- [2025-12-12]LED-it-GO (2017)
- [2025-12-12]Mind The Gap: Can Air-Gaps Keep Your Private Data Secure? (2024)
- [2025-12-12]Random Mosaic – Detecting unauthorized physical access with beans, lentils and colored rice (2021)
- [2025-12-06]Intellexa Leakshttps://securitylab.amnesty.org/latest/2025/12/intellexa-leaks-predator-spyware-operations-exposed/[a][a]
"Intellexa’s Predator relies, almost exclusively, on so-called “1-click” attacks to infect a device, which require a malicious link to be opened in the target’s phone. The malicious link then loads a browser exploit for Chrome (on Android) or Safari (on iOS) to gain initial access to the device and download the full spyware payload. Company marketing material (see Figure 1) shows the extensive data available once the spyware is installed, including ability to access encrypted instant messaging apps like Signal and WhatsApp, audio recordings, emails, device locations, screenshots and camera photos, stored passwords, contacts and call logs, and also to activate the device’s microphone."
"Intellexa has developed a new strategic infection vector, ‘Aladdin’, which could enable silent zero-click infection of target devices anywhere in the world." ... "The Aladdin system infects the target’s phone by forcing a malicious advertisement created by the attacker to be shown on the target’s phone. This malicious ad could be served on any website which displays ads, such as a trusted news website or mobile app, and would appear like any other ad that the target is likely to see. Internal company materials explain that simply viewing the advertisement is enough to trigger the infection on the target’s device, without any need to click on the advertisement itself."
- [2025-11-14]Bad opsec
"The best way to learn about opsec is to learn how people fail." - [2025-11-14]Maybenot: A Framework for Traffic Analysis Defenses
Mullvad has implemented their traffic analysis defense, called "DAITA", into their VPN service. DAITA is built on Maybenot. https://mullvad.net/en/blog/introducing-defense-against-ai-guided-traffic-analysis-daita - [2025-11-14]Samourai Wallet Developer Sentenced to 5 Years in Prisonhttps://www.coindesk.com/policy/2025/11/06/samourai-wallet-developer-sentenced-to-5-years-in-prison-for-unlicensed-money-transmitting[a]
5-year imprisonment for a free and open-source developer. - [2025-10-25]The sins of 90s
- [2025-10-25]NSA and IETF
- [2025-08-20]0x0.st - Temporary file hosting
- [2025-08-09]Selected Papers in Anonymity
- [2025-07-26]Gigabyte motherboards vulnerable to UEFI malware bypassing Secure Boothttps://www.bleepingcomputer.com/news/security/gigabyte-motherboards-vulnerable-to-uefi-malware-bypassing-secure-boot/[a][a]
"By our count, there are a little more than 240 motherboard models impacted"
"Products from other enterprise device vendors are also impacted"
"[...]many of the affected devices have reached end-of-life status, meaning they will likely remain vulnerable indefinitely." - [2025-07-25]Communication in a world of pervasive surveillance: Sources and methods: Counter-strategies against pervasive surveillance architecture [Jacob R. Appelbaum] - 2022
Appelbaum's thesis represents over a decade of insider research, journalistic exposure, and technical analysis into global surveillance. This work directly aligns with Libroot's objectives to expose, resist, and dismantle oppressive digital infrastructures, while also emphasizing the importance of spreading knowledge, fostering public understanding, and developing concrete tools for action. Rightfully earns the first link index.
https://arxiv.org/abs/1702.06715