Dan Goodin

@[email protected]
15.7K Followers
1.2K Following
5.3K Posts
Reporter covering security at Ars Technica. DM me on Signal: DanArs.82.
Site:https://arstechnica.com/author/dan-goodin/
Dan Goodin1d ago

I'm trying to understand a bit more about CVE-2026-33579, the critical vulnerability in OpenClaw. To exploit, an attacker needs low-level paring privilege permissions. How does one acquire such privileges? Can anyone do it? I'm asking because I want to understand what's required for an attacker to exploit.

Feel free to ping me at DanArs.82, or drop an answer here.

Dan Goodin1d ago
Sophie Schmieg1d ago

A very nice explainer why "if you're so worried about quantum computers, why haven't they factored 21 yet?" isn't a very convincing argument. Look at the labels of the graph, and how extremely close the various lines are for factoring 21 and 2048 bit numbers. Polynomial scaling remains polynomial, unfortunately, and by the time you can factor 21 you're almost ready to break RSA.

https://bas.westerbaan.name/notes/2026/04/02/factoring.html

Factoring is not a good benchmark to track Q-day

Homepage of dr. Bas Westerbaan, principal research engineer at Cloudflare, working on making the Internet post-quantum secure

Dan GoodinMar 27
Zack WhittakerMar 26

For my newsletter and blog ~ this week in security ~ I wrote about meaningful steps you can take to ensure your digital security and privacy while traveling through airports. In this post, you'll find resources to understand the risks you face, and what you can do to protect your data.

Please share! https://this.weekinsecurity.com/security-precautions-to-consider-while-traveling-through-airports/

You can also sign up for my free weekly newsletter (via email or RSS). Out Sundays! https://this.weekinsecurity.com

Security precautions to consider while traveling through airports

As border device searches rise, there are practical steps you can take to protect your devices and data from airport searches.

~this week in security~
Dan GoodinMar 26
Lorenzo Franceschi-BicchieraiMar 26

Kaspersky has linked Coruna with Operation Triangulation. This somes a few weeks after we reported that L3Harris Trenchant was the company behind some components of Coruna.

And we also reported that it was possible Coruna was used in Operation Triangulation.

https://securelist.com/coruna-framework-updated-operation-triangulation-exploit/119228/

Coruna: the framework used in Operation Triangulation

Kaspersky GReAT experts look into the Coruna exploit kit targeting iPhones. We discovered that the kernel exploit for CVE-2023-32434 and CVE-2023-38606 is an updated version of the Operation Triangulation exploit.

Kaspersky
Dan GoodinMar 25
Adam Stasiniewicz Mar 25
@dangoodin @cthos It’s a totally valid question. I remember back when the NSA made a big stink about depreciating SHA-1. Not that many years later, public research came out showing the weaknesses in SHA-1. Lots of people back then wondered what the NSA’s internal research came up with that prompted the rapid depreciation.
Dan GoodinMar 25

Google is dramatically shortening its deadline readiness for the arrival of Q Day, the point at which existing quantum computers can break public-key cryptography algorithms that secure decades’ worth of secrets belonging to militaries, banks, governments, and nearly every individual on earth.

https://arstechnica.com/security/2026/03/google-bumps-up-q-day-estimate-to-2029-far-sooner-than-previously-thought/

Google bumps up Q Day deadline to 2029, far sooner than previously thought

Company warns entire industry to move off RSA and EC more quickly.

Ars Technica
Dan GoodinMar 24
I was lucky enough to cover Cindy Cohn's trailblazing work BEFORE she joined @eff . Here's one of several stories I wrote about her when she was still an associate attorney in private practice.
Show threadDan GoodinMar 24

For context, please see:

https://arstechnica.com/security/2026/03/self-propagating-malware-poisons-open-source-software-and-wipes-iran-based-machines/

Self-propagating malware poisons open source software and wipes Iran-based machines

Development houses: It's time to check your networks for infections.

Ars Technica
Dan GoodinMar 24

Wow, TeamPCP is hacking open-source developers faster than we can report on them. The latest (that I'm aware of, anyway) is LiteLLM. They worked with Trivy but didn't bother to change their credentials after Trivy was hacked, despite an ample amount of advice to do so.

Folks, if any of you used LiteLLM, now is the time to change your credentials, in an atomic way. Now, as in immediately.

https://news.ycombinator.com/item?id=47501729

LiteLLM Python package compromised by supply-chain attack | Hacker News

Dan GoodinMar 20
Zack WhittakerMar 20

New, by me: A cyberattack on a vehicle breathalyzer company called Intoxalock has left drivers across the United States stranded and unable to start their cars.

https://techcrunch.com/2026/03/20/cyberattack-on-vehicle-breathalyzer-company-leaves-drivers-stranded-across-the-us/

Cyberattack on vehicle breathalyzer company leaves drivers stranded across the US | TechCrunch

A cyberattack on a U.S. car breathalyzer company has left drivers across the United States reportedly stranded and unable to start their vehicles.

TechCrunch