Volt4ire

@volt4ire
1.9K Followers
1.3K Following
9.6K Posts

gaymer. infosec. FOSS. co-host of @OffTheHook. Columbia University '18.
EN/ES/IT/עברית

#infosec #privacy #FOSS #KDE #freesoftware #p2p #GNU #Linux #gaymer #LGBT #queer #NYC #NewYork #Manhattan #socialism #socialist #urbanism #trains

Twitterhttps://twitter.com/volt4ire
LocationBerlin & NYC
Homepagehttps://volt4ire.com
Volt4ire1d ago
Adam Shostack  2d ago

Really, really impressed with MSRC:

Hello Adam,

My name is Nic Fillingham and I work for the Microsoft Security Response Center (MSRC) based in Redmond, WA. I help manage Coordinated Vulnerability Disclosure (also known as Responsible Disclosure) for vulnerabilities discovered in Microsoft products, services, and technologies.

Congratulations on having your talk “Threat Modeling LLMs: The PHANTOM-B model” selected for presentation at Black Hat USA 2026.

I’m reaching out to Black Hat USA 2026 presenters to ask whether their talk will disclose or discuss any MSRC cases or submissions.

Could you please reply and let me know if your talk will include any MSRC cases or submissions? If so, can you please provide the MSRC submission VULN-ID(s), case number(s) or CVEs numbers you plan to disclose or discuss.

Please let me know if you have any questions.

Thank you,

Nic

Given the volume of talks, I’m utilizing automation to send these emails. My apologies if you receive this email in error or more than once.

Volt4ire1d ago
1977 San Francisco Pride
Volt4ire5d ago
"The article takes the word of Talos’ developers as gospel [but] Wayland implements all the APIs needed for Talos to work, but Talos’ developers are simply not interested in using them... KDE developers and others have tried to contact Talos’ developers, but their offers to help are being ignored"
https://www.osnews.com/story/145162/accessibility-input-tool-removes-x11-support-doesnt-want-to-support-wayland-users-caught-in-the-middle/
Accessibility input tool removes X11 support, doesn’t want to support Wayland; users caught in the middle – OSnews

Volt4ire5d ago
Catalin Cimpanu6d ago

Cybersecurity agencies from eight EU countries have launched a shared Security Operations Center (named ENSOC)

https://www.linkedin.com/feed/update/urn:li:activity:7447569089092276224/

https://www.ensoc.eu/index.html#about

#ensoc #cybersecurity #socs #digitalecosystem #digitaleurope #innovation #collaboration #efficiency #cybersecuritynetwork #eccc | ENSOC

🌐 The official ENSOC website is now live 🔗 To see all future longform materials, ongoing progress, and news about our project, make sure to visit the official ENSOC website through the following link: ensoc.eu 👀 Stay tuned for more updates in the future and follow us on LinkedIn! #ENSOC #CyberSecurity #SOCs #digitalecosystem #DigitalEurope #innovation #collaboration #efficiency #CybersecurityNetwork #ECCC

LinkedIn
Volt4ire5d ago
Show threadFelicitas Pojtinger 🌅6d ago

@bert_hubert Yeah, stuff like these massive Markdown files (SPEC.md, stuff like that) really don't inspire confidence: https://github.com/RsyncProject/rsync/commit/edf298ace5fec7b2f366b71a2d20b1f6c94ccf0c

Keeping such a doc in sync with what e.g. the test suite actually does is essentially impossible w/o using LLMs, one of those things you only come up with when you heavily rely on them

testsuite: add COVERAGE.md matrix and -u/--force coverage · RsyncProject/rsync@edf298a

COVERAGE.md is the living checklist mapping every CLI option (~142) and daemon parameter (~54) to its test(s), with depth / cross-dir status and remaining gaps, so the path-resolution restructure c...

GitHub
Volt4ireMay 28
Tim Bray 🇨🇦May 27

I signed this petition and if you’re a Wikipedia editor you probably should too: https://en.wikipedia.org/wiki/Wikipedia:Wiki_Workers_United_solidarity

#wikipedia

Wikipedia:Wiki Workers United solidarity - Wikipedia

Volt4ireMay 27
Will DormannMay 27

In today's episode of "CVE is a disaster":

Anthropic has published a cordinated vulnerability disclosure dashboard for their findings.

Vulnerabilities disclosed: 1596
Vulnerabilities patched: 97
Assigned a CVE or a GHSA: 88
...
CVE COUNT for 1596 disclosed vulnerabilities: 14

If something has an adoption rate of less than 1%, what do you call it?

Edit: Apparently Anthropic doesn't know what the word "disclosed" means. In their article about Coordinated Vulnerability Disclosure, Anthropic uses "disclosed" to mean "reported" (to the maintainer). In which case we'd have a 14% success rate for CVE.

Volt4ireMay 27
European News 🇪🇺May 27

Hungary Reverses Decision to Exit International Criminal Court

Hungary withdrew its decision to exit the International Criminal Court, reversing a process initiated by the country’s previous leader, Viktor Orban.

https://www.bloomberg.com/news/articles/2026-05-27/hungary-reverses-decision-to-exit-international-criminal-court

Volt4ireMay 26
Dr. D. Elisabeth GlasscoMay 25
The first Memorial Day didn’t begin with Confederate widows or small ceremonies in the white South. It began in Charleston in 1865, when 10,000 newly freed Black Americans gathered to bury Union dead abandoned in a mass grave at a former Confederate prison camp. What happened there was more than mourning. It was a declaration about freedom, memory, and who would define the meaning of the Civil War.
1/13
Image: Frances Benjamin Johnston, Saluting the Flag at the Whittier Primary School, ca 1899.
Show threadVolt4ireMay 23
I liked the Chicago planet and Jeremy Allan Hutt but they were massively overshadowed by tv-quality effects and a disjointed script