Unlocking the Bootloader: A Critical Step for Effective DMA Enforcement Smartphones have become an indispensable part of our lives. Apple, a company known for its tight integration of hardware and software, has created a monopoly on the software that runs on its devices. This limits consumer choice and control, and Apple claims the DMA (Digital Markets Act) puts users at risk. They are further entrenching their control by limiting consumer choice.…

We live in a rapidly evolving world. Technology and science intersect with every aspect of our lives, leading to extremely personalized AI assistants to become interwoven in most of what we do (as the internet has). Shifting balances between returns to violence, the ability to tax individuals, and the rise of decentralized cryptocurrencies are about to change the geopolitical scene. Bitcoin, the first thermodynamic currency, is both a battery for energy as well as the best intersubjective clock we currently have.…

In the age of hyper-personalized software, code becomes ubiquitous and everyone gets to create interfaces tailored to their preferences. This personalization extends beyond interfaces, encompassing AI-assisted automation for tasks such as organizing files, handling incoming messages, scheduling meetings, processing information, consuming news, and coordinating gatherings. As the future unfolds, software will become responsible for much of this automation, eliminating the need for humans to manually sort files into folders or transfer data between spreadsheets.…

The privacy of end users and the amount of data their phones leak to unknown numbers of third parties is at its highest point. Accepting or rejecting cookies really doesn’t matter: the headers browsers send on every request to any website, and the AS from which you are communicating are likely to be enough to uniquely identify who you are. With Javascript available, there is no chance: the mere combination of width and height your screen display has, your language preferences, and which fonts are installed on your phone are more than likely to provide the 33 bits of entropy required to uniquely identify you as a human being.…

Hidden in plain sight, the importance of full text search is extremely relevant to our day-to-day lives in the information age. We rely on search engines, both web and in-app, to navigate through haystacks of information, and we don’t necessarily have first-hand access to that data. The Search Prompt The web search engine that we use everyday is super critical and relevant for our information consumption. Giants like Google and Amazon understand this really well.…

“Make social networks more humane” I’m motivated by this goal of making social networks more humane. I usually try to explain it from three angles: Rebalance power to the humans, not towards platforms Platforms should never have the power to de-platform users, and users should be able to modify and personalize the software they use to access the platform. This will only be achievable through malleable systems, a modern reincarnation of the Free Software movement: software should be easy to use, easy to change, and easy to share with others.…

What information do we need on our phones to enable the communication systems and social exchange of data and resources viable? Most of the world runs on SAP and Excel. SMS and Whatsapp are also critical in business Emails! Catalogs of information Video calls and in-real meetings Calendars and rolodexes embedded on our phones Trellos and boards for multimedia management Papers, science publications What kinds of mechanisms have been lost from the early days of BBS?…

It’s been well known for a while that fingerprinting is an extremely useful mechanism for personally identifying users using javascript techniques. The most recent variations of “cookies” from Google have been “privacy sandbox” and “Federated learning of cohorts”. But little has been discussed about the use of server-side fingerprinting. I browse the web without javascript. I use uBlock Origin’s advanced feature to turn off not just ads, but also images or media larger that 50kb, and fonts.…

In computer trust, there are a few “roots of all evils” or “seed of the poisonous tree”. For some, that’s Djikstra’s “early optimization”, but for most (defensive) security researchers it’s that annoying reminder in your head that, unless you’re the daughter or son of Magnetto and an AI, you won’t know what code is the CPU running. Because your TODO list to be certain of the code that’s running is exhausting:…

There is a lot of cruft and unnecessary abstraction in the code and programs that we use every day. Most of the data that is shown to a user is irrelevant; a fraction of the information stored in RAM is actually “readable as usable” for the person in front of the screen. That’s probably OK; to take an example from real life, we don’t need to understand how DNA works in order to grow or live our daily lives.…