Someone wrote a viral article claiming that Claude installs Spyware on your computer. The technical observation is real, but the threat is not. I took a closer look, and I would argue that the real issue with the Claude extension is somewhere else entirely, and I've seen little discussion on it: Matt Hand at Origin found that the extension actually allows almost *any* software on your machine to control your browser.

I wrote it up as an example for how threat modeling can be helpful in evaluating sensationalist claims about security issues, including where Anthropic themselves fall into the same trap.

https://blog.maass.xyz/what-s-your-threat-model

#Anthropic #Claude #ThreatModeling #Spyware

I've had several people ask me why we use C instead of Rust or other languages at wolfSSL. One of my colleagues wrote an explanation:

https://www.wolfssl.com/why-c-remains-the-gold-standard-for-cryptographic-software/

We are aware of recent reports regarding targeted phishing attacks that have resulted in account takeovers of some Signal users, including government officials and journalists. We take this very seriously.

To be clear: Signal’s encryption and infrastructure have not been compromised and remain robust. These attacks were executed via sophisticated phishing campaigns, designed to trick users into sharing information – SMS codes and/or Signal PIN – to gain access to users’ accounts.

Mehr Hitzetote und Tropenkrankheiten – oder einfach nur Heuschnupfen? Wie die ARD die Ergebnisse einer alarmierenden Studie zur Erderhitzung verharmlost.

https://brandmelder.org/todliche-gefahr-oder-nur-ein-bisschen-schnupfen-wie-die-ard-die-lancet-gesundheitsstudie-kleinredet/