Additionally, the CBP spokesperson[1] defended the action, and despite reporters asking questions, the administration has done nothing to walk back the action or apologize. All signs point to the administration being very okay with stuff like this happening.

[1]: This might not be widely known, but one of the first actions that happens on inauguration day is the replacement of US government agency spokespersons with new political appointees. One of the powers of the executive branch is the bully pulpit and smart administrations seek to use it from day one.

> In 1964 Sherman Kent, a cia analyst, coined the phrase “words of estimative probability”.

So that must have been even before Carter

According to the article there are two measures:

- a probabilistic measurement and associated language, which speaks to the assessed likelihood of an event occurring

- a confidence measurement and associated language, which speaks to the assessed quality of the source(s) of the intelligence

I gotta wonder, how many people did the reporters have to contact before finding the perfect subject to put a human angle on this part of the story. Kudos to them for doing the legwork

If I am networking at a conference, I frequently exchange contact info by entering info into each others' contact app or sending each other a text. I'm sure I'm not the only one to do this.

It's one thing to tell two users that both parties are using Signal and in each other's contact list (contact discovery). It's another thing to encourage users to broadcast messages to all of them (via Stories, and the default share setting is all contacts)

In summary, while I'm neutral on the Stories feature, I think the implementation/rollout has been clumsy.

So Patagonia is 50 years old and did an estimated $1.5 billion in revenues in 2022 (according to Wikipedia). From the article, it seems like Yvon, his wife, and his two children held both ownership and control. It might even have been 100% within the family, given that NYT explicitly writes that, "the family irrevocably transferred all the company’s voting stock, equivalent to 2 percent of the overall shares" and "The Chouinards then donated the other 98 percent of Patagonia"

I wonder how much of the company's profits over the years were reinvested back into the company and how much went to Yvon and the other Chouinards. Seems like most or all of his wealth derives from Patagonia and he lives modestly but comfortably.

EDIT: Even at a 1% profit margin, at $1.5 billion, that's still $15 million.

I think the takeaway from both of these stories is that Meta employees are easily bribed and perhaps some more internal controls are needed to prevent abuse of these platform features.

> In addition, NIST has engaged with third parties that own various patents directed to cryptography, and NIST acknowledges cooperation of ISARA, Philippe Gaborit, Carlos Aguilar Melchor, the laboratory XLIM, the French National Center for Scientific Research (CNRS), the University of Limoges, and Dr. Jintai Ding. NIST and these third parties are finalizing agreements such that the patents owned by the third parties will not be asserted against implementers (or end-users) of a standard for the selected cryptographic algorithm

and

> NIST expects to execute the various agreements prior to publishing the standard. If the agreements are not executed by the end of 2022, NIST may consider selecting NTRU instead of KYBER. NTRU was proposed in 1996, and U.S. patents were dedicated to the public in 2007.

I believe that the researchers have found a way to remove PAC as a barrier to exploitation by disclosing PAC verification results via speculative execution. This is only useful to attackers going after a target that uses PAC, and those attackers will need to have another vulnerability that enables them to hijack control-flow through modifying pointers to code that are located in memory.

The attackers can use this new Pacman vulnerability as a crash-free oracle that says whether their forged pointer worked, and once they find a working one, they can use that to hijack control flow.

PAC (or Pointer Authentication) is a security feature found in recent iPhones, the Apple Silicon Macs, and the Graviton3. It is intended as a defense against control-flow hijacks. It works by signing pointers found in memory with one of five keys that are known only to the processor. Before the pointer is used, the processor should be instructed to "authenticate" the pointer by checking the pointer's signature using its private keys. To prevent simple reuse of one authenticated pointer used in one place to a pointer used in another place in the program, code can provide a "context" value to be used during the authentication.

A great resource for learning about PAC and its usage in the Apple platforms is at [1] (it links to other resources) and if you want to play with a PAC enabled binary, check out [2]

[1]: https://googleprojectzero.blogspot.com/2019/02/examining-poi...

[2]: https://blog.ret2.io/2021/06/16/intro-to-pac-arm64/

EDIT: The attack works by:

1) Place your guess such that it is used as the pointer input to an authentication instruction

2) Causing a branch misprediction. On the not-taken side of the branch, code needs to perform a pointer authentication and usage of the pointer. On the taken side of the branch, code should not crash.

3) CPU speculatively executes down the not-taken side of the branch (misprediction) and speculatively executes the authentication instruction.

4) If your guess is correct, the authentication instruction will return a valid pointer. If your guess is incorrect, the authentication instruction returns a pointer that, if dereferenced, will cause an exception.

5) CPU speculatively executes a load (in the case of a data pointer) or an instruction fetch (in the case of a code pointer) on the pointer value.

6) If the pointer is valid, the address translation for that pointer will appear in the TLB. If the pointer is not valid, it will not (because of the exception).

7) All of the effects from this mispredicted branch get squashed when the CPU realizes that the branch is not taken. No exception is actually thrown!

8) Measure the TLB entries to determine whether the speculative address translation made it in. If it is present, you know that the guess is correct.

9) Repeat, up to 2^16 times.