Hacker News: Harvesterify

Landscape of Quantum Computing in 2026

Harvesterify — Tue, 21 Apr 2026 12:13:18 +0000

Article URL: https://sam-jaques.appspot.com/quantum_landscape

Comments URL: https://news.ycombinator.com/item?id=47847691

Points: 2

# Comments: 0

The EU is suffering a hacking crisis. Here's what we know

Harvesterify — Fri, 03 Apr 2026 11:33:18 +0000

Article URL: https://www.politico.eu/article/eu-cyberattacks-hacking-security-crisis/

Comments URL: https://news.ycombinator.com/item?id=47625480

Points: 6

# Comments: 0

Cert-EU: European Commission hack exposes data of 30 EU entities

Harvesterify — Fri, 03 Apr 2026 11:32:35 +0000

Article URL: https://www.bleepingcomputer.com/news/security/cert-eu-european-commission-hack-exposes-data-of-30-eu-entities/

Comments URL: https://news.ycombinator.com/item?id=47625475

Points: 3

# Comments: 0

Vulnerabilities found in satellite receiver IDC SFX2100

Harvesterify — Fri, 13 Mar 2026 15:28:28 +0000

Article URL: https://www.abdulmhsblog.com/posts/sfx2100-vulns/

Comments URL: https://news.ycombinator.com/item?id=47365774

Points: 2

# Comments: 0

ZeroDayClock: Statistics on CVEs Exploitation

Harvesterify — Sun, 08 Mar 2026 20:05:40 +0000

Article URL: https://zerodayclock.com/

Comments URL: https://news.ycombinator.com/item?id=47300834

Points: 2

# Comments: 1

New comment by Harvesterify in "IBM Plunges After Anthropic's Latest Update Takes on COBOL"

Harvesterify — Tue, 24 Feb 2026 02:08:25 +0000

Did you read the last sentence ?

Galileo Navigation Message Authentication looking forward

Harvesterify — Wed, 21 Jan 2026 23:02:41 +0000

Article URL: https://insidegnss.com/galileo-osnma-looking-forward/

Comments URL: https://news.ycombinator.com/item?id=46712904

Points: 2

# Comments: 0

Ariane 6 launches Galileo navigation satellites

Harvesterify — Thu, 18 Dec 2025 08:10:11 +0000

Article URL: https://spacenews.com/ariane-6-launches-galileo-navigation-satellites/

Comments URL: https://news.ycombinator.com/item?id=46310085

Points: 5

# Comments: 0

New comment by Harvesterify in "Linux Capabilities Revisited"

Harvesterify — Thu, 23 Oct 2025 07:52:50 +0000

That's totally true, you actually have examples of unsafe capabilities delegation in the other article mentioned in the References: https://juggernaut-sec.com/capabilities/

New comment by Harvesterify in "Dns0.eu private DNS service shuts down over sustainability issues"

Harvesterify — Wed, 22 Oct 2025 13:56:32 +0000

DNS0 was launched at a time when no other EU public DNS resolver was available. Today, you have DNS4EU that is actively funded and pushed throughout the EU administration (and critical infrastructures), so I believe that the DNS0/NextDNS founders saw that there was very little differenciating factors to their proposal, and decided to shut it down.

Had they "captured" a larger marketshare in the EU while they were ahead, situation might have been different today, but in my opinion it never happened.

New comment by Harvesterify in "Dns0.eu private DNS service shuts down over sustainability issues"

Harvesterify — Wed, 22 Oct 2025 13:53:00 +0000

Which public funds ? DNS0.eu was a private initiative, from the NextDNS founders. DNS4EU is a public initiative, as mentioned in the news, and this one is still supported and actively developed.

Linux Capabilities Revisited

Harvesterify — Wed, 22 Oct 2025 13:50:20 +0000

Article URL: https://dfir.ch/posts/linux_capabilities/

Comments URL: https://news.ycombinator.com/item?id=45669142

Points: 214

# Comments: 42

New comment by Harvesterify in "Anssi: Technical Position Paper on Confidential Computing"

Harvesterify — Fri, 17 Oct 2025 14:41:37 +0000

Highlight:

"However, Confidential Computing is not secure enough to protect data integrity and confidentiality against a hostile administrator performing targeted, active attacks. Under such a threat model, users must avoid running on shared infrastructure operated by providers they cannot trust, and are rather encouraged to leverage Confidential Computing to increase their security posture on dedicated hardware instead."

Anssi: Technical Position Paper on Confidential Computing

Harvesterify — Fri, 17 Oct 2025 14:38:39 +0000

Article URL: https://cyber.gouv.fr/en/publications/technical-position-paper-confidential-computing

Comments URL: https://news.ycombinator.com/item?id=45617302

Points: 2

# Comments: 1

New comment by Harvesterify in "Battering RAM – Low-cost interposer attacks on confidential computing"

Harvesterify — Mon, 06 Oct 2025 09:58:50 +0000

In their current form, AMD and Intel proposals never fulfilled the Confidential Computing promises, one can hope they will do better in their next iteration of SGX/TDX/SEV, but they were always broken, by design.

New comment by Harvesterify in "Battering RAM – Low-cost interposer attacks on confidential computing"

Harvesterify — Mon, 06 Oct 2025 09:55:01 +0000

Security theater, mostly.

New comment by Harvesterify in "Inflammation now predicts heart disease more strongly than cholesterol"

Harvesterify — Wed, 01 Oct 2025 10:23:32 +0000

Unrelated to the topic, but does anyone know if an equivalent service (à-la-carte blood testing with online booking) is available in Europe, specifically the Netherlands (or France) ?

New Physical Attacks on Intel SGX and AMD SEV-SNP

Harvesterify — Wed, 01 Oct 2025 10:14:16 +0000

Article URL: https://arstechnica.com/security/2025/09/intel-and-amd-trusted-enclaves-the-backbone-of-network-security-fall-to-physical-attacks/

Comments URL: https://news.ycombinator.com/item?id=45436104

Points: 16

# Comments: 0

New comment by Harvesterify in "Rethinking the Linux cloud stack for confidential VMs"

Harvesterify — Sat, 23 Aug 2025 18:25:36 +0000

Exploited in the wild, difficult to say, but there has been numerous vulnerabilities reported on underlying technologies used for confidential computing (Intel SGX, AMD SEV, Intel TDX, for example) and quite a good amount of external research and publications on the topic.

The threat model for these technologies can also sometimes be sketchy (lack of side channel protection for Intel SGX, lack of integrity verification for AMD SEV, for example)

New comment by Harvesterify in "Rethinking the Linux cloud stack for confidential VMs"

Harvesterify — Sat, 23 Aug 2025 18:19:36 +0000

I'd recommend anyone interested in Confidential Computing to read the work from Rodrigo Branco (@BSDaemon) to understand why it's mostly a failure and a PR stunt from cloud providers to give the illusion that the customer stays in control, while at the same time the hardware capabilities CC is built upon are unsecure (and can't be fixed by firmware or microcode update, most of the time).

For example, a direct link to his keynote slides from ESA 3S conference last year (PDF): https://indico.esa.int/event/528/attachments/5988/10212/Keyn...