Interesting research on a new class of weak RSA keys: keys with lots of zeros. It turns out that these keys are out in the wild.

The badkeys project is an open-source service that checks public keys for known vulnerabilities. While developing this tool, Hanno collected a massive number of real-world keys from public sources, including Certificate Transparency logs, internet-wide TLS and SSH scans, PGP keys, and many others. By searching this dataset for unexpectedly sparse RSA moduli, we uncovered a large number of keys in the wild with the patterns in Figure 1.

Both patterns include several regularly spaced blocks of all zeros interleaved with seemingly random data. Pattern 1 appears in CT logs for certificates issued to several large organizations, including Yahoo and Verizon, and on some devices running NetApp software. Fortunately, these certificates have already expired, but we still shared our findings with these companies. We wanted to learn more about which product could be responsible for generating these keys, but we did not hear back. Pattern 2 appears on SSH hosts running the CompleteFTP software from EnterpriseDT. The underlying vulnerability affects RSA keys generated using versions 10.0.0­12.0.0 (Dec 2016­Mar 2019) and DSA keys generated with v10.0.0­23.0.4 (Dec 2016­Dec 2023).

These vulnerabilities affect a small minority of hosts on the internet, but the more interesting takeaway is that independent cryptographic implementations failed in similar ways. More implementations may include the same bugs, and so it’s worth tailoring cryptanalytic algorithms for this particular type of failure.

The article doesn’t speculate, but I will. This could be a deliberately designed backdoor, of the sort I wrote about back in 2013. I could imagine some government agency figuring out how to break this class of RSA keys, and then convincing different providers to hand them out to users.

New data shows that nearly 60% of Russians are exposed to pollution. For many, economic pressures leave little room to worry about the environment.

⚽ Kick-off time: 12pm local/1pm EDT/6pm BST/3am AET
⚽ Bracketology | Player guide | Golden Boot | Email Tim

After hammering the Scots, Carlo Ancelotti sees no reason to change a winning team. Hajime Moriyasu goes the other way, making four changes to the side that drew 1-1 with Sweden. Two of them are in the back three, where Takehiro Tomiyasu (once of Arsenal) and Shogo Toniguchi come in for Ayumu Seko and Ko Itakura. One is in the pivot, where Kaishu Sano edges out Ao Tanaka. And one is more complicated – Junya Ito comes in at inside-right, displacing Ritsu Doan, who shifts to right wing-back at the expense of Yukinan Sugawara.

Brazil (4-3-3) Alisson; Danilo, Marquinhos, Gabriel, Douglas Santos; Guimaraes, Casemiro, Paqueta; Rayan, Cunha, Vinicius Jr.

Continue reading...

Information not reported through ‘appropriate channels’ and left DUP unable to formally respond, leader says

Former and current members of the Democratic Unionist party (DUP) knew of allegations about the former leader Jeffrey Donaldson but did not share them, the party has said.

Information about Donaldson was not reported through “appropriate channels” and left the party unable to formally respond, the DUP leader, Gavin Robinson, said on Monday.

Continue reading...

Sign up now! Sign up now! Sign up now? Sign up now!

Following the bumper end to the record-breaking group stage in which a whopping 16 Geopolitics World Cup matches were completed over 54 hours, Football Daily has now gone – at the time of writing – nearly 36 hours with just one single GWC match for company and is now experiencing acute withdrawal symptoms; a miserable glimpse into our post-GWC future in which “colleagues”, “families” and “the growing pile of crockery in the sink” will eventually have to be acknowledged and addressed with all the gusto of Steve Bruce at a press conference.

Steve Clarke away

I have this dread
That we will not
Get to

Anything for ten
Years; you have
Done it

At least Steve Clarke walked willingly through the door marked Do One, unlike Marcelo Bielsa, who hasn’t resigned and is waiting for the Uruguayan federation to oust him via the catapult marked Haz Uno” – JJ Zucal.

So, England face the Democratic Republic of Congo in Atlanta on Wednesday. Are the locals going to be confused by not knowing if the Congolese team are Democrats or Republicans?” – George Paterson.

While I appreciate Football Daily’s desire to crowbar puns into everything, I’d like to point out that Christian Fuchs ushered himself through the door marked Do One [in the Steve Clarke style? – FD Ed]. The fans and board were happy with him, so I can’t imagine why he opted to leave the beautiful surroundings of Newport” – Dave Lloyd.

In defence of football, I rebuked a chatbot for stating ‘soccer’ was used widely in the UK from 1883. It then admitted it was the public schools and upper class who used the term. A minority with big mouths. A bit like Infantino or Trump!” – Alex Cameron.

This is an extract from our daily football email … Football Daily. To get the full version, just visit this page and follow the instructions.

Continue reading...

De schrik was afgelopen vrijdag groot toen een jong kind in Hoogvliet naar beneden viel van de zevende verdieping. Het is niet het enige slachtoffertje: op meerdere plekken in de regio zijn de afgelopen tijd zulke ongelukken gebeurd. Hoe kan dat en hoe voorkom je gevaarlijke situaties?

De schrik was afgelopen vrijdag groot toen een jong kind in Hoogvliet naar beneden viel van de zevende verdieping. Het is niet het enige slachtoffertje: op meerdere plekken in de regio zijn de afgelopen tijd zulke ongelukken gebeurd. Hoe kan dat en hoe voorkom je gevaarlijke situaties?

Before the days of of Reddit, Facebook, and most other social networks, DeviantArt was fostering an online community dedicated to artists and art lovers. Featuring a vast array of exciting and innovative projects across photography, painting, design, comics, and much more, the platform has spent the last 25 years connecting creators, collectors, and sellers working in every style and medium.

DeviantArt is now home to a diverse, active global community of more than 108 million members. Offering far beyond the traditional social networks, the platform enables users to discover art, build audiences, and grow their creative businesses—all within a single ecosystem. “At its heart, DeviantArt is an art community,” says Chief Revenue Officer Liat Karpel Gurwicz. “Today, DeviantArt is a complete creative home, where artists can publish work, grow their audience, and earn, while collectors and art lovers can discover, curate, and directly support the creators they care about. Every tool they need is all in one place, built around the community that’s been here for 25 years.” 

DeviantArt’s dedicated creator economy offers artists everything they need to build long-term creative careers where their audience already exists. A holistic monetization ecosystem for creators and sellers, including features such as Shop, Studio (a centralized backend dashboard), Discounts, Analytics, and other tools. “In 2025 alone, our community made over $23 million in sales. To put that in perspective, creator sales in 2025 actually exceeded the previous five years combined!” Karpel Gurwicz adds.

Plus, DeviantArt doesn’t allow third-party advertisements. Instead, the platform focuses on promoting its creators and only makes money when artists succeed. DeviantArt fully bets on its community, the way a true creative network should.

“Staying true to what makes the platform special guides every decision we make,” Karpel Gurwicz says. “For artists, we provide the tools and infrastructure to connect, grow, and earn. For art lovers, it means offering a home to discover, browse, and collect art, while enabling meaningful, direct support for creators they care about.”

Grow your practice and make meaningful connections with a diverse group of artists by becoming part of DeviantArt’s creative community. Join today!

Do stories and artists like this matter to you? Become a Colossal Member today and support independent arts publishing for as little as $7 per month. The article DeviantArt Is an All-in-One Platform for the Creative Economy appeared first on Colossal.

John Allison has a number of completed webcomics, mostly sharing continuity but all enjoyable on their own. Let me start with two. Bad Machinery is about schoolgirl investigators overflowing with wit and aplomb. Giant Days is the sequel comic, following their very normal times at University together (including a Batman crossover). Either would be worth your time for the delightful dialogue alone. Several more, similarly worthy, comics under the fold.

Before Giant Days, John Allison wrote the comic Scary Go Round, currently only available via Gumroad. And before that there was Bobbins, still available online. There's quite a lot of backlog if you like his styles. Among Allison's many comics projects (too many to conveniently list here - have a dig around his site) I'm particularly fond of Steeple - a more overtly supernatural series that began as a Dark Horse miniseries and got an online-only ending for closure. The Great British Bump Off - an ongoing murder mystery whose first arc is set in something legally distinct from The Great British Bake-off - is also well worth a look. Allison's current ongoing webcomic, Solver, kinda starts here with a couple of crossovers, or you can skip to the first "proper" arc.

A Retro 70s TV Intro for Andor. “Get ready to travel to a far away galaxy that existed a long, long time ago. It’s the science fiction spectacular…ANDOR.”

@evermorian Yeah, I plot directly on lino with a fine liner. The moment I sent the message I thought, would my plotter allow this height?

@evermorian Why not plot directly on the eraser?

De Natuur is terug, o zo terug, en het is meteen te zien en te ruiken want de bloemetjes bloeien ineens net wat vrolijker, het gras is toch weer wat groener, de heide slaapt eindelijk een keer zonder een stikstofdeken, de zandhagedis durft Zandvoort weer te bezoeken, het land ruikt frisser dan ooit en hee, kijk om je heen: overal grutto's. Is allemaal het bijzonder verblijdende gevolg van een dalende stikstofuitstoot. De hoeveelheid stikstof die bijvoorbeeld in koeienstront, bekend van Vollenbroek, of in kippenpis (nog uitzoeken of kippen kunnen plassen, red.) zit is van 449 miljoen kilo in 2024 naar 440 miljoen kilo in 2025 gedaald en dat maakt Johan Vollenbroek, die we desondanks nog niet kwijt zullen zijn, vast uitzinnig van vreugde. En wat we ook niet kwijtraken zijn de stikstofplannen van het kabinet, waar woensdag over wordt gedebatteerd in de Tweede Kamer. Wat we wél kwijt zijn en ook nooit meer terugkrijgen is die 9 miljoen kilo aan uitwerpselen van koeien, varkens en wat niet al. Hieronder daarom, als een soort laatste saluut aan de grote hoop, een indicatie van wat we aan schijt moeten missen (doorklikken op eigen risicio).

Toch klikken hè viespeuken

The New Pornographers