Mastodawn

[en] Signal #messenger: "two practical attacks that break the integrity properties of #Signal in its advertised #threat model" - Patched

Paper #ETHZ

"... protocol for resolving identities based on usernames and on phone numbers introduced a #vulnerability that allows a malicious server to inject arbitrary messages into one-to-one conversations under specific circumstances"

"The second #attack is even more severe. It arises from Signal's Sealed Sender (SSS) feature, designed to allow sender identities to be hidden ... a combination of two errors in the #SSS implementation in #Android allows a #malicious server to #inject arbitrary messages into both one-to-one and group conversations."

https://eprint.iacr.org/2026/484

#security #cryptology #encryption #e2e #chat #messaging
#ResearchHighlights

Signal Lost (Integrity): The Signal App is More than the Sum of its Protocols

Signal is a secure messaging app offering end-to-end security for pairwise and group communications. It has tens of millions of users, and has heavily influenced the design of other secure messaging apps (including WhatsApp). Signal has been heavily analysed and, as a result, is rightly regarded as setting the "gold standard" for messaging apps by the scientific community. We present two practical attacks that break the integrity properties of Signal in its advertised threat model. Each attack arises from different features of Signal that are poorly documented and have eluded formal security analyses. The first attack, affecting Android and Desktop, arises from Signal's introduction of identities based on usernames (instead of phone numbers) in early 2022. We show that the protocol for resolving identities based on usernames and on phone numbers introduced a vulnerability that allows a malicious server to inject arbitrary messages into one-to-one conversations under specific circumstances. The injection causes a user-visible alert about a change of safety numbers, but if the users compare their safety numbers, they will be correct. The second attack is even more severe. It arises from Signal's Sealed Sender (SSS) feature, designed to allow sender identities to be hidden. We show that a combination of two errors in the SSS implementation in Android allows a malicious server to inject arbitrary messages into both one-to-one and group conversations. The errors relate to missing key checks and the loss of context when cryptographic processing is distributed across multiple software components. The attack is undetectable by users and can be mounted at any time, without any preconditions. As far as we can tell, the vulnerability has been present since the introduction of SSS in 2018. We disclosed both attacks to Signal. The vulnerabilities were promptly acknowledged and patched: the first vulnerability was fixed two days after disclosure, while the second one was patched after eight days. Beyond presenting these devastating attacks on Signal's end-to-end security guarantees, we discuss more broadly what can be learned about the challenges of deploying new security features in complex software projects.

IACR Cryptology ePrint Archive

Research Network Digi-Oek.ch Nov 22

[en] Disinformation research: politically driven collapse in communication

Following the 2024 U.S. election academic communication about #disinformation research collapsed.

"In recent years, #academic #research has become a target of political #hostility."

"... #political pressure from the U.S. #government has produced a measurable #chilling effect on academic institutions working on disinformation-related studies, visible in their public posting activity."

https://elephantinthelab.org/the-global-decline-of-research-communications-in-the-disinformation-field/

#politicalpressure #chillingeffect #politicalhostility
#ResearchHighlights

The Global Decline of Research Communications in the Disinformation Field – Elephant in the Lab

In this study, Ben Shultz uncovers a sharp, politically driven collapse in academic communication about disinformation research following the 2024 U.S. election.

Elephant in the Lab

Research Network Digi-Oek.ch Nov 22

[en] How small could optical computers get?

"... #research ... addresses one of the key challenges to #engineering computers that run on #light instead of #electricity: making those devices small enough to be practical. Just as algorithms on digital computers require time and memory to run, light-based systems also require resources to operate ..."

"... researchers found inspiration in a deep-learning technique called 'neural pruning' ..."

"... an optical #computing system performing the same task could be 1% to 10% the size of its conventional counterpart. ... a free-space #optical setup could, in principle, perform computations ... in a device roughly 1 [cm] thick."

https://news.cornell.edu/stories/2025/11/researchers-reveal-how-small-optical-computers-could-get

#opticalcomputer #lightbasedsystem #deeplearning #neuralpruning
#ResearchHighlights

Researchers reveal how small optical computers could get | Cornell Chronicle

By studying the theoretical limits of how light can be used to perform computation, Cornell researchers have uncovered new insights and strategies for designing energy-efficient optical computing systems.

Cornell Chronicle

Research Network Digi-Oek.ch Nov 22

[fr] Comment la #science prépare-t-elle l’#avenir ?

"Imaginer et préparer le #futur afin d’orienter la #recherche et les politiques publiques, tel est le but de la #prospective. Un exercice périlleux, soulignent les #scientifiques. Ingrédients requis : le dialogue entre les disciplines et des modèles robustes répondant aux multiples #incertitude|s."

"Souvent menées sur des temps longs, ces recherches sont en général peu compatibles avec la prise de #décision rapide. Le fait de se libérer des contraintes liées au court terme peut néanmoins présenter un réel avantage."

https://lejournal.cnrs.fr/articles/comment-la-science-prepare-t-elle-lavenir

#politiquepublique #climat #changementclimatique #giec #transdisciplinaire
#ResearchHighlights

Comment la science prépare-t-elle l’avenir ?

Imaginer et préparer le futur afin d’orienter la recherche et les politiques publiques, tel est le but de la prospective. Un exercice périlleux, soulignent les scientifiques. Ingrédients requis : le dialogue entre les disciplines et des modèles robustes répondant aux multiples incertitudes.

CNRS Le journal

Research Network Digi-Oek.ch Sep 13, 2025

[en] Tackle storage demands of anonymous cryptocurrencies

"This work tackles the ever-growing #storage demands of #anonymous cryptocurrencies. It introduces a new scheme that randomly partitions the fresh outputs of transactions into fixed-size bins. Subsequent transactions reference these outputs when they transfer the tokens further."

"The basic idea is that once a bin has been referenced as many times as its size, it can safely be pruned from the ledger. This preserves both #privacy and #security, but reduces the data that needs to be stored on the #distributed #ledger."

https://cryptobern.github.io/toxic_decoys/

#cryptocurrency #toxicdecoy #transparentledger #bitcoin #ethereum #monero #zcash #cryptobern #unibe #unibern #universitybern #research #study #ResearchHighlights

Toxic Decoys: A Path to Scaling Privacy-Preserving Cryptocurrencies

Public blockchains such as Bitcoin and Ethereum are often referred to as transparent ledgers: every transaction is visible on-chain, and addresses can be linked through transaction graph analysis.

GreenDeal-NET Aug 29, 2025

⚡What’s new in climate governance research?

Read our 6th edition of the #ResearchHighlights: a curated overview of policy-relevant academic insights on how the EU is governing its transition to climate neutrality & sustainability

Full edition 👉 https://www.greendealnet.eu/Biannual-Research-Highlights-6

Key takeaways 👇

Research Network Digi-Oek.ch Jul 1, 2025

[en] MIT study: Negative Neural and Behavioral Consequences of LLM-Assisted Essay Writing

"Over four months, #LLM users consistently underperformed at #neural, #linguistic, and #behavioral levels."

"These results raise concerns about the long-term #educational implications of LLM reliance and underscore the need for deeper inquiry into #AI's role in learning."

https://arxiv.org/abs/2506.08872

#artificialintelligence #llmassisted #humanintelligence #gpt #chatgpt #mit
#ResearchHighlights

Your Brain on ChatGPT: Accumulation of Cognitive Debt when Using an AI Assistant for Essay Writing Task

This study explores the neural and behavioral consequences of LLM-assisted essay writing. Participants were divided into three groups: LLM, Search Engine, and Brain-only (no tools). Each completed three sessions under the same condition. In a fourth session, LLM users were reassigned to Brain-only group (LLM-to-Brain), and Brain-only users were reassigned to LLM condition (Brain-to-LLM). A total of 54 participants took part in Sessions 1-3, with 18 completing session 4. We used electroencephalography (EEG) to assess cognitive load during essay writing, and analyzed essays using NLP, as well as scoring essays with the help from human teachers and an AI judge. Across groups, NERs, n-gram patterns, and topic ontology showed within-group homogeneity. EEG revealed significant differences in brain connectivity: Brain-only participants exhibited the strongest, most distributed networks; Search Engine users showed moderate engagement; and LLM users displayed the weakest connectivity. Cognitive activity scaled down in relation to external tool use. In session 4, LLM-to-Brain participants showed reduced alpha and beta connectivity, indicating under-engagement. Brain-to-LLM users exhibited higher memory recall and activation of occipito-parietal and prefrontal areas, similar to Search Engine users. Self-reported ownership of essays was the lowest in the LLM group and the highest in the Brain-only group. LLM users also struggled to accurately quote their own work. While LLMs offer immediate convenience, our findings highlight potential cognitive costs. Over four months, LLM users consistently underperformed at neural, linguistic, and behavioral levels. These results raise concerns about the long-term educational implications of LLM reliance and underscore the need for deeper inquiry into AI's role in learning.

arXiv.org

Research Network Digi-Oek.ch May 10, 2025

[en] Social media use with mental health conditions

"Our study doesn’t establish a causal link, but ... show that #young people with mental health conditions use social media differently than ... without a condition."

"This could be because mental health conditions shape the way adolescents interact with online platforms, or perhaps social media use contributes to their symptoms."

"Social media platforms assign a concrete number to friendships, making social comparisons more conspicuous. ... may increase existing feelings of rejection ..."

"Some of the differences in how young people with #anxiety and #depression use social media reflect what we already know about their offline experiences."

https://www.oii.ox.ac.uk/news-events/adolescents-with-mental-health-conditions-use-social-media-differently-than-their-peers-study-suggests/

#mentalhealth #youth #socialmedia #oxford
#ResearchHighlights

OII | Adolescents with mental health conditions use social media differently than their peers, study suggests

One of the first studies in this area to use clinical-level diagnoses reveals a range of differences between young people with and without mental health conditions when it comes to social media – from changes in mood to time spent on sites.

Research Network Digi-Oek.ch May 10, 2025

[en] Children's screen time: when is it problematic?

"For those who don’t [have skills to regulate their own use of #technology] ... #problematic #internet use is almost universally a #symptom of an underlying #mental health condition or #neurodivergence, typically #depression, social #anxiety, #autism, or #ADHD ..."

"We see the better analogy as #binge-eating #disorder, which is the most prevalent eating disorder."

https://news.harvard.edu/gazette/story/2025/05/how-young-is-too-young-no-such-thing-apparently/

#internetuse #mentalhealth #child #children #screentime #bingeeating #harvard
#ResearchHighlights

How young is too young? No such thing, apparently.

Specialist outlines impact of screen time on developing brains, from toddlerhood to teen years

Harvard Gazette

Research Network Digi-Oek.ch May 10, 2025

[en] Misconception: strength of an #egg when dropped

Funny or not:

No, an egg is NOT strongest when dropped vertically.

"A horizontal egg, being more compliant, bends and absorbs energy over a greater distance — similar to how bending your knees during a fall softens the blow."

https://news.mit.edu/2025/mit-engineering-students-crack-egg-dilemma-sideways-stronger-0508

#misconception #funny #mit #engineering #research #mechanicalengineering
#ResearchHighlights

MIT engineering students crack egg dilemma, finding sideways is stronger

MIT engineering students overturned a longstanding belief and tenet of egg-drop classroom experiments around the world when they found eggs are stronger on their sides.

MIT News | Massachusetts Institute of Technology