Sabitlenmiş Tweet
C'est le cœur lourd que j'ai quitté hier la rédaction de 01net.com. Big up à @ZonGO, @adrianbranco et @downhill911, ainsi qu'à toute la rédac. Vous allez me manquer !
Français
Eric LB
461 posts
Eric LB
@Elbzh
Journaliste tech depuis l'an 2000. https://t.co/0p0QWznnmQ
Paris, Kemper Katılım Nisan 2010
232 Takip Edilen225 Takipçiler
Eric LB retweetledi
Le député qui a fait fuiter le rapport Alloncle trahi par ses métadonnées.
Projet Arcadie@Projet_Arcadie
C'est compliqué l'informatique pour certains parlementaires apparemment. [Message de service] quand vous partagez des documents confidentiels, pensez à virer les métadonnées. projetarcadie.com/commission-aud…
Français
Eric LB retweetledi
Hacking the #EU #AgeVerification app in under 2 minutes.
During setup, the app asks you to create a PIN. After entry, the app *encrypts* it and saves it in the shared_prefs directory.
1. It shouldn't be encrypted at all - that's a really poor design.
2. It's not cryptographically tied to the vault which contains the identity data.
So, an attacker can simply remove the PinEnc/PinIV values from the shared_prefs file and restart the app.
After choosing a different PIN, the app presents credentials created under the old profile and let's the attacker present them as valid.
Other issues:
1. Rate limiting is an incrementing number in the same config file. Just reset it to 0 and keep trying.
2. "UseBiometricAuth" is a boolean, also in the same file. Set it to false and it just skips that step.
Seriously @vonderleyen - this product will be the catalyst for an enormous breach at some point. It's just a matter of time.
Paul Moore - Security Consultant @Paul_Reviews
.@vonderleyen "The European #AgeVerification app is technically ready. It respects the highest privacy standards in the world. It's open-source, so anyone can check the code..." I did. It didn't take long to find what looks like a serious #privacy issue. The app goes to great lengths to protect the AV data AFTER collection (is_over_18: true is AES-GCM'd); it does so pretty well. But, the source image used to collect that data is written to disk without encryption and not deleted correctly. For NFC biometric data: It pulls DG2 and writes a lossless PNG to the filesystem. It's only deleted on success. If it fails for any reason (user clicks back, scan fails & retries, app crashes etc), the full biometric image remains on the device in cache. This is protected with CE keys at the Android level, but the app makes no attempt to encrypt/protect them. For selfie pictures: Different scenario. These images are written to external storage in lossless PNG format, but they're never deleted. Not a cache... long-term storage. These are protected with DE keys at the Android level, but again, the app makes no attempt to encrypt/protect them. This is akin to taking a picture of your passport/government ID using the camera app and keeping it just in case. You can encrypt data taken from it until you're blue in the face... leaving the original image on disk is crazy & unnecessary. From a #GDPR standpoint: Biometric data collected is special category data. If there's no lawful basis to retain it after processing, that's potentially a material breach. youtube.com/watch?v=4VRRri…
English
Sans 60 Millions de Consommateurs, on n’aurait peut-être jamais su que Shein vendait des poupées sexuelles de fillettes.
Le gouvernement, lui, veut supprimer ce journal et l'INC.
60millions-mag.com/2025/11/03/aff…
Français
Eric LB retweetledi
Réaction assez symptomatique du "petit monde de la tech" qui ne tolère que celle-ci ne soit commentée (par des influenceurs ou des journalistes) qu'à travers le prisme de l'optimisme absolu. Et on ne peut pas dire que MKBHD soit un apôtre du technoscepticisme...
krish@IamIronLAN
We have to talk about this YTber. Been a big MKBHD fan for over a decade now. The attention to detail, quality and general fairness of his reviews and optimism for tech are reasons I liked him. Increasingly though it feels like he’s going through some version of Kara Swisher-fication — where his abject hatred at tech/SV keeps popping up. @radbackwards and team built a super thoughtful take at what really should be sci-fi tech with a smart GTM strategy to be able to ship intermediates. In all communication so far they have been upfront and honest about the current limitations. SO FAR the product imo is solid at its price — you get privacy preserving teleoperated house help for $500 a month. The actual implementation is where we actually get to know how good it is or where it falls short. No point of this judgement beforehand.
Français
Eric LB retweetledi
I like how the ROG Xbox Ally handhelds come with Microsoft Teams pre-installed lol
English
Petit tuto pour celles et ceux qui, comme moi, n'arrivent pas à passer l'arène des Grandes Galeries de Silksong. En fait, c'est tout simple, regardez ! 🫠😭
youtube.com/shorts/IUVFxEF…
YouTube
Français
Eric LB retweetledi
DDR5 is unstable garbage.
Max out your memory channels? Flaky.
Temperature a bit too hot? Silent Throttle with no logs.
Too “Dense” of a stick? Good luck training.
Last gen was rock solid by comparison. Here's what happened.
English
Eric LB retweetledi
Remember 2006 Linux Compiz effects?
sid@immasiddx
The animations in macOS 26 are NEXT LEVEL. Windows can NEVER match this level of fluidity.
English
Eric LB retweetledi
Just a friendly reminder that the majority of new Apple products released today will be destroyed years before their time due to Apple's Activation Lock, remote management lock, and parts pairing.
These faulty systems cause perfectly legitimate Apple products to be bricked when users and institutions inevitably pass them on without removing credentials. Although in perfect working condition, these tens of millions of devices a year cannot be reused, refurbished, or even salvaged for their parts.
But don't mind me -- keep celebrating! Hooray Apple!
#righttoreuse #righttorefurbish #righttorepair
English
Eric LB retweetledi
Apple est en grande partie responsable de ce qui arrive à toute sa presse dédiée… Plus d’affiliation, jamais aucun budget pub, et surtout, aucune exclusivité/preview, réservées à quelques médias/influenceurs. Alors qu’elle n’a jamais fait autant de bénéfices ! Courage les gars.
MacGeneration@MacGeneration
MacGeneration connait de grosses difficultés et a besoin de vous macg.co/macgeneration/…
Français
Eric LB retweetledi
@Elbzh Oui, mais tu perds forcément en attachement aux personnages et tu rateras plusieurs références. Ça reste assez cool surtout à partir de l’épisode 4, quand la vraie intrigue commence. Je te conseille de trouver une vidéo recap en X minutes.
Français
Je viens de voir l'épisode 9 de #DexterResurrection et je suis toujours autant surpris par l'incroyable intensité de ce retour. 6 épisodes à la suite parmi les meilleurs de la série.
J'ai un peu peur de la fin. Comme l'impression que ça va être très dur de boucler tout ça. Dexter a la très mauvaise réputation de ne pas savoir s'arrêter, avec des conclusions toujours très décevantes qui déconstruisent tous les propos précédents. J'espère que l'épisode 10 de Resurrection, et surtout les futures saisons, sauront construire quelque chose d'aussi à la hauteur de cette saison 1. Et donnez un Emmy à Peter Dinklage, quel comédien !
GIF
Français
Eric LB retweetledi
Amazon requires new sellers to have a company name of at least 7
some letters to avoid manual checks. Hence Chinese white label resellers just check some alphabetti spaghetti and come up with CUKTECH and NICGIGA or KPKKQUE or FUXK etc
Jeff Geerling@geerlingguy
I can't handle the names of some of these Chinese tech manufacturers...
English
Eric LB retweetledi
