This is amazing. DHS bought a warehouse in a city called Social Circle, Georgia. When the city council asked DHS how they planned to use the warehouse, DHS refused to answer.

So, the city cut off water and sewer services and put a lock on the water meter, and said that services will remain off “until ICE indicates how water and sewer to the facility will be served without exceeding the limited infrastructure capacity.”

Outstanding. We need more of this! This is how we stop fascism.

Static + dynamic analysis of Signal's APK. The good news first: Signal is genuinely exceptional.

Rust core (libsignal_jni.so), post-quantum hybrid Double Ratchet (Kyber-1024 + X25519), Direct ByteBuffers with immediate zeroing after PIN/username hashing, Intel SGX attestation for SVR — MREnclave verification means even a compromised Signal server can't extract your PIN hash.

But two things stood out:

1. Firebase is always there. Google receives IP + notification timestamps regardless of message content. If you need metadata privacy, Signal still leaks presence data to Google's infrastructure.

2. Certificate revocation endpoints hit http://g.symcd.com in plaintext. An ISP or state-level observer can fingerprint Signal usage from DNS queries and HTTP traffic to those CAs — without touching message content.

Conclusion: strongest crypto engineering in consumer messaging. The attack surface isn't the cryptography. It's the operational dependencies.

Soon the full analysis

#infosec #AndroidSecurity #Signal #privacy #ReverseEngineering #postquantum #mobileforensics

Brilliant Mr. President, the dollar doesn't need to be the default global currency!

"Iran is considering allowing a limited number of oil tankers to pass through the Strait of Hormuz on the condition that the cargo is traded in Chinese yuan"

https://europeanbusinessmagazine.com/business/iran-has-just-fired-the-most-dangerous-shot-of-this-war-and-it-wasnt-a-missile/

This week's comic: The Big Dumb War Cycle

#war #foreignpolicy #uspol #cartoon