The question of who controls the ability to merge code changes into Bitcoin Core’s GitHub repository tends to come up on a recurring basis. This has been cited as a “central point of control” of the Bitcoin protocol by various parties over the years, but I argue that the question itself is a red herring… Read More


Newly leaked internal documents obtained by Motherboard detail how Instagram polices content published through its Instagram Stories feature, which allows users to publish short videos and static images that generally stay on profiles for 24 hours. The fact that they often have multiple discrete parts can make it particularly difficult to moderate stories, the documents… Read More


You’ve decided to tackle a high-end luxury apartment, the kind of building with multiple Picassos in the penthouse. You could spend weeks or months casing the place, studying every resident’s schedule, analyzing the locks on all the doors. You could dig through trash for hints about which units have alarms, run through every permutation of… Read More


A couple of researchers demonstrated how to bypass vein based authentication using a fake hand build from a photo. If you consider vein based authentication totally secure, you have to know that a group of researchers demonstrated the opposite at the Chaos Communication Congress hacking conference. Vein based authentication scan invisible vein pattern (i.e. shape,… Read More


The US National Security Agency will release a free reverse engineering tool at the upcoming RSA security conference that will be held at the start of March, in San Francisco. The software’s name is GHIDRA and in technical terms, is a disassembler, a piece of software that breaks down executable files into assembly code that… Read More


Computer peripheral giant Logitech has finally issued a patched version of its Logitech Options desktop app, after being taken to task for a months-old security flaw. The bug could of allowed adversaries to launch keystroke injection attacks against Logitech keyboard owners that used the app. Google Project Zero security researcher Tavis Ormandy found the bug… Read More


Cybersecurity researchers have discovered a critical vulnerability in widely used SQLite database software that exposes billions of deployments to hackers. Dubbed as ‘Magellan’ by Tencent’s Blade security team, the newly discovered SQLite flaw could allow remote attackers to execute arbitrary or malicious code on affected devices, leak program memory or crash applications. Source: thehackernews… Read More


Two months after disclosing an error that exposed the private profile data of almost 500,000 Google+ users, Google on Monday revealed a new leak that affects more than 52 million people. The programming interface bug allowed developers to access names, ages, email addresses, occupations, and a wealth of other personal details even when they were… Read More