Migrating the US government to quantum-resistant cryptography is hard, luckily the gamer presidents are on it. This episode is extremely not safe for work, nor does it reflect the political opinions of, well, anybody."Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
--------
14:56
Apple Pulls Advanced Data Protection in the UK with Matt Green and Joe Hall
Apple has pulled the availability of their opt-in iCloud end-to-end encryption feature, called Advanced Data Protection, in the UK. This doesn't only affect UK Apple users, however. To help us make sense of this surprising move from the fruit company, we got Matt Green, Associate Professor at Johns Hopkins, and Joe Hall, Distinguished Technologist at the Internet Society, on the horn. Recorded Saturday February 22nd, 2025.Transcript: https://securitycryptographywhatever.com/2025/02/24/apple-pulls-adp-in-uk/Watch episode on YouTube: https://youtu.be/LAn_yOGUkR0Links:- https://www.lawfaremedia.org/article/apples-cloud-key-vault-and-secure-law-enforcement-access- https://www.androidcentral.com/how-googles-backup-encryption-works-good-bad-and-ugly- https://gdpr.eu/right-to-be-forgotten/- https://www.legislation.gov.uk/id/ukpga/2024/9- https://www.nytimes.com/2021/05/17/technology/apple-china-censorship-data.html- https://en.wikipedia.org/wiki/Salt_Typhoon- Salt Typhoon: https://www.cisa.gov/news-events/news/strengthening-americas-resilience-against-prc-cyber-threats- https://www.bloomberg.com/news/articles/2025-02-21/apple-removes-end-to-end-encryption-feature-from-uk-after-backdoor-order- https://support.apple.com/en-us/102651"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
--------
48:30
Cryptanalyzing LLMs with Nicholas Carlini
'Let us model our large language model as a hash function—' Sold.Our special guest Nicholas Carlini joins us to discuss differential cryptanalysis on LLMs and other attacks, just as the ones that made OpenAI turn off some features, hehehehe.Watch episode on YouTube: https://youtu.be/vZ64xPI2Rc0Transcript: https://securitycryptographywhatever.com/2025/01/28/cryptanalyzing-llms-with-nicholas-carlini/Links:- https://nicholas.carlini.com- “Stealing Part of a Production Language Model”: https://arxiv.org/pdf/2403.06634- ‘Why I attack"’: https://nicholas.carlini.com/writing/2024/why-i-attack.html- “Cryptanalytic Extraction of Neural Network Models”, CRYPTO 2020: https://arxiv.org/abs/2003.04884- “Stochastic Parrots”: https://dl.acm.org/doi/10.1145/3442188.3445922- https://help.openai.com/en/articles/5247780-using-logit-bias-to-alter-token-probability-with-the-openai-api- https://community.openai.com/t/temperature-top-p-and-top-k-for-chatbot-responses/295542- https://opensource.org/license/mit- https://github.com/madler/zlib- https://ai.meta.com/blog/yann-lecun-ai-model-i-jepa/- https://nicholas.carlini.com/writing/2024/how-i-use-ai.html"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
--------
1:20:42
Biden’s Cyber-Everything Bagel with Carole House
Just a few days before turning off the lights, the Biden administration dropped a huge cybersecurity executive order including a lot of good stuff, that hopefully [cross your fingers, knock wood, spin around three times and spit] will last into future administrations. We snagged some time with Carole House, outgoing Special Advisor and Acting Senior Director for Cybersecurity and Critical Infrastructure Policy, National Security Council in the Biden-Harris White House, to give us a brain dump.And now due to popular demand, with video of our actual human¹ faces! https://youtu.be/Pqw0W2crQiMTranscript: https://securitycryptographywhatever.com/2025/01/20/bidens-cyber-everything-bagel-carole-house/Links:- https://www.federalregister.gov/d/2025-01470- https://www.wired.com/story/biden-executive-order-cybersecurity-ai-and-more/- 2022 EO: https://archive.ph/hvzWd- 2023 EO: https://www.whitehouse.gov/wp-content/uploads/2023/06/M-23-16-Update-to-M-22-18-Enhancing-Software-Security-1.pdf- 2021 EO: https://www.federalregister.gov/documents/2021/05/17/2021-10460/improving-the-nations-cybersecurity- NIST SSDF: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-218.pdf- https://www.federalregister.gov/documents/2015/04/02/2015-07788/blocking-the-property-of-certain-persons-engaging-in-significant-malicious-cyber-enabled-activities- IEEPA: https://www.govinfo.gov/content/pkg/USCODE-2023-title50/pdf/USCODE-2023-title50-chap35-sec1701.pdf¹ Actual human faces not guaranteed in all cases"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
--------
57:14
Quantum Willow with John Schanck and Samuel Jacques
THE QUANTUM COMPUTERS ARE COMING...right? We got Samuel Jacques and John Schanck at short notice to answer that question plus a bunch of other about error correcting codes, logical qubits, T-gates, and more about Google's new quantum computer Willow.Transcript: https://securitycryptographywhatever.com/2024/12/18/quantum-willowLinks:- https://blog.google/technology/research/google-willow-quantum-chip/ - https://research.google/blog/making-quantum-error-correction-work/- https://blog.google/technology/google-deepmind/alphaqubit-quantum-error-correction/ - https://www.nature.com/articles/s41586-024-08449-y- Sam’s ‘Landscape of Quantum Computing’ chart: https://sam-jaques.appspot.com/quantum\_landscape\_2024 - The above, originally published in 2021: https://sam-jaques.appspot.com/quantum\_landscape- https://sam-jaques.appspot.com- https://jmschanck.info/"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Canada - english