- Reposted by Dan Goodin[Not loaded yet]
- Reposted by Dan Goodin[Not loaded yet]
- Reposted by Dan Goodin[Not loaded yet]
- Reposted by Dan Goodin[Not loaded yet]
- Wednesday’s discovery of 3 unauthorized TLS certificates for Cloudflare’s 1.1.1.1 generated intense interest and concern. Since then, new information has become available, including the issuance of 9 more certificates. This FAQ answers questions and gives the latest: arstechnica.com/information-...
- Reposted by Dan GoodinDunno who Fina Root CA is, but they finna learn some hard lessons in TLS certificate justice. Always appreciate @dangoodin.bsky.social getting stuff like this out into the daylight. #infosec #cybersecurity arstechnica.com/security/202...
- Reposted by Dan Goodin[Not loaded yet]
- I asked Google how many detections Big Sleep made in total and how many false positives and false negatives there were. The company declined to say. It's certainly Google's prerogative to withhold data that may not cast Big Sleep in a favorable light, but calling this a"commitment to transparency"?
- Reposted by Dan Goodin[Not loaded yet]
- GPUhammer is the first to flip bits in onboard GPU memory. It likely won't be the last. arstechnica.com/security/202...
- Reposted by Dan Goodin[Not loaded yet]
- Found in the wild: 2 Secure Boot exploits. Microsoft is patching only 1 of them. arstechnica.com/security/202...
- Tracking code Meta and Yandex embed into millions of sites is de-anonymizing visitors by abusing legitimate Internet protocols, causing Chrome and other browsers to surreptitiously send unique identifiers to native apps installed on a device, researchers discovered. arstechnica.com/security/202...
- Reposted by Dan Goodin[Not loaded yet]
- Reposted by Dan Goodin[Not loaded yet]
- Reposted by Dan Goodin[Not loaded yet]
- Microsoft is updating Windows 11 with a set of new encryption algorithms that can withstand future attacks from quantum computers in a move to jump-start what’s likely to be the most formidable and important technology transition in modern history. arstechnica.com/security/202...
- Reposted by Dan Goodin[Not loaded yet]
- Genuine question (meaning no snark intended): was there anything newsworthy that came out of #RSAC this year?
- Reposted by Dan Goodin[Not loaded yet]
- Reposted by Dan Goodin[Not loaded yet]
- From the department of head scratches comes this counterintuitive news: Microsoft says it has no plans to change a remote login protocol in Windows that allows people to log in to machines using passwords that have been revoked. arstechnica.com/security/202...
- Reposted by Dan Goodin[Not loaded yet]
- About a decade ago, Apple and Google started updating iOS and Android to make them less susceptible to “juice jacking.” Now, researchers are revealing that, for years, the mitigations have suffered from a fundamental defect that has made them trivial to bypass. arstechnica.com/security/202...
- A prominent computer scientist who has spent 20 years publishing academic papers on cryptography, privacy, and cybersecurity has gone incommunicado, had his professor profile removed by employer Indiana University, & had his homes raided by the FBI. No one knows why. arstechnica.com/security/202...
- Reposted by Dan Goodin[Not loaded yet]
- "Since Musk took charge [Twitter] has abandoned any pretence that the platform is striving for balance. Instead, it's reshaped its algorithms to suit Musk's personal whims." news.risky.biz/outside-amer...
- Reposted by Dan Goodin[Not loaded yet]
- Report sheds new light on the tactics allowing Black Basta and other attackers to move at breakneck speed. arstechnica.com/security/202...
- If you're still tweeting on the hell site -- particularly those with blue checkmarks -- you're actively driving investors' renewed interest in the platform. Same thing for companies like Apple and Amazon that are once again advertising there. www.nytimes.com/2025/02/13/t...
- Reposted by Dan Goodin[Not loaded yet]
- The result of the attack is the planting of false long-term memories that will be present in all future sessions, opening the potential for the chatbot to act on false information or instructions in perpetuity. arstechnica.com/security/202...
- Reposted by Dan Goodin[Not loaded yet]
- Reposted by Dan Goodin[Not loaded yet]
- Reposted by Dan Goodin[Not loaded yet]
- Andrei Karkar, CEO of SF-based ERAS Holdings and son of late telecommunications company Karkar Electronics founder Edward Karkar, arrested on suspicion of rape, robbery, false imprisonment, and assault with a deadly weapon sfstandard.com/2025/02/04/s...
- Reposted by Dan Goodin[Not loaded yet]
- Reposted by Dan Goodin[Not loaded yet]
- Reposted by Dan Goodin[Not loaded yet]
- Reposted by Dan Goodin[Not loaded yet]
- I would page @telliotter.bsky.social, @dell.bsky.social, @makenakelly.bsky.social, @davidgilbert.bsky.social and other talented wired folks who are already killing it on coverage of this but I'm sure they already know. I sure hope journos from other places are pursuing too.
- Reposted by Dan GoodinHi all, We’re still here at OPM. We have a situation where we MIGHT, and I do mean, MIGHT have four of Elon’s people blocked from the building. Can we get press or a member of Congress down here? We’ve blocked them for two hours and they keep coming back and trying to go in.
- Reposted by Dan Goodin[Not loaded yet]
- Apple-designed chips powering Macs, iPhones, and iPads contain newly discovered vulnerabilities that leak credit card info, locations, and other sensitive data from the Chrome and Safari browsers as they visit iCloud Calendar, Google Maps, and Proton Mail. arstechnica.com/security/202...
- When Deepseek saying it's being hit with a "largescale cyberattack," what does it mean? A DDoS? Anyone have any intel or insights on what's going on? So far, I'm not seeing any specifics beyond "largescale cyberattack," which tells us next to nothing.
- Journalists sporting blue checkmarks on the fascism-friendly site and continuing to tweet there have no place lecturing other journalists about stuff.
- Reposted by Dan Goodin[Not loaded yet]
- A patch for a "major" vulnerability in AMD chips has leaked before it became available for Linux users. It's not clear if a patch for Windows is available or not. I asked AMD about this 24 hours ago, and it's still not saying a peep about this. So much for transparency. seclists.org/oss-sec/2025...
