Olivia
Online
Sergey Simakov (@[email protected])
@sergesim
Cloud-scale security engineering and all the things.
My tweets are my own.
Greater Seattle
Joined November 2008
3.3K Following
759 Followers
6.9K Posts
Ridiculous. Degrowth nonsense.
ACM CAIS is a the first research conference focused on agentic and AI systems, and will run in San Jose this year. The deadline is coming up Feb 27th — submit your papers here: https://t.co/jEUrJWNxdB
Very bad experience with @avianca for AV 191 today:
1) cannot explain why only 1 person of 2 able to check-in online. With unclear “incomplete” message
2) refuses to support suitcase that was checked in by Alaska on the way to FLL, that they don’t have it in the system!
Post Quantum Cryptography - Time to Get Going.
There are wide ranging estimates on the time frame in which to be concerned about the existence of a cryptographically relevant quantum computer (i.e. one that can break RSA / ECC in reasonable time).
But the three triggers/warnings to look at are:
1. Are there machines with higher numbers of physical qbits.
2. Are there less physical qbits needed to make good logical qbits.
3. Are there other advances that reduce the number of logical qbits needed.
If all 3 are blinking red that you will want to bring in your time frames for when your PQC migration is done.
This blog from Google highlights significant progress on reducing the number of physical qbits needed to factor RSA 2048. Warning lights are starting to switch on.
https://t.co/iEFK4hUztf
If you haven't even started planning your PQC migration then you really should start. Some guidance on how to get going here:
https://t.co/1YpavPinaJ
Who to follow
Ryan Hurst 
@rmhrisk
Dropout. Father. I build things. Security, Cryptography, Engineering, Entrepreneurship. @peculiarventure + xMSFT + xGOOG ++. also on https://t.co/FaDXJfnZBm & Bluesky
Jay Turla
@shipcod3
@rootconorg goon & CFP Reviewboard, @hacknotcrime advocate, contributed some msf code, F&AM #badgelife #carhacking #ADDVulcan
Antti Tikkanen
@anttitikkanen
Want to check for #ESC15 ? Use the following cypher with #BloodHound
MATCH p=(:Base)-[:MemberOf*0..]->()-[:Enroll|AllExtendedRights]->(ct:CertTemplate)-[:PublishedTo]->(:EnterpriseCA)-[:TrustedForNTAuth]->(:NTAuthStore)-[:NTAuthStoreFor]->(:Domain) WHERE ct.enrolleesuppliessubject = True AND ct.authenticationenabled = False AND ct.requiresmanagerapproval = False AND ct.schemaversion = 1 RETURN p
Thanks @Jonas_B_K
More information available here: https://t.co/RiRtKsN7B5
![jmbesnard_maz's tweet photo. Want to check for #ESC15 ? Use the following cypher with #BloodHound
MATCH p=(:Base)-[:MemberOf*0..]->()-[:Enroll|AllExtendedRights]->(ct:CertTemplate)-[:PublishedTo]->(:EnterpriseCA)-[:TrustedForNTAuth]->(:NTAuthStore)-[:NTAuthStoreFor]->(:Domain) WHERE ct.enrolleesuppliessubject = True AND ct.authenticationenabled = False AND ct.requiresmanagerapproval = False AND ct.schemaversion = 1 RETURN p
Thanks @Jonas_B_K
More information available here: https://t.co/RiRtKsN7B5](https://pbs.twimg.com/media/GZdrQxUWwAApO_f.png)
IN CASE YOU MISSED IT:
The EU — in private — amended draft digital identity regulation to create a legally-mandated surveillance backdoor in HTTPS.
Over 300 academics & tech experts YESTERDAY published an open letter calling on the EU to fix this + follow web standards instead:
Caricatures of Security People
2. Cryptographer turned Security Guru
Says things like:
“If only people more than just me realized that security processes are important we’d be in a much better place.”
https://t.co/u4ynwAcH1M
I just enabled MTE on my new Pixel 8!! 😁🔥
Check out Mark's blog on how to enable MTE on the Pixel 8 and Pixel 8 Pro: https://t.co/dVoguAns9g
"@Google's Titan chip measures a machine's boot firmware before it runs, so that Titan can determine whether the boot firmware satisfies the machine credential's boot policy"
https://t.co/rgoCi8oChx
I spoke at @MSFTBlueHat last week.
➡️https://t.co/o2sBiMLxHi
I will follow up with a link to the recording when it is posted.
Some highlights from my talk below👇👇👇
Our next whitepaper is out https://t.co/LteiJntTsX - if you were wondering how Titan secure elements are used in the production fleet. #gsecurity
Stay tuned for more whitepapers 😉
🔖 Pitfalls of relying on eBPF for security monitoring (and some solutions)
eBPF was never intended for security monitoring. It is first and foremost a networking and debugging tool. From @trailofbits
https://t.co/bfJinhRBKH
Long blog post about Cloudflare’s new “encrypted client hello” protocol for TLS. https://t.co/Havkd0yDRE
A few years old but still very interesting works by @Riscure for learning fault injection and secure boot bypass techniques:
https://t.co/KuwhTlCTza
https://t.co/7Sv4W8Tq7J
https://t.co/zsKnAbVJxB
#cybersecurity #hardware
@royalhansen Kunsthistorisches museum is amazing!
Encrypted Client Hello (ECH) is a new proposed standard that improves encryption and metadata protection for connections online that use TLS for security. After years of testing and refinement, it's finally happening.
Chrome has been testing ECH for months, and is now enabling it by default in Chrome 117: https://t.co/3SjphgRMy1. Firefox is not far behind: https://t.co/nokyGO9ojO. Cloudflare just launched support for ECH for all customers: https://t.co/dnVIySOAO2.
These changes amount to the removal of the hostname from cleartext for huge chunk of Internet communication. Considering how long the hostname has been in cleartext and how many products were built around that assumption, it's going to be an interesting rollout.
In the spirit of "this talk could've been a tweet", I just pushed a button:
#BinDiff is now open source.
- Snapshot release, no major new functionality
- Release binaries later today or tomorrow
- This is my 20% and I won't we able to act on PRs until end of Q4 (OOO traveling)
"We’re working towards a future of personalized vulnerability detection with little manual effort from developers. With the addition of LLM generated fuzz targets, OSS-Fuzz can help improve open source security for everyone."
https://t.co/ljoIeWcxvW
But the overall risk for Europe 🇪🇺 is that its prosperity and influence will continue to decline given how important technology is to economic vitality and competitiveness (21/25)
Last Seen Users on Sotwe
Mfana Wezmanga
Seen from South Africa
swting
Seen from United Arab Emirates
جـگـجـوگ ٭❷
Seen from Jordan
ABANG JAGO
Seen from United States
Jake Andrich / Jakipz™
Seen from France
Prego Girls
Balls Popped Sub 🎈
Seen from United Kingdom
istri nakal
Seen from Indonesia
itiraf et Türkiye
Seen from Turkey
EstotoOfficial
Seen from Singapore
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers