VasakOS

The NSA spent billions trying to break encryption. One German programmer beat them. He earned only $25k a year. 🤯 Meet Werner Koch 🇩🇪 > German free software developer. Born 1961 in Düsseldorf. > 1997 ~ Richard Stallman called for a free encryption tool. > Only option then: closed-source, US-restricted PGP. > Werner answered. He built GnuPG (GPG) alone — free software to encrypt files, sign software, and verify identity. > 1999 ~ Released GPG 1.0. Fully open source. No restrictions. > Today his code verifies every Linux server update, every Debian package, every Tor Browser download on Earth. > Every signed Linux release depends on it. > Used by activists, dissidents, and security pros worldwide to stay untracked. > Edward Snowden used GPG in 2013 to leak NSA documents. It held up against the world’s most powerful spy agency. 🚀 > 2001 ~ Founded g10code with his brother to work full-time on GPG. > Earned $25,000/year for 14 years while supporting his wife and daughter. > 2012 ~ Funding ended. He had to let go of his only programmer. > 2013 ~ He was the sole maintainer and nearly quit. > 2015 ~ ProPublica story dropped. Internet donated $137k in 24 hours. > Facebook + Stripe pledged $50k/year each. Linux Foundation gave $60k. > Won FSF Award for the Advancement of Free Software. > Today he still maintains GPG from his home in Erkrath, Germany. One man kept the internet’s secrets, secret. The world almost lost him in 2013. His code still protects yours. Privacy GOAT. 🐐

🚨 BREAKING: New Linux zero-day "Dirty Frag" lets ANY local user become root on most major distros. The PoC is already public, half of it isn't patched yet. Discovered by researcher Hyunwoo Kim, the exploit chains two kernel bugs and sits in the same family as Dirty Pipe and Copy Fail. ▪️ CVE-2026-43284 (xfrm-ESP Page-Cache Write): patched in mainline Linux. ▪️ CVE-2026-43500 (RxRPC Page-Cache Write): NO PATCH yet. The exploit is reliable by design. Attackers don't have to win a timing race, the system won't crash and alert anyone if it fails, and it succeeds nearly every run. The embargo got broken before distros could ship fixes, so the working code is now sitting on GitHub. Confirmed working on: Ubuntu 24.04.4, RHEL 10.1, openSUSE Tumbleweed, CentOS Stream 10, AlmaLinux 10, Fedora 44.

❗️ Linux is having a brutal week. Another local to root privilege escalation vulnerability just dropped: "Copy Fail 2: Electric Boogaloo." This is the third Linux LPE in a row, after Copy Fail and Dirty Frag. The PoC is public on GitHub. There is still no coordinated patch. https://t.co/6XifksYgZ6